Statistical Attack Against Iris-Biometric Fuzzy Commitment Schemes
Abstract
The fuzzy commitment scheme has been leveraged as a means of biometric template protection. Binary templates are replaced by helper data which assist the retrieval of cryptographic keys. Biometric variance is overcome by means of error correction while authentication is performed indirectly by verifying key validities. A statistical attack against the fuzzy commitment scheme is presented. Comparisons of different pairs of binary biometric feature vectors yield binomial distributions, with standard deviations bounded by the entropy of biometric templates. In case error correction consists of a series of chunks helper data becomes vulnerable to statistical attacks. Error correction codewords are bound to separate parts of a binary template among which biometric entropy is dispersed. As a consequence, chunks of the helper data are prone to statistical significant false acceptance. In experiments the proposed attack is applied to different iris-biometric fuzzy commitment schemes retrieving cryptographic keys at alarming low effort.
Cite
Text
Rathgeb and Uhl. "Statistical Attack Against Iris-Biometric Fuzzy Commitment Schemes." IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2011. doi:10.1109/CVPRW.2011.5981720Markdown
[Rathgeb and Uhl. "Statistical Attack Against Iris-Biometric Fuzzy Commitment Schemes." IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops, 2011.](https://mlanthology.org/cvprw/2011/rathgeb2011cvprw-statistical/) doi:10.1109/CVPRW.2011.5981720BibTeX
@inproceedings{rathgeb2011cvprw-statistical,
title = {{Statistical Attack Against Iris-Biometric Fuzzy Commitment Schemes}},
author = {Rathgeb, Christian and Uhl, Andreas},
booktitle = {IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops},
year = {2011},
pages = {23-30},
doi = {10.1109/CVPRW.2011.5981720},
url = {https://mlanthology.org/cvprw/2011/rathgeb2011cvprw-statistical/}
}