No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Symmetric Hash Functions for Secure Fingerprint Biometric Systems
Abstract
Securing biometrics databases from being compromised is an important research challenge that must be overcome in order to support widespread use of biometrics based authentication. In this paper we present a novel method for securing fingerprints by hashing the fingerprint minutia and performing matching in the hash space. Our approach uses a family of symmetric hash functions and does not depend on the location of the (usually unstable) singular points (core and delta) as is the case with other methods described in the literature. It also does not assume a pre-alignment between the test and the stored fingerprint templates. We argue that these assumptions, which are often made, are unrealistic given that fingerprints are very often only partially captured by the commercially available sensors. The Equal Error Rate (EER) achieved by our system is 3%. We also present the performance analysis of a hybrid system that has an EER of 1.96% which reflects almost no drop in performance when compared to straight matching with no security enhancements. The hybrid system involves matching using our secure algorithm but the final scoring reverts to that used by a straight matching system.
... This will cause non-matching between altered data and stored one. Therefore, the hash-based system must adhere to the following additional properties: [14] - ...
... With the growth interesting of biometric authentication methods over traditional authentication methods, various biometric-based techniques are proposed by several researchers for provide a reliable user authentication. For instance, the techniques presented in [14,15,16,17,18,19,20,21]. Other researches gone to make integration of biometric with data hiding methods (steganography and watermarking) to add additional level of security, for instance, the proposed algorithms in [22,23,24,25,26,8,27,28,29,30] ...
With the rapid development and increasing growth in the ways of transmitting data across networks, especially after the Corona pandemic, where most financial or commercial transactions have taken place via the Internet, this has become an urgent case for developing new reliable user authentication methods. In this paper, we suggesting to use a new biometric authentication system to provide an electronic ID as a combination of biometrics measures (e.g. Face and Fingerprint authentication), hash functions and steganography technique. Biometric authentication is a process where the biometric data of a person is used to verify his identity. In the proposed scheme, the person's fingerprint is hashed and hidden in his face image in such a way that the features, which are used in face matching, are not significantly altered during hiding process. This provide an efficient secure multimodal biometric authentication system.
... The authors implemented the transformations in several ways including Cartesian, Radial, Polar and Functional transformation, and then they compared their relative merits empirically. Hashing the fingerprint minutia using symmetric hash functions is proposed in [7]. Their approach has two assumptions. ...
... Physical based biometrics schemes employ the unique physical characteristics of humans to identify users. This includes Fingerprint Recognition [7] [8], Iris Recognition [36], Face Recognition [37], and Palm Vein Recognition [38]. ...
Authentication, which involves the verification of identity, is one of the most important security features. It usually depends on three factors: something you know (knowledge), something you have (token) and something you are (biometrics). In this paper, we propose the use of biometrics (fingerprints) with a fourth factor, namely location (i.e., where you are), in order to develop a privacy-friendly multi-factor authentication scheme suitable for smartphone applications.
... The proposed hash functions do not depend on the location of the various minutiae points like delta and core. The authors have calculated EER for the proposed technique and is found to be equal to 3% [7]. A mystery key is familiar with seed the decisions and request of hash capacities for different fingerprints. ...
Cancellable biometrics is one of the productive areas of biometrics and it guarantees the non-invertibility and revocability properties of an ideal template security scheme. In this paper, various cancellable fingerprint template security schemes, their comparison and a novel method for securing the multi-instance fingerprints have been discussed. The pseudocode of the proposed scheme is also presented. The proposed technique produces one fused secured template and this template is formed with the help of feature level fusion technique. The division method is used to secure both of the templates in order to make them non-invertible. The calculated EER and GAR for the proposed technique are 2.87% and 89.937% respectively.
... In general, high dimensional binary features can cause computability concerns for conventional machine learning models [1]. Although there are some attempts on solving this issue like feature hashing [14], they run at the cost of losing latent correlation between medical event features due to irreversibility and unlinkability [17]. ...
Clinicians prescribe antibiotics by looking at the patient's health record with an experienced eye. However, the therapy might be rendered futile if the patient has drug resistance. Determining drug resistance requires time-consuming laboratory-level testing while applying clinicians' heuristics in an automated way is difficult due to the categorical or binary medical events that constitute health records. In this paper, we propose a novel framework for rapid clinical intervention by viewing health records as graphs whose nodes are mapped from medical events and edges as correspondence between events in given a time window. A novel graph-based model is then proposed to extract informative features and yield automated drug resistance analysis from those high-dimensional and scarce graphs. The proposed method integrates multi-task learning into a common feature extracting graph encoder for simultaneous analyses of multiple drugs as well as stabilizing learning. On a massive dataset comprising over 110,000 patients with urinary tract infections, we verify the proposed method is capable of attaining superior performance on the drug resistance prediction problem. Furthermore, automated drug recommendations resemblant to laboratory-level testing can also be made based on the model resistance analysis.
