Embedding renewable cryptographic keys into noisy data

  • Ileana Buhan
  • Jeroen Doumen
  • Pieter Hartel
  • Qian Tang
  • Raymond Veldhuis
Special Issue Paper
First Online:

Abstract

A fuzzy extractor is a powerful but theoretical tool that can be used to extract uniform strings from (discrete) noisy sources. However, when using a fuzzy extractor in practice, extra features are needed, such as the renewability of the extracted strings and the ability to use the fuzzy extractor directly on continuous input data instead of discrete data. Our contribution is threefold. Firstly, we propose a fuzzy embedder as a generalization of the fuzzy extractor. A fuzzy embedder naturally supports renewability, as it allows a string to be embedded instead of extracted. It also supports direct analysis of quantization effects, as it makes no limiting assumptions about the nature of the input source. Secondly, we give a general construction for fuzzy embedders based on the technique of quantization index modulation (QIM). We show that the performance measures of a QIM, as proposed by the watermarking community, translate directly to the security properties of the corresponding fuzzy embedder. Finally, we show that from the perspective of the length of the embedded string, quantization in two dimensions is optimal. We present two practical constructions for a fuzzy embedder in two-dimensional space. The first construction is optimal from reliability perspective, and the second construction is optimal in the length of the embedded string.

Keywords

Biometrics Cryptographic keys Sphere packing 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Barak, B., Impagliazzo, R., Wigderson, A.: Extracting randomness using few independent sources. In: Proceedings of the 45th Annual IEEE Symposium on Foundations of Computer Science (FOCS’04), vol. 45, pp. 384–393. Roma, Italy, Oct (2004)Google Scholar
  2. 2.
    Barron R.J., Chen B., Wornell G.W.: The duality between information embedding and source coding with side information and some applications. IEEE Trans. Inf. Theory 49(5), 1159–1180 (2003)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Boyen, X.: Reusable cryptographic fuzzy extractors. In: Atluri, V., Pfitzmann, B., McDaniel, P.D. (eds.) Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS 2004), Washington DC, USA pp. 82–91. ACM, Oct (2004)Google Scholar
  4. 4.
    Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., Smith, A.: Secure remote authentication using biometric data. In: Ronald, C., (ed.) Advances in Cryptology, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2005), Aarhus, Denmark volume 3494 of Lecture Notes in Computer Science, pp. 147–163. Springer, May (2005)Google Scholar
  5. 5.
    Buhan, I.R., Doumen, J., Hartel, P.H.: Controling leakage of biometric information using dithering. In: Proceedings of the 16th European Signal Processing Conference (EUSIPCO), Lausanne, Switzerland EUSIPCO. European Association for Signal, Speech and Image Processing, EURASIP, Aug (2008)Google Scholar
  6. 6.
    Buhan, I.R., Doumen, J., Hartel, P.H., Veldhuis, R.N.J.: Fuzzy extractors for continuous distributions. In: Deng, R., Samarati, P. (eds.) Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS), Singapore, pp. 353–355, New York, March (2007). ACM. (Subsumed by Chapter 3 of this thesis, except examples)Google Scholar
  7. 7.
    Chang, E.C., Li, Q.: Hiding secret points amidst chaff. In: Serge, V., (ed.) 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Saint Petersburg, Russia volume 4004 of Lecture Notes on Computer Science, pp. 59–72. Springer, May (2006)Google Scholar
  8. 8.
    Chang, Y.J., Zhang, W., Chen, T.: Biometrics-based cryptographic key generation. In IEEE International Conference on Multimedia and Expo (ICME’04), Taipei, Taiwan, pp. 2203–2206. IEEE Computer Society, June (2004)Google Scholar
  9. 9.
    Chen B., Wornell G.W.: Dither modulation: a new approach to digital watermarking and information embedding. Proc. SPIE Secur. Watermarking Multimed. Contents 3657, 342–353 (1999)Google Scholar
  10. 10.
    Chen B., Wornell G.W.: Quantization index modulation methods for digital watermarking and information embedding of multimedia. J. VLSI Signal Process., Springer, Netherlands 27(1–2), 7–33 (2001)MATHGoogle Scholar
  11. 11.
    Chen, C., Veldhuis, R.N.J., Kevenaar, T.A.M., Akkermans, A.H.M.: Multi-bits biometric string generation based on the likelyhood ratio. In: IEEE Conference on Biometrics: Theory, Applications and Systems (BTAS’07), Washinton, DC, pp. 1–6. IEEE Computer Society, Sept (2007)Google Scholar
  12. 12.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology, Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2004), Interlaken, Switzerland volume 3027 of Lecture Notes in Computer Science, pp. 523–540. Springer, May (2004)Google Scholar
  13. 13.
    Dodis, Y. and Smith, A.: Correcting errors without leaking partial information. In: Gabow H.N., Fagin, R. (eds.) Proceedings of the 37th Annual ACM Symposium on Theory of Computing(STOC), pp. 654–663. ACM, Baltimore, MD, USA, May (2005)Google Scholar
