Hello,
I was wondering if there is any way for me to create a private key using only my fingerprint and a password. Do you guys know if there is already a website to do so ?
Thanks.
That is a pretty cool idea, I have not heard of anyone doing this yet. The biggest thing is how much Entropy a Fingerprint actually has. Some quick research shows that it should be possible to generate a series of numbers from a fingerprint 'reproducibly'. If you set a specific % matching thresholds 'noise' in the software capturing the fingerprint, lowering the threshold to generate a number from a fingerprint does reduce the amount of entropy available. Some estimates 40 - 80 Bits of Entropy. Kind of a wide range, but should still be large enough source for private key generation.
Here is some information posted a year ago by someone that is relevant:
http://www.reddit.com/r/crypto/comments/1fpobr/how_many_bits_of_security_in_a_fingerprint_as_in/Enhancing security and privacy in biometrics-based authentication systems -
http://www.cedar.buffalo.edu/~govind/CSE717/papers/CancelableBiometrics.pdfHow to Generate Strong Keys from Biometrics and Other Noisy Data -
http://www.cs.bu.edu/~reyzin/fuzzy.htmlEdit: Fixed Spelling
The idea would be to create the private key using the fingerprint associated with a small paraphrase, so we can achieve a good entropy without needing to remember 12 random words.