... The hashed template is stored in a database server, and it is hard to retrieve the biometric data from the hashed templates. Also, Tulyakov et al. [45] proposed a technique for protecting templates by hashing the biometric minutia based on symmetric hash functions. In [46], Hirata el al. presented a technique for cancellable biometrics based on correlation matching to enhance security features. ...
Cancellable biometrics have been enrolled in several applications such as cloud computing and cyber security. This makes researchers investigate their approaches in this field. This paper presents a Cancellable Multi-Biometric System (CMBS) based on deep image style transfer and a fusion process. The main contribution is cascading style transfer processes of the human biometrics including fingerprint, finger vein and face images. Then, a fusion process is carried out on the style transferred images. The generated cancellable templates are evaluated by both visual and statistical analysis. The results of the proposed system show superior performance in terms of Area Under the Curve (AUC) and encryption quality assessment with Structural Similarity Index Measure (SSIM), Number of Changing Pixel Rate (NPCR) and other quality indices. Furthermore, the generated templates are digested using hashing algorithms including SHA-224 and SHA-256. The proposed system is compared to the works in the literature. The comparison reveals that the proposed system has a superior performance compared to other previous ones. Hence, it can be used in biometric authentication in cloud systems.
... Cancelable fingerprint templates have been extensively researched. Tulyakov et al. [32] introduced a method by representing fingerprint minutiae in a complex plane as a hashed set. Fingerprint matching is performed between two hashed sets. ...
Identity authentication has become an essential component for access control in the Internet of Things (IoT) environment. To overcome the inherent weakness of password-based authentication, many present IoT devices (e.g., commercial banking smart cards) are equipped with the fingerprint authentication mechanism. However, due to the resource constraints of IoT devices, oversimplified authentication schemes are deployed, which compromise system performance significantly. Moreover, fingerprint templates in these existing schemes are unprotected. To address these issues, we propose an IoT-oriented privacy-preserving fingerprint authentication system. The proposed system is composed of four main components: 1) minutiae extraction; 2) the minutia cylinder-code (MCC)-based cancelable binary template, generated by the proposed normalized random projection; 3) the lightweight, privacy-preserving template, built by novel pair-wise Boolean operations; and 4) fingerprint matching. Our system can effectively mitigate pre-image and hill climbing attacks. A prototype of the proposed system is developed using a popular open-source platform (i.e., Open Virtual Platforms). Comprehensive experimental results on eight benchmark datasets validate the effectiveness of the proposed IoT-oriented fingerprint authentication system. Our system also achieves equivalent authentication accuracy to that of the unprotected fingerprint authentication systems deployed in the resource-rich, non-IoT environment. More importantly, our system prototype is deployable to commercially available low-cost smart cards, such as Atmel AT24C256C Memory Smart Card 256K Bits. To the best of our knowledge, the proposed system is the first privacy-preserving, cancelable fingerprint authentication system developed in such a resource-constrained IoT setting.
... Tulyakov et al. [18] made use of symmetric hash functions as means of protecting fingerprint templates. The hash functions were constructed from the minutiae locations, considering the random shifting of the minutiae during the acquisition phase. ...
... However, this requires to use binary codes or points, which leads to loss of discriminatory information on the original template and degradation of matching performance. Biohashing [31], cancelable biometric [25], and robust hashing [33] are feature transformation approaches that transform the original template into an element in a new domain using a non-invertible transformation and salting. A hybrid approach for face template protection that combines the cryptographic approach with the feature transformation approach was proposed in [8]. ...
Convolutional neural networks have made remarkable progress in the face recognition field. The more the technology of face recognition advances, the greater discriminative features into a face template. However, this increases the threat to user privacy in case the template is exposed. In this paper, we present a modular architecture for face template protection, called IronMask, that can be combined with any face recognition system using angular distance metric. We circumvent the need for binarization, which is the main cause of performance degradation in most existing face template protections, by proposing a new real-valued error-correcting-code that is compatible with real-valued templates and can therefore, minimize performance degradation. We evaluate the efficacy of IronMask by extensive experiments on two face recognitions, ArcFace and CosFace with three datasets, CMU-Multi-PIE, FEI, and Color-FERET. According to our experimental results, IronMask achieves a true accept rate (TAR) of 99.79% at a false accept rate (FAR) of 0.0005% when combined with ArcFace, and 95.78% TAR at 0% FAR with CosFace, while providing at least 115-bit security against known attacks.
... A hash function is usually transformed functions, which converts or transform data or features from one form to another. Always transform function should be a one-way function or another way it should not be invertible [8]. A number of template protection strategies like fuzzy commitment [9], fuzzy vault [9], protecting functions [10] and distributed supply coding [11] can be considered as the key binding biometric cryptosystem. ...
