Privacy-Preserving Fuzzy Commitment for Biometrics via Layered Error-Correcting Codes

  • Masaya YasudaEmail author
  • Takeshi Shimoyama
  • Narishige Abe
  • Shigefumi Yamada
  • Takashi Shinzaki
  • Takeshi Koshiba
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9482)


With the widespread development of biometrics, concerns about security and privacy are increasing. In biometrics, template protection technology aims to protect the confidentiality of biometric templates (i.e., enrolled biometric data) by certain conversion. The fuzzy commitment scheme gives a practical way to protect biometric templates using a conventional error-correcting code. The scheme has both concealing and binding of templates, but it has some privacy problems. Specifically, in case of successful matching, stored biometric templates can be revealed. To address such problems, we improve the scheme. Our improvement is to coat with two error-correcting codes. In particular, our scheme can conceal stored biometric templates even in successful matching. Our improved scheme requires just conventional error-correcting codes as in the original scheme, and hence it gives a practical solution for both template security and privacy of biometric templates.


Fuzzy commitment Biometric template protection Error-correcting codes 


  1. 1.
    Belguechi, R., Alimi, V., Cherrier, E., Lacharme, P., Rosenberger, C.: An overview on privacy preserving biometrics. In: Yang, J. (ed.) Recent Application in Biometrics. InTech, Croatia (2011)Google Scholar
  2. 2.
    Blahut, R.E.: Algebraic Codes on Lines, Planes, and Curves: An Engineering Approach. Cambridge University Press, Cambridge (2008)CrossRefGoogle Scholar
  3. 3.
    Daugman, J.: High confidence visual recognition of persons by a test of statistical independence. IEEE Trans. Pattern Anal. Mach. Intell. 15(11), 1148–1161 (1993)CrossRefGoogle Scholar
  4. 4.
    Daugman, J.: The importance of being random: statistical principles of iris recognition. Pattern Recogn. 36(2), 279–291 (2003)CrossRefGoogle Scholar
  5. 5.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). Full version in SIAM Journal on Computing, 38 (1), 97–139 (2008)CrossRefGoogle Scholar
  6. 6.
    Failla, P., Sutcu, Y., Barni, M.: Esketch: a privacy-preserving fuzzy commitment scheme for authentication using encrypted biometrics. In: Proceedings of the 12th ACM Workshop on Multimedia and Security, pp. 241–246. ACM (2010)Google Scholar
  7. 7.
    Fujitsu Laboratories Ltd.: Press release: Fujitsu develops world’s first authentication technology to extract and match 2,048-bit feature codes from palm vein images (2013),
  8. 8.
    Hao, F., Anderson, R., Daugman, J.: Combining crypto with biometrics effectively. IEEE Trans. Comput. 55(9), 1081–1088 (2006)CrossRefGoogle Scholar
  9. 9.
    Hoang, T., Choi, D., Nguyen, T.: Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme. Int. J. Inf. Secur. 14(6), 1–12 (2015)CrossRefGoogle Scholar
  10. 10.
    Ignatenko, T., Willems, F.M.: On privacy in secure biometric authentication systems. In: IEEE International Conference on Acoustics, Speech and Signal Processing–ICASSP, vol. 2, pp. 121–124 (2007)Google Scholar
  11. 11.
    Ignatenko, T., Willems, F.M.: Information leakage in fuzzy commitment schemes. IEEE Trans. Inf. Forensics Secur. 5(2), 337–348 (2010)CrossRefGoogle Scholar
  12. 12.
    Jain, A.K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP J. Adv. Signal Process. 2008, 113:1–113:17 (2008). CrossRefGoogle Scholar
  13. 13.
    Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237–257 (2006)CrossRefMathSciNetzbMATHGoogle Scholar
  14. 14.
    Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 28–36. ACM (1999)Google Scholar
  15. 15.
    Maltoni, D., Maio, D., Jain, A.K., Prabhakar, S.: Handbook of fingerprint recognition, 2nd edn. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    McEliece, R.J.: A public-key cryptosystem based on algebraic coding theory. DSN Prog. Rep. 42(44), 114–116 (1978)Google Scholar
  17. 17.
    Moon, T.K.: Error correction coding. Mathematical Methods and Algorithms. Wiley, Hoboken (2005)Google Scholar
  18. 18.
    Nandakumar, K., Nagar, A., Jain, A.K.: Hardening fingerprint fuzzy vault using password. In: Lee, S.-W., Li, S.Z. (eds.) ICB 2007. LNCS, vol. 4642, pp. 927–937. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  20. 20.
    Pandey, J., Ojha, D., Sharma, A.: Enhance fuzzy commitment scheme: an approach for post quantum cryptosystem. J. Appl. Theor. Inf. Technol. 9, 16–19 (2005)Google Scholar
  21. 21.
    Rathgeb, C., Uhl, A.: Statistical attack against iris-biometric fuzzy commitment schemes. In: IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops–CVPRW, pp. 23–30 (2011)Google Scholar
  22. 22.
    Rathgeb, C., Uhl, A., Wild, P.: Iris-biometric fuzzy commitment schemes under image compression. In: Ruiz-Shulcloper, J., Sanniti di Baja, G. (eds.) CIARP 2013, Part II. LNCS, vol. 8259, pp. 374–381. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  23. 23.
    Sutcu, Y., Sencar, H.T., Memon, N.: A secure biometric authentication scheme based on robust hashing. In: Proceedings of the 7th Workshop on Multimedia and Security, pp. 111–116. ACM (2005)Google Scholar
  24. 24.
    Teoh, A.B., Goh, A., Ngo, D.C.: Random multispace quantization as an analytic mechanism for biohashing of biometric and random identity inputs. IEEE Trans. Pattern Anal. Mach. Intell. 28(12), 1892–1901 (2006)CrossRefGoogle Scholar
  25. 25.
    U.S. Department of Homeland Security: Privacy impact assessment for the biometric storage system (28 March 2007)Google Scholar
  26. 26.
    Zhou, X., Kevenaar, T.A., Kelkboom, E., Busch, C., Veen, M., Nouak, A.: Privacy enhancing technology for a 3D-face recognition system. BIOSIG 108(2), 3–14 (2007)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Masaya Yasuda
    • 1
    Email author
  • Takeshi Shimoyama
    • 2
  • Narishige Abe
    • 2
  • Shigefumi Yamada
    • 2
  • Takashi Shinzaki
    • 2
  • Takeshi Koshiba
    • 3
  1. 1.Institute of Mathematics for IndustryKyushu UniversityFukuokaJapan
  2. 2.Fujitsu Laboratories Ltd.Nakahara-kuJapan
  3. 3.Division of Mathematics, Electronics and InformaticsGraduate School of Science and Engineering, Saitama UniversitySaitamaJapan

Personalised recommendations