The vulnerabilities analysis of fuzzy vault using password

Sumin Hong, Woongryul Jeon, Seung-Joo Kim, Dongho Won, Choonsik Park

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.

Original languageEnglish
Title of host publicationProceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology
Pages76-83
Number of pages8
Volume3
DOIs
Publication statusPublished - 2008 Dec 1
Externally publishedYes
Event2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 - Hainan Island, China
Duration: 2008 Dec 132008 Dec 15

Other

Other2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008
CountryChina
CityHainan Island
Period08/12/1308/12/15

Fingerprint

Dermatoglyphics
Hardening

ASJC Scopus subject areas

  • Biotechnology
  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Cite this

Hong, S., Jeon, W., Kim, S-J., Won, D., & Park, C. (2008). The vulnerabilities analysis of fuzzy vault using password. In Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology (Vol. 3, pp. 76-83). [4734284] https://doi.org/10.1109/FGCN.2008.211

The vulnerabilities analysis of fuzzy vault using password. / Hong, Sumin; Jeon, Woongryul; Kim, Seung-Joo; Won, Dongho; Park, Choonsik.

Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. Vol. 3 2008. p. 76-83 4734284.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Hong, S, Jeon, W, Kim, S-J, Won, D & Park, C 2008, The vulnerabilities analysis of fuzzy vault using password. in Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. vol. 3, 4734284, pp. 76-83, 2008 International Conference on Bio-Science and Bio-Technology, BSBT 2008, held in conjunction with 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008, Hainan Island, China, 08/12/13. https://doi.org/10.1109/FGCN.2008.211
Hong S, Jeon W, Kim S-J, Won D, Park C. The vulnerabilities analysis of fuzzy vault using password. In Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. Vol. 3. 2008. p. 76-83. 4734284 https://doi.org/10.1109/FGCN.2008.211
Hong, Sumin ; Jeon, Woongryul ; Kim, Seung-Joo ; Won, Dongho ; Park, Choonsik. / The vulnerabilities analysis of fuzzy vault using password. Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology. Vol. 3 2008. pp. 76-83
@inproceedings{b41863c4131247f5bd12c647a958908d,
title = "The vulnerabilities analysis of fuzzy vault using password",
abstract = "Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.",
author = "Sumin Hong and Woongryul Jeon and Seung-Joo Kim and Dongho Won and Choonsik Park",
year = "2008",
month = "12",
day = "1",
doi = "10.1109/FGCN.2008.211",
language = "English",
isbn = "9780769534312",
volume = "3",
pages = "76--83",
booktitle = "Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology",

}

TY - GEN

T1 - The vulnerabilities analysis of fuzzy vault using password

AU - Hong, Sumin

AU - Jeon, Woongryul

AU - Kim, Seung-Joo

AU - Won, Dongho

AU - Park, Choonsik

PY - 2008/12/1

Y1 - 2008/12/1

N2 - Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.

AB - Fingerprint is immutable and unchangeable. Thus, if it is disclosed, owner of fingerprint cannot use his fingerprint any longer. Fuzzy vault is a cryptographic framework that makes secure template storage to bind the template with a uniformly random key. In order to keep fuzzy vault secure, various schemes are studied using special data like password. K. Nandakumar proposed a scheme for hardening a fingerprint minutiae-based fuzzy vault using password. However, that scheme has vulnerabilities against several attacks. In this paper, we analyze vulnerabilities of K. Nandakumar 's scheme and propose a new scheme which is secure against various attacks to fuzzy vaults.

UR - http://www.scopus.com/inward/record.url?scp=62449119408&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=62449119408&partnerID=8YFLogxK

U2 - 10.1109/FGCN.2008.211

DO - 10.1109/FGCN.2008.211

M3 - Conference contribution

SN - 9780769534312

VL - 3

SP - 76

EP - 83

BT - Proceedings of the 2008 2nd International Conference on Future Generation Communication and Networking, FGCN 2008 and BSBT 2008: 2008 International Conference on Bio-Science and Bio-Technology

ER -