tinybio 0.1.0

Minimal pure-Python library that implements a basic version of a secure decentralized biometric authentication functionality via a secure multi-party computation protocol.

Minimal pure-Python library that implements a basic version of a secure decentralized biometric authentication functionality via a secure multi-party computation protocol.

Installation and Usage

This library is available as a package on PyPI:

python -m pip install tinybio

The library can be imported in the usual way:

import tinybio
from tinybio import *

Basic Example

Suppose that a workflows is supported by three nodes (parties performing the decentralized registration and authentication functions). The node objects would be instantiated locally by each of these three parties:

>>> nodes = [node(), node(), node()]

The preprocessing phase that the nodes must execute can be simulated. The second parameter specifies the length of a biometric descriptor (i.e., list of floating point values):

>>> preprocess(nodes, length=4)

Suppose the client has a biometric descriptor represented as a vector of float values. The client can create a request for masks and then obtain masks from each node. The client can then locally generate a registration token (i.e., a masked descriptor that is computed locally by the registering party):

>>> reg_descriptor = [0.5, 0.3, 0.7, 0.1]
>>> reg_masks = [node.masks(request.registration(reg_descriptor)) for node in nodes]
>>> reg_token = token.registration(reg_masks, reg_descriptor)

At a later point, the client can perform an authentication workflow. After requesting masks for the authentication descriptor in a manner similar to the above, the client can generate an authentication token (i.e., a masked descriptor) locally:

>>> auth_descriptor = [0.1, 0.4, 0.8, 0.2]
>>> auth_masks = [node.masks(request.authentication(auth_descriptor)) for node in nodes]
>>> auth_token = token.authentication(auth_masks, auth_descriptor)

Finally, the party interested in authenticating itself can broadcast its original registration token together with its authentication token. Each node can then compute locally its share of the authentication result. These shares can be reconstructed by the validating party to obtain the result (i.e., the Euclidean distance between the registration and authentication descriptors):

>>> shares = [node.authenticate(reg_token, auth_token) for node in nodes]
>>> reveal(shares) # Floating point results may differ slightly.
0.43375208257785347

The above result can be compared to that of a calculation that uses the original descriptors. The results are exactly equivalent due to the conversion from floating point values to a fixed-point representation during masking:

>>> import math
>>> math.sqrt(sum([(x - y)**2 for (x, y) in zip(reg_descriptor, auth_descriptor)]))
0.43378989435406744

Development

All installation and development dependencies are fully specified in pyproject.toml. The project.optional-dependencies object is used to specify optional requirements for various development tasks. This makes it possible to specify additional options (such as docs, lint, and so on) when performing installation using pip:

python -m pip install .[docs,lint]

Documentation

The documentation can be generated automatically from the source files using Sphinx:

python -m pip install .[docs]
cd docs
sphinx-apidoc -f -E --templatedir=_templates -o _source .. && make html

Testing and Conventions

All unit tests are executed and their coverage is measured when using pytest (see the pyproject.toml file for configuration details):

python -m pip install .[test]
python -m pytest

Alternatively, all unit tests are included in the module itself and can be executed using doctest:

python src/tinybio/tinybio.py -v

Style conventions are enforced using Pylint:

python -m pip install .[lint]
python -m pylint src/tinybio

Contributions

In order to contribute to the source code, open an issue or submit a pull request on the GitHub page for this library.

Versioning

The version number format for this library and the changes to the library associated with version number increments conform with Semantic Versioning 2.0.0.

Publishing

This library can be published as a package on PyPI by a package maintainer. First, install the dependencies required for packaging and publishing:

python -m pip install .[publish]

Ensure that the correct version number appears in pyproject.toml, and that any links in this README document to the Read the Docs documentation of this package (or its dependencies) have appropriate version numbers. Also ensure that the Read the Docs project for this library has an automation rule that activates and sets as the default all tagged versions. Create and push a tag for this version (replacing ?.?.? with the version number):

git tag ?.?.?
git push origin ?.?.?

Remove any old build/distribution files. Then, package the source into a distribution archive:

rm -rf build dist src/*.egg-info
python -m build --sdist --wheel .

Finally, upload the package distribution archive to PyPI:

python -m twine upload dist/*