Security of a biometric identity-based encryption scheme
Abstract
Biometric identity-based encryption (Bio-IBE) is a kind of fuzzy identity-based encryption (fuzzy IBE) where a ciphertext encrypted under an identity w' can be decrypted using a secret key corresponding to the identity w which is close to w' as measured by some metric. Recently, Yang et al. proposed a constant-size Bio-IBE scheme and proved that it is secure against adaptive chosen-ciphertext attack (CCA2) in the random oracle model. Unfortunately, in this paper, we will show that their Bio-IBE scheme is even not chosen-plaintext secure. Specifically, user w using his secret key is able to decrypt any ciphertext encrypted under an identity w' even though w is not close to w'.
Cite
@article{arxiv.1110.2653,
title = {Security of a biometric identity-based encryption scheme},
author = {Miaomiao Tian and Wei Yang and Liusheng Huang},
journal= {arXiv preprint arXiv:1110.2653},
year = {2012}
}
Comments
Journal version of the paper will be appearing in International Journal of Network Security