توضیحات
ABSTRACT
We show that a number of recent definitions and constructions of fuzzy extractors are not adequate for multiple uses of the same fuzzy secret—a major shortcoming in the case of biometric applications. We propose two particularly stringent security models that specifically address the case of fuzzy secret reuse, respectively from an outsider and an insider perspective, in what we call a chosen perturbation attack. We characterize the conditions that fuzzy extractors need to satisfy to be secure, and present generic constructions from ordinary building blocks. As an illustration, we demonstrate how to use a biometric secret in a remote error tolerant
authentication protocol that does not require any storage on the client’s side.
INTRODUCTION
Often, one would like to be able to use some piece of cryptographic machinery, not with an exact, strictly random string as secret, but with an approximate, noisy rendition of it, which furthermore would not be perfectly random either. Such a “fuzzy” secret could be a measurement on a somewhat hidden biometric feature—a retinal scan rather than a thumbprint—, a long password imperfectly committed to memory, or even one’s spontaneous answers to a list of subjective questions [EHMS00, FJ01]. Ideally, one would like to have a method to convert the above into as many cryptographically strong secrets usable for any purpose we like. A number of constructions geared toward specific applications have surfaced in the last few years [DFM98, JW99, MRW99, JS02]. Not surprisingly, related lines of work have also been pursued in different contexts, e.g., for privacy amplification
[BBCM95, BBR88], or for coping with noisy channels [Cre97]. The general idea is based on a two-step process, where an extraction
Year : 2004
Publisher : ACM Conference on Computer and Communications Security
By : Xavier Boyen
File Information : English Language / 27 Page /Size : 277 K
Download : click
سال : 2004
ناشر : ACM Conference on Computer and Communications Security
کاری از : Xavier Boyen
اطلاعات فایل : زبان انگلیسی / 27 صفحه / حجم : 277 K
لینک دانلود : روی همین لینک کلیک کنید
نقد و بررسیها
هنوز بررسیای ثبت نشده است.