By Topic

Information Leakage in Fuzzy Commitment Schemes

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Ignatenko, T. ; Dept. of Electr. Eng., Eindhoven Univ. of Technol., Eindhoven, Netherlands ; Willems, F.M.J.

In 1999, Juels and Wattenberg introduced the fuzzy commitment scheme. This scheme is a particular realization of a binary biometric secrecy system with chosen secret keys. It became a popular technique for designing biometric secrecy systems, since it is convenient and easy to implement using standard error-correcting codes. This paper investigates privacy- and secrecy-leakage in fuzzy commitment schemes. The analysis is carried out for four cases of biometric data statistics, i.e., memoryless totally symmetric, memoryless input-symmetric, memoryless, and stationary ergodic. First, the achievable regions are determined for the cases when data statistics are memoryless totally symmetric and memoryless input-symmetric. For the general memoryless and stationary ergodic cases, only outer bounds for the achievable rate-leakage regions are provided. These bounds, however, are sharpened for systematic parity-check codes. Given the achievable regions (bounds), the optimality of fuzzy commitment is assessed. The analysis shows that fuzzy commitment is only optimal for the memoryless totally symmetric case if the scheme operates at the maximum secret-key rate. Moreover, it is demonstrated that for the general memoryless and stationary ergodic cases, the scheme leaks information on both the secret and biometric data.

Published in:

Information Forensics and Security, IEEE Transactions on  (Volume:5 ,  Issue: 2 )
Biometrics Compendium, IEEE