Statistical attack against fuzzy commitment scheme
Statistical attack against fuzzy commitment scheme
- Author(s): C. Rathgeb and A. Uhl
- DOI: 10.1049/iet-bmt.2011.0001
For access to this article, please select a purchase option:
Buy article PDF
Buy Knowledge Pack
IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.
Thank you
Your recommendation has been sent to your librarian.
- Author(s): C. Rathgeb 1 and A. Uhl 1
-
-
View affiliations
-
Affiliations:
1: Multimedia Signal Processing and Security Lab, Department of Computer Sciences, University of Salzburg, Salzburg, Austria
-
Affiliations:
1: Multimedia Signal Processing and Security Lab, Department of Computer Sciences, University of Salzburg, Salzburg, Austria
- Source:
Volume 1, Issue 2,
June 2012,
p.
94 – 104
DOI: 10.1049/iet-bmt.2011.0001 , Print ISSN 2047-4938, Online ISSN 2047-4946
In this study a statistical attack against fuzzy commitment schemes is presented. Comparisons of different pairs of binary biometric feature vectors yield binomial distributions, the standard deviations of which are bounded by the entropy of biometric templates. In case error correction consists of a series of chunks, like in the vast majority of approaches, helper data become vulnerable to statistical attacks. Error-correction codewords are bound to separate parts of a binary template among which biometric entropy is dispersed. As a consequence, chunks of the helper data are prone to statistical significant false acceptance. In experimental evaluations the proposed attack is applied to different iris-biometric fuzzy commitment schemes retrieving cryptographic keys at alarming low effort.
Inspec keywords: iris recognition; fuzzy set theory; cryptography; entropy; error correction codes; binomial distribution
Other keywords:
Subjects: Other topics in statistics; Combinatorial mathematics; Cryptography; Other topics in statistics; Cryptography theory; Combinatorial mathematics
References
-
-
1)
- A. Jain , A. Ross , S. Prabhakar . An introduction to biometric recognition. IEEE Trans. Circuits Syst. Video Technol. , 1 , 4 - 20
-
2)
- T. Ignatenko , F.M.J. Willems . Information leakage in fuzzy commitment schemes. Trans. Inf. Forensics Sec. , 2 , 337 - 348
-
3)
- A. Cavoukian , A. Stoianov . (2009) Biometric encryption.
-
4)
- Lu, H., Martin, K., Bui, F., Plataniotis, K., Hatzinakos, D.: `Face recognition with biometric encryption for privacy-enhancing self-exclusion', Proc. 16th Int. Conf. on Digital Signal Processing (DSP 2009), 2009.
-
5)
- A.K. Jain , K. Nandakumar , A. Nagar . Biometric template security. EURASIP J. Adv. Signal Process , 1 - 17
-
6)
- C. Rathgeb , A. Uhl . A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Inf. Sec. , 3
-
7)
- Ignatenko, T., Willems, F.M.J.: `Achieving secure fuzzy commitment scheme for optical pufs', Int. Conf. on Intelligent Information Hiding and Multimedia Signal Processing, 2009, Los Alamitos, CA, USA, p. 1185–1188.
-
8)
- Simoens, K., Tuyls, P., Preneel, B.: `Privacy weaknesses in biometric sketches', Proc. 30th IEEE Symp. on Security and Privacy, 2009, p. 188–203.
-
9)
- Nandakumar, K.: `A fingerprint cryptosystem based on minutiae phase spectrum', Proc. IEEE Workshop on Information Forensics and Security (WIFS), 2010.
-
10)
- Ao, M., Li, S.Z.: `Near infrared face based biometric key binding', Proc. Third Int. Conf. on Biometrics, (ICB'09), 2009, p. 376–385, (LNCS, 5558).
-
11)
- Tuyls, P., Akkermans, A.H.M., Kevenaar, T.A.M., Schrijen, G.J., Bazen, A.M., Veldhuis, R.N.J.: `Practical biometric authentication with template protection', Proc. Audio- and Video-Based Biometric Person Authentication, 2005, 3546, p. 436–446.
-
12)
- K.P. Hollingsworth , K.W. Bowyer , P.J. Flynn . The best bits in an iris code. IEEE Trans. Pattern Anal. Mach. Intell. , 6 , 964 - 973
-
13)
- J. Bringer , H. Chabanne , G. Cohen , B. Kindarji , G. Zémor . Theoretical and practical boundaries of binary secure sketches. IEEE Trans. Inf. Forensics Sec. , 673 - 683
-
14)
- Rathgeb, C., Uhl, A.: `Statistical attack against iris-biometric fuzzy commitment schemes', Proc. IEEE Computer Society and IEEE Biometrics Council Workshop on Biometrics (CVPRW'11), 2011, p. 25–32.
-
15)
- Rathgeb, C., Uhl, A.: `Systematic construction of iris-based fuzzy commitment schemes', Proc. Third Int. Conf. on Biometrics, 2009 (ICB'09), 2009, p. 947–956, (LNCS, 5558).
-
16)
- Failla, P., Sutcu, Y., Barni, M.: `Esketch: a privacy-preserving fuzzy commitment scheme for authentication using encrypted biometrics', Proc. 12th ACM workshop on Multimedia and security, ser. MMSec'10, 2010, p. 241–246.
