385 research outputs found
Improved fuzzy vault scheme for fingerprint verification
Fuzzy vault is a well-known technique to address the privacy concerns in biometric identification applications. We revisit the fuzzy vault scheme to address implementation, efficiency, and security issues encountered in its realization. We use the fingerprint data as a case study. We compare the performances of two different methods used in the implementation of fuzzy vault, namely brute force and Reed Solomon decoding. We show that the locations of fake (chaff) points in the vault leak information on the genuine points and propose
a new chaff point placement technique that makes distinguishing genuine points impossible. We also propose a novel method for creation of chaff points that decreases the success rate of the brute force attack from 100% to less than 3.5%. While this paper lays out a complete guideline as to how the fuzzy vault is implemented in an efficient and secure way, it also points out that more research is needed to thwart the proposed attacks by presenting ideas for future research
Fuzzy Authentication using Rank Distance
Fuzzy authentication allows authentication based on the fuzzy matching of two
objects, for example based on the similarity of two strings in the Hamming
metric, or on the similiarity of two sets in the set difference metric. Aim of
this paper is to show other models and algorithms of secure fuzzy
authentication, which can be performed using the rank metric. A few schemes are
presented which can then be applied in different scenarios and applications.Comment: to appear in Cryptography and Physical Layer Security, Lecture Notes
in Electrical Engineering, Springe
Biometric cryptosystem using online signatures
Biometric cryptosystems combine cryptography and biometrics to benefit from the strengths of both fields. In such systems, while cryptography provides high and adjustable security levels, biometrics brings in non-repudiation and eliminates the need to remember passwords or to carry tokens etc. In this work we present a biometric cryptosystems which uses online signatures, based on the Fuzzy Vault scheme of Jules et al. The Fuzzy Vault scheme releases a previously stored key when the biometric data presented for verification matches the previously stored template hidden in a vault. The online signature of a person is a behavioral biometric which is widely accepted as the formal way of approving documents, bank transactions, etc. As such, biometric-based key release using online signatures may have many application areas. We extract minutiae points (trajectory crossings, endings and points of high curvature) from online signatures and use those during the locking & unlocking phases of the vault. We present our preliminary results and demonstrate that high security level (128 bit encryption key length) can be achieved using online signatures
Coding Solutions for the Secure Biometric Storage Problem
The paper studies the problem of securely storing biometric passwords, such
as fingerprints and irises. With the help of coding theory Juels and Wattenberg
derived in 1999 a scheme where similar input strings will be accepted as the
same biometric. In the same time nothing could be learned from the stored data.
They called their scheme a "fuzzy commitment scheme". In this paper we will
revisit the solution of Juels and Wattenberg and we will provide answers to two
important questions: What type of error-correcting codes should be used and
what happens if biometric templates are not uniformly distributed, i.e. the
biometric data come with redundancy. Answering the first question will lead us
to the search for low-rate large-minimum distance error-correcting codes which
come with efficient decoding algorithms up to the designed distance. In order
to answer the second question we relate the rate required with a quantity
connected to the "entropy" of the string, trying to estimate a sort of
"capacity", if we want to see a flavor of the converse of Shannon's noisy
coding theorem. Finally we deal with side-problems arising in a practical
implementation and we propose a possible solution to the main one that seems to
have so far prevented real life applications of the fuzzy scheme, as far as we
know.Comment: the final version appeared in Proceedings Information Theory Workshop
(ITW) 2010, IEEE copyrigh
Decodability Attack against the Fuzzy Commitment Scheme with Public Feature Transforms
The fuzzy commitment scheme is a cryptographic primitive that can be used to
store biometric templates being encoded as fixed-length feature vectors
protected. If multiple related records generated from the same biometric
instance can be intercepted, their correspondence can be determined using the
decodability attack. In 2011, Kelkboom et al. proposed to pass the feature
vectors through a record-specific but public permutation process in order to
prevent this attack. In this paper, it is shown that this countermeasure
enables another attack also analyzed by Simoens et al. in 2009 which can even
ease an adversary to fully break two related records. The attack may only be
feasible if the protected feature vectors have a reasonably small Hamming
distance; yet, implementations and security analyses must account for this
risk. This paper furthermore discusses that by means of a public
transformation, the attack cannot be prevented in a binary fuzzy commitment
scheme based on linear codes. Fortunately, such transformations can be
generated for the non-binary case. In order to still be able to protect binary
feature vectors, one may consider to use the improved fuzzy vault scheme by
Dodis et al. which may be secured against linkability attacks using
observations made by Merkle and Tams
On Burst Error Correction and Storage Security of Noisy Data
Secure storage of noisy data for authentication purposes usually involves the
use of error correcting codes. We propose a new model scenario involving burst
errors and present for that several constructions.Comment: to be presented at MTNS 201
- …