Collaborative Research: Rigorous Cryptography from Biometrics and Other Noisy Data

合作研究：来自生物识别和其他噪音数据的严格密码学

• 批准号: 0515100
• 负责人: Leonid Reyzin
• 金额: --
• 依托单位: Trustees of Boston University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2005
• 资助国家: 美国
• 起止时间: 2005-07-01 至 2008-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0515100&HistoricalAwards=false
• 关键词: Collaborative; Research; Rigorous; Cryptography; Biometrics

Sources of entropy that are not precisely reproducible nor uniformly distributed, such as biometrics, nontraditional passwords, or physical random functions, are increasingly suggested as tools in electronic and physical security. There are, however, many significant unresolved questions about exactly how such sources should be used and stored. This proposal focuses on investigating how to use them securely, reliably, privately and versatilely. The techniques studied will have applications well beyond biometric authentication, to settings where noisy data needs to be stored securely, compared privately, or used cryptographically.A simple motivating scenario for our research is that of password-based authentication. In order to avoid security vulnerabilities inherent in storing passwords, systems often store their one-way hashes instead. When a user's password is entered for verification, it is first hashed and then compared to the stored hash value. The problem with passwords, of course, is that their entropy is low. The problem with using highentropy inputs, on the other hand, is that the readily available ones are hard to reproduce precisely: humans make typographical errors in long passphrases and forget some of the answers to multiple questions, while machines cannot precisely reproduce fingerprints and iris scans from one reading to the next. Therefore, the one-way hash function approach does not work, because even slight variations in the input will results in drastic changes of the hash value. Without additional techniques, one has no choice but to store the originalenrollment value and accept the inherent security vulnerabilities, or to exhaustively search all values close to the input value.Intellectual Merits of the Proposed ProjectThe proposed research will allow verification of such noisy high-entropy inputs without requiring secret storage or performing brute-force search. What distinguishes our work from related prior work in the literature is that our approach is rigorous and versatile. The techniques we propose to study will allow the use of unreliable nonuniform inputs not only in the above password-authentication scenario, but also for keys is any cryptographic application. Moreover, the same techniques will have other applications, such as privacy-preserving data mining.Our proposal builds on the recent work of the two PIs [42]. That work introduced new notions for using nonuniform and unreliable data cryptographically: secure sketches and fuzzy extractors. While the notions are already finding applications [40, 39], much work is needed to obtain and analyze practical constructions for a variety of input classes, to strengthen definitions, and to study specific new applications.Broader Impacts of the Proposed ProjectON SECURE SYSTEMS. By removing the need for large-volume distributed secure storage, our work has the potential to significantly lower the costs and potential liabilities of systems that utilize biometric or other sensitive inputs for security (as detailed in the proposal description). Moreover, it may enable systems that have relied on low-entropy passwords to switch to more secure approaches, such as biometric-based key agreement.ON PRIVACY. A significant drawback of many systems that require authentication is the loss of privacy that users experience (e.g., when having their social security numbers stored as passwords for their credit card accounts, or when having their fingerprints stored as passwords for secure doors). This work will remove the need to store private data in many applications. Moreover, as further detailed in the proposal description, the privacy protection will extend not only to the biometric (or similar) password, but also to the data protected by it, ensuring that no one without the right password will have access to the data.ON EDUCATION. The two PIs regularly teach courses on cryptography and network security, and will be able incorporate the new results into the courses they teach. In addition, the proposal has a significant graduate student training component.

熵的来源不是精确可复制的，也不是均匀分布的，如生物识别、非传统密码或物理随机函数，越来越多地被建议作为电子和物理安全的工具。然而，关于如何使用和储存这些资源，仍有许多重大的未解决的问题。本提案的重点是研究如何安全、可靠、私密和通用地使用它们。所研究的技术将远远超出生物识别认证的应用范围，应用于需要安全存储、私下比较或加密使用噪声数据的设置。我们研究的一个简单的激励场景是基于密码的身份验证。为了避免存储密码时固有的安全漏洞，系统通常会存储它们的单向散列。当输入用户密码进行验证时，首先对其进行散列，然后与存储的散列值进行比较。当然，密码的问题在于它们的熵很低。另一方面，使用高熵输入的问题在于，容易获得的输入很难精确重现：人类在长密码短语中会出现打字错误，在回答多个问题时也会忘记一些答案，而机器无法精确地再现指纹和虹膜扫描结果。因此，单向哈希函数方法不起作用，因为即使输入的微小变化也会导致哈希值的剧烈变化。如果没有额外的技术，就别无选择，只能存储原始注册值并接受固有的安全漏洞，或者彻底搜索接近输入值的所有值。拟议项目的知识价值拟议的研究将允许验证这种嘈杂的高熵输入，而不需要秘密存储或执行暴力搜索。我们的工作与文献中相关的先前工作的区别在于我们的方法是严格和通用的。我们建议研究的技术不仅允许在上述密码认证场景中使用不可靠的非均匀输入，而且还允许在任何加密应用程序中使用密钥。此外，同样的技术还会有其他应用，比如保护隐私的数据挖掘。我们的建议建立在两个pi最近的工作基础之上。这项工作引入了使用非统一和不可靠数据加密的新概念：安全草图和模糊提取器。虽然这些概念已经找到了应用[40,39]，但还需要做很多工作来获取和分析各种输入类的实际结构，加强定义，并研究具体的新应用。建议项目对安全系统的更广泛影响。通过消除对大容量分布式安全存储的需求，我们的工作有可能显著降低利用生物识别或其他敏感输入来保证安全性的系统的成本和潜在责任（如提案描述中所述）。此外，它可能使依赖低熵密码的系统转向更安全的方法，例如基于生物特征的密钥协议。在隐私。许多需要身份验证的系统的一个重大缺点是用户会失去隐私（例如，当他们的社会安全号码被存储为信用卡帐户的密码时，或者当他们的指纹被存储为安全门的密码时）。这项工作将消除在许多应用程序中存储私有数据的需要。此外，正如提案描述中进一步详述的那样，隐私保护将不仅扩展到生物识别（或类似）密码，还将扩展到受其保护的数据，确保没有正确密码的人无法访问数据。在教育上。这两位pi定期教授密码学和网络安全课程，并将能够将新的结果纳入他们所教授的课程中。此外，该提案有一个重要的研究生培训组成部分。