A novel blockchain’s private key generation mechanism based on facial biometrics and physical unclonable function

Blockchain technology is widely used in the field of digital currency because of its non-tamperability, traceability, and decentralization. Blockchain's private key is usually used to prove the ownership of the cryptocurrency. However, this private key managed by the blockchain wallet faces the challenge of secure storage. Once the private key is leaked or stolen, the user's digital assets will be permanently lost. To solve the storage issue of the private key, we propose a novel approach based on facial biometrics and a physical unclonable function (PUF) device to generate a secure blockchain's private key. Firstly, to protect user anonymity and enhance the security of the private key, a user's facial biometrics is bound with a device's PUF fingerprint to generate the trusted private keys online without being stored in a third-party server or an external device. Secondly, to prevent the leakage of sensitive data, we utilize the correctness and perfectness of secret sharing to protect the helper data to prevent attackers from obtaining sensitive information about the fusion template. Thirdly, we give the formal security proof of our proposed scheme and conduct the informal security analysis. The experiment results demonstrate our scheme achieves a better EER (Equal Error Rate) of 2.02% in terms of accuracy and takes about 1008ms to generate a private key in terms of efficiency. Moreover, our scheme can resist various attacks such as password guessing, stolen mobile device, user impersonation, physical and cloning, and information leakage attacks. Finally, we develop a blockchain wallet prototype without modifying the blockchain protocol to achieve transfer transactions for demonstrating the usability and security of our proposed approach in a real-world scenario.