| Presentation | 2013-12-11 Another Vulnerability in a Cancelable Biometrics Authentication Scheme Tetsuya IZU, Yumi SAKEMI, Masahiko TAKENAKA, Naoya TORII, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Biometric authentication attracts much attention because of the reuse problem of IDs and passwords. In 2012, Hattori et al. proposed a cancelable biometric authentication scheme based on the homomorphic public-key cryptosystems. Then, Hirano et al. showed the replay attack against the scheme by Hattori et al., and also proposed two revised authentication schemes resistant to the replay attack. Since the provable security is showed on these authentication schemes, they establish both high security and availability as an authentication scheme. This article evaluates the security of these biometric authentication schemes. In fact, we show that a malicious authentication server is able to recover the original feature vector (biometric information) from the encrypted feature vector stored in the authentication server by using the decryption center as a decision oracle. The proposed attack is applicable if the feature vector is represented by a binary coding or a multi-level coding. We also consider possible countermeasures against the proposed recovery attack, and especially, the countermeasure is proposed when the binary coding is used. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Cancelable biometric authentication / homomorphic encryption / attack / feature vector / recovery / oracle |
| Paper # | ISEC2013-79 |
| Date of Issue |
| Conference Information | |
| Committee | ISEC |
|---|---|
| Conference Date | 2013/12/4(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Security (ISEC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Another Vulnerability in a Cancelable Biometrics Authentication Scheme |
| Sub Title (in English) | |
| Keyword(1) | Cancelable biometric authentication |
| Keyword(2) | homomorphic encryption |
| Keyword(3) | attack |
| Keyword(4) | feature vector |
| Keyword(5) | recovery |
| Keyword(6) | oracle |
| 1st Author's Name | Tetsuya IZU |
| 1st Author's Affiliation | FUJITSU Laboratories of Europe Limited() |
| 2nd Author's Name | Yumi SAKEMI |
| 2nd Author's Affiliation | FUJITSU Laboratories Ltd. |
| 3rd Author's Name | Masahiko TAKENAKA |
| 3rd Author's Affiliation | FUJITSU Laboratories Ltd. |
| 4th Author's Name | Naoya TORII |
| 4th Author's Affiliation | FUJITSU Laboratories Ltd. |
| Date | 2013-12-11 |
| Paper # | ISEC2013-79 |
| Volume (vol) | vol.113 |
| Number (no) | 342 |
| Page | pp.pp.- |
| #Pages | 7 |
| Date of Issue | |