The paper studies the problem of securely storing biometric passwords, suchas fingerprints and irises. With the help of coding theory Juels and Wattenbergderived in 1999 a scheme where similar input strings will be accepted as thesame biometric. In the same time nothing could be learned from the stored data.They called their scheme a "fuzzy commitment scheme". In this paper we willrevisit the solution of Juels and Wattenberg and we will provide answers to twoimportant questions: What type of error-correcting codes should be used andwhat happens if biometric templates are not uniformly distributed, i.e. thebiometric data come with redundancy. Answering the first question will lead usto the search for low-rate large-minimum distance error-correcting codes whichcome with efficient decoding algorithms up to the designed distance. In orderto answer the second question we relate the rate required with a quantityconnected to the "entropy" of the string, trying to estimate a sort of"capacity", if we want to see a flavor of the converse of Shannon's noisycoding theorem. Finally we deal with side-problems arising in a practicalimplementation and we propose a possible solution to the main one that seems tohave so far prevented real life applications of the fuzzy scheme, as far as weknow.
展开▼