research-article

Pseudoentropic Isometries: A New Framework for Fuzzy Extractor Reusability

Authors:

Quentin Alamélou,

Paul-Edmond Berthier,

Stéphane Cauchie,

Benjamin Fuller,

Philippe Gaborit,

Sailesh SimhadriAuthors Info & Claims

ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

Pages 673 - 684

https://doi.org/10.1145/3196494.3196530

Published: 29 May 2018 Publication History

Abstract

Fuzzy extractors (Dodiset al., Eurocrypt 2004) turn a noisy secret into a stable, uniformly distributed key. Reusable fuzzy extractors remain secure when multiple keys are produced from a single noisy secret (Boyen, CCS 2004). Boyen showed information-theoretically secure reusable fuzzy extractors are subject to strong limitations. Simoens et al. (IEEE S&P, 2009) then showed deployed constructions suffer severe security breaks when reused. Canetti et al. (Eurocrypt 2016) used computational security to sidestep this problem, building a computationally secure reusable fuzzy extractor that corrects a sublinear fraction of errors.

We introduce a generic approach to constructing reusable fuzzy extractors. We define a new primitive called a reusable pseudoentropic isometry that projects an input metric space to an output metric space. This projection preserves distance and entropy even if the same input is mapped to multiple output metric spaces. A reusable pseudoentropy isometry yields a reusable fuzzy extractor by 1) randomizing the noisy secret using the isometry and 2) applying a traditional fuzzy extractor to derive a secret key.

We propose reusable pseudoentropic isometries for the set difference and Hamming metrics. The set difference construction is built from composable digital lockers (Canetti and Dakdouk, Eurocrypt 2008). For the Hamming metric, we show that the second construction of Canetti et al.(Eurocrypt 2016) can be seen as an instantiation of our framework. In both cases, the pseudoentropic isometry's reusability requires noisy secrets distributions to have entropy in each symbol of the alphabet. Our constructions yield the first reusable fuzzy extractors that correct a constant fraction of errors. We also implement our set difference solution and describe two use cases.

References

[1]

Host-based card emulation. https://developer.android.com/guide/topics/connectivity/nfc/hce.html.

[2]

Most common first names and last names in the u.s. https://names.mongabay.com/male_names.htm.

[3]

Multi-factor authentication. https://www.pcisecuritystandards.org/pdfs/Multi-Factor-Authentication-Guidance-v1.pdf.

[4]

Python implementation of our set difference based RPI. Available at https://github.com/benjaminfuller/CompFE/blob/master/RPISetDifference.py.

[5]

G. Acar, C. Eubank, S. Englehardt, M. Juarez, A. Narayanan, and C. Diaz. The web never forgets: Persistent tracking mechanisms in the wild. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 674--689, New York, NY, USA, 2014. ACM.

Digital Library

[6]

J. P. Achara, G. Acs, and C. Castelluccia. On the unicity of smartphone applications. In Proceedings of the 14th ACM Workshop on Privacy in the Electronic Society, WPES '15, pages 27--36. ACM, 2015.

Digital Library

[7]

D. Apon, C. Cho, K. Eldefrawy, and J. Katz. Efficient, reusable fuzzy extractors from lwe. Cryptology ePrint Archive, Report 2017/755, 2017. http://eprint.iacr.org/2017/755.

[8]

Bancontact. SEPA Rulebooks Scheme Manuals Remote Domain 46D0 Mobile App Security Guidelines, 2016.

[9]

C. H. Bennett, G. Brassard, and J.-M. Robert. Privacy amplification by public discussion. SIAM Journal on Computing, 17(2):210--229, 1988.

Digital Library

[10]

N. Bitansky and R. Canetti. On strong simulation and composable point obfuscation. In Advances in Cryptology--CRYPTO 2010, pages 520--537. Springer, 2010.

Digital Library

[11]

M. Blanton and M. Aliasgari. Analysis of reusability of secure sketches and fuzzy extractors. IEEE Trans. Information Forensics and Security, 8(9):1433--1445, 2013.

