Cryptanalysis of Cancelable Biometrics Vault

• URL: http://arxiv.org/abs/2501.05786v1
• Date: Fri, 10 Jan 2025 08:36:59 GMT
• Title: Cryptanalysis of Cancelable Biometrics Vault
• Authors: Patrick Lacharme, Kevin Thiry-Atighehchi,
• Abstract summary: Cancelable Biometrics (CB) stands for a range of biometric transformation schemes combining biometrics with user specific tokens to generate secure templates. In biometrics, a key-binding scheme is used for protecting a cryptographic key using a biometric data. Our cryptanalysis introduces a new perspective by uncovering the CBV scheme's revocability and linkability vulnerabilities.
• Score: 0.552480439325792
• License:
• Abstract: Cancelable Biometrics (CB) stands for a range of biometric transformation schemes combining biometrics with user specific tokens to generate secure templates. Required properties are the irreversibility, unlikability and recognition accuracy of templates while making their revocation possible. In biometrics, a key-binding scheme is used for protecting a cryptographic key using a biometric data. The key can be recomputed only if a correct biometric data is acquired during authentication. Applications of key-binding schemes are typically disk encryption, where the cryptographic key is used to encrypt and decrypt the disk. In this paper, we cryptanalyze a recent key-binding scheme, called Cancelable Biometrics Vault (CBV) based on cancelable biometrics. More precisely, the introduced cancelable transformation, called BioEncoding scheme, for instantiating the CBV framework is attacked in terms of reversibility and linkability of templates. Subsequently, our linkability attack enables to recover the key in the vault without additional assumptions. Our cryptanalysis introduces a new perspective by uncovering the CBV scheme's revocability and linkability vulnerabilities, which were not previously identified in comparable biometric-based key-binding schemes.

Related papers

• Cryptanalysis via Machine Learning Based Information Theoretic Metrics [58.96805474751668]
  We propose two novel applications of machine learning (ML) algorithms to perform cryptanalysis on any cryptosystem. These algorithms can be readily applied in an audit setting to evaluate the robustness of a cryptosystem. We show that our classification model correctly identifies the encryption schemes that are not IND-CPA secure, such as DES, RSA, and AES ECB, with high accuracy.
  arXiv  Detail & Related papers  (2025-01-25T04:53:36Z)
• Gradient-based facial encoding for key generation to encrypt and decrypt multimedia data [0.873811641236639]
  Security systems relying on passwords are vulnerable to being forgotten, guessed, or breached. This paper introduces a biocryptosystem utilizing face recognition techniques to address these issues. The proposed system creates a distinct 32-bit encryption key derived from facial features.
  arXiv  Detail & Related papers  (2024-12-09T19:12:17Z)
• Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
  We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC) We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
  arXiv  Detail & Related papers  (2024-02-13T12:12:39Z)
• Publicly-Verifiable Deletion via Target-Collapsing Functions [81.13800728941818]
  We show that targetcollapsing enables publiclyverifiable deletion (PVD) We build on this framework to obtain a variety of primitives supporting publiclyverifiable deletion from weak cryptographic assumptions.
  arXiv  Detail & Related papers  (2023-03-15T15:00:20Z)
• Revocable Cryptography from Learning with Errors [61.470151825577034]
  We build on the no-cloning principle of quantum mechanics and design cryptographic schemes with key-revocation capabilities. We consider schemes where secret keys are represented as quantum states with the guarantee that, once the secret key is successfully revoked from a user, they no longer have the ability to perform the same functionality as before.
  arXiv  Detail & Related papers  (2023-02-28T18:58:11Z)
• OTB-morph: One-Time Biometrics via Morphing [16.23764869038004]
  This paper introduces a new idea to exploit as a transformation function for cancelable biometrics. An experimental implementation of the proposed scheme is given for face biometrics.
  arXiv  Detail & Related papers  (2023-02-17T18:39:40Z)
• Quantum Proofs of Deletion for Learning with Errors [91.3755431537592]
  We construct the first fully homomorphic encryption scheme with certified deletion. Our main technical ingredient is an interactive protocol by which a quantum prover can convince a classical verifier that a sample from the Learning with Errors distribution in the form of a quantum state was deleted.
  arXiv  Detail & Related papers  (2022-03-03T10:07:32Z)
• OTB-morph: One-Time Biometrics via Morphing applied to Face Templates [8.623680649444212]
  This paper introduces a new scheme for cancelable biometrics aimed at protecting the templates against potential attacks. An experimental implementation of the proposed scheme is given for face biometrics.
  arXiv  Detail & Related papers  (2021-11-25T18:35:34Z)
• Authentication Attacks on Projection-based Cancelable Biometric Schemes [0.6499759302108924]
  Cancelable biometric schemes aim at generating secure biometric templates by combining user specific tokens, such as password, stored secret or salt, along with biometric data. The security requirements of cancelable biometric schemes concern the irreversibility, unlinkability and revocability of templates, without losing in accuracy of comparison. In this paper, we formalize these attacks for a traditional cancelable scheme with the help of integer linear programming (ILP) and quadratically constrained quadratic programming (QCQP)
  arXiv  Detail & Related papers  (2021-10-28T14:39:35Z)
• Feature Fusion Methods for Indexing and Retrieval of Biometric Data: Application to Face Recognition with Privacy Protection [15.834050000008878]
  The proposed method reduces the computational workload associated with a biometric identification transaction by 90%. The method guarantees unlinkability, irreversibility, and renewability of the protected biometric data.
  arXiv  Detail & Related papers  (2021-07-27T08:53:29Z)
• Recovering AES Keys with a Deep Cold Boot Attack [91.22679787578438]
  Cold boot attacks inspect the corrupted random access memory soon after the power has been shut down. In this work, we combine a novel cryptographic variant of a deep error correcting code technique with a modified SAT solver scheme to apply the attack on AES keys. Our results show that our methods outperform the state of the art attack methods by a very large margin.
  arXiv  Detail & Related papers  (2021-06-09T07:57:01Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.