Information Technology Reference
Fig. 5. Encryption of fuzzy vault for fingerprints
2.4.1 Encryption Process Using Fuzzy Vault for Fingerprints
1. Select secret value S which is 128 bits.
2. Both secure S and error correcting code (CRC, Cyclic Redundancy Check) are
coherent. The CRC is parity bit checking, and used for error detection in commu-
nication channel. CRC is 16-bit code that used for error checking in decryption
process. Final payload is SC = S | C (128 + 16 = 144 bits).
3. 144 bits SC can be represented as a 9 (9=144/16) coefficients(c 8 , c 7 ,…, c 0 ) of
polynomial in GF(2 16 ). So polynomial has degree 8, F(u) = c 8 u 8 + c 7 u 7 + … + c 1 u
+ c 0 .
4. Fingerprint template is projected to the coordinate system. Get x and y axis value of
template. Extract minutiae points that have same x axis on 8th degree polynomial.
5. Generate chaff points that are not on 8th degree polynomial.
6. Minutiae points combine with chaff points to generate vault V.
2.4.2 Decryption Process Using Fuzzy Vault for Fingerprints
7. Extract minutiae points from user fingerprint at verification process. The extrac
tion process is equal to the encryption process.
8. Extract the same points that have x values of the stored vault V from minutiae
points of previous step.
9. For a reconstruction of n-th polynomial, make all possible combination using n+1
10. Using 16 bits CRC, check error. Get secret key values S using the n-th polynomial.
If an error occurs on CRC code check, we reconstruct n-th polynomial and check
error using CRC again.
Fig. 6. Decryption of fuzzy vault for fingerprints
2.5 Hardening Fingerprint Fuzzy Vault Using Password
If biometric information is exposed on the existing fuzzy vault scheme, an immutable
property of biometric information causes problem. If an attacker can compare two