Biometrics innovation has ended up being a precise and proficient response to the security issue. Biometrics is a developing field of research as of late and has been dedicated to the distinguishing proof or authentication of people utilizing one or multiple inherent physical or behavioural characteristics. The unique fingerprint traits of a man are exceptionally exact and are special to a person. Authentication frameworks in light of unique fingerprints have demonstrated to create low false acceptance rate and false rejection rate, alongside other favourable circumstances like simple and easy usage strategy. But the modern study reveals that fingerprint is not so secured like secured passwords which consist of alphanumeric characters, number and special characters. Fingerprints are left at crime places, on materials or at the door which is usually class of latent fingerprints. We cannot keep fingerprint as secure like rigid passwords. In this paper, we discuss fingerprint image Hash code generation based on the Euclidean distance calculated on the binary image. Euclidean distance on a binary image is the distance from every pixel to the nearest neighbour pixel which is having bit value one. Hashcode alone not sufficient for Verification or Authentication purpose, but can work along with Multifactor security model or it is half secured. To implement Hash code generation we use MATLAB2015a. This study shows how fingerprints Hash code uniquely identifies a user or acts as index-key or identity-key.
... It can also happen when an attacker uses Cross-Scripting XSS attack where the attacker injects malicious code into a frequently used website with SSL striping the hacker intercepts and forwarding traffic from users. Figure 8 explains how data can be access through mobile, each process can be recorded and checked by administrator then the access given to the user. The process can be done internally and protect user information from intruders (Tulyakov et al., 2007). ...
... In [55], authors examined different non-invertible transformations such as Cartesian, Polar, and Functional transformations to compose the cancelable biometric templates. In [74], authors employed various polynomial functions to estimate the bio-hash value of minutiae points and used as cancelable templates. In [31], authors introduced an aggregate of symmetric hash functions for various extracted k-plet of minutiae. ...
Fingerprint is the most recommended and extensively practicing biometric trait for personal authentication. Most of the fingerprint authentication systems trust minutiae as the characteristic for authentication. These characteristics are preserved as fingerprint templates in the database. However, it is observed that the databases are not secure and can be negotiated. Recent studies reveal that, if a person’s minutiae points are dripped, fingerprint can be restored from these points. Similarly, if the fingerprint records are lost, it is a permanent damage. There is no mechanism to replace the fingerprint as it is part of the human body. Hence there is a necessity to secure the fingerprint template in the database. In this paper, we introduce a novel fingerprint template protection and fingerprint authentication scheme using visual secret sharing and super-resolution. During enrollment, a secret fingerprint image is encrypted into n shares. Each share is stored in a distinct database. During authentication, the shares are collected from various databases. The original secret fingerprint image is restored using a multiple image super-resolution procedure. The experimental results show that the reconstructed fingerprints are similar to the original fingerprints. The proposed method is robust, secure, and efficient in terms of fingerprint template protection and authentication.
... For example, Ratha et al. [10] proposed several transformation methods, e.g., Cartesian, polar, or surface folding transformation, to generate cancelable fingerprint templates. Tulyakov et al. [11] used symmetric hash functions to secure the local structure, e.g., triplet, composed by minutiae from a fingerprint image. As the encryption operation is performed on the local structure, the proposed scheme does not require pre-alignment between the template and query fingerprint images. ...
Biometric-based authentication has come into recent prevalence in competition to traditional password-and/or token-based authentication in many applications, both for user convenience and the stability/uniqueness of biometric traits. However, biometric template data, uniquely linking to a user's identity, are considered to be sensitive information. Therefore, it should be secured to prevent privacy leakage. In this paper, we propose a homomorphic encryption-based fingerprint authentication system to provide access control, while protecting sensitive biometric template data. Using homomorphic encryption, matching of biometric data can be performed in the encrypted domain, increasing the difficulty for attackers to obtain the original biometric template without knowing the private key. Moreover, the trade-off between the computational overload and authentication accuracy is studied and experimentally verified on a publicly available fingerprint database, FVC2002 DB2.
... Because of uniqueness and unchangeability of biometric credentials, users are suspicious by storing of those credentials and the chances of misuse. Fingerprint is an authentication method based on comparison of minutia (ridges, bifurcation or islands on the finger) which are acquired the used a fingerprint reading sensor ( Tulyakov et al., 2007 ). There is a significant number of studies that have performed in this domain that pointed out on the significance and important of this mobile authentication method such as Acar et al. (2013) , Bonneau et al. (2012) , Hupperich et al. (2015) , Chen et al. (2015) , Bertini et al. (2015) and Aloul et al. (2009) . ...
