Download presentation

Presentation is loading. Please wait.

Published byLawrence Picot Modified about 1 year ago

1
Fuzzy Stuff 6.857 Lecture 24, 2006

2
Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting Codes New Tool (for us): Error Correcting Codes Fuzzy Vaults Fuzzy Vaults Fuzzy Commitments Fuzzy Commitments Fuzzy Extractors Fuzzy Extractors

3
Biometrics via… Individual anatomy/physiology Individual anatomy/physiology –Hand geometry –fingerprint Ingrained skill/behavioral characteristic Ingrained skill/behavioral characteristic –Handwritten signature Combination Combination –Voice –Body Odor

4
Biometric Architectures

5
Analyze to get set of features characterizing the biometric Analyze to get set of features characterizing the biometric –(generally known as templates, or in the fingerprint case, minutiae). Registration

6
Questions (Discuss!) How is the template protected? How is the template protected? –How are passwords protected? Where is the match performed? Where is the match performed? –Server side –Client side –On device How is the match performed? How is the match performed?

7
Let’s think… HASH! HASH! ENCRYPT! ENCRYPT! SS! SS! ECC! (???) ECC! (???) –Error Correcting Codes

8
ECCs- Error Correcting Codes

9
ECCs Noisy medium, probability p that any bit will be flipped. Noisy medium, probability p that any bit will be flipped. How to improve reliability? How to improve reliability? E.g. repetition codes: E.g. repetition codes: –Encoding: repeat each bit of message d (odd) times to get codeword –Send over medium –Decoding: take majority vote to decode (garbled) codeword back into message –Resilient against (d-1)/2 errors

10
ECCs

11
E.g. Reed Solomon codes Invented in the 60s at the Lincoln Lab Invented in the 60s at the Lincoln Lab Used in CD/DVDs Used in CD/DVDs Can be viewed as a general, error-tolerant form of SSS. Can be viewed as a general, error-tolerant form of SSS.

12
Fuzzy Vaults: Goal Alice places a secret S in a vault and locks it using an unordered set A (e.g. minutiae of fingerprint) Alice places a secret S in a vault and locks it using an unordered set A (e.g. minutiae of fingerprint) Bob uses an unordered set B to unlock the vault (and thus access S): successful iff B and A overlap substantially. Bob uses an unordered set B to unlock the vault (and thus access S): successful iff B and A overlap substantially.

13
Fuzzy Vaults: How Locking the vault: Locking the vault: –Alice selects poly p(x), encoding S –Computes poly projections p(A) –Adds randomly gen-ed chaff points to get point set R Unlocking the vault: Unlocking the vault: –Bob uses his own set B –If B and A are similar, many points of R will lie on p Using error correction, he can reconstruct p and hence S. Using error correction, he can reconstruct p and hence S. Security: information theoretical Security: information theoretical

14
So… Fingerprint features not stored in clear Fingerprint features not stored in clear.. but in fuzzy vaults.. but in fuzzy vaults.. which can be stored in some directory and unlocked on client.. which can be stored in some directory and unlocked on client

15
FV pros Provable security characterization Provable security characterization No need for: No need for: –Server –Device All the benefits of secure, client side match. All the benefits of secure, client side match.

16
Where to buy? Still a research concept (RSA Labs/MIT/..) Still a research concept (RSA Labs/MIT/..) Validated in early prototype Validated in early prototype

17
Other Fuzzy Vault Applications Privacy protected similar interests matching… Privacy protected similar interests matching… Personal entropy systems… Personal entropy systems…

18
Fuzzy Commitment Scheme Let F := some field, C := set of codewords for some ECC. Say codewords lie in F n. Say that we have RO, h. Let F := some field, C := set of codewords for some ECC. Say codewords lie in F n. Say that we have RO, h. To commit to x in F n, c R F n, d c-x. commitment = (d,h(c)) To commit to x in F n, c R F n, d c-x. commitment = (d,h(c)) To decommit using x’, compute d+x’, and try to decode to nearest codeword c’. To decommit using x’, compute d+x’, and try to decode to nearest codeword c’.

19
Fuzzy Extractors Turn noisy information into keys usable for any cryptographic application Turn noisy information into keys usable for any cryptographic application Reliably and securely authenticate biometric data Reliably and securely authenticate biometric data Applies to any keying material that (unlike traditional crypto keys) is: Applies to any keying material that (unlike traditional crypto keys) is: –Not reproducible precisely –Not distributed randomly

20
References Security Engineering, Chapter 13, by Ross Anderson. Security Engineering, Chapter 13, by Ross Anderson. A Fuzzy Vault Scheme, by A. Juels and M. Sudan. A Fuzzy Vault Scheme, by A. Juels and M. Sudan. Fuzzy Vault for Fingerprints, by U. Uludag, S. Pankanti, A. K. Jain. Fuzzy Vault for Fingerprints, by U. Uludag, S. Pankanti, A. K. Jain. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data, by Y. Dodis, R. Ostrovsky, L. Reyzin and A. Smith. Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data, by Y. Dodis, R. Ostrovsky, L. Reyzin and A. Smith. And their presentation versions… And their presentation versions…

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google