The Fuzzy Vault for Fingerprints is Vulnerable to Brute Force Attack

نویسندگان

  • Preda Mihailescu
  • Axel Munk
  • Benjamin Tams
چکیده

The fuzzy vault approach is one of the best studied and well accepted ideas for binding cryptographic security into biometric authentication. We present in this paper a brute force attack which improves upon the one described by Clancy et. al. [CKL] in an implementation of the vault for fingerprints. On base of this attack, we show that three implementations of the fingerprint vault are vulnerable and show that the vulnerability cannot be avoided by mere parameter selection in the actual frame of the procedure. We also give several suggestions which can improve the fingerprint vault to a cryptographically secure algorithm. In particular, we introduce the idea of fuzzy vault with quiz which draws upon information resources unused by the current version of the vault. This is work in progress, bringing important security improvements and which can be adapted to the other biometric applications of the vault.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A collusion attack on the fuzzy vault scheme

The Fuzzy Vault scheme is an encryption scheme, which can tolerate errors in the keys. This leads to the possibility of enhancing the security in environments where these errors can be common, such as biometrics storage systems. Although several researchers have provided implementations, we find that the scheme is vulnerable to attacks when not properly used. This paper describes an attack on t...

متن کامل

Improved Fuzzy Vault Scheme for Fingerprint Verification

Fuzzy vault is a well-known technique to address the privacy concerns in biometric identification applications. We revisit the fuzzy vault scheme to address implementation, efficiency, and security issues encountered in its realization. We use the fingerprint data as a case study. We compare the performances of two different methods used in the implementation of fuzzy vault, namely brute force ...

متن کامل

Attacks and Countermeasures in Fingerprint Based Biometric Cryptosystems

We investigate implementations of biometric cryptosystems protecting fingerprint templates (which are mostly based on the fuzzy vault scheme by Juels and Sudan in 2002) with respect to the security they provide. We show that attacks taking advantage of the system’s false acceptance rate, i.e. false-accept attacks, pose a very serious risk — even if brute-force attacks are impractical to perform...

متن کامل

Unlinkable minutiae-based fuzzy vault for multiple fingerprints

The fuzzy vault scheme is a cryptographic primitive being considered for storing fingerprint minutiae protected. A well-known problem of the fuzzy vault scheme is its vulnerability against correlation attack -based cross-matching thereby conflicting with the unlinkability requirement and irreversibility requirement of effective biometric information protection. Yet, it has been demonstrated tha...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2009