Abstract

The importance of security of BE systems in relation to an Error Correcting Code (ECC) is emphasized. The security of the BE system proposed in Kanade et al paper “Three Factor Scheme For Biometric-Based Cryptographic Key Regeneration Using Iris” is analyzed. It is shown that the error correcting scheme with zero insertions, which was employed in the paper, can be easily cracked by an attacker. By knowing the locations of only 7 zeros for each 32-bit block of the Hadamard ECC, an attacker can reconstruct the entire 198-bit key within a fraction of a second. The generalization of the attack for the ECCs other than Hadamard is discussed.