Data Managerin Dr. Marianne Reibersdorfer-Hirschbichler Contact
Biometric & Cryptography Biometric Cryptosystem Biometrics Biometrics Issues Cryptography FuzzyVault Publication: A Multiple-control Fuzzy Vault

Data Management

  • Data Managerin
    Dr. Marianne Reibersdorfer-Hirschbichler

  • Biometric & Cryptography

  • Biometric Cryptosystem

  • Publication:
    A Multiple-control Fuzzy Vault

  • Contact

    • Cryptography


    Cryptography classically refers almost exclusively to encryption. Encryption is the process of converting ordinary information, the plaintext, into an unreadable, scrambled ciphertext. For this purpose encryption generally requires the use of some secret information, referred to as a secret key.

    In order to recover the plaintext from the incomprehensible ciphertext, the reverse process to encryption, familiar as decryption, is applied.

    As the science of secret writing, cryptography faces the challenge of solving complex mathematical problems. It comprises all algorithmic aspects of security where parties interact without trusting the channels between them or even each other. Within traditional cryptographic schemes one or more keys are employed to convert confidential information to encrypted data. Without the knowledge of the appropriate decrypting keys, the respective conversion of the encrypted format to the initial information is infeasible considering time and cost limitations. This capacity has become essential in securing commercial and government applications, communications, network exchange, payment systems, financial services, access and identification solutions.

    Cryptographic algorithms can be categorized based on the number of secret keys that are employed for encryption and decryption, and further defined by their application and use. The two main types of algorithms are:


    The secret key cryptography is also called symmetric key encryption, as sender and receiver are using the same single key for encrypting and decrypting the message. In other words, the sender uses the key to encrypt the plaintext and sends the ciphertext to the receiver. To decrypt the message and recover the plaintext, the receiver applies symmetric decryption with the same secret key. It is obvious that with this form of cryptography, the secret key must be known to both the sender and the receiver. Consequently the biggest challenge with this approach is the secure distribution of the secret key. Well-known secret key cryptography algorithms that are in use today include:


    Public key cryptography has been considered to be one of the most significant developments in cryptography. Whitfield Diffie and Martin Hellman described in the paper in 1976 a two-key cryptosystem [5]. In this the sender and receiver could engage in a secure communication over a non-secure communication channel without having to share the secret key.

    Public key cryptography depends upon the existence of so-called one-way functions. Those mathematical functions are easy to compute whereas their inverse function is relatively difficult to compute without the appropriate knowledge. Public key encryption algorithms are based on the premise that each sender has a private key and a public key. The private key is known only to the sender himself/herself, whereas the public key is revealed to anyone. Both keys are related to the other mathematically, such that messages encrypted with the public key can only be decrypted with the corresponding private key. The most popular public key cryptosystem in use today is RSA [6].

    Both types of cryptographic algorithms, secret key and public key encryption, require exactitude in key application. As highlighted earlier, there are situations in which human factors and other sources of error undermine the potentiality of exactness. Addressing this issue, the outlined scheme of "The multiple control fuzzy vault" tolerates the use of inexact keys.

    Biometrics within cryptographic authentication protocols


    In addition to confidentiality, cryptography can also be used as a basis for authentication. Relying on keys, cryptographic authentication protocols are either knowledgebased or token-based authentication methods. The secrecy, randomness, and availability of those respective keys are crucial security factors [7]. Within real-life applications cryptographic authentication protocols are thus constrained to human abilities in respect of storage and power of recollection. Password or PIN authentication methods face a similar type of challenge, requiring the user to choose random sequences, change them frequently, neither to reuse nor to write them down and remember tens of them for different types of today’s applications. Following those security rules of thumb, all knowledge-based authentication methods are affected by a major disadvantage in real world applications as they only certify authentication based on the presented knowledge of the required secret or key at the time of transaction. None of them has the capability to confirm based on identity-proof that the holder of the special authentication credential (either in form of key or secret) was indeed the legitimate person. Addressing this issue, biometrics come into play.

    Cryptographic property for biometric privacy maintenance


    A general tool that has proved to be very applicable in a variety of modern cryptographic protocols is the proof of knowledge. Proof of knowledge [8] is an interactive proof protocol between two entities called the prover and the verifier. The involved commitment function thereby enables the prover, to commit to a secret value without revealing it. By running the protocol, the prover demonstrates to the verifier possessing of the secret. Proving possession of secrets without revealing those secrets is thus a promising property for maintaining privacy of biometric information.


    More about "The Commitment Scheme"

    More about "Biometric Cryptosystem"

    Impressum, Bibliography & Data Protection Declaration