Two-Factor Decryption: A Better Way to Protect Data Security and Privacy

Biometric information is unique to a human, so it would be desirable to use the biometric characteristic as the private key in a cryptographic system to protect data security and privacy. In this paper, we introduce a notion called two-factor decryption (TFD). Informally speaking, a TFD scheme is a variant of the public-key encryption (PKE) scheme. In a TFD scheme, messages are encrypted under public keys as that in a standard PKE scheme, but both private keys (i.e. the first factor) and biometric inputs (i.e. the second factor) are required to decrypt the ciphertexts and obtain the underlying plaintexts. We first describe a framework of TFD, and then define a formal security model for TFD. Thereafter, we present a generic construction on TFD based on the cryptographic primitives of linear sketch and functional encryption (FE) with certain properties and analyse its security. In addition, we give instantiations of TFD by applying concrete FE schemes into the generic construction and show their applications.