Abstract
Fuzzy extractors allow cryptographic keys to be generated
from noisy, non-uniform biometric data. Fuzzy extractors
can be used to authenticate a user to a server without storing
her biometric data directly. However, in the Information
Theoretic sense fuzzy extractors will leak information
about the biometric data. We propose as alternative to use
a fuzzy embedder which fuses an independently generated
cryptographic key with biometric data. As fuzzy extractors,
a fuzzy embedder can be used to authenticate a user without
storing her biometric information or the cryptographic
key on a server. A fuzzy embedder will leak in the Information
Theoretic sense information about both the biometrics
and the cryptographic key. While both types of leakage are
important, information leakage of the biometric data is critical
since the cryptographic key as opposed to biometric data
can be renewed. We show that constructing fuzzy embedders
which leak no information about the biometrics is theoretically
possible. We present a construction which allows
controlling the leakage of biometric information, but which
requires a weak secret at the decoder called dither. If this
secret is compromised the security of the construction will
degrade gracefully.
Original language | Undefined |
---|---|
Title of host publication | 16th European Signal Processing Conference |
Editors | I.R. Buhan, J.M. Doumen, P.H. Hartel |
Place of Publication | Lausanne, Switerland |
Publisher | EURASIP, European Association for Signal, Speech and Image Processing |
Pages | 1569105382 |
Number of pages | 5 |
ISBN (Print) | 978-2-8399-0450-6 |
Publication status | Published - Aug 2008 |
Event | 16th European Signal Processing Conference - Lausanne, Switzerland Duration: 25 Aug 2008 → 29 Aug 2008 Conference number: 16th https://www.eurasip.org/Proceedings/Eusipco/Eusipco2008/index.html |
Publication series
Name | EUSIPCO |
---|---|
Publisher | EURASIP, European Association for Signal, Speech and Image Processing |
Number | 274 |
Conference
Conference | 16th European Signal Processing Conference |
---|---|
Abbreviated title | EUSIPCO 2008 |
Country/Territory | Switzerland |
City | Lausanne |
Period | 25/08/08 → 29/08/08 |
Internet address |
Keywords
- SCS-Cybersecurity
- IR-59977
- METIS-250978
- EWI-12745