A biometric key generation system is a system where a biometric--for example, a fingerprint or an iris code--is coded and stored as a template, at an enrollment stage. When a user presents himself again, the biometric is again coded and compared to the stored template.

This paper highlights flaws in biometric key generation systems, by focusing on three practical requirements: key randomness, weak biometric privacy, and strong biometric privacy. The authors critically assess three known biometric key generation systems subject to these criteria, highlighting a number of deficiencies. They also introduce a measure called guessing distance that can be used to evaluate biometric key generation systems.

The paper is well written and timely. By emphasizing practical concerns and deriving general requirements that apply to all biometric key generation systems, Ballard et al. have produced a work of interest and significance.