Zero-KnowledgeBiometricIdentityProof

Made in: 11/2025Research paper publishedPurpose: Project for Cryptography and Network Security Subject

A research-backed authentication system designed to securely verify patient identity in healthcare environments without relying on explicit identifiers. The system combines deep biometric representations, cryptographic key binding, and hardware-backed security to enable fast, privacy-preserving, and regulation-compliant access to sensitive clinical data.

Tech Stack

Python

PostgreSQL

ADDITIONAL TOOLS

AES-256 Encryption

HMAC

FAISS

Hardware Security Module (HSM)

Deep Learning

Biometric Fingerprint Embeddings

Features

Identifier-Free Authentication

Resolves user identity directly through biometric similarity search without using usernames, patient IDs, or personal identifiers.

Biometric–Passcode Key Binding

Derives cryptographic keys using an HMAC-based construction that securely combines a user passcode with a stable biometric reference.

Hardware-Enforced Key Protection

Uses Hardware Security Modules (HSMs) to isolate and protect encryption keys, ensuring zero plaintext exposure even under database compromise.

Encrypted Biometric Storage & Search

Stores biometric embeddings encrypted with AES-256 and performs similarity search using FAISS within protected security boundaries.

High-Performance Authentication

Achieves low-latency authentication and high throughput on commodity hardware, suitable for real-time clinical workflows.

Regulatory-Compliant Security Design

Designed to align with GDPR and healthcare security requirements while maintaining confidentiality, integrity, and recoverability.