A Fuzzy Vault Scheme
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.Get Access
We describe a simple and novel cryptographic construction that we refer to as a fuzzy vault. A player Alice may place a secret value κ in a fuzzy vault and “lock” it using a set A of elements from some public universe U. If Bob tries to “unlock” the vault using a set B of similar length, he obtains κ only if B is close to A, i.e., only if A and B overlap substantially. In constrast to previous constructions of this flavor, ours possesses the useful feature of order invariance, meaning that the ordering of A and B is immaterial to the functioning of the vault. As we show, our scheme enjoys provable security against a computationally unbounded attacker. Fuzzy vaults have potential application to the problem of protecting data in a number of real-world, error-prone environments. These include systems in which personal information serves to authenticate users for, e.g., the purposes of password recovery, and also to biometric authentication systems, in which readings are inherently noisy as a result of the refractory nature of image capture and processing.
- M. Alabbadi and S. B. Wicker, A digital signature scheme based on linear error-correcting block codes. In Josef Pieprzyk and Reihanah Safavi-Naini (eds.), Asiacrypt ’94, Springer-Verlag (1994) LNCS no. 917, pp. 238–248.
- Bennett, C. H., Bessette, F., Brassard, G., Savail, G., Smolin, J. (1992) Experimental quantum cryptography. J. Cryptol. 5: pp. 3-28 CrossRef
- C. H. Bennett, G. Brassard, C. Crépeau and M.-H. Skubiszewska, Practical quantum oblivious transfer protocols. In J. Feigenbaum (ed.), Crypto ’91, Springer-Verlag (1991). LNCS no. 576, pp. 351–366.
- Berlekamp, E. R. (1968) Algebraic Coding Theory. McGraw Hill, New York
- D. Bleichenbacher and P. Nyuyen, Noisy polynomial interpolation and noisy chinese remaindering. In B. Preneel (ed.), Eurocrypt ’00, (2000) LNCS no. 1807, pp. 53–69.
- V. Boyko, P. MacKenzie, and S. Patel, Provably secure password-authenticated key exchange using Diffie-Hellman. In B. Preneel (ed.), Eurocrypt ’00, Springer-Verlag (2000) LNCS no. 1807, pp. 156–171.
- C. Crépeau, Efficient cryptographic protocols based on noisy channels. In W. Fumy (ed.), Eurocrypt ’97, Springer-Verlag, (1997) LNCS no. 1233, pp. 306–317.
- C. Crépeau and J. Kilian, Achieving oblivious transfer using weakened security assumptions. In Proceedings of the 29th IEEE Symposium on the Foundations of Computer Science (1988), pp. 42–52.
- G. I. Davida, Y. Frankel and B. J. Matt, On enabling secure applications through off-line biometric identification. In IEEE Symposium on Privacy and Security (1998).
- G. I. Davida, Y. Frankel and B. J. Matt, On the relation of error correction and cryptography to an offline biometric based identification scheme. In Proceedings of WCC99, Workshop on Coding and Cryptography (1999).
- I. Dumer, D. Micciancio and M. Sudan. Hardness of approximating the minimum distance of a linear code. In Proceedings of the 40th Annual Symposium on Foundations of Computer Science (FOCS), (1999), pp. 475–484.
- Ellison, C., Hall, C., Milbert, R., Schneier, B. (2000, February) Protecting Secret Keys with Personal Entropy. J. Fut. Comput. Sys. 16: pp. 311-318
- Electronic Frontier Foundation, Cracking DES: Secrets of encryption research, wiretap politics & chip design. O’Reilly (1998).
- N. Frykholm and A. Juels, An error-tolerant password recovery scheme. In P. Samarati (ed.), Eighth ACM Conference on Computer and Communications Security, ACM Press (2001) pp. 1–8.
- V. Guruswami and M. Sudan, Improved decoding of Reed–Solomon and algebraic-geometric codes, In FOCS ’98, IEEE Computer Society (1998), pp. 28–39.
- T. Jakobsen, Cryptanalysis of block ciphers with probabilistic non-linear relations of low degree, In H. Krawczyk (ed.), Crypto ’98, Springer-Verlag (1998) LNCS no. 1462, pp. 212–222.
- M. Jakobsson and M. Yung, Proving with knowing: On oblivious, agnostic, and blindfolded provers, In N. Koblitz (ed.), Crypto ’96, Springer-Verlag (1996), LNCS no. 1109, pp. 186–200.
- I. Jermyn, A. Mayer, F. Monrose, M. K. Reiter and A. D. Rubin, The design and analysis of graphical passwords, In Proceedings of the 8th USENIX Security Symposium (1999), pp. 1–14.
- A. Juels and M. Wattenberg, A fuzzy commitment scheme, In G. Tsudik, (ed), Sixth ACM Conference on Computer and Communications Security, ACM Press (1999), pp. 28–36.
- A. Juels and M. Sudan, A fuzzy vault scheme, In International Symposium on Information Theory (ISIT), IEEE Pressm, (2002), p. 408.
- Massey, J. L. (1969) Shift register synthesis and BCH decoding. IEEE Trans. Inform. Theory 15: pp. 122-127 CrossRef
- R. J. McEliece, A public-key cryptosystem based on algebraic coding theory, Technical Report DSN progress report 42–44, Jet Propulsion Laboratory, Pasadena (1978).
- F. Monrose, M. K. Reiter and S. Wetzel, Password hardening based on keystroke dynamics, In G. Tsudik (ed.), Sixth ACM Conference on Computer and Communications Security, ACM Press (1999), pp. 73–82.
- T. Pedersen, Non-interactive and information-theoretic secure verifiable secret sharing. In J. Feigenbaum (ed.), Crypto ’91, Springer-Verlag (1991), LNCS no. 576, pp. 129–140.
- W. W. Peterson, Encoding and error-correction procedures for Bose-Chaudhuri codes, IEEE Trans. Inform. Theory, Vol. IT-60 (1960) pp. 459–470.
- Schoenmakers, B., Boudot, F., Traoré, J. (2001, July) A fair and efficient solution to the sociaset millionaires’ problem. Discrete Appl. Math. 111: pp. 23-36
- Shamir, A. (1979) How to share a secret. Commun. ACM 22: pp. 612-613 CrossRef
- C. Soutar, Biometric encryption for secure key generation, January 1998, Presentation at the 1998 RSA Data Security Conference.
- C. Soutar and G. J. Tomko, Secure private key generation using a fingerprint, In CardTech/SecurTech Conference Proceedings, Vol. 1, (May 1996) pp. 245–252.
- J. Stern, A new identification scheme based on syndrome decoding, In D.R. Stinson (ed.), Crypto ’93, Springer-Verlag (1993), LNCS no. 773, pp. 13–21.
- A Fuzzy Vault Scheme
Designs, Codes and Cryptography
Volume 38, Issue 2 , pp 237-257
- Cover Date
- Print ISSN
- Online ISSN
- Kluwer Academic Publishers
- Additional Links
- error-correting codes
- Industry Sectors