Overview Offline mode enables completely air-gapped operation where the boop scanner operates independently without any cloud connectivity. This mode uses fuzzy extractor technology to convert biometric data directly into cryptographic keys on the device itself.
Offline mode is irreversible once enabled. The device will permanently disconnect from boop cloud services and operate in standalone mode.
A fuzzy extractor is a cryptographic primitive that reliably extracts uniform randomness from noisy biometric data. It enables the same cryptographic key to be derived from slightly different biometric scans.
Technical Architecture Key Components Generation Phase
Reproduction Phase
During enrollment, the fuzzy extractor:
Extracts features from palm vein patternApplies error correction using BCH codesGenerates helper data (public, non-sensitive)Derives cryptographic key from biometricStores helper locally (never transmitted) def generate_key ( biometric_template ): # Extract stable features features = extract_features(biometric_template) # Apply error correction code codeword = bch_encode(features) # Generate random key key = generate_random_key() # Create helper data (XOR of key and codeword) helper_data = xor(key, hash (codeword)) # Store helper data locally (safe to store) store_local(helper_data) return key
During authentication, the fuzzy extractor:
Captures new palm scan Extracts features (may have noise)Retrieves helper data from local storageCorrects errors using ECCReproduces same key despite biometric variance def reproduce_key ( new_biometric , helper_data ): # Extract features from new scan features = extract_features(new_biometric) # Apply error correction to handle variance corrected = bch_decode(features) # Reproduce key using helper data key = xor(helper_data, hash (corrected)) # Verify key correctness if verify_key(key): return key else : raise AuthenticationError()
Security Properties Cryptographic Guarantees Property Description Guarantee Key Uniformity Generated keys are indistinguishable from random 2^256 entropy Biometric Privacy Helper data reveals nothing about biometric Information theoretic security Error Tolerance Handles natural biometric variance Up to 20% feature deviation Non-invertibility Cannot recover biometric from key or helper One-way function Reusability Same biometric produces same key Deterministic generation
Threat Model
Protected Against
Helper data theft (reveals no biometric info)
Network attacks (completely offline)
Cloud compromise (no cloud dependency)
Replay attacks (challenge-response protocol)
Requires Physical Security
Device tampering protection
Secure storage of scanner
Physical access control
Environmental monitoring
Implementation Details Biometric Processing Pipeline Error Correction Codes We use BCH (Bose-Chaudhuri-Hocquenghem) codes for error correction:
Code parameters : BCH(511, 259, 61)Error correction capability : Up to 30 bit errorsFalse acceptance rate : < 10^-9False rejection rate : < 0.01
Key Derivation // Key derivation function function deriveKey ( biometric , salt , iterations = 100000 ) { // Extract stable minutiae points const minutiae = extractMinutiae ( biometric ); // Quantize to discrete values const quantized = quantizeFeatures ( minutiae ); // Apply error correction encoding const encoded = bchEncode ( quantized ); // Derive key using PBKDF2 const key = pbkdf2 ( encoded , salt , iterations , 256 ); return { key: key , helper: generateHelper ( encoded , key ) }; }
Offline Mode Setup Prerequisites Before enabling offline mode, ensure you have:
Physical security measures in place
Backup authentication methods configured
Understanding that this process is irreversible
Initialization Process
Prepare Air-Gapped Environment
# Verify network disconnection ping -c 1 google.com # Should fail # Disable all network interfaces sudo ifconfig eth0 down sudo ifconfig wlan0 down # Verify USB device isolation lsusb | grep -i network # Should return empty
Install Offline Firmware
