The vulnerabilities analysis of fuzzy vault using password

Sumin Hong; Woongryul Jeon; Seungjoo Kim; Dongho Won; Choonsik Park

doi:10.1109/FGCN.2008.211

The vulnerabilities analysis of fuzzy vault using password

Sumin Hong, Woongryul Jeon, Seungjoo Kim, Dongho Won, Choonsik Park

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

13 Citations (Scopus)

Abstract

Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.

Original language	English
Title of host publication	Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008
Subtitle of host publication	2008 International Conference on Bio-Science and Bio-Technology
Pages	76-83
Number of pages	8
DOIs	https://doi.org/10.1109/FGCN.2008.211
Publication status	Published - 2008
Externally published	Yes
Event	2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 - Hainan Island, China Duration: 2008 Dec 13 → 2008 Dec 15

Publication series

Name	Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology
Volume	3

Other

Other	2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008
Country	China
City	Hainan Island
Period	08/12/13 → 08/12/15

ASJC Scopus subject areas

Biotechnology
Computer Networks and Communications
Electrical and Electronic Engineering

Access to Document

10.1109/FGCN.2008.211

Fingerprint Dive into the research topics of 'The vulnerabilities analysis of fuzzy vault using password'. Together they form a unique fingerprint.

Cite this

Hong, S., Jeon, W., Kim, S., Won, D., & Park, C. (2008). The vulnerabilities analysis of fuzzy vault using password. In Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology (pp. 76-83). [4734284] (Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology; Vol. 3). https://doi.org/10.1109/FGCN.2008.211

The vulnerabilities analysis of fuzzy vault using password. / Hong, Sumin; Jeon, Woongryul; Kim, Seungjoo; Won, Dongho; Park, Choonsik.

Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. 2008. p. 76-83 4734284 (Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology; Vol. 3).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hong, S, Jeon, W, Kim, S, Won, D & Park, C 2008, The vulnerabilities analysis of fuzzy vault using password. in Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology., 4734284, Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology, vol. 3, pp. 76-83, 2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008, Hainan Island, China, 08/12/13. https://doi.org/10.1109/FGCN.2008.211

Hong S, Jeon W, Kim S, Won D, Park C. The vulnerabilities analysis of fuzzy vault using password. In Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. 2008. p. 76-83. 4734284. (Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology). https://doi.org/10.1109/FGCN.2008.211

Hong, Sumin ; Jeon, Woongryul ; Kim, Seungjoo ; Won, Dongho ; Park, Choonsik. / The vulnerabilities analysis of fuzzy vault using password. Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. 2008. pp. 76-83 (Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology).

@inproceedings{b41863c4131247f5bd12c647a958908d,

title = "The vulnerabilities analysis of fuzzy vault using password",

abstract = "Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.",

author = "Sumin Hong and Woongryul Jeon and Seungjoo Kim and Dongho Won and Choonsik Park",

year = "2008",

doi = "10.1109/FGCN.2008.211",

language = "English",

isbn = "9780769534312",

series = "Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology",

pages = "76--83",

booktitle = "Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008",

note = "2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 ; Conference date: 13-12-2008 Through 15-12-2008",

}

TY - GEN

T1 - The vulnerabilities analysis of fuzzy vault using password

AU - Hong, Sumin

AU - Jeon, Woongryul

AU - Kim, Seungjoo

AU - Won, Dongho

AU - Park, Choonsik

PY - 2008

Y1 - 2008

N2 - Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.

AB - Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.

UR - http://www.scopus.com/inward/record.url?scp=62449119408&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=62449119408&partnerID=8YFLogxK

U2 - 10.1109/FGCN.2008.211

DO - 10.1109/FGCN.2008.211

M3 - Conference contribution

AN - SCOPUS:62449119408

SN - 9780769534312

T3 - Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology

SP - 76

EP - 83

BT - Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008

T2 - 2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008

Y2 - 13 December 2008 through 15 December 2008

ER -