Controlling Leakage of Biometric Information using Dithering

I.R. Buhan, J.M. Doumen, Pieter H. Hartel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    9 Citations (Scopus)
    104 Downloads (Pure)


    Fuzzy extractors allow cryptographic keys to be generated from noisy, non-uniform biometric data. Fuzzy extractors can be used to authenticate a user to a server without storing her biometric data directly. However, in the Information Theoretic sense fuzzy extractors will leak information about the biometric data. We propose as alternative to use a fuzzy embedder which fuses an independently generated cryptographic key with biometric data. As fuzzy extractors, a fuzzy embedder can be used to authenticate a user without storing her biometric information or the cryptographic key on a server. A fuzzy embedder will leak in the Information Theoretic sense information about both the biometrics and the cryptographic key. While both types of leakage are important, information leakage of the biometric data is critical since the cryptographic key as opposed to biometric data can be renewed. We show that constructing fuzzy embedders which leak no information about the biometrics is theoretically possible. We present a construction which allows controlling the leakage of biometric information, but which requires a weak secret at the decoder called dither. If this secret is compromised the security of the construction will degrade gracefully.
    Original languageUndefined
    Title of host publication16th European Signal Processing Conference
    EditorsI.R. Buhan, J.M. Doumen, P.H. Hartel
    Place of PublicationLausanne, Switerland
    PublisherEURASIP, European Association for Signal, Speech and Image Processing
    Number of pages5
    ISBN (Print)978-2-8399-0450-6
    Publication statusPublished - Aug 2008
    Event16th European Signal Processing Conference - Lausanne, Switzerland
    Duration: 25 Aug 200829 Aug 2008
    Conference number: 16th

    Publication series

    PublisherEURASIP, European Association for Signal, Speech and Image Processing


    Conference16th European Signal Processing Conference
    Abbreviated titleEUSIPCO 2008
    Internet address


    • SCS-Cybersecurity
    • IR-59977
    • METIS-250978
    • EWI-12745

    Cite this