Abstract
A fuzzy extractor (FE) enables reproducible generation of high-quality randomness from noisy inputs having sufficient min-entropy. FEs have been proposed for deriving cryptographic keys from biometric data. FEs rely in their operation on a public “helper string” that is guaranteed not to leak too much information about the original input. Unfortunately, this guarantee may not hold when multiple independent helper strings are generated from correlated inputs; reusable FEs are needed in that case. Although the notion of reusable FEs was introduced in 2004, it has received little attention since then.
In this paper, we first analyze an FE proposed by Fuller et al. (Asiacrypt 2013) based on the learning-with-errors (\(\mathsf {LWE}\)) assumption, and show that it is not reusable. This is interesting as the first natural example of a non-reusable FE. We then show how to adapt their construction to obtain reusable FEs. Of independent interest, we show a generic technique for strengthening the notion of reusability achieved by an FE in the random-oracle model.
This research is based upon work supported in part by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research Projects Activity (IARPA). The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies, either expressed or implied, of ODNI, IARPA, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for governmental purposes notwithstanding any copyright annotation therein.
K. Eldefrawy—Currently at SRI International: karim.eldefrawy@sri.com.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Technically, Canetti et al. rely on the assumption that “digital lockers” exist. All known constructions of digital lockers without random oracles require non-standard assumptions; in practice, digital lockers would most likely be instantiated with a hash function modeled as a random oracle.
- 2.
Huth et al. [10, Theorem 5] claim that the construction of Fuller et al. is reusable, but their proof is incorrect.
- 3.
Alamélou et al. [2] show a transformation with a similar goal, but it only applies to FEs for the set-difference metric on sets over exponential-size universes.
- 4.
A fuzzy sketch [6] is a precursor to a fuzzy extractor, but we do not rely on this notion directly in our work.
- 5.
Though whether this is realistic depends on whether errors in the biometric readings are dependent or independent of the underlying biometric.
References
Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00457-5_28
Alamélou, Q., Berthier, P.-E., Cauchie, S., Fuller, B., Gaborit, P.: Reusable fuzzy extractors for the set difference metric and adaptive fuzzy extractors (2016). http://eprint.iacr.org/2016/1100
Albrecht, M.R., Player, R., Scott, S.: On the concrete hardness of learning with errors. J. Math. Cryptol. 9(3), 169–203 (2015)
Boyen, X.: Reusable cryptographic fuzzy extractors. In: 11th ACM Conference on Computer and Communications Security, pp. 82–91. ACM Press (2004)
Canetti, R., Fuller, B., Paneth, O., Reyzin, L., Smith, A.: Reusable fuzzy extractors for low-entropy distributions. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 117–146. Springer, Heidelberg (2016). doi:10.1007/978-3-662-49890-3_5
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_31
Döttling, N., Müller-Quade, J.: Lossy codes and a new variant of the learning-with-errors problem. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 18–34. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38348-9_2
Fuller, B., Meng, X., Reyzin, L.: Computational fuzzy extractors. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 174–193. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42033-7_10
Goldwasser, S., Kalai, Y.T., Peikert, C., Vaikuntanathan, V.: Robustness of the learning with errors assumption. In: 1st Innovations in Computer Science, ICS 2010, pp. 230–240. Tsinghua University Press (2010)
Huth, C., Becker, D., Guajardo, J., Duplys, P., Güneysu, T.: Securing systems with scarce entropy: LWE-based lossless computational fuzzy extractor for the IoT (2016). http://eprint.iacr.org/2016/982
Kamp, J., Zuckerman, D.: Deterministic extractors for bit-fixing sources and exposure-resilient cryptography. In: 44th Annual Symposium on Foundations of Computer Science (FOCS), pp. 92–101. IEEE, October 2003
Lynn, B., Prabhakaran, M., Sahai, A.: Positive results and techniques for obfuscation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 20–39. Springer, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_2
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) 37th Annual ACM Symposium on Theory of Computing (STOC), pp. 84–93. ACM Press, May 2005
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Apon, D., Cho, C., Eldefrawy, K., Katz, J. (2017). Efficient, Reusable Fuzzy Extractors from LWE. In: Dolev, S., Lodha, S. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2017. Lecture Notes in Computer Science(), vol 10332. Springer, Cham. https://doi.org/10.1007/978-3-319-60080-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-60080-2_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-60079-6
Online ISBN: 978-3-319-60080-2
eBook Packages: Computer ScienceComputer Science (R0)