The trend of rapid evolutionary development of mobile technologies and the existence of different user's priorities are creating new challenges with regard to selection of multifactor authentication (MFA) solutions. This becomes even more challenging by creating a universal authentication framework (UAF). In order to cope with these challenges, this paper has proposed a Fishbone model and developed in form of the UAF which is based on a larger number of linguistic variables and a wider set of user's priorities such as security, usability, accessibility, pricing, complexity, privacy and convenience (SUAPCPC). In comparison to all other papers available in the literature, the Fishbone model provides numerical evaluation of MFA with the possibility of changing weighted criteria for the selected user priorities. In addition, the contributions of this model are twofold. For user's, to enable easier choice of MFA solution, for developers, to identify spots where a method or solution could be improved. For development of the Fishbone model, fuzzy methodology is used in form of a Fuzzy Expert System (FES) tool. Also, the block diagram and the basic modules of the Fishbone model architecture are given. The results of implementation of the Fishbone model in form of the UAF have showed that this model is applicable and very efficient in practice. Finally, the Fishbone model gives an ideal template in UAF at which user's priorities satisfy the best individual users’ solutions. The realization of this template presents challenge for all future developers of MFA solutions.
... The vicinity of the munities is a technique based on the dynamic random projection to secure the extracted features. It was developed by authors in [7]. The random projection matrix is dynamically assembled. ...
... Hash functions are another popular primitive which provide provable non-invertibility and diversity guarantees. This security notion was initially utilized by Tulyakov et al. [27], and later extended by Sadhya and Singh [23] for generating cancelable fingerprint tokens. ...
... This device can be plugged into any host device that accepts USB keyboards, and the generated passwords can then be entered, driver-lessly. However, for such a hardware to exist, algorithms that can produce a hash based on fingerprint minutiae [16] must be studied and carefully applied. Such a hardware device will be cost effective to construct, would work for any person (no storage and no vendor lock-in) and on any device which accepts USB HID keyboard input. ...
... This symmetric hash method follows the non-invertibility. In this method comparison of performance analysis is done on DB1 database between the plain, secure and hybrid verification systems [28]. ...
... However, the security when the template and the two factor key were lost was not mentioned. Another alignment-free method was proposed by Tulyakov et al. [5], applying symmetric hash function on minutiae as the transformation. In details, minutiae in a fingerprint are represented in a complex plane as hashed set. ...
... To achieve a satisfactory trade-off between security and accuracy, Boult et al. [9] combined feature transformation with encryption to generate biotop biotoken that are used as user template. By using the different symmetric polynomial functions, Tulyakov et al. [10] have computed hash values for minutiae points. However, due to variation among the intra-subject templates, a huge change in hash values is observed which leads to reduced performance. ...
Fingerprint authentication systems generally save data extracted from fingerprint as minutiae template in the database. However, it is often found that databases can be attacked and compromised by the adversary. So if minutiae points of a user are leaked, fingerprint can be generated from them. The fingerprint cannot be changed as the finger is a part of the human body. Hence, securing information extracted from the fingerprint is required. In this paper, we propose a highly secure technique that uses location information of the minutia points to construct a highly secured template for a user. For every minutia point, secured modified location is generated by using information of its neighboring minutiae and a key-set. We have achieved 2%, 1%, and 3.1%EER values for FVC2002 DB1, DB2, and DB3 fingerprint databases respectively, under the same-key scenario. Analysis done for several attacks shows that the proposed technique is very robust and secure. The experimental results are extremely encouraging and they demonstrate the efficiency of the proposed technique.
... The authors constructed cancellable template based on localized, self-alignment texture features and showed that it is against several attacks, but the authors did not discuss what happens when the template and two-factor key are lost. [13] Proposed a method for securing fingerprints using innovative symmetric hash functions. The hashes which was developed are cancellable and exhibit feasible performance. ...
Cancellable fingerprint templates effectively protect original fingerprint data by revoking an accorded template and reissuing a new template. Alignment-free cancellable templates require no image pre-alignment and therefore does not go through from inaccurate singular point detection. In our proposed method, we focused on generating a cancellable template which is alignment-free. The template is generated by the building of R rectangles by varying the directions over every minutia succeeded by the computation of translation invariant and rotation invariant adjoining relation. The computed feature set is quantized & mapped into a cube to produce a binary string. Further, we apply modulo operation on the generated bit string to get reduced bit string which mitigates the risk of the ARM (Attack via Record Multiplicity). Later, we apply Discrete Fourier Transform (DFT) to convert reduced binary string into a complex vector. The result is then multiplied by an arbitrary matrix to produce the cancellable template. We evaluated proposed scheme on databases FVC 2004 DB1-DB3 & FVC 2002 DB1-DB3 and results fulfills the conditions of Biometric Template Protection Scheme(BTPS) and it gives competitive performance(in terms of EER) when compared to existing methods.
