Embedding renewable cryptographic keys into noisy data

A fuzzy extractor is a powerful but theoretical tool that can be used to extract uniform strings from (discrete) noisy sources. However, when using a fuzzy extractor in practice, extra features are needed, such as the renewability of the extracted strings and the ability to use the fuzzy extractor directly on continuous input data instead of discrete data. Our contribution is threefold. Firstly, we propose a fuzzy embedder as a generalization of the fuzzy extractor. A fuzzy embedder naturally supports renewability, as it allows a string to be embedded instead of extracted. It also supports direct analysis of quantization effects, as it makes no limiting assumptions about the nature of the input source. Secondly, we give a general construction for fuzzy embedders based on the technique of quantization index modulation (QIM). We show that the performance measures of a QIM, as proposed by the watermarking community, translate directly to the security properties of the corresponding fuzzy embedder. Finally, we show that from the perspective of the length of the embedded string, quantization in two dimensions is optimal. We present two practical constructions for a fuzzy embedder in two-dimensional space. The first construction is optimal from reliability perspective, and the second construction is optimal in the length of the embedded string.

[1]  Sharath Pankanti,et al.  Fuzzy Vault for Fingerprints , 2005, AVBPA.

[2]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[3]  R.N.J. Veldhuis,et al.  Multi-Bits Biometric String Generation based on the Likelihood Ratio , 2007, 2007 First IEEE International Conference on Biometrics: Theory, Applications, and Systems.

[4]  Pim Tuyls,et al.  Capacity and Examples of Template-Protecting Biometric Authentication Systems , 2004, ECCV Workshop BioAW.

[5]  Anil K. Jain,et al.  Audio- and Video-Based Biometric Person Authentication: 5th International Conference, AVBPA 2005, Hilton Rye Town, NY, USA, July 20-22, 2005, Proceedings (Lecture Notes in Computer Science) , 2005 .

[6]  Gregory W. Wornell,et al.  Quantization Index Modulation Methods for Digital Watermarking and Information Embedding of Multimedia , 2001, J. VLSI Signal Process..

[7]  Nasir D. Memon,et al.  Secure Sketch for Biometric Templates , 2006, ASIACRYPT.

[8]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[9]  Avi Wigderson,et al.  Extracting Randomness Using Few Independent Sources , 2006, SIAM J. Comput..

[10]  Pieter H. Hartel,et al.  Controlling leakage of biometric information using dithering , 2008, 2008 16th European Signal Processing Conference.

[11]  Gregory W. Wornell,et al.  The duality between information embedding and source coding with side information and some applications , 2003, IEEE Trans. Inf. Theory.

[12]  Gregory W. Wornell,et al.  Dither modulation: a new approach to digital watermarking and information embedding , 1999, Electronic Imaging.

[13]  Raymond N. J. Veldhuis,et al.  Practical Biometric Authentication with Template Protection , 2005, AVBPA.

[14]  Pierre Moulin,et al.  Data-Hiding Codes , 2005, Proceedings of the IEEE.

[15]  Allen Gersho,et al.  Principles of quantization , 1978 .

[16]  Tsuhan Chen,et al.  Biometrics-based cryptographic key generation , 2004, 2004 IEEE International Conference on Multimedia and Expo (ICME) (IEEE Cat. No.04TH8763).

[17]  Pieter H. Hartel,et al.  Fuzzy extractors for continuous distributions , 2006, ASIACCS '07.

[18]  Allen Gersho,et al.  Asymptotically optimal block quantization , 1979, IEEE Trans. Inf. Theory.

[19]  Ee-Chien Chang,et al.  Hiding Secret Points Amidst Chaff , 2006, EUROCRYPT.

[20]  Boris Skoric,et al.  Robust Key Extraction from Physical Uncloneable Functions , 2005, ACNS.

[21]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[22]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[23]  Ueli Maurer,et al.  Perfect cryptographic security from partially independent channels , 1991, STOC '91.

[24]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[25]  Amnon Ta-Shma,et al.  On extracting randomness from weak random sources (extended abstract) , 1996, STOC '96.

[26]  Tsuhan Chen,et al.  Optimal thresholding for key generation based on biometrics , 2004, 2004 International Conference on Image Processing, 2004. ICIP '04..

[27]  Luca Trevisan,et al.  Extracting randomness from samplable distributions , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[28]  Ueli Maurer,et al.  Secret key agreement by public discussion , 1993 .

[29]  Allen Gersho,et al.  Number of nearest neighbors in a Euclidean code , 1994, IEEE Trans. Inf. Theory.

[30]  Ueli Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[31]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.

[32]  Yevgeniy Dodis,et al.  Correcting errors without leaking partial information , 2005, STOC '05.