-
17)
- J. Daugman . How iris recognition works. IEEE Trans. Circuits Syst. Video Technol. , 1 , 21 - 30
-
18)
- Rathgeb, C., Uhl, A., Wild, P.: `Reliability-balanced feature level fusion for fuzzy commitment scheme', Proc. Int. Joint Conf. on Biometrics (IJCB'11), October 2011, Washington, DC, USA, p. 1–7.
-
19)
- Delvaux, N., Chabanne, H., Bringer, J.: `Pseudo identities based on fingerprint characteristics', IIH-MSP'08: Proc. 2008 Int. Conf. on Intelligent Information Hiding and Multimedia Signal Processing, 2008, Washington, DC, USA, p. 1063–1068.
-
20)
- E.J.C. Kelkboom , J. Breebaart , T.A.M. Kevenaar , I. Buhan , R.N.J. Veldhuis . Preventing the decodability attack based cross-matching in a fuzzy commitment scheme. Trans. Inf. Forensics Sec. , 1 , 107 - 121
-
21)
- F. Hao , R. Anderson , J. Daugman . Combining cryptography with biometrics effectively. IEEE Trans. Comput. , 9 , 1081 - 1088
-
22)
- Xu, H., Veldhuis, R.N.: `Binary representations of fingerprint spectral minutiae features', Proc. 20th Int. Conf. on Pattern Recognition (ICPR'10), 2010, p. 1212–1216.
-
23)
- Zuo, J., Ratha, N.K., Connel, J.H.: `Cancelable iris biometric', Proc. 19th Int. Conf. on Pattern Recognition, (ICPR'08), 2008, p. 1–4.
-
24)
- Tong, V., Sibert, H., Lecoeur, J., Girault, M.: `Biometric fuzzy extractors made practical: a proposal based on fingercodes', Int. Conf. on Biometrics, 2007, (LNCS, 4642).
-
25)
- Juels, A., Wattenberg, M.: `A fuzzy commitment scheme', Sixth ACM Conf. on Computer and Communications Security, 1999, p. 28–36.
-
26)
- A. Teoh , J. Kim . Secure biometric template protection in fuzzy commitment scheme. IEICE Electron. Express , 23 , 724 - 730
-
27)
- Stoianov, A., Kevenaar, T., van der Veen, M.: `Security issues of biometric encryption', Proc. Toronto Int. Conf. on Science and Technology for Humanity (TIC-STH), 2009, p. 34–39.
-
28)
- Juels, A., Sudan, M.: `A fuzzy vault scheme', Proc. 2002 IEEE Int. Symp. on Information Theory, 2002, p. 408.
-
29)
- R. Viveros , K. Balasubramanian , N. Balakrishnan . Binomial and negative binomial analogues under correlated bernoulli trials. Am. Stat. , 3 , 243 - 247
-
30)
- Rathgeb, C., Uhl, A.: `Two-factor authentication or how to potentially counterfeit experimental results in biometric systems', Proc. Int. Conf. on Image Analysis and Recognition (ICIAR'10), Part II, 2010, p. 296–305, (LNCS 6112).
-
31)
- Zhang, L., Sun, Z., Tan, T., Hu, S.: `Robust biometric key extraction based on iris cryptosystem', Proc. Third Int. Conf. on Biometrics, (ICB'09), 2009, p. 1060–1070, (LNCS, 5558).
-
32)
- E. Maiorana , P. Campisi , A. Neri . User adaptive fuzzy commitment for signature templates protection and renewability. SPIE J. Electron. Imaging Spec. Section Biometrics, Adv. Sec. Usability Interoperability , 1 , 1 - 12
-
33)
- L. Ma , T. Tan , Y. Wang , D. Zhang . Efficient Iris recogntion by characterizing key local variations. IEEE Trans. Image Process. , 6 , 739 - 750
-
34)
- E.J.C. Kelkboom , G.G. Molina , J. Breebaart , R.N.J. Veldhuis , T.A.M. Kevenaar , W. Jonker . Binary biometrics: an analytic framework to estimate the performance curves under Gaussian assumption. Trans. Syst. Man, Cybern.-Part A: Syst. Humans , 3 , 555 - 571
-
35)
- Masek, L.: `Recognition of human iris patterns for biometric identification', 2003, Master's, University of Western Australia.
-
36)
- Rathgeb, C., Uhl, A.: `Adaptive fuzzy commitment scheme based on iris-code error analysis', Proc. Second European Workshop on Visual Information Processing (EUVIP'10), 2010, p. 41–44.
-
37)
- Buhan-Dulman, I., Merchan, J.G., Kelkboom, E.: `Efficient strategies for playing the indistinguishability game for fuzzy sketches', Proc. IEEE Workshop on Information Forensics and Security (WIFS), 2010.
-
38)
- Bringer, J., Despiegel, V.: `Binary feature vector fingerprint representation from minutiae vicinities', Proc. Fourth IEEE Int. Conf. on Biometrics: Theory, Applications and Systems (BTAS'10), 2010, p. 1–6.
-
39)
- A. Cavoukian , A. Stoianov . (2009) Biometric encryption: the new breed of untraceable biometrics.
-
1)