... A different approach to other tasks should be designed and tested on an application basis, with an available key from biometric data and the implementation of a hardware module design. As mentioned in [37] and [38], the processing of the fingerprint data with a function similar to the hash function has been used to generate a unique number. The unique ID obtained has been integrated into the designed system and an important step has been taken in terms of its applicability with this aspect. ...
Original scientific paper Cloud computing is the popular technology and seems to be very promising for the future trends. In the cloud computing, programs and data are stored and sometimes processed in cloud. So data and programs can easy be accessible anywhere, anytime. Cloud computing is also a very applicable solution for e-government services due to cost effectiveness and efficiency of services. While it eliminates the need of maintaining costly computing facilities by companies and institutes, one of the barriers for cloud adoption is still security concerns. Out of cloud computing is depended upon internet, safety topics such as, confidentiality, authentication, privacy, and data securities are the main concerns. In the cloud, users should search encryption capabilities for preserving and retaining their data. In the same time, they have to protect the functionality of the underlying cloud applications. There are many encryption algorithms to encrypt the data. However, there are new varieties of cyber-attacks developed that threaten the data in the cloud infrastructure. These attacks allow the encrypted data to be re-encrypted, making it incomprehensible by the original owner of the data so that it becomes impossible for the user to decrypt it. This article is written to allow users to understand the working steps and challenges of the algorithms, comparisons of the algorithms and possible solutions for the resent threats in the cloud environment related with cryptography for e-government applications.
... The cancelable template is governed by these two transformation functions. In [33], in order to avoid global alignment, the authors used localized matching, which consists of matching minutia triplets constructed by each minutia and its two nearest neighbors. Invariant features extracted from these triplets are varied and secured by the symmetric hash functions. ...
Smart mobile devices are playing a more and more important role in our daily life. Cancelable biometrics is a promising mechanism to provide authentication to mobile devices and protect biometric templates by applying a noninvertible transformation to raw biometric data. However, the negative effect of nonlinear distortion will usually degrade the matching performance significantly, which is a nontrivial factor when designing a cancelable template. Moreover, the attacks via record multiplicity (ARM) present a threat to the existing cancelable biometrics, which is still a challenging open issue. To address these problems, in this paper, we propose a new cancelable fingerprint template which can not only mitigate the negative effect of nonlinear distortion by combining multiple feature sets, but also defeat the ARM attack through a proposed feature decorrelation algorithm. Our work is a new contribution to the design of cancelable biometrics with a concrete method against the ARM attack. Experimental results on public databases and security analysis show the validity of the proposed cancelable template.
... Ahmad et al. [31] have used pair-polar coordinates through which a cancelable user template is generated from fingerprint minutiae points. Tulyakov et al. [29] have generated hashes for minutiae points by utilizing various polynomial functions which are symmetric however, due to the intra-subject variations, performance reduces considerably as the hash values change. Kumar et al. [13] have proposed the use of a combination of hash functions that are symmetric on multiple extracted minutia k -plets. ...
Biometric systems relying on fingerprint usually use minutiae points information and store it directly in the database. However, databases are prone to get attacked by an adversary. As fingerprint can be generated using the information of its minutiae points, it is essential to ensure the security of the fingerprint data in biometric systems. Another problem associated with fingerprint authentication systems is the variation among fingerprint images of the same subject, which occurs due to rotation and translation of finger at the time of capturing fingerprints through sensors. A technique called Fingerprint Shell is proposed by Moujahdi et al. as a secured representation of fingerprint template. However, this technique uses only one intra-subject invariant feature, which is the distances between minutiae points and singular point to generate a 2-dimensional spiral curve which is used as a secured user template. In this paper, we analyze the weaknesses of the Fingerprint Shell and propose a highly secured fingerprint template protection technique in which a 3-dimensional spiral curve is generated as a secured user template for a fingerprint. To obtain the proposed secured fingerprint template, we utilize three intra-subject invariant features, namely distances between minutiae points and singular point, the orientation information of minutiae points and the ridge counts between minutiae points and singular point. Outcomes of the experimental analysis conducted on FVC (2000, 2002 and 2004) and IIT Kanpur databases show highly encouraging performance and exhibit the viability of the proposed technique. The technique has also been analyzed with respect to various attacks and is found to be highly secure and robust.
... Recently, many researchers have addressed the hashing of fingerprint minutiae. In [3] [4], the authors present a method of symmetric hashing of fingerprint minutiae, aimed to protect the original fingerprint and minutiae location from the attacker. In [5], the authors proposed a scheme which employs a robust one-way transformation that maps geometrical configuration of the minutiae points into a fixed-length code vector. ...
