A Multiple Server Scheme for Fingerprint Fuzzy Vaults

Jesse Hartloff, Matthew Morse, Bingsheng Zhang, Thomas Effland, Jennifer Cordaro, Jim Schuler, Sergey Tulyakov, Atri Rudra, Venu Govindaraju; Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR) Workshops, 2015, pp. 119-127


In this work, we present a multiple server fingerprint verification scheme that provides enhanced template security by eliminating several known vulnerabilities of the fuzzy vault scheme. We secure templates from adversarial attacks in honest-but-curious server scenarios by utilizing commutative encryption in which the raw fingerprint template is never used in matching or storage. In this system, there is a matching server that performs the enrollment and matching functions on fingerprint data that has been encrypted by a separate encryption server. Since the encrypted template is stored at one server and the encryption key is on another server, an attacker would have to compromise both servers to decrypt the data. Even in this case, the templates are protected by the fuzzy vault scheme. Thus, this scheme limits an attacker's ability to attack active users even after compromising both servers providing multiple layers of template security.

Related Material

author = {Hartloff, Jesse and Morse, Matthew and Zhang, Bingsheng and Effland, Thomas and Cordaro, Jennifer and Schuler, Jim and Tulyakov, Sergey and Rudra, Atri and Govindaraju, Venu},
title = {A Multiple Server Scheme for Fingerprint Fuzzy Vaults},
booktitle = {Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR) Workshops},
month = {June},
year = {2015}