2 research outputs found
Decodability Attack against the Fuzzy Commitment Scheme with Public Feature Transforms
The fuzzy commitment scheme is a cryptographic primitive that can be used to
store biometric templates being encoded as fixed-length feature vectors
protected. If multiple related records generated from the same biometric
instance can be intercepted, their correspondence can be determined using the
decodability attack. In 2011, Kelkboom et al. proposed to pass the feature
vectors through a record-specific but public permutation process in order to
prevent this attack. In this paper, it is shown that this countermeasure
enables another attack also analyzed by Simoens et al. in 2009 which can even
ease an adversary to fully break two related records. The attack may only be
feasible if the protected feature vectors have a reasonably small Hamming
distance; yet, implementations and security analyses must account for this
risk. This paper furthermore discusses that by means of a public
transformation, the attack cannot be prevented in a binary fuzzy commitment
scheme based on linear codes. Fortunately, such transformations can be
generated for the non-binary case. In order to still be able to protect binary
feature vectors, one may consider to use the improved fuzzy vault scheme by
Dodis et al. which may be secured against linkability attacks using
observations made by Merkle and Tams