This paper proposes a robust minutiae based fingerprint image hashing technique. The idea is to incorporate the orientation and descriptor in the minutiae of fingerprint images using SIFT-Harris feature points. A recent shape context based perceptual hashing method has been compared against the proposed technique. Experimentally, the proposed technique has been shown to deliver better robustness against image processing operations including JPEG lossy compression and geometric attacks such as rotation and translation.
... A hash function is usually transformed functions, which converts or transform data or features from one form to another. Always transform function should be a one-way function or another way it should not be invertible [10]. A number of template protection strategies like fuzzy commitment [13], fuzzy vault [13], protecting functions [14] and distributed supply coding [15] can be considered as the key binding biometric cryptosystem. ...
The drastic changes in mobile and wireless based technologies and increasing number of applications and users demanded high-security concern, which leads to research on biometrics with a purpose to increase the security aspects and to minimize security threats. The current global mindset toward terrorism has influenced people and their governments to take some special actions and be extra proactive in protection or security problems. Fingerprint image and identification technology have been in life for hundreds of years. Archaeologists have exposed proof suggesting that interest in fingerprints dates to prehistory. But the modern study reveals that fingerprint is not so secured like secured passwords which consist of alphanumeric characters, number and special characters. Fingerprints are left at crime places, on materials or at the door which is usually class of latent fingerprints. We cannot keep fingerprint as secure like rigid passwords. In this paper, we discuss fingerprint image Hash code generation based on the MD5 Algorithm and Freeman Chain code calculated on the binary image. Freeman chain code extracts all possible boundaries for an image and which gives starting x and y positions as x0 and y0. Hashcode alone not sufficient for Verification or Authentication purpose, but can work along with Multifactor security model or it is half secured. To implement Hash code generation we use MATLAB2015a. This study shows how fingerprints Hash code uniquely identifies a user or acts as index-key or identity-key.
... Biyometrik verilerin özetleme fonksiyonları ile işlenmesi fikri Tulyakov ve arkadaşlarının çalışmasında ayrıntılı olarak anlatılmıştır [10]. Buna göre, (2) numaralı denklemde gösterilen simetrik özetleme fonksiyonundan yola çıkarak (3) numara ile gösterilen verinin girdi olarak fonksiyona gönderilmesi ile özetleme sonucu elde edilmektedir. ...
... A hash function is usually transformed functions, which converts or transform data or features from one form to another. Always transform function should be a one-way function or another way it should not be invertible [8]. A number of template protection strategies like fuzzy commitment [9], fuzzy vault [9], protecting functions [10] and distributed supply coding [11] can be considered as the key binding biometric cryptosystem. ...
Biometrics innovation has ended up being a precise and proficient response to the security issue. Biometrics is a developing field of research as of late and has been dedicated to the distinguishing proof or authentication of people utilizing one or multiple inherent physical or behavioural characteristics. The unique fingerprint traits of a man are exceptionally exact and are special to a person. Authentication frameworks in light of unique fingerprints have demonstrated to create low false acceptance rate and false rejection rate, alongside other favourable circumstances like simple and easy usage strategy. But the modern study reveals that fingerprint is not so secured like secured passwords which consist of alphanumeric characters, number and special characters. Fingerprints are left at crime places, on materials or at the door which is usually class of latent fingerprints. We cannot keep fingerprint as secure like rigid passwords. In this paper, we discuss fingerprint image Hash code generation based on the Euclidean distance calculated on the binary image. Euclidean distance on a binary image is the distance from every pixel to the nearest neighbour pixel which is having bit value one. Hashcode alone not sufficient for Verification or Authentication purpose, but can work along with Multifactor security model or it is half secured. To implement Hash code generation we use MATLAB2015a. This study shows how fingerprints Hash code uniquely identifies a user or acts as index-key or identity-key.
... Other features such as relative angles, ridge orientation and frequency, and minutiae counts of random blocking are also utilised. Tulyakov et al. (2007), Li (2012) and Sandhya et al. (2016) proposed using minutiae triplet-based transformation methods to take advantage of the property that local features are translational and rotational invariant. Wang et al. (2017) proposed an approach of generating cancellable template by transforming binarised fingerprint template with Discrete Fourier Transformation and a specially designed Hadamard matrix. ...
Password-based systems authenticate users with cryptographic one-way hashes without storing plaintext passwords. The method prevents a hacker from reversing the hashes and hacking into individual accounts easily. Biometric data cannot be reproduced with 100% accuracy. Therefore, the hashing technique has yet to be utilised directly to secure biometric data. Instead, biometric system manages biometric data in two ways. The first is to store original biometric templates in encrypted formats. However, real-Time decryption is required upon authentication during which decrypted data can be stolen. The second is to transform original templates such that matching can be done directly in the transformed domain. However, the requirement of similarity-preserving transformation makes the transformed templates vulnerable to reverse engineering. In this paper we propose a novel approach of transforming fingerprint templates, with which matching can be conducted using cryptographic one-way hashes. Our testing results indicate its feasibility.
