In this paper, we propose a novel biometric cryptosystem for vectorial biometrics called symmetric keyring encryption (SKE), inspired by Rivest's keyring model (2016). Unlike conventional biometric secret-binding primitives, such as fuzzy commitment and fuzzy vault approaches, the proposed scheme reframes the biometric secret-binding problem as a fuzzy symmetric encryption problem using a concept called a resilient vector pair. In this study, this pair resembles the encryption–decryption key pair in symmetric key cryptosystems. This scheme is realized using an index of maximum hashed vectors, a special instance of the ranking-based locality-sensitive hashing function. With a simple filtering mechanism and an [m, k] Shamir's secret-sharing scheme, we show that SKE, both in theory and in an empirical evaluation, can retrieve the exact secret with overwhelming probability for a genuine input yet negligible probability for an imposter input. Although SKE can be applied to any vectorial biometrics, we adopt fingerprint and face vectors in this work. Experiments were performed using the Fingerprint Verification Competition (FVC) and Labeled Face in the Wild (LFW) datasets. We formalize and analyze the threat model for SKE, which involves several major security attacks.
Read full abstract