Digital Library

[12]

K. Boda, A. M. Földes, G. G. Gulyás, and S. Imre. User tracking on the web via cross-browser fingerprinting. In Proceedings of the 16th Nordic Conference on Information Security Technology for Applications, NordSec'11, pages 31--46, Berlin, Heidelberg, 2012. Springer-Verlag.

Digital Library

[13]

H. Bojinov, Y. Michalevsky, G. Nakibly, and D. Boneh. Mobile device identification via sensor fingerprinting. CoRR, abs/1408.1416, 2014.

[14]

X. Boyen. Reusable cryptographic fuzzy extractors. In Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS '04, pages 82--91. ACM, 2004.

Digital Library

[15]

R. Canetti. Towards realizing random oracles: Hash functions that hide all partial information. In Advances in Cryptology - CRYPTO '97, 17th Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 1997, Proceedings, pages 455--469, 1997.

Digital Library

[16]

R. Canetti and R. R. Dakdouk. Obfuscating point functions with multibit output. In Advances in Cryptology--EUROCRYPT 2008, pages 489--508. Springer, 2008.

Digital Library

[17]

R. Canetti, B. Fuller, O. Paneth, L. Reyzin, and A. Smith. Advances in Cryptology -- EUROCRYPT 2016, chapter Reusable Fuzzy Extractors for Low-Entropy Distributions, pages 117--146. Springer Berlin Heidelberg, Berlin, Heidelberg, 2016.

[18]

R. Canetti, Y. Tauman Kalai, M. Varia, and D. Wichs. On Symmetric Encryption and Point Obfuscation, pages 52--71. Springer Berlin Heidelberg, Berlin, Heidelberg, 2010.

Digital Library

[19]

M. Chen, J. Fridrich, M. Goljan, and J. Lukás. Determining image origin and integrity using sensor noise. IEEE Transactions on Information Forensics and Security, 3(1):74--90, 2008.

Digital Library

[20]

A. Das, N. Borisov, and M. Caesar. Do you hear what i hear?: Fingerprinting smart devices through embedded acoustic components. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 441--452, 2014.

Digital Library

[21]

J. Daugman. How iris recognition works. IEEE Transactions on Circuits and Systems for Video Technology, 14:21--30, 2002.

Digital Library

[22]

Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput., 38(1):97--139, Mar. 2008.

Digital Library

[23]

Y. Dodis, L. Reyzin, and A. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Advances in Cryptology - EUROCRYPT 2004, volume 3027 of Lecture Notes in Computer Science, pages 523--540. Springer Berlin Heidelberg, 2004.

[24]

P. Eckersley. How unique is your web browser? In Privacy Enhancing Technologies, 10th International Symposium, PETS 2010, Berlin, Germany, July 21-23, 2010. Proceedings, pages 1--18, 2010.

Digital Library

[25]

ETSI. Digital cellular telecommunications system (phase 2. Security related network functions, 1992.

[26]

European Parliament. General Data Protection Regulation (GDPR). http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf, 2016.

[27]

B. Fuller, X. Meng, and L. Reyzin. Computational Fuzzy Extractors, pages 174--193. Springer Berlin Heidelberg, Berlin, Heidelberg, 2013.

Digital Library

[28]

J. Galbally, A. Ross, M. Gomez-Barrero, J. Fierrez, and J. Ortega-Garcia. Iris image reconstruction from binary templates: An efficient probabilistic approach based on genetic algorithms. Computer Vision and Image Understanding, 117(10):1512--1525, 2013.

Digital Library

[29]

Gemalto. Gemalto eSE secure end-to-end solutions. https://www.gemalto.com/iot/consumer-electronics/embedded-secure-element.

[30]

GlobalPlatform. GlobalPlatform made simple guide: Trusted Execution Environment (TEE) Guide. https://www.globalplatform.org/mediaguidetee.asp.

