Biometric authentication systems use unique biological traits to verify identities securely. Cryptographic methods such as the Fuzzy Vault provide error-tolerant protection for biometric data by transforming raw templates into unordered sets. However, deviations from the uniform distribution assumed in its design expose vulnerabilities to attacks exploiting statistical biases. This study extends our previous work by analyzing the impact of biases and proposing a refined single-factor countermeasure that aligns with the original scheme structure. Key contributions include introducing a distance measure for biometric sets to optimize error correction parameters, formalizing attacker models for various scenarios, and using simplified datasets to examine bias effects. Real biometric sets are also analyzed, and FAR/FRR graphs are presented to validate the mitigation strategy, which uses a quantile-based approach to reduce bias exploitation without adding external factors. Our results reveal that statistical biases significantly weaken the Fuzzy Vault, but the proposed countermeasure enhances security while preserving its usability and single-factor design, ensuring compliance with the scheme’s foundational principles.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Strengthening Biometric Fuzzy Vault Against Statistical Bias Exploitation

  • Sara Majbour,
  • Morgan Barbier,
  • Jean-Marie Le Bars

摘要

Biometric authentication systems use unique biological traits to verify identities securely. Cryptographic methods such as the Fuzzy Vault provide error-tolerant protection for biometric data by transforming raw templates into unordered sets. However, deviations from the uniform distribution assumed in its design expose vulnerabilities to attacks exploiting statistical biases. This study extends our previous work by analyzing the impact of biases and proposing a refined single-factor countermeasure that aligns with the original scheme structure. Key contributions include introducing a distance measure for biometric sets to optimize error correction parameters, formalizing attacker models for various scenarios, and using simplified datasets to examine bias effects. Real biometric sets are also analyzed, and FAR/FRR graphs are presented to validate the mitigation strategy, which uses a quantile-based approach to reduce bias exploitation without adding external factors. Our results reveal that statistical biases significantly weaken the Fuzzy Vault, but the proposed countermeasure enhances security while preserving its usability and single-factor design, ensuring compliance with the scheme’s foundational principles.