Enhance fuzzy vault security using nonrandom chaff point generator

Abstract

Toward the combination of cryptographic and biometric systems, by performing specific binding technique on cryptographic key and biometric template, the fuzzy vault framework enhances security level of current biometric cryptographic systems in terms of hiding secret key and protecting the template. Though original scheme suggests the use of error-correction techniques (e.g., Reed-Solomon code) to reconstruct the original polynomial, recent implementations do not share the same point of view. Instead, Cyclic Redundant Code (CRC) is applied to identify the genuine polynomial from set of candidates due to its simplicity. Within the scope of this article, we address a significant flaw of current CRC-based fuzzy vault schemes, which allows the potential of successful blend substitutions attack. To overcome that problem, an integration of two novel modules into general fuzzy vault scheme, namely chaff points generator and verifier, are proposed. The new modules are designed to be integrated easily into existing systems as well as simple to enhance. The proposed scheme can detect any modification in vault and, as a result, eliminate the blend substitutions attack to improve general security. Moreover, our experimental results with real-world datasets show an increasing of Genuine Acceptance Rates (GAR).