... The scheme, however, showed poor results for low quality of fingerprints. A hashing based fingerprint protection scheme was successfully implemented first in [41]. The authors proposed a symmetric hashing based technique wherein the final matching was performed in the hash space. ...
Enforcing security and privacy guarantees for biometric users via protecting their unique and personalized attributes is an important area of research. There are many properties desirable in a biometric template protection scheme, but unfortunately, all of the requirements are not simultaneously fulfilled. In our work, we have tried to address this issue by proposing a cancelable framework for fingerprints which simultaneously provides satisfactory system performance, strong security guarantees, and fast matching procedure. The core of our scheme essentially pivots around the use of cryptographic hash functions which provide the adequate levels of security in the framework. Prior to the hashing stage, we have employed an effective pre-alignment technique and a hexagonal grid based quantization scheme which allows us to overcome constraint such as intra-class variability. Finally, our scheme is made cancelable through traditional salting. We tested our framework on various fingerprint databases and found that the resulting system performances were comparable with other contemporary cancelable schemes (EERs of 5.8%, 5.3%, 15.8%, 14.5% were observed for FVC2002 DB1, DB2, FVC2004 DB1, DB2 databases under the stolen token scenario). Most importantly, we perfectly fulfill the unlinkability, cancelability and diversity requirements, which are verified both theoretically and empirically.
... Privacy-sensitive Fingerprints can be Quasi-Unlinkable, Quasi-Cancelable and Quasi-Replaceable as for example fuzzy extractors[36] or other means (e.g.[37,38,39,40] can be used to hide the actual ngerprint. However, the actual measurement reveals identity so ngerprints are not Inherently-Anonymous. ...
In an ideal gadget-free environment the user is interacting with the environment and the services through only “natural” means. This imposes restrictions on many aspects of the interaction. One key element in this is user authentication, because it assures the environment and related services of the legitimacy of user’s actions and empowers the user to carry out his tasks. We present five high-level categories of features of user authentication in the gadget-free world including security, privacy and usability aspects. These are adapted and extended from earlier research on web authentication methods. We survey existing authentication methods together with some emerging technologies and evaluate these according to the features in our categories. Our results show, that no single authentication method can realise all these requirements for authentication. In conclusion, we give future research directions and open problems that stem from our observations. Especially, finding combinations of authentication factors and methods that achieve all requirements is an interesting problem in the gadget-free scenario.
... Biyometrik verilerin özetleme fonksiyonları ile işlenmesi fikri Tulyakov ve arkadaşlarının çalışmasında ayrıntılı olarak anlatılmıştır [10]. Buna göre, (2) numaralı denklemde gösterilen simetrik özetleme fonksiyonundan yola çıkarak (3) numara ile gösterilen verinin girdi olarak fonksiyona gönderilmesi ile özetleme sonucu elde edilmektedir. ...
Today's personal computers primarily store all the data in the hard disk drives, while cloud systems are more efficient and accessible in terms of storage. Moreover, cloud systems are considered as the significant storage units of our personal data for the future. However, it is an important problem to provide security for the storage of personal information. In this study, it is aimed to increase the security level of accesses into cloud systems via Diffie-Hellman key exchange cryptography algorithm, whereby design in SystemC and the usage of Arduino development board to take the fingerprint data. To increase the efficiency of the multiplication process needed for encryption, cryptography algorithm is realized by using the SystemC on the PC side. The Arduino UNO microcontroller, which captures the biometric data of the cloud user, immediately communicates with PC (SystemC) to have the Diffie-Hellman process started. Each biometric data is mapped into a confidential and private ID to be used in the calculations of key exchange process. Thus, a new structure that has increased security via the unique biological data of the person, is aimed. When it is considered that the embedded system is the largest intersection of hardware and software engineering, proposed design as an interdisciplinary work is considered to be worthy of future research for further development. By the addition of the biometrics, this study as for the applied security, serves an efficient solution.
