Security and efficiency analysis of the Hamming distance computation protocol based on oblivious transfer

Bringer et al. proposed two cryptographic protocols for the computation of Hamming distance. Their first scheme uses oblivious transfer and provides security in the semi‐honest model. The other scheme uses committed oblivious transfer and is claimed to provide full security in the malicious case. Th...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks 2015-12, Vol.8 (18), p.4123-4135
Main Authors: Kiraz, Mehmet Sabir, Genc, Ziya Alper, Kardas, Suleyman
Format: Article
Language:English
Subjects:
Authentication
biometric identification
Biometrics
committed oblivious transfer
Communication networks
Complexity
Computation
Computer simulation
Cryptography
Efficiency
Hamming distance
privacy
Protocol
Public Key Infrastructure
Security
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Bringer et al. proposed two cryptographic protocols for the computation of Hamming distance. Their first scheme uses oblivious transfer and provides security in the semi‐honest model. The other scheme uses committed oblivious transfer and is claimed to provide full security in the malicious case. The proposed protocols have direct implications to biometric authentication schemes between a prover and a verifier where the verifier has biometric data of the users in plain form. In this paper, we show that their protocol is not actually fully secure against malicious adversaries. More precisely, our attack breaks the soundness property of their protocol where a malicious user can compute a Hamming distance, which is different from the actual value. For biometric authentication systems, this attack allows a malicious adversary to pass the authentication without knowledge of the honest user's input with at most O(n) complexity instead of O(2n), where n is the input length. We propose an enhanced version of their protocol where this attack is eliminated. The security of our modified protocol is proven using the simulation‐based paradigm. Furthermore, as for efficiency concerns, the modified protocol utilizes verifiable oblivious transfer, which does not require the commitments to outputs, which improves its efficiency significantly. Copyright © 2015 John Wiley & Sons, Ltd. We show that the protocol of Bringer et al. is not actually fully secure against malicious adversaries. The soundness property of their protocol is where a malicious user can compute a Hamming distance that is different from the actual value. For biometric authentication systems, this attack allows a malicious adversary to pass the authentication with at mostO(n) complexity instead of O(2n), n is the input length. We propose an enhanced version where the attack is eliminated.
ISSN:1939-0114
1939-0122
DOI:10.1002/sec.1329