Computer Science > Cryptography and Security
[Submitted on 18 Dec 2013 (v1), revised 22 Dec 2013 (this version, v2), latest version 5 Oct 2014 (v4)]
Title:Security of the Improved Fuzzy Vault Scheme in the Presence of Record Multiplicity (Full Version)
View PDFAbstract:The fuzzy vault scheme is one of the most popular primitives used in biometric cryptosystems. Dodis et al. proposed an improved version that require less storage and leak less information on the protected features. It has been recently shown by Blanton and Aliasgari that, if several instances (vault records) of the improved fuzzy vault scheme from the same individual are available, their relation may be determined by solving a system of non-linear equations. However, the question whether these equations can be solved efficiently has not been answered yet.
In this paper, we present a new attack against the improved fuzzy vault scheme based on the extended Euclidean algorithm that efficiently solves the equations established by Blanton and Aliasgari; thereby, our attack can determine, if two records are related, and recover the elements by which the protected features, e.g., the biometric templates, differ. Our theoretical and empirical analysis demonstrates that the attack is effective for parameters that we expect to encounter in practice. Furthermore, we show, how this attack can be extended to fully recover both feature sets from two related vault records much more efficiently than possible by attacking each record individually. We complement this work by deriving lower bounds for record multiplicity attacks and use these to show that our attack is asymptotically optimal in an information theoretic sense. Finally, we propose remedies that harden the scheme against record multiplicity attacks.
Our work strengthens the notion of Blanton and Aliasgari that, additional countermeasures are necessary in order to allow secure reuse of the improved fuzzy vault scheme.
Submission history
From: Benjamin Tams [view email][v1] Wed, 18 Dec 2013 17:08:22 UTC (54 KB)
[v2] Sun, 22 Dec 2013 13:44:00 UTC (54 KB)
[v3] Sat, 11 Jan 2014 17:48:40 UTC (54 KB)
[v4] Sun, 5 Oct 2014 14:20:56 UTC (41 KB)
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.