[31]

Google. Android Developer Reference, Settings.Secure, ANDROID_ID. https://developer.android.com/reference/android/provider/Settings.Secure.html#ANDROID_ID.

[32]

Google. Android Security 2016 Year in Review. https://source.android.com/security/reports/Google_Android_Security_2016_Report_Final.pdf, 2017.

[33]

K. Harmon, S. Johnson, and L. Reyzin. An implementation of syndrome encoding and decoding for binary bch codes, secure sketches and fuzzy extractors, 2006. Available at http://www.cs.bu.edu/ reyzin/code/fuzzy.html.

[34]

J. Håstad, R. Impagliazzo, L. A. Levin, and M. Luby. A pseudorandom generator from any one-way function. SIAM Journal on Computing, 28(4):1364--1396, 1999.

Digital Library

[35]

C. Herder, B. Fuller, M. van Dijk, and S. Devadas. Public key cryptosystems with noisy secret keys. IACR Cryptology ePrint Archive, 2017:210, 2017.

[36]

C. Herder, L. Ren, M. van Dijk, M.-D. Yu, and S. Devadas. Trapdoor computational fuzzy extractors and stateless cryptographically-secure physical unclonable functions. IEEE Transactions on Dependable and Secure Computing, 14(1):65--82, 2017.

Digital Library

[37]

C.-Y. Hsiao, C.-J. Lu, and L. Reyzin. Conditional computational entropy, or toward separating pseudoentropy from compressibility. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 169--186. Springer, 2007.

Digital Library

[38]

A. Juels and M. Sudan. A fuzzy vault scheme. Des. Codes Cryptography, 38(2):237--257, Feb. 2006.

Digital Library

[39]

A. Juels and M. Wattenberg. A fuzzy commitment scheme. In Proceedings of the 6th ACM Conference on Computer and Communications Security, CCS '99, pages 28--36. ACM, 1999.

Digital Library

[40]

S. Komanduri, R. Shay, P. G. Kelley, M. L. Mazurek, L. Baue r, N. Christin, L. F. Cranor, and S. Egelman. Of passwords and people: measuring the effect of password-composition policies. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pages 2595--2604. ACM, 2011.

Digital Library

[41]

A. Kurtz, H. Gascon, T. Becker, K. Rieck, and F. Freiling. Fingerprinting mobile devices using personalized configurations. Proceedings on Privacy Enhancing Technologies, 2016(1):4--19, 2016.

[42]

J. Lin, B. Liu, N. M. Sadeh, and J. I. Hong. Modeling users' mobile app privacy preferences: Restoring usability in a sea of permission settings. In Tenth Symposium on Usable Privacy and Security, SOUPS 2014, Menlo Park, CA, USA, July 9-11, 2014, pages 199--212, 2014.

[43]

J. Lukas, J. Fridrich, and M. Goljan. Digital camera identification from sensor pattern noise. IEEE Transactions on Information Forensics and Security, 1(2):205--214, June 2006.

Digital Library

[44]

B. Lynn, M. Prabhakaran, and A. Sahai. Positive results and techniques for obfuscation. In Advances in Cryptology--EUROCRYPT 2004, pages 20--39. Springer, 2004.

[45]

MasterCard. MasterCard CloudBased Payments Security Guidelines for MPA Development Version 1.1, 2015.

[46]

Morpho. Secure Elements. https://www.morpho.com/en/commercial-identity/solutions-telecom/secure-elements.

[47]

K. Mowery and H. Shacham. Pixel perfect: Fingerprinting canvas in HTML5. In M. Fredrikson, editor, Proceedings of W2SP 2012. IEEE Computer Society, May 2012.

[48]

C. Mulliner, R. Borgaonkar, P. Stewin, and J. Seifert. Sms-based one-time passwords: Attacks and defense - (short paper). In Detection of Intrusions and Malware, and Vulnerability Assessment - 10th International Conference, DIMVA 2013, Berlin, Germany, July 18-19, 2013. Proceedings, pages 150--159, 2013.

