GGrantIndex
← Search

CAREER: Cryptographic Authentication from Biometrics

$505,597FY2022CSENSF

University Of Connecticut, Storrs CT

Investigators

Abstract

In current devices, biometrics are processed in plaintext inside the hardware security module. Plaintext processing of biometrics leads to master keys residing unencrypted in the hardware security module for multiple consecutive days. As devices add sensors, they are included in the hardware security module, adding complexity and risk. Fuzzy extractors are a cryptographic primitive that derives keys from biometrics. However, prior fuzzy extractors do not secure known biometrics. This project builds a computationally secure fuzzy extractor that secures all possible distributions. Such a universal fuzzy extractor is not possible if one desires information theoretic security. Universal fuzzy extractors can be built with general purpose obfuscation, but such constructions cannot be implemented on commodity hardware and there are no constructions from standard assumptions. This project builds universal fuzzy extractors and investigates required assumptions. These designs are based on limited forms of functional encryption which can be built from standard assumptions. In addition, this project expands the functionality of fuzzy extractors to 1) support new noise models, 2) support updatable encryption methods, and 3) withstand active attacks. This project expands an experimental project-based cybersecurity laboratory to middle and high school students. This educational program stresses the outcome-focused interdisciplinary nature of cybersecurity. Students completing these programs will be hired as research assistants and mentors for future students. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →