Abstract In 1999 Juels and Wattenberg introduced the fuzzy commitment scheme. Fuzzy commitment is a particular realization of a binary biometric secrecy system with a chosen secret key. Three cases of biometric sources are considered, i.e. memoryless and totally-symmetric biometric sources, memoryless and input-symmetric biometric sources, and memoryless biometric sources. It is shown that fuzzy commitment is only optimal for memoryless totally-symmetric biometric sources and only at the maximum secret-key rate. Moreover, it is demonstrated that for memoryless biometric sources, which are not input-symmetric, the fuzzy commitment scheme leaks information on both the secret key and the biometric data
