Sciweavers

CCS
2004
ACM

Reusable cryptographic fuzzy extractors

14 years 5 months ago
Reusable cryptographic fuzzy extractors
We show that a number of recent definitions and constructions of fuzzy extractors are not adequate for multiple uses of the same fuzzy secret—a major shortcoming in the case of biometric applications. We propose two particularly stringent security models that specifically address the case of fuzzy secret reuse, respectively from an outsider and an insider perspective, in what we call a chosen perturbation attack. We characterize the conditions that fuzzy extractors need to satisfy to be secure, and present generic constructions from ordinary building blocks. As an illustration, we demonstrate how to use a biometric secret in a remote error tolerant authentication protocol that does not require any storage on the client’s side. Categories and Subject Descriptors: E.3 [Data Encryption]; E.4 [Coding and Information Theory]. General Terms: Algorithms, Security, Theory.
Xavier Boyen
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where CCS
Authors Xavier Boyen
Comments (0)