Fuzzy Authenticated Key Exchange with Tight Security

Fuzzy authenticated key exchange (FAKE) enables two parties to agree on a shared key with the help of their fuzzy sources, like biometric features [3,9], physical unclonable functions (PUFs) [16], etc. In FAKE, each user will generate public strings from its own fuzzy source, and register public strings to the system. In the interactive protocol of FAKE, the user will again employ their own fuzzy sources to accomplish key agreement and achieve authenticity and privacy for the agreed session keys. The advantage of FAKE is that users do not have to store them in the devices, hence do not worry about key leakage due to bad key management in devices. In this paper, We propose a generic construction of FAKE from three building blocks including secure sketch (SS), key encapsulation scheme (KEM) and a digital signature (SIG). We also define authenticity for users and pseudo-randomness for session keys to formalize the security of FAKE in the multi-user multi-challenge setting. We prove the security of our FAKE construction with tight security reductions to the building blocks in the random oracle model. Given the available choices for SS, tightly secure KEM and tightly secure SIG schemes, we obtain a bunch of FAKE schemes with tight security in the multi-user multi-challenge setting.