  14. 14.
    Gersho A.: Principles of quantization. IEEE Trans. Circuits Syst. 25(7), 427–436 (1978)CrossRefGoogle Scholar
  15. 15.
    Gersho A.: Asymptotically optimal block quantization. IEEE Trans. Inf. Theory 25(4), 373–380 (1979)MATHCrossRefMathSciNetGoogle Scholar
  16. 16.
    Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security (CCS). Singapore, pp. 28–36. ACM SIGSAC, Nov (1999)Google Scholar
  17. 17.
    Kabatiansky G.A., Levenshtein V.I.: Bounds for packings on a sphere and in space. Probl. Peredachi Informatsii 1, 3–25 (1978)Google Scholar
  18. 18.
    Li, Q., Sutcu, Y., Memon, N.: Secure sketch for biometric templates. In: Lai, X., Chen, K., (eds.) Advances in Cryptology 12th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT 2006), Shanghai, China volume 4284 of Lecture Notes in Computer Science, pp. 99–113. Springer, Dec (2006)Google Scholar
  19. 19.
    Linnartz, J.P., Tuyls, P.: New shielding functions to enhance privacy and prevent misuse of biometric templates. In: Kittler, J., Nixon, M.S., (eds.) 4th International Conference on Audio-and Video-Based Biometrie Person Authentication (AVBPA 2003), Guildford, UK volume 2688 of Lecture Notes in Computer Science, pp. 393–402. Springer, June (2003)Google Scholar
  20. 20.
    Maurer, U.: Perfect cryptographic security from partially independent channels. In: Proceedings of the 23rd ACM Symposium on Theory of Computing (STOC), New Orleans, Louisiana, USA, pp. 561–572. ACM Press, Aug (1991)Google Scholar
  21. 21.
    Maurer U.: Secret key agreement by public discussion. IEEE Trans. Inf. Theory 39(3), 733–742 (1993)MATHCrossRefMathSciNetGoogle Scholar
  22. 22.
    Moulin P., Koetter R.: Data-hiding codes. Proc. IEEE 93(12), 2083–2126 (2005)CrossRefGoogle Scholar
  23. 23.
    Skoric, B., Tuyls, P., Ophey, W.: Robust key extraction from physical uncloneable functions. In: Ioannidis, J., Keromytis, A.D., Yung, M., (eds.) Applied Cryptography and Network Security (ACNS 2005), New York, NY, USA volume 3531 of Lecture Notes in Computer Science, pp. 407–422. Springer, June (2005)Google Scholar
  24. 24.
    Ta-Shma, A.: On extracting randomness from weak random sources (extended abstract). Proceedings of the twenty-eighth annual ACM symposium on Theory of computing (STOC 1996), Philadephia, Pennsylvania, USA 28, 276–285, May 1996Google Scholar
  25. 25.
    Trevisan, L., Vadhan, S.: Extracting randomness from samplable distributions. In: Proceedings of the 41st Annual Symposium on Foundations of Computer Science,Redondo Beach, CA, USA, volume 41, pp. 32–42. IEEE Computer Society, (2000)Google Scholar
  26. 26.
    Tuyls, P., Akkermans, A., Kevenaar, T., Schrijen, G., Bazen, A., Veldhuis, R.: Practical biometric authentication with template protection. In: Takeo, K., Anil K.J., Nalini K.R. (eds.) Proceedings of the 5th International Conference on Audio- and Video-Based Biometric Person Authentication (AVBPA 2005), Hilton Rye Town, NY, USA volume 3546 of Lecture Notes in Computer Science, pp. 436–446. Springer, July (2005)Google Scholar
  27. 27.
    Tuyls, P., Goseling, J.: Capacity and examples of template-protecting biometric authentication systems. In: Maltoni, D., Jain, A.K. (eds.) Proceedings of International Workshop on Biometric Authentication (ECCV 2004), Prague, Czech Republic volume 3087 of Lecture Notes in Computer Science, pp. 158–170. Springer, May (2004)Google Scholar
  28. 28.
    Uludag, U., Pankanti, S., Jain, A.K.: Fuzzy vault for fingerprints. In: Kanade, T., Jain, A.K., Ratha, N.K. (eds.) Proceedings of the 5th International Conference on Audio- and Video-Based Biometric Person Authentication, (AVBPA 2005) Hilton Rye Town, NY, USA volume 3546 of Lecture Notes in Computer Science pp. 310–319. Springer, July (2005)Google Scholar
  29. 29.
    Uludag U., Pankanti S., Prabhakar S., Jain A.K.: Biometric cryptosystems: issues and challenges. Proc. IEEE 92(6), 948–960 (2004)CrossRefGoogle Scholar
  30. 30.
    Zeger K., Gersho A.: Number of nearest neighbors in a euclidean code. IEEE Trans. Inf. Theory 40(5), 1647–1649 (1994)MATHCrossRefMathSciNetGoogle Scholar
  31. 31.
    Zhang, W., Chang, Y.J., Chen, T.: Optimal thresholding for key generation based on biometrics. In: Proceedings of the IEEE 2004 International Conference on Image Processing (ICIP 2004), Singapore pp. 3451–3454. IEEE Computer Society, Oct (2004)Google Scholar

Copyright information

© Springer-Verlag 2010

Authors and Affiliations

  • Ileana Buhan
    • 1
  • Jeroen Doumen
    • 2
  • Pieter Hartel
    • 3
  • Qian Tang
    • 3
  • Raymond Veldhuis
    • 4
  1. 1.Information and System SecurityPhilips Research LaboratoriesEindhovenThe Netherlands
  2. 2.Irdeto ResearchEindhovenThe Netherlands
  3. 3.Distributed and Embedded Security, Faculty of EEMCSUniversity of TwenteEnschedeThe Netherlands
  4. 4.Signals and Systems Group, Electrical EngineeringUniversity of TwenteEnschedeThe Netherlands

Personalised recommendations