Fuzzy public-key encryption based on biometric data

Biometric data is an inherent representation of a human user, and it would be highly desirable to derive a private key of a public-key cryptographic scheme from a user's biometric input such that the user does not need to remember any password or carry any device to store the private key and is able to enjoy all benefits of the public-key cryptographic scheme. In this paper, we introduce a notion called fuzzy public-key encryption (FPKE), which is a public-key encryption (PKE) scheme that accepts a piece of fuzzy data (i.e., a noisy version of the original biometric data) as the private key to decrypt the ciphertext. Compared to the traditional PKE scheme where a private key is usually stored in a device (e.g., a USB token), an FPKE scheme does not need to use any device for the storage of the private key. We first define a formal security model for FPKE, and then give generic constructions of FPKE based on the cryptographic primitives of linear sketch and PKE with some special properties.