The interest in using biometrics for authentication has grown over the last years and therefore the search for a secure and practicable biometric template protection scheme has moved into the focus of researchers. In this paper we analyse the security and performance of two dierent ways to combine the template protection scheme fuzzy vault with the public key Paillier cryptosystem. Regarding security, we have found that the new schemes prevent attacks based on record multiplicity, whereas the success probability of attacks inherent to authentication via biometrics, such as false acceptance rate attacks, remain the same. The changes to the fuzzy vault scheme required to integrate the Paillier cryptosystem open up new attack possibilities. Their success probabilities are thought to be small under suggested countermeasures but have yet to be assessed. Our performance analysis revealed a trade-o between feasibility and security with regard to the parameter conguration of the new schemes. A more secure system requires more memory and more runtime. A crucial part in the overall runtime is the running time of Paillier encryption. Since our security proofs only make use of the security level of Paillier encryption, one might exchange the Paillier cryptosystem for any faster but at least equally secure homomorphic public key cryptosystem.
The thesis has won a Grace-Hopper Award donated by the Institute of Computer Science Bonn and the Bonner Informatik Gesellschaft.