Recovering Attacks Against Linear Sketch in Fuzzy Signature Schemes of ACNS 2015 and 2016

Yasuda, Masaya; Shimoyama, Takeshi; Takenaka, Masahiko; Abe, Narishige; Yamada, Shigefumi; Yamaguchi, Junpei

doi:10.1007/978-3-319-72359-4_24

Cited by 6 publications

(6 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, the security proof for the linear sketch scheme S CRT is entirely renewed from the one we had in [33] (which is partly also due to the next item). -As mentioned earlier, in our earlier papers [19,33], we left the treatment of real numbers in the constructions of our fuzzy signature schemes and linear sketch schemes somewhat ambiguous (and it was pointed out by Yasuda et al [39] that our linear sketch schemes could be vulnerable to so-called "recovering attacks," if real numbers are improperly treated). In this paper, we clarify the treatment of real numbers in the "On the Treatment of Real Numbers" paragraph in the beginning of Sect.…”

Section: Relation To Earlier Versionsmentioning

confidence: 99%

“…Hence, if furthermore GCD(2 λ , w i ) = 1, we can recover s i from c i by computing s i = (2 λ · c i ) · (2 λ ) −1 mod w i , from which we can also recover x i . (Yasuda et al [39] pointed out recovering attacks of this kind. )…”

Section: Concrete Linear Sketchmentioning

confidence: 99%

“…We remark that as in our first linear sketch scheme S CRT proposed in Sect. 6.3, if the rounding-down operation were not performed after multiplication T · x in the computation of Sketch ( pp, s, x), then a hypothetical recovering attack (that recovers x and s from a sketch c) could work [39]. However, due to our treatment of real numbers, if x is distributed as required in the fuzzy key setting F 2 (specified in Sect.…”

Section: Concrete Linear Sketchmentioning

confidence: 99%

See 2 more Smart Citations

Signature schemes with a fuzzy private key

Takahashi

Matsuda

Murakami

et al. 2019

Int. J. Inf. Secur.

View full text Add to dashboard Cite

In this paper, we introduce a new concept of digital signature that we call fuzzy signature, which is a signature scheme that uses a noisy string such as biometric data as a private key, but does not require user-specific auxiliary data (which is also called a helper string in the context of fuzzy extractors), for generating a signature. Our technical contributions are threefold:(1) we first give the formal definition of fuzzy signature, together with a formal definition of a "setting" that specifies some necessary information for fuzzy data. (2) We give a generic construction of a fuzzy signature scheme based on a signature scheme that has certain homomorphic properties regarding keys and satisfies a kind of related key attack security with respect to addition, and a new tool that we call linear sketch. (3) We specify two concrete settings for fuzzy data, and for each of the settings give a concrete instantiation of these building blocks for our generic construction, leading to two concrete fuzzy signature schemes. We also discuss how fuzzy signature schemes can be used to realize a biometric-based PKI that uses biometric data itself as a cryptographic key, which we call the public biometric infrastructure.

show abstract

Section: Relation To Earlier Versionsmentioning

confidence: 99%

Section: Concrete Linear Sketchmentioning

confidence: 99%

Section: Concrete Linear Sketchmentioning

confidence: 99%

See 1 more Smart Citation

Signature schemes with a fuzzy private key

Takahashi

Matsuda

Murakami

et al. 2019

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…Moreover, the fuzzy signature scheme proposed in [11], [12] does not guarantee the privacy of the user. The user's biometric data can be directly recovered from the public verification key or signature, as shown in [13].…”

Section: Related Workmentioning

confidence: 99%

Fuzzy Vector Signature and Its Application to Privacy-Preserving Authentication

et al. 2019

View full text Add to dashboard Cite

Fuzzy authentication uses non-deterministic or noisy data, like biometrics, as an authentication factor. Although the data is extracted from the same individual or source, it can be different for each measurement. As a result, one of the main issues in fuzzy authentication is the effective processing of the fuzziness, while guaranteeing the privacy of the fuzzy data. Biometric data is a typical user-generated fuzzy data and the fuzzy extractor is one of the most promising primitives for biometric authentication these days. In 2016, Canetti et al. proposed the reusable fuzzy extractor, in which multiple keys can be generated with the same biometric data. It can also handle some outliers which occur unexpectedly (owing to an external interference when acquiring the fuzzy data, for example, the presence of dust on a fingerprint image). However, the size of the user's helper data in the reusable fuzzy extractor is quite large. This makes the network bandwidth usage required in the online authentication phase (or the storage required on the user side) considerable, which inconveniences the user. In this paper, we present a new primitive for fuzzy authentication, called a fuzzy vector signature (FVS) scheme, which significantly alleviates the burden on the user side. This means that the network bandwidth usage (or the amount of storage required on the user side) is significantly reduced. The proposed FVS scheme is reusable and robust to outliers as well. Finally, we provide a privacy-preserving fuzzy authentication protocol based on the FVS scheme.

show abstract

“…The concept of fuzzy signature was first proposed by Takahashi et al in [39] and has since been improved by relaxing the requirements for construction or increasing efficiency [40]. However, all the fuzzy signature schemes proposed so far are not robust since the user's biometric data can be directly recovered from the (public) verification key or signature [41].…”

Section: Related Workmentioning

confidence: 99%

Construction of a New Biometric-Based Key Derivation Function and Its Application

Seo

Park

Kim

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Biometric data is user-identifiable and therefore methods to use biometrics for authentication have been widely researched. Biometric cryptosystems allow for a user to derive a cryptographic key from noisy biometric data and perform a cryptographic task for authentication or encryption. The fuzzy extractor is known as a prominent biometric cryptosystem. However, the fuzzy extractor has a drawback in that a user is required to store user-specific helper data or receive it online from the server with additional trusted channel, to derive a correct key. In this paper, we present a new biometric-based key derivation function (BB-KDF) to address the issues. In our BB-KDF, users are able to derive cryptographic keys solely from their own biometric data: users do not need any other user-specific helper information. We introduce a security model for the BB-KDF. We then construct the BB-KDF and prove its security in our security model. We then propose an authentication protocol based on the BB-KDF. Finally, we give experimental results to analyze the performance of the BB-KDF. We show that our proposed BB-KDF is computationally efficient and can be deployed on many different kinds of devices.

show abstract

Recovering Attacks Against Linear Sketch in Fuzzy Signature Schemes of ACNS 2015 and 2016

Cited by 6 publications

References 11 publications

Signature schemes with a fuzzy private key

Signature schemes with a fuzzy private key

Fuzzy Vector Signature and Its Application to Privacy-Preserving Authentication

Construction of a New Biometric-Based Key Derivation Function and Its Application

Contact Info

Product

Resources

About