Public Key Cryptosystems with Noisy Secret Keys

Passwords bootstrap symmetric and asymmetric cryptography, tying keys to an individual user. Biometrics are intended to strengthen this tie. Unfortunately, biometrics exhibit noise between repeated readings. Fuzzy extractors (Dodis et al., Eurocrypt 2004) derive stable symmetric keys from noisy sources. We ask if it is also possible for noisy sources to directly replace private keys in asymmetric cryptosystems. We propose a new primitive called public-key cryptosystems with noisy keys. Such a cryptosystem functions when the private key varies according to some metric. An intuitive solution is to combine a fuzzy extractor with a public key cryptosystem. Unfortunately, fuzzy extractors need static helper information to account for noise. This helper information creates fundamental limitations on the resulting cryptosytems. To overcome these limitations, we directly construct public-key encryption and digital signature algorithms with noisy keys. The core of our constructions is a computational version of the fuzzy vault (Juels and Sudan, Designs, Codes, and Cryptography 2006). Security of our schemes is based on graded encoding schemes (Garg et al., Eurocrypt 2013, Garg et al., TCC 2016). Importantly, our public-key encryption algorithm is based on a weaker model of grading encoding. If functional encryption or indistinguishable obfuscation exist in this weaker model, they also exist in the standard model. In addition, we use the computational fuzzy vault to construct the first reusable fuzzy extractor (Boyen, CCS 2004) supporting a linear fraction of errors.

[1]  John Daugman,et al.  Information Theory and the IrisCode , 2016, IEEE Transactions on Information Forensics and Security.

[2]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[3]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[4]  Vinod Vaikuntanathan,et al.  Indistinguishability Obfuscation from DDH-Like Assumptions on Constant-Degree Graded Encodings , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[5]  Amit Sahai,et al.  Projective Arithmetic Functional Encryption and Indistinguishability Obfuscation from Degree-5 Multilinear Maps , 2017, EUROCRYPT.

[6]  Eric Miles,et al.  Secure Obfuscation in a Weak Multilinear Map Model , 2016, TCC.

[7]  Mehdi Tibouchi,et al.  Cryptanalysis of GGH15 Multilinear Maps , 2016, CRYPTO.

[8]  Yupu Hu,et al.  A Comment on Gu Map-1 , 2015, IACR Cryptol. ePrint Arch..

[9]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[10]  P. Bahr,et al.  Sampling: Theory and Applications , 2020, Applied and Numerical Harmonic Analysis.

[11]  Eric Miles,et al.  Annihilation Attacks for Multilinear Maps: Cryptanalysis of Indistinguishability Obfuscation over GGH13 , 2016, CRYPTO.

[12]  Joseph H. Silverman,et al.  NTRU: A Ring-Based Public Key Cryptosystem , 1998, ANTS.

[13]  John Daugman How iris recognition works , 2004 .

[14]  Dimitriadis Evangelos,et al.  The Quest to Replace Passwords : a Framework for Comparative Evaluation of Web Authentication Schemes , 2016 .

[15]  K.W. Bowyer,et al.  The Best Bits in an Iris Code , 2009, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[16]  Leonid Reyzin,et al.  Computational Fuzzy Extractors , 2013, ASIACRYPT.

[17]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[18]  Chi-Jen Lu,et al.  Conditional Computational Entropy, or Toward Separating Pseudoentropy from Compressibility , 2007, EUROCRYPT.

[19]  Noam Nisan,et al.  Randomness is Linear in Space , 1996, J. Comput. Syst. Sci..

[20]  Yael Tauman Kalai,et al.  On Virtual Grey Box Obfuscation for General Circuits , 2017, Algorithmica.

[21]  René Mayrhofer,et al.  Shake Well Before Use: Intuitive and Secure Pairing of Mobile Devices , 2009, IEEE Transactions on Mobile Computing.

[22]  Ingrid Verbauwhede,et al.  PUFKY: A Fully Functional PUF-Based Cryptographic Key Generator , 2012, CHES.

[23]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[24]  Omer Paneth,et al.  Reusable Fuzzy Extractors for Low-Entropy Distributions , 2016, Journal of Cryptology.

[25]  M. Angela Sasse,et al.  Are Passfaces More Usable Than Passwords? A Field Trial Investigation , 2000, BCS HCI.

[26]  Brice Minaud,et al.  Cryptanalysis of the New CLT Multilinear Map over the Integers , 2016, EUROCRYPT.

[27]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[28]  Yupu Hu,et al.  Cryptanalysis of GGH Map , 2016, EUROCRYPT.

[29]  Huijia Lin,et al.  Indistinguishability Obfuscation from Constant-Degree Graded Encoding Schemes , 2016, EUROCRYPT.

[30]  Craig Gentry,et al.  Zeroizing Without Low-Level Zeroes: New MMAP Attacks and their Limitations , 2015, CRYPTO.

[31]  Yevgeniy Dodis,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, EUROCRYPT.

[32]  Jung Hee Cheon,et al.  Cryptanalysis of the Multilinear Map over the Integers , 2014, EUROCRYPT.

[33]  Leonid Reyzin,et al.  Key Agreement from Close Secrets over Unsecured Channels , 2009, IACR Cryptol. ePrint Arch..

[34]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[35]  Nalini Ratha,et al.  SLIC: Short-length iris codes , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[36]  Avi Wigderson,et al.  Computational Analogues of Entropy , 2003, RANDOM-APPROX.

[37]  Junyu Niu,et al.  Fragile Bits in Palmprint Recognition , 2012, IEEE Signal Processing Letters.

[38]  Bruce Schneier,et al.  Protecting secret keys with personal entropy , 2000, Future Gener. Comput. Syst..

[39]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 2002, International Journal of Information Security.

[40]  Srinivas Devadas,et al.  Secure and robust error correction for physical unclonable functions , 2010, IEEE Design & Test of Computers.

[41]  Wei Wu,et al.  Entropy loss in PUF-based key generation schemes: The repetition code pitfall , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[42]  Moshe Zviran,et al.  A Comparison of Password Techniques for Multilevel Authentication Mechanisms , 1990, Comput. J..

[43]  Srinivas Devadas,et al.  Trapdoor Computational Fuzzy Extractors and Stateless Cryptographically-Secure Physical Unclonable Functions , 2017, IEEE Transactions on Dependable and Secure Computing.

[44]  Stephen A. Benton,et al.  Physical one-way functions , 2001 .

[45]  Ran Canetti,et al.  Obfuscating Point Functions with Multibit Output , 2008, EUROCRYPT.

[46]  Sanjam Garg,et al.  Obfuscation without the Vulnerabilities of Multilinear Maps , 2016, IACR Cryptol. ePrint Arch..