Computer Science Colloquium
Basing Cryptography on Biometrics and Other Noisy Data
Friday, September 17, 2004 11:30 A.M.
Room 1302 Warren Weaver Hall
251 Mercer Street
New York, NY 10012-1185
Colloquium Information: http://cs.nyu.edu/csweb/Calendar/colloquium/index.html
Victor Shoup firstname.lastname@example.org, (212) 998-3511
We provide formal definitions and efficient secure
-- turning biometric information into keys usable for any
cryptographic application, and
-- reliably and securely authenticating biometric data.
Our techniques apply not just to biometric information, but to any
keying material that, unlike traditional cryptographic keys, is (1)
not reproducible precisely and (2) not distributed uniformly. We
propose two new primitives. A *fuzzy extractor* extracts nearly
uniform randomness R from its biometric input; the extraction is
error-tolerant in the sense that R will be the same even if the input
changes, as long as it remains reasonably close to the original. Thus,
R can be used as a key in any cryptographic application. A *secure
sketch* produces public information about its biometric input w that
does not reveal w, and yet allows exact recovery of w given another
value that is close to w. Thus, it can be used to reliably reproduce
error-prone biometric inputs without incurring the security risk
inherent in storing them.
In addition to formally introducing our new primitives, we provide
nearly optimal constructions of both primitives for various measures
of "closeness" of input data, such as Hamming distance, edit metric,
permutation distance and set difference.
If time permits, some follow-up work will be mentioned. The talk will
be introdyuctory and self-contained. Original paper can be found at
| contact email@example.com