Bilkent University
Department of Computer Engineering


Security in Fuzzy Vault Schemes


Cengiz Örencik
Computer Science & Engineering
Sabanci University

Fuzzy vault is a well-known technique used in biometric authentication applications which is based on Shamir’s secret sharing. There are a number of previously proposed attacks on fuzzy vaults, and in this talk I’ll briefly review these attacks and present solutions which strengthen the security of fuzzy vaults against these attacks. In the first part of my talk, I will explain how the fuzzy vault scheme works. Later, I will present a novel method for chaff point creation that decreases the success rate of the “brute force attack” from 100% to less than 3.3%, and also present a special hash function that allows us to perform matching in the hash space which protects the biometric information against the “correlation attack”. I will also briefly mention the security analysis of this hash function and present the test results of false accept and false reject rates in different settings. ghtweight and decentralized implementation of this transactional framework by exploiting the properties of the wireless broadcast communication.

Bio:Cengiz Örencik is a PhD student of Computer Science and Engineering at Sabanci University. He received his MS and BS in Computer Science from Sabanci University in 2008 and 2006, respectively. His research interests include biometric security, cryptography and error correction codes.


DATE: 18 December, 2008, Thursday@ 11:40