Security analysis of revocable and bipartite biotokens

In this paper, we analyze the security of bipartite biotokens that release a secret key hidden in the biotoken by using biometrics. We show that the biotoken encoding of 80/112/128-bit symmetric encryption keys are vulnerable to brute force attacks, whose complexity is lower than cryptographic security. Also, we present the weaknesses in the design of revocable biotokens that form the basis for bipartite biotokens. Finally, we propose countermeasures to prevent these attacks and discuss the employment of other efficient cryptographic techniques that possess provable security guarantees.