Digital Library

[49]

N. Nikiforakis, A. Kapravelos, W. Joosen, C. Kruegel, F. Piessens, and G. Vigna. Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In Proceedings of the 2013 IEEE Symposium on Security and Privacy, SP '13, pages 541--555, Washington, DC, USA, 2013. IEEE Computer Society.

Digital Library

[50]

N. Nisan and D. Zuckerman. Randomness is linear in space. Journal of Computer and System Sciences, 52(1):43--52, 1996.

Digital Library

[51]

NIST. Digital identity guidelines: Authentication and lifecycle management. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800--63b.pdf.

[52]

R. Pappu, B. Recht, J. Taylor, and N. Gershenfeld. Physical one-way functions. Science, 297(5589):2026--2030, 2002.

[53]

S. Prabhakar, S. Pankanti, and A. K. Jain. Biometric recognition: Security and privacy concerns. IEEE Security &Privacy, 1(2):33--42, 2003.

Digital Library

[54]

K. Simoens, P. Tuyls, and B. Preneel. Privacy weaknesses in biometric sketches. In 2009 30th IEEE Symposium on Security and Privacy, pages 188--203.

Digital Library

[55]

E. Telecommunications Standards Institute. SIM. http://www.etsi.org/technologies-clusters/technologies/smart-cards/sim.

[56]

U. Uludag, S. Pankanti, S. Prabhakar, and A. K. Jain. Biometric cryptosystems: issues and challenges. Proceedings of the IEEE, 92(6):948--960, June 2004.

[57]

VISA. Security Requirements and Evaluation Guidance for Mobile Applications. Visa Digital Solutions. Version 1.0, 2014.

[58]

Y. Wen, S. Liu, and S. Han. Reusable fuzzy extractor from the decisional diffie--hellman assumption. Designs, Codes and Cryptography, pages 1--18, 2018.

[59]

Wikipedia. International Mobile Equipment Identity (IMEI). https://en.wikipedia.org/wiki/International_Mobile_Equipment_Identity.

[60]

Z. Zhou, W. Diao, X. Liu, and K. Zhang. Acoustic fingerprinting revisited: Generate stable device id stealthily with inaudible sound. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 429--440. ACM, 2014.

Digital Library

Cited By

Ma YShen PTian XLv KChen C(2025)Reusable and robust fuzzy extractor for CRS-dependent sourcesCybersecurity10.1186/s42400-024-00294-w8:1Online publication date: 14-Jan-2025
https://doi.org/10.1186/s42400-024-00294-w
Zhou YLiu SHan S(2025)Reusable Fuzzy Extractor from IsogenyProvable and Practical Security10.1007/978-981-96-0957-4_14(246-256)Online publication date: 31-Jan-2025
https://doi.org/10.1007/978-981-96-0957-4_14
Lacharme PThiry-Atighehchi K(2024)Cryptanalysis of Cancelable Biometrics VaultJournal of Information Security and Applications10.1016/j.jisa.2024.10388386(103883)Online publication date: Nov-2024
https://doi.org/10.1016/j.jisa.2024.103883
Show More Cited By

Index Terms

Pseudoentropic Isometries: A New Framework for Fuzzy Extractor Reusability
1. Security and privacy
  1. Cryptography

Recommendations

Reusable Fuzzy Extractors for Low-Entropy Distributions
Abstract
Fuzzy extractors (Dodis et al., in Advances in cryptology—EUROCRYPT 2014, Springer, Berlin, 2014, pp 93–110) convert repeated noisy readings of a secret into the same uniformly distributed key. To eliminate noise, they require an initial ...
Reusable fuzzy extractor from the decisional Diffie---Hellman assumption

Fuzzy extractors convert noisy non-uniform readings of secret sources into reliably reproducible, uniformly random strings, which in turn are used in cryptographic applications. Reusable fuzzy extractor allows multiple uses of the same secret source. In ...
Role and relevance of reuse repository facilitating software development

