The Fuzzy Vault for Fingerprints Is Vulnerable to Brute Force Attack

The fuzzy vault approach is one of the best studied and well accepted ideas for binding cryptographic security into biometric authentication. The authors present in this paper a brute force attack which improves upon the one described by Clancy et. al. [CKL] in an implementation of the vault for fingerprints. On base of this attack, they show that three implementations of the fingerprint vault are vulnerable and show that the vulnerability cannot be avoided by mere parameter selection in the actual frame of the procedure.