{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2026:PHLOFSA2SUTRDQLZEYUNKTSTGN","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"4f6f393c6d47c7dc46797ef9e101cae98476028c6c683924b1c7a735c16fe45a","cross_cats_sorted":["cs.CR","cs.CV"],"license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.ET","submitted_at":"2026-05-16T09:49:10Z","title_canon_sha256":"5a123f3fb0143ec0df2dbc879e315c6f8e37bf19f87cefed2211ee1e30ad548e"},"schema_version":"1.0","source":{"id":"2605.16908","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"2605.16908","created_at":"2026-05-20T00:03:29Z"},{"alias_kind":"arxiv_version","alias_value":"2605.16908v1","created_at":"2026-05-20T00:03:29Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2605.16908","created_at":"2026-05-20T00:03:29Z"},{"alias_kind":"pith_short_12","alias_value":"PHLOFSA2SUTR","created_at":"2026-05-20T00:03:29Z"},{"alias_kind":"pith_short_16","alias_value":"PHLOFSA2SUTRDQLZ","created_at":"2026-05-20T00:03:29Z"},{"alias_kind":"pith_short_8","alias_value":"PHLOFSA2","created_at":"2026-05-20T00:03:29Z"}],"graph_snapshots":[{"event_id":"sha256:e9a87e774e3ed6c349fc55092abe9f3ffb3e65f5314f08c1bad7f17882ccf666","target":"graph","created_at":"2026-05-20T00:03:29Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":4,"items":[{"attestation":"unclaimed","claim_id":"C1","kind":"strongest_claim","source":"verdict.strongest_claim","status":"machine_extracted","text":"BIDO achieves Authenticator Assurance Level 2 (AAL2) per NIST SP 800-63B without storing long-lived biometric templates, facial images, or any PII by deriving ECDSA key material deterministically from a live biometric measurement salted with a user-defined memorized secret at every authentication event."},{"attestation":"unclaimed","claim_id":"C2","kind":"weakest_assumption","source":"verdict.weakest_assumption","status":"machine_extracted","text":"The multi-stage pipeline (Dlib landmark extraction, affine alignment, frontality gating, Euclidean distance quantization with q=8, inter-session drift stabilization, and majority-voting SHA-256 binding) produces a Verification Seed stable enough across sessions and devices to keep cryptographic FAR at 0.03% and FRR at 0.90% while remaining non-discoverable; the abstract provides no explicit mechanism or proof for the drift stabilization step."},{"attestation":"unclaimed","claim_id":"C3","kind":"one_line_summary","source":"verdict.one_line_summary","status":"machine_extracted","text":"BIDO derives transient ECDSA keys from live facial biometrics salted with a memorized secret to produce non-resident WebAuthn credentials, achieving 99.51% verification accuracy on LFW without storing templates or PII."},{"attestation":"unclaimed","claim_id":"C4","kind":"headline","source":"verdict.pith_extraction.headline","status":"machine_extracted","text":"BIDO generates ECDSA keys on demand from a live face scan salted with a memorized secret to achieve AAL2 authentication without storing any biometric templates or PII."}],"snapshot_sha256":"f32bd4a16674fa2f1989c2612a6b969cd652d8ee25f2ab58bb7ee61cfa3462fb"},"formal_canon":{"evidence_count":1,"snapshot_sha256":"6a0a3fab0e5ebcf0cd54291caeee9fe633aa0a692f981b9c816f86fdc27bc82b"},"integrity":{"available":true,"clean":true,"detectors_run":[{"findings_count":0,"name":"cited_work_retraction","ran_at":"2026-05-19T20:52:03.919401Z","status":"completed","version":"1.0.0"},{"findings_count":0,"name":"doi_title_agreement","ran_at":"2026-05-19T19:31:18.939547Z","status":"completed","version":"1.0.0"},{"findings_count":0,"name":"doi_compliance","ran_at":"2026-05-19T19:20:47.923191Z","status":"completed","version":"1.0.0"},{"findings_count":0,"name":"claim_evidence","ran_at":"2026-05-19T18:41:56.271409Z","status":"completed","version":"1.0.0"},{"findings_count":0,"name":"ai_meta_artifact","ran_at":"2026-05-19T18:33:26.351035Z","status":"skipped","version":"1.0.0"}],"endpoint":"/pith/2605.16908/integrity.json","findings":[],"snapshot_sha256":"75b600e9d705ca318aca29abe4e7e4ce31d491dbf644c3d4c6118d89202cfd3f","summary":{"advisory":0,"by_detector":{},"critical":0,"informational":0}},"paper":{"abstract_excerpt":"Security systems demand continuous, cryptograph- ically robust identity verification without requiring subjects to carry physical tokens, smart cards, or dedicated hardware authenticators. This paper presents BIDO (Biometric Identity Online), a device-free authentication standard that achieves Au- thenticator Assurance Level 2 (AAL2) per NIST SP 800-63B with- out storing long-lived biometric templates, facial images, or any other form of Personally Identifiable Information (PII). BIDO derives Elliptic Curve Digital Signature Algorithm (ECDSA) key material