This paper discusses the role and relevance of reuse repositories and how software reuse influences software development. Reuse repositories are designed to increase the possibility of locating reusable components at a centralized location to ease ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

May 2018

866 pages

ISBN:9781450355766

DOI:10.1145/3196494

General Chairs:
Jong Kim
Pohang University of Science and Technology, South Korea
,
Gail-Joon Ahn
Arizona State University, USA &Samsung Electronics, South Korea
,
Seungjoo Kim
Korea University, South Korea
,
Program Chairs:
Yongdae Kim
KAIST, South Korea
,
Javier Lopez
University of Malaga, Spain
,
Taesoo Kim
Georgia Tech, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 May 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '18

Sponsor:

SIGSAC

ASIA CCS '18: ACM Asia Conference on Computer and Communications Security

June 4, 2018

Incheon, Republic of Korea

Acceptance Rates

ASIACCS '18 Paper Acceptance Rate 52 of 310 submissions, 17%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
252
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)1

Reflects downloads up to 03 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ma YShen PTian XLv KChen C(2025)Reusable and robust fuzzy extractor for CRS-dependent sourcesCybersecurity10.1186/s42400-024-00294-w8:1Online publication date: 14-Jan-2025
https://doi.org/10.1186/s42400-024-00294-w
Zhou YLiu SHan S(2025)Reusable Fuzzy Extractor from IsogenyProvable and Practical Security10.1007/978-981-96-0957-4_14(246-256)Online publication date: 31-Jan-2025
https://doi.org/10.1007/978-981-96-0957-4_14
Lacharme PThiry-Atighehchi K(2024)Cryptanalysis of Cancelable Biometrics VaultJournal of Information Security and Applications10.1016/j.jisa.2024.10388386(103883)Online publication date: Nov-2024
https://doi.org/10.1016/j.jisa.2024.103883
Fuller B(2024)Impossibility of efficient information-theoretic fuzzy extractionDesigns, Codes and Cryptography10.1007/s10623-024-01376-z92:7(1983-2009)Online publication date: 14-Mar-2024
https://doi.org/10.1007/s10623-024-01376-z
Cachet CHamlin ARezapour MFuller B(2024)Upgrading Fuzzy ExtractorsApplied Cryptography and Network Security10.1007/978-3-031-54770-6_7(156-182)Online publication date: 1-Mar-2024
https://doi.org/10.1007/978-3-031-54770-6_7
Francati DVenturi D(2024)Non-malleable Fuzzy ExtractorsApplied Cryptography and Network Security10.1007/978-3-031-54770-6_6(135-155)Online publication date: 1-Mar-2024
https://doi.org/10.1007/978-3-031-54770-6_6
Deo AGrover C(2023)Robustly Reusable Fuzzy Extractors in a Post-quantum WorldApplied Cryptography and Network Security10.1007/978-3-031-33491-7_16(429-459)Online publication date: 28-May-2023
https://doi.org/10.1007/978-3-031-33491-7_16
Apon DCachet CFuller BHall PLiu F(2023)Nonmalleable Digital Lockers and Robust Fuzzy Extractors in the Plain ModelAdvances in Cryptology – ASIACRYPT 202210.1007/978-3-031-22972-5_13(353-383)Online publication date: 25-Jan-2023
https://doi.org/10.1007/978-3-031-22972-5_13
Liao ZGuan Y(2021)RUDBA: Reusable User-Device Biometric Authentication Scheme for Multi-service Systems2021 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST49136.2021.9702289(214-225)Online publication date: 12-Dec-2021
https://doi.org/10.1109/HOST49136.2021.9702289
Cui NLiu SGu DWeng J(2021)Robustly reusable fuzzy extractor with imperfect randomnessDesigns, Codes and Cryptography10.1007/s10623-021-00843-189:5(1017-1059)Online publication date: 22-Mar-2021
https://doi.org/10.1007/s10623-021-00843-1
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten