Fuzzy Stuff

1
Fuzzy Stuff

• 6.857 Lecture 24, 2006

2
Outline

• Motivation Biometric Architectures
• New Tool (for us) Error Correcting Codes
• Fuzzy Vaults
• Fuzzy Commitments
• Fuzzy Extractors

3
Biometrics via

• Individual anatomy/physiology
• Hand geometry
• fingerprint
• Ingrained skill/behavioral characteristic
• Handwritten signature
• Combination
• Voice
• Body Odor

4
Biometric Architectures
5
Registration

• Analyze to get set of features characterizing the
  biometric
• (generally known as templates, or in the
  fingerprint case, minutiae).

6
Questions (Discuss!)

• How is the template protected?
• How are passwords protected?
• Where is the match performed?
• Server side
• Client side
• On device
• How is the match performed?

7
Lets think

• HASH!
• ENCRYPT!
• SS!
• ECC! (???)
• Error Correcting Codes

8
ECCs- Error Correcting Codes
9
ECCs

• Noisy medium, probability p that any bit will be
  flipped.
• How to improve reliability?
• E.g. repetition codes
• Encoding repeat each bit of message d (odd)
  times to get codeword
• Send over medium
• Decoding take majority vote to decode (garbled)
  codeword back into message
• Resilient against (d-1)/2 errors

10
ECCs
11
E.g. Reed Solomon codes

• Invented in the 60s at the Lincoln Lab
• Used in CD/DVDs
• Can be viewed as a general, error-tolerant form
  of SSS.

12
Fuzzy Vaults Goal

• Alice places a secret S in a vault and locks it
  using an unordered set A (e.g. minutiae of
  fingerprint)
• Bob uses an unordered set B to unlock the vault
  (and thus access S) successful iff B and A
  overlap substantially.

13
Fuzzy Vaults How

• Locking the vault
• Alice selects poly p(x), encoding S
• Computes poly projections p(A)
• Adds randomly gen-ed chaff points to get point
  set R
• Unlocking the vault
• Bob uses his own set B
• If B and A are similar, many points of R will lie
  on p
• Using error correction, he can reconstruct p and
  hence S.
• Security information theoretical

14
So

• Fingerprint features not stored in clear
• .. but in fuzzy vaults
• .. which can be stored in some directory and
  unlocked on client

15
FV pros

• Provable security characterization
• No need for
• Server
• Device
• All the benefits of secure, client side match.

16
Where to buy?

• Still a research concept (RSA Labs/MIT/..)
• Validated in early prototype

17
Other Fuzzy Vault Applications

• Privacy protected similar interests matching
• Personal entropy systems

18
Fuzzy Commitment Scheme

• Let F some field, C set of codewords for
  some ECC. Say codewords lie in F n. Say that we
  have RO, h.
• To commit to x in F n, c ?R F n, d ? c-x.
  commitment (d,h(c))
• To decommit using x, compute dx, and try to
  decode to nearest codeword c.

19
Fuzzy Extractors

• Turn noisy information into keys usable for any
  cryptographic application
• Reliably and securely authenticate biometric data
• Applies to any keying material that (unlike
  traditional crypto keys) is
• Not reproducible precisely
• Not distributed randomly

20
References

• Security Engineering, Chapter 13, by Ross
  Anderson.
• A Fuzzy Vault Scheme, by A. Juels and M. Sudan.
• Fuzzy Vault for Fingerprints, by U. Uludag, S.
  Pankanti, A. K. Jain.
• Fuzzy Extractors How to Generate Strong Keys
  from Biometrics and Other Noisy Data, by Y.
  Dodis, R. Ostrovsky, L. Reyzin and A. Smith.
• And their presentation versions