Sample Recoverable Fuzzy Extractors

Abstract

To realize online biometric authentication systems with both of protection and utilization of biometric data, we propose a novel primitive called “Sample Recoverable Fuzzy Extractors (SRFEs).” Conventionally, Biometric Template Protection (BTP) is studied as an approach for preventing biometric data from leakage. An important requirement of BTP is that it is difficult to recover biometric data from the stored data, which is called irreversibility, and fuzzy extractors are known as one of promising primitives for realizing BTP. On the other hand, in some cases, it is desired that the system can utilize biometric samples such as images having captured during past enrollment and authentication processes. For example, when the authentication accuracy of a specific user is low, samples of past processes are helpful clue for investigation of a cause. Also, they can be used for multi-sample fusion to improve accuracy in a biometric template update, and for post verification of past processes. To enable utilization of past biometric samples for such various situations while protecting the biometric data, we define a SRFE as a primitive satisfying the following two properties: (i) It can recover the secret key along with samples of past enrollment and authentication processes from the stored data and a feature which can succeed in the authentication. (ii) It is computationally difficult to recover the secret key from the stored data. We give a construction based on a fuzzy extractor and a symmetric encryption scheme satisfying a kind of key dependent message security. By using a SRFE, we realize a protocol of an online biometric authentication system which satisfies irreversibility while the past biometric samples can be recovered from the stored data with a help of the genuine user.