• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.9
• /
• pp.4585-4602
• /
• 2016

A novel key sharing fuzzy vault scheme is proposed based on the classic fuzzy vault and the Diffie-Hellman key exchange protocol. In this proposed scheme, two users cooperatively build their fuzzy vault for their shared key using their own biometrics. Either of the users can use their own biometrics to unlock the fuzzy vault with the help of the other to get their shared key without risk of disclosure of their biometrics. Thus, they can unlock the fuzzy vault cooperatively. The security of our scheme is based on the security of the classic fuzzy vault scheme, one-way hash function and the discrete logarithm problem in a given finite group.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.11
• /
• pp.5674-5691
• /
• 2016

Fast IDentity Online(FIDO) supports biometric authentications in an online environment without transmitting biometric templates over the network. For a given FIDO client, the "Fuzzy Vault" securely stores biometric templates, houses additional biometric templates, and unlocks private keys via biometrics. The Fuzzy Vault has been extensively researched and some vulnerabilities have been discovered, such as brute force, correlation, and key inversions attacks. In this paper, we propose a simple fingerprint Fuzzy Vault for FIDO clients. By using the FIDO feature, a simple minutiae alignment, and point-to-point matching, our Fuzzy Vault provides a secure algorithm to combat a variety of attacks, such as brute force, correlation, and key inversions. Using a case study, we verified our Fuzzy Vault by using a publicly available fingerprint database. The results of our experiments show that the Genuine Acceptance Rate and the False Acceptance Rate range from 48.89% to 80% and from 0.02% to 0%, respectively. In addition, our Fuzzy Vault, compared to existing similar technologies, needed fewer attempts.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.10
• /
• pp.1783-1798
• /
• 2011

Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems, and some implementations for fingerprint have been reported to protect the stored fingerprint template by hiding the fingerprint features. In this paper, we implement the fuzzy fingerprint vault, combining fingerprint verification and fuzzy vault scheme to protect fingerprint templates. To implement the fuzzy fingerprint vault as a complete system, we have to consider several practical issues such as automatic fingerprint alignment, verification accuracy, execution time, error correcting code, etc. In addition, to protect the fuzzy fingerprint vault from the correlation attack, we propose an approach to insert chaffs in a structured way such that distinguishing the fingerprint minutiae and the chaff points obtained from two applications is computationally hard. Based on the experimental results, we confirm that the proposed approach provides higher security than inserting chaffs randomly without a significant degradation of the verification accuracy, and our implementation can be used for real applications.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2221-2234
• /
• 2011

The fuzzy vault scheme has emerged as a promising solution to user privacy and fingerprint template security problems. Recently, however, the fuzzy vault scheme has been shown to be susceptible to a correlation attack. This paper proposes a novel scheme for one-time templates for fingerprint authentication based on the fuzzy vault scheme. As in one-time passwords, the suggested method changes templates after each completion of authentication, and thus the compromised templates cannot be reused. Furthermore, a huge number of chaff minutiae can be added by expanding the size of the fingerprint image. Therefore, the proposed method can protect a user's fingerprint minutiae against the correlation attack. In our experiments, the proposed approach can improve the security level of a typical approach against brute-force attack by the factor of $10^{34}$.

• Proceedings of the IEEK Conference
• /
• 2006.06a
• /
• pp.321-322
• /
• 2006

In this paper, we propose a method that extracts invariant iris codes from user's iris pattern in order to apply these codes to a new cryptographic construct called fuzzy vault. The fuzzy vault, proposed by Juels and Sudan, has been used to manage cryptographic key safely by merging with biometrics. Generally, iris data has intra-variation of iris pattern according to sensed environmental changes, but cryptography requires correctness. Therefore, to combine iris data and fuzzy vault, we have to extract an invariant iris feature from iris pattern. In this paper, we obtain invariant iris codes by clustering iris features extracted by independent component analysis(ICA) transform. From experimental results, we proved that the iris codes extracted by our method are invariant to sensed environmental changes and can be used in fuzzy vault.

• Proceedings of the IEEK Conference
• /
• 2007.07a
• /
• pp.241-242
• /
• 2007

In this paper, we propose a fuzzy vault system using iris data. The fuzzy vault, proposed by Juels and Sudan, has been used to protect cryptographic key with biometric information. In order to combine the fuzzy vault scheme with iris data, we used iris features extracted by ICA method and clustering technique. From our experimental results, we proved that the propose fuzzy vault system is robust to sensed environmental change.

• International Journal of Fuzzy Logic and Intelligent Systems
• /
• v.11 no.4
• /
• pp.286-292
• /
• 2011

Biometrics systems are used in a wide range of areas, including the area of crime prevention, due to their unique characteristics. However, serious problems can occur if biometric information is disclosed to an unauthorized user. To address these issues, this paper proposes a real valued fuzzy vault method, which adopts a real number error correction code to implement a fuzzy vault scheme for protecting fingerprint temples. The proposed method provides the benefit of allowing the private key value to be changed at any time, unlike biometric template such as a fingerprint, which is not easily renewable even if its security has been breached. The validity of the proposed method is verified for fingerprint verification.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.123-132
• /
• 2006

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. To protect the biometric data, we need to store it in a non-invertible transformed version. Thus, even if the transformed version is compromised, the actual biometric data remains safe. In this paper, we propose an approach to protect finger-print templates by using the idea of the fuzzy vault. Fuzzy vault is a recently developed cryptographic construct to secure critical data with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint. We modify the fuzzy vault to protect fingerprint templates and to perform fingerprint verification with the protected template at the same time. This is challenging because the fingerprint verification is performed in the domain of the protected form. Based on the experimental results, we confirm that the proposed approach can perform the fingerprint verification with the protected template.

• Journal of Multimedia Information System
• /
• v.3 no.2
• /
• pp.13-20
• /
• 2016

Biometric authentication for account-based mobile payment continues to gain attention because of improvements on sensors that can collect biometric information. We propose an enhanced method for mobile payment security based on biometric authentication. In this mobile payment system, the communication between the user and the relying party is based on public key infrastructure. This method secures both the key and the biometric template in the user side using fuzzy vault biometric cryptosystems, which is based on non-random chaff point generator. In this paper, we consider an important process for the common fuzzy vault system, that is, the feature extraction method. We evaluate various feature extraction methods to enhance the accurate performance of the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.2
• /
• pp.301-314
• /
• 2016

Juels and Sudan's fuzzy vault scheme has been applied to various researches due to its error-tolerance property. However, the fuzzy vault scheme does not consider the difference between people's preferences, even though the authors instantiated movie lover' case in their paper. On the other hand, to make secure and high performance face authentication system, Nyang and Lee introduced a face authentication system, so-called fuzzy face vault, that has a specially designed association structure between face features and ordinary fuzzy vault in order to let each face feature have different weight. However, because of optimizing intra/inter class difference of underlying feature extraction methods, we can easily expect that the face authentication system does not successfully decrease the face authentication failure. In this paper, for ensuring the flexible use of the fuzzy vault scheme, we introduce the bucket structure, which differently implements the weighting idea of Nyang and Lee's face authentication system, and three distribution functions, which formalize the relation between user's weight of preferences and system implementation. In addition, we suggest a matchmaker scheme based on them and confirm its computational performance through the movie database.