A Fuzzy Vault Scheme

We describe a simple and novel cryptographic construction that we refer to as a fuzzy vault. A player Alice may place a secret value κ in a fuzzy vault and “lock” it using a set A of elements from some public universe U. If Bob tries to “unlock” the vault using a set B of similar length, he obtains κ only if B is close to A, i.e., only if A and B overlap substantially. In constrast to previous constructions of this flavor, ours possesses the useful feature of order invariance, meaning that the ordering of A and B is immaterial to the functioning of the vault. As we show, our scheme enjoys provable security against a computationally unbounded attacker. Fuzzy vaults have potential application to the problem of protecting data in a number of real-world, error-prone environments. These include systems in which personal information serves to authenticate users for, e.g., the purposes of password recovery, and also to biometric authentication systems, in which readings are inherently noisy as a result of the refractory nature of image capture and processing.

[1]  Charles H. Bennett,et al.  Experimental quantum cryptography , 1991, Journal of Cryptology.

[2]  Muhammad Nadzir Marsono,et al.  A fuzzy vault scheme , 2002 .

[3]  Jacques Traoré,et al.  A fair and efficient solution to the socialist millionaires' problem , 2001, Discret. Appl. Math..

[4]  Phong Q. Nguyen,et al.  Noisy Polynomial Interpolation and Noisy Chinese Remaindering , 2000, EUROCRYPT.

[5]  Sarvar Patel,et al.  Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman , 2000, EUROCRYPT.

[6]  Bruce Schneier,et al.  Protecting secret keys with personal entropy , 2000, Future Gener. Comput. Syst..

[7]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[8]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 1999, CCS '99.

[9]  Madhu Sudan,et al.  Hardness of approximating the minimum distance of a linear code , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[10]  Michael K. Reiter,et al.  The Design and Analysis of Graphical Passwords , 1999, USENIX Security Symposium.

[11]  Yair Frankel,et al.  On the Relation of Error Correction and Cryptography to an Off Line Biometric Based Identification S , 1999 .

[12]  Venkatesan Guruswami,et al.  Improved decoding of Reed-Solomon and algebraic-geometric codes , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[13]  Thomas Jakobson,et al.  Cryptanalysis of Block Ciphers with Probabilistic Non-linear Relations of Low Degree , 1998, CRYPTO.

[14]  John Gilmore,et al.  Cracking DES - secrets of encryption research, wiretap politics and chip design: how federal agencies subvert privacy , 1998 .

[15]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[16]  Claude Crépeau,et al.  Efficient Cryptographic Protocols Based on Noisy Channels , 1997, EUROCRYPT.

[17]  H. Bechmann-Pasquinucci,et al.  Quantum cryptography , 2001, quant-ph/0101098.

[18]  Markus Jakobsson,et al.  Proving Without Knowing: On Oblivious, Agnostic and Blindolded Provers , 1996, CRYPTO.

[19]  Stephen B. Wicker,et al.  A Digital Signature Scheme Based on Linear Error-correcting Block Codes , 1994, ASIACRYPT.

[20]  Jacques Stern,et al.  A New Identification Scheme Based on Syndrome Decoding , 1993, CRYPTO.

[21]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[22]  Gilles Brassard,et al.  Practical Quantum Oblivious Transfer , 1991, CRYPTO.

[23]  Joe Kilian,et al.  Achieving oblivious transfer using weakened security assumptions , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[24]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[25]  Robert J. McEliece,et al.  A public key cryptosystem based on algebraic coding theory , 1978 .

[26]  James L. Massey,et al.  Shift-register synthesis and BCH decoding , 1969, IEEE Trans. Inf. Theory.

[27]  Elwyn R. Berlekamp,et al.  Algebraic coding theory , 1984, McGraw-Hill series in systems science.

[28]  W. W. Peterson,et al.  Encoding and error-correction procedures for the Bose-Chaudhuri codes , 1960, IRE Trans. Inf. Theory.