Secure Fuzzy Extractors
By Xavier Boyen;
At DIMACS Workshop on Cryptography Theory Meets Practice, Rutgers University, New Jersey, October 2004.
In this talk, I discuss some recent cryptographic constructions that allow the use of biometrics in cryptographic applications such as authenticating to a server. First, I recall the notion of fuzzy extractor due to Dodis, Reyzin, and Smith, which allows reproducible random keys to be generated from noisy non-uniform biometrics, and discuss some of its shortcomings with regard to the inability of a user to reuse his biometrics with many servers, or to withstand an attack where the server tries to recover the user's secret. I then present two generalizations of fuzzy extractors which address these problems. The first construction — ‘reusable’ fuzzy extractors — enables a user to safely use the same biometric key to authenticate with many servers, a practice normally discouraged in security but unavoidable with biometrics. The second construction — ‘sealed’ fuzzy extractors — provides a form of tamper resistance which allows a user to safely perform a biometric handshake without fear that his biometric secret might be leaked to a cheating server. I describe some natural applications, such as a “zero storage” remote biometric authentication protocol, which allows a user to safely authenticate to a server without having to store or safeguard anything but his biometric secret.
Parts of this work in collaboration with Y. Dodis, J. Katz, R. Ostrovsky, and A. Smith.
- presentation slides (HTML)
Unless indicated otherwise, these documents are Copyright © Xavier Boyen; all rights reserved in all countries.
Back to Xavier's homepage