deterministically from a live biometri","authors_text":"Aditya Mithra, Sibi Chakkaravarthy S, Srinivas Kankanala","cross_cats":["cs.CR","cs.CV"],"headline":"BIDO generates ECDSA keys on demand from a live face scan salted with a memorized secret to achieve AAL2 authentication without storing any biometric templates or PII.","license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.ET","submitted_at":"2026-05-16T09:49:10Z","title":"BIDO: A Biometric Identity Online Authentication Framework"},"references":{"count":29,"internal_anchors":1,"resolved_work":29,"sample":[{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":1,"title":"FIDO2: Web Authentication Specification,","work_id":"51e43bf4-4316-429f-afc7-8eb255aa8e55","year":2019},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":2,"title":"FIDO UAF Architectural Overview,","work_id":"a89f2e53-3100-4841-886a-e3538cb76a20","year":2017},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":3,"title":"FIDO Alliance, “FIDO U2F Overview,” FIDO Alliance Specification v1.2, 2017. [Online]. Available: https://fidoalliance. org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-overview-v1.2-ps-20170411.html","work_id":"c6a2247b-3675-4e3d-9483-0e1eabcc90ba","year":2017},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":4,"title":"On enabling secure applications through off-line biometric identification,","work_id":"5c3ee70b-6c49-4d89-876d-cf97a5194974","year":1998},{"cited_arxiv_id":"","doi":"","is_internal_anchor":false,"ref_index":5,"title":"A fuzzy commitment scheme,","work_id":"26922395-2499-4bfa-90f7-bb000d35098c","year":1999}],"snapshot_sha256":"4da3f1fdba114a640ac8dab8aefdcbf9e69e8492f60ef5de21b830b334490e74"},"source":{"id":"2605.16908","kind":"arxiv","version":1},"verdict":{"created_at":"2026-05-19T19:10:57.055494Z","id":"590bfb4c-e1fe-49bc-91fb-a639719d1c06","model_set":{"reader":"grok-4.3"},"one_line_summary":"BIDO derives transient ECDSA keys from live facial biometrics salted with a memorized secret to produce non-resident WebAuthn credentials, achieving 99.51% verification accuracy on LFW without storing templates or PII.","pipeline_version":"pith-pipeline@v0.9.0","pith_extraction_headline":"BIDO generates ECDSA keys on demand from a live face scan salted with a memorized secret to achieve AAL2 authentication without storing any biometric templates or PII.","strongest_claim":"BIDO achieves Authenticator Assurance Level 2 (AAL2) per NIST SP 800-63B without storing long-lived biometric templates, facial images, or any PII by deriving ECDSA key material deterministically from a live biometric measurement salted with a user-defined memorized secret at every authentication event.","weakest_assumption":"The multi-stage pipeline (Dlib landmark extraction, affine alignment, frontality gating, Euclidean distance quantization with q=8, inter-session drift stabilization, and majority-voting SHA-256 binding) produces a Verification Seed stable enough across sessions and devices to keep cryptographic FAR at 0.03% and FRR at 0.90% while remaining non-discoverable; the abstract provides no explicit mechanism or proof for the drift stabilization step."}},"verdict_id":"590bfb4c-e1fe-49bc-91fb-a639719d1c06"}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:9bb66755cbfb0d121d70b9e87065a4aa92139372650e984bd8466ce3d6324a41","target":"record","created_at":"2026-05-20T00:03:29Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"4f6f393c6d47c7dc46797ef9e101cae98476028c6c683924b1c7a735c16fe45a","cross_cats_sorted":["cs.CR","cs.CV"],"license":"http://creativecommons.org/licenses/by-nc-nd/4.0/","primary_cat":"cs.ET","submitted_at":"2026-05-16T09:49:10Z","title_canon_sha256":"5a123f3fb0143ec0df2dbc879e315c6f8e37bf19f87cefed2211ee1e30ad548e"},"schema_version":"1.0","source":{"id":"2605.16908","kind":"arxiv","version":1}},"canonical_sha256":"79d6e2c81a952711c1792628d54e53334a533d1c90ff7fc53dd97df37531615f","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"79d6e2c81a952711c1792628d54e53334a533d1c90ff7fc53dd97df37531615f","first_computed_at":"2026-05-20T00:03:29.566034Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-20T00:03:29.566034Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"tjcHTK5muUIFBqaM5UCPZ47+mfdNEI+PMW6fy7h0Mo7PGsNH/66Yyb7NGBkAYqv+4zqxJrzizS8g+0RXe0SrCw==","signature_status":"signed_v1","signed_at":"2026-05-20T00:03:29.566953Z","signed_message":"canonical_sha256_bytes"},"source_id":"2605.16908","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:9bb66755cbfb0d121d70b9e87065a4aa92139372650e984bd8466ce3d6324a41","sha256:e9a87e774e3ed6c349fc55092abe9f3ffb3e65f5314f08c1bad7f17882ccf666"],"state_sha256":"666b8ddd829993fc6754f7d100501055b624037eaf557ebeb2704651ffa96a7f"}