# Mount offline installer USB sudo mount /dev/sdb1 /mnt/offline # Verify firmware signature gpg --verify /mnt/offline/firmware.sig # Flash offline firmware sudo ./flash-offline.sh --device /dev/boop0
Initialize Fuzzy Extractor
# Start initialization boop-offline init # Follow prompts for master palm enrollment # Requires 5 high-quality scans # Generate master key boop-offline generate-master-key # Create backup helper data boop-offline export-helper > helper-backup.enc
Configure Applications
# Generate SSH key boop-offline ssh-keygen -t ed25519 # Setup GPG signing boop-offline gpg --gen-key # Configure FIDO2/WebAuthn boop-offline fido2 register
Use Cases Cryptocurrency Cold Storage Perfect for air-gapped cryptocurrency signing:
# Offline transaction signing def sign_bitcoin_transaction ( raw_tx ): # Parse transaction tx = parse_transaction(raw_tx) # Prompt for palm scan print ( "Place palm on scanner to sign transaction" ) # Derive signing key from biometric signing_key = fuzzy_extractor.derive_key() # Sign transaction signature = ecdsa_sign(tx.hash, signing_key) # Clear key from memory secure_clear(signing_key) return signature
Secure Document Signing // Sign PDF document offline async function signDocument ( pdfBuffer ) { // Generate signing certificate from palm const cert = await boopOffline . generateCertificate (); // Create digital signature const signature = await boopOffline . sign ( pdfBuffer ); // Embed signature in PDF const signedPdf = embedSignature ( pdfBuffer , signature , cert ); return signedPdf ; }
Encrypted Storage // Decrypt files using palm-derived key fn decrypt_file ( encrypted_path : & Path ) -> Result < Vec < u8 >> { // Prompt for palm scan println! ( "Scan palm to decrypt file" ); // Derive decryption key let key = fuzzy_extractor :: derive_key () ? ; // Read encrypted file let ciphertext = fs :: read ( encrypted_path ) ? ; // Decrypt using AES-256-GCM let plaintext = aes_gcm :: decrypt ( & key , & ciphertext ) ? ; // Secure key cleanup key . zeroize (); Ok ( plaintext ) }
Timing Analysis Operation Duration Notes Feature Extraction 120ms Palm vein pattern analysis Error Correction 35ms BCH encoding/decoding Key Derivation 180ms PBKDF2 with 100k iterations Total Authentication ~350ms End-to-end offline auth
Resource Requirements
CPU : ARM Cortex-A53 or betterRAM : 256MB minimumStorage : 128MB for firmware + helper dataPower : 5V @ 500mA via USB-C
Security Considerations Physical Security In offline mode, physical security is paramount since there’s no remote revocation capability.
Best practices:
Store scanner in tamper-evident enclosure
Use security cameras for access monitoring
Implement dual-control for sensitive operations
Regular security audits
Backup and Recovery Since offline mode has no cloud backup:
Export helper data to secure offline storageCreate emergency recovery codes Store in multiple secure locations Test recovery procedures regularly
Limitations Feature Online Mode Offline Mode Remote revocation ✓ Instant ✗ Not possible Multi-device sync ✓ Automatic ✗ Manual only Backup/Recovery ✓ Cloud backup ✗ Local only Updates ✓ Automatic ✗ Manual firmware Audit logs ✓ Centralized ✗ Local only
Troubleshooting
Authentication failures after injury
Minor cuts or bruises shouldn’t affect authentication. For major injuries, use your backup palm or emergency recovery codes.
Restore from your secure backup. If no backup exists, re-initialization is required (all keys will be lost).
Key derivation takes too long
Reduce PBKDF2 iterations in configuration (minimum 10,000 for security). Consider hardware acceleration.
Verify USB connection and that offline firmware is properly installed. Check device permissions.
Advanced Configuration Custom Parameters # /etc/boop/offline.conf fuzzy_extractor : error_correction : type : BCH n : 511 k : 259 t : 30 key_derivation : algorithm : PBKDF2-SHA256 iterations : 100000 key_length : 256 biometric : min_minutiae : 40 quality_threshold : 0.8 max_rotation : 15 security : auto_lock_minutes : 5 max_attempts : 3 lockout_duration : 300
References 
