We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byChristopher Lynch
Modified over 2 years ago
Ari Juels RSA Laboratories Marty Wattenberg 328 W. 19th Street, NYC A Fuzzy Commitment Scheme
Biometric authentication: Computer Authentication through Measurement of Biological Characteristics
u Fingerprint scanning u Iris scanning u Voice recognition Types of biometric authentication u Many others... u Face recognition u Body odor Authenticating...
Enrollment / Registration Template t Alice
Enrollment / Registration Alice Server
Authentication Alice Server
Server verifies against template ?
Limited password changes First password Second password
Templates represent intrinsic information about you Alice Theft of template is theft of identity
Towards a solution
password UNIX protection of passwords password h(password) Password
Template protection? h( )
Fingerprint is variable u Differing angles of presentation u Differing amounts of pressure u Chapped skin Don t have exact key!
We need fuzzy commitment ( )
Seems counterintuitive u Cryptographic (hash) function scrambles bits to produce random- looking structure, but uFuzziness or error resistance means high degree of local structure
Error Correcting Codes
Noisy channel Alice Bob Alice, I love… crypto s
Error correcting codes Alice Bob 110
g Function g adds redundancy Bob M 3 bits C 9 bits c Message space Codeword space g
Error correcting codes Alice Bob
f c C Function f corrects errors Alice f
Alice uses g -1 to retrieve message 9 bits C M 3 bits Alice g-1g-1 c Alice gets original, uncorrupted message 110
Idea: Treat template like message W g C(t) = h(g(t))
What do we get? uFuzziness of error-correcting code u Security of hash function-based commitment
Problems Davida, Frankel, and Matt (97) u Results in very large error-correcting code u Do not get good fuzziness u Cannot prove security easily u Dont really have access to message!
Our (counterintuitive) idea: Express template as corrupted codeword u Never use message space!
Express template as corrupted codeword W t w t = w +
t = w + h(w) Idea: hash most significant part for security Idea: leave some local information in clear for fuzziness
How we use fuzzy commitment...
Computing fuzzy hash of template t u Choose w at random u Compute = t - w u Store (h(w), ) as commitment (h(w), )
Verification of fingerprint t u Retrieve C(t) = (h(w), ) u Try to decommit using t: –Compute w = f(t - ) –Is h(w) = h(w)? ?
Characteristics of u Good fuzziness (say, 17%) u Simplicity u Provably strong security –I.e., nothing to steal
Open problems u What do template and error distributions really look like? u What other uses are there for fuzzy commitment? –Graphical passwords
Error-Tolerant Password Recovery Niklas Frykholm and Ari Juels RSA Laboratories.
On necessary and sufficient cryptographic assumptions: the case of memory checking Lecture 2 : Authentication and Communication Complexity Lecturer: Moni.
Introduction to Protocols: Entity Authentication, Key Establishment, Integrity/Message Authentication, Confidentiality INFSCI 1075: Network Security –
Client Puzzles A Cryptographic Defense Against Connection Depletion Attacks Ari Juels and John Brainard RSA Laboratories.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Appendix A: Introduction to cryptographic.
Approximate quantum error correction for correlated noise Avraham Ben-Aroya Amnon Ta-Shma Tel-Aviv University 1.
CHAPTER 4 Protection in General-Purpose Operating Systems (c) by Syed Ardi Syed Yahya Kamal, UTM
PROOFS OF RETRIEVABILITY VIA HARDNESS AMPLIFICATION Yevgeniy Dodis, Salil Vadhan and Daniel Wichs.
Computer Security Set of slides 4 Dr Alexei Vernitski.
Attacks on cryptography – Cyphertext, known pltext, chosen pltext, MITM, brute-force Types of ciphers – Mix of substitution and transposition – Monoalphabetic,
On necessary and sufficient cryptographic assumptions: the case of memory checking Lecture 1: One-way functions Lecturer: Moni Naor Weizmann Institute.
Quantum Double Feature Scott Aaronson (MIT) The Learnability of Quantum States Quantum Software Copy-Protection.
Ulams Game and Universal Communications Using Feedback Ofer Shayevitz June 2006.
Advanced Operating Systems Prof. Muhammad Saeed Security.
Trustee Tokens Simple and Practical Anonymous Digital Coin Tracing Ari Juels RSA Laboratories.
June 1, 2004Computer Security: Art and Science © Matt Bishop Slide #10-1 Chapter 10: Key Management Session and Interchange Keys Key Exchange.
Peer-to-peer and agent-based computing Security in Distributed Systems.
What is it? Tell Them From Me is an online student survey. It is not a test. It is a series of questions that will help your teachers and principal learn.
Quantum Copy-Protection and Quantum Money Scott Aaronson (MIT) | | | Any humor in this talk is completely unintentional.
How to Make a Valid and Unbiased Survey. First Step Brainstorm… –What is the topic of your survey –What is the objective, or what information are you.
Security Threat Analysis CS3517 Distributed Systems and Security Lecture 17.
New Developments in Quantum Money and Copy-Protected Software Scott Aaronson (MIT) Joint work with Paul Christiano A A.
File Systems. Storing Information Applications can store it in the process address space Why is it a bad idea? –Size is limited to size of virtual address.
Quantum Money Scott Aaronson (MIT) Based partly on joint work with Ed Farhi, David Gosset, Avinatan Hassidim, Jon Kelner, Andy Lutomirski, and Peter Shor.
Section 2.3 – Authentication Technologies 1. Authentication The determination of identity, usually based on a combination of – something the person has.
Ruhr- Universität Bochum Fakultät für Mathematik Informationssicherheit und Kryptologie Cryptanalysis of Hash Functions of the MD4-Family CITS – Cryptology.
Multi-factor Authentication Methods Taxonomy Abbie Barbir.
Quantum Money from Hidden Subspaces Scott Aaronson (MIT) Joint work with Paul Christiano A A.
The Learnability of Quantum States Scott Aaronson University of Waterloo.
© 2016 SlidePlayer.com Inc. All rights reserved.