In the past decade biometrics and Physical Unclonable Functions (PUF) have become a popular alternative to standard authentication methods, such as passwords. Protection of secrets generated by biometrics and PUFs is done similar to password protection: a hash of the secret is stored. The hash is resilient to different types of attacks (e.g. hacks and insider attack). Secret keys generated by biometrics and PUFs are prone to noise, thus an error correction step is required. However, error correction data has to be stored somewhere and may leak sensitive information. This thesis deals with two important topics in security: privacy-preserving use of biometrics, and key storage in the form of Physically Obfuscated Keys.
Download Thesis