Biometric template protection has been a topic of interest ever since biometrics took over authentication and verification systems. High sensitivity of biometric information of an individual makes it paramount to transform the raw biometric data into an irreversible form that can be enrolled into the database. Fingerprint-based biometric systems make use of minutiae points information. However, it has been shown that the original fingerprint information can be retraced using the measurements of its minutiae points. Consequently, it is essential to ensure that the fingerprint templates in fingerprint-based biometric systems are secure. Fingerprint authentication systems often encounter the problem of variation among fingerprint impressions of the same subject. This arises due to the effect of rotation and translation at the sensor end while capturing the fingerprint data. To eliminate these issues, an alignment-free template protection technique has been proposed in this work, which not only solves the problem of revocability but also provides a secure irreversible transformation without having to compromise the performance of the authentication system. Experimental analysis has been conducted on FVC2002 DB1 and FVC2002 DB2 databases and it depicts highly encouraging performance.KeywordsBiometric template securityCancelable biometricsBiometricsFingerprint
In this digital era, we have a wide variety of image editing software that is prone to create malicious alterations on images. Hence, the evaluation for authenticity of image contents and identification of malicious modifications is an open problem. In this work, an efficient small-size image forgery detection algorithm is presented based on Super Feature Transform - combining Super Resolution and Feature Transform. The approach enhances detection of small-size forgery by pre-processing the input image using super resolution algorithm. A robust feature transform is suggested to extract potential feature points from small-size patches with entanglement properties. Subsequently, feature matching and filtering is achieved by fuzzy threshold so that the false matches are filtered out. Also, the feature matching module employs a soft clustering to determine the matching points between identical and semi-identical feature points in different clusters. The experimental evaluations demonstrated that the proposed method outperforms existing techniques particularly when the forgery size is small and detects manifold duplicate forged regions in terms of TPR and FPR recognition rate.KeywordsSuper resolutionImage forgerySmall-image forgeryCopy-move forgery
The adjustment of learning rate (\(\eta \)), bias and additional parameters throughout back propagation are crucial for the performance of machine learning algorithms. Regarding optimization for algorithms, adam optimization technique tune the learning parameters by utilising the exponential decay of past gradients and their squares. However, the optimizer requires the engagement of frequently occurring features from the datasets that play a significant role for performance improvement in machine learning algorithms.In this paper, the energy model of a neuron is designed to calculate the energy index from frequently occurring features and introduced in adam optimizer. The classification performance of the proposed energy modeled adam optimizer is experimented on Logistic Regression (single layered) and Support Vector Machine (hyperplane based) machine learning algorithms utlising CIFAR10, MNIST and Fashion MNIST datasets. Optimized with proposed optimizer, Logistic Regression achieved training accuracy of 90.79%, 99.02% and 95.87% whereas Support Vector Machine achieved training accuracy of 39.04%, 80.80% and 82.29% for CIFAR10, MNIST and Fashion MNIST datasets respectively.KeywordsMachine learningStochastic gradient descentAdamEnergy indexLogistic regressionSupport vector machine
The number of mobile phone users increases daily, and mobile devices are used for various applications like banking, e-commerce, social media, internet voting, e-mails, etc. This paper presents a secure mobile internet voting system in which a biometric method authenticates the voter. The biometric image can either be encrypted at the mobile device and send to the server or process the biometric image at the mobile device to generate the biometric template and send it to the server. The implementation of biometrics on mobile devices usually requires simplifying the algorithm to adapt to the relatively small CPU processing power and battery charge. This paper proposes a wavelet-based AES algorithm to speed up the encryption process and reduce the mobile device’s CPU utilization. The experimental analysis of three methods(AES encryption, wavelet-based AES encryption, and biometric template generation) exhibits that wavelet-based AES encryption is much better than AES encryption and template generation. The security analysis of three methods shows that AES and wavelet-based AES encryption provides better security than the biometric template’s protection. The study of the proposed internet voting system shows that biometric authentication defeats almost all the mobile-based threats.
Despite the ubiquity in the use of biometrics due to its many advantages against traditional methods such as password or token, the emerging cancelable biometric methods, which are designed to protect the biometrics are still exposed to certain threats. Attack via Record Multiplicity (ARM) is one of those. In this paper, we propose a novel framework that possesses two layers of authentication to improve the matching performance of a fingerprint authentication system in the cancelable template setting. In addition, a multi-filter fingerprint matching scheme is devised to deal more effectively with low-quality fingerprint images. Two techniques that are capable of defending against the heinous ARM are also introduced. Security analysis on the system’s capability against the hill-climb attack and pre-image attack is also provided. The proposed scheme has been evaluated over public datasets FVC2002-DB1, FVC2002-DB2, FVC2002-DB3, and FVC2004-DB2. It has achieved the best result compared with the state-of-art methods. The source code for this framework is available on demand.
Fingerprint minutiae is the unique representation of fingerprint image feature points as terminations and bifurcations. Therefore, generating a hash signature from these feature points will unarguably meet the desired properties of a robust hash signature and which will accurately fit in for fingerprint image content authentication purposes. This article proposes a novel minutiae and shape context-based fingerprint image hashing scheme. Fingerprint image minutiae points were extracted by incorporating their orientation and descriptors, then embedded into the shape context-based descriptors in order to generate a unique, compact, and robust hash signature. The robustness of the proposed scheme is determined by performing content preserving attacks, including noise addition, blurring and geometric distribution. Efficient results were achieved from the given attacks. Also, a series of evaluations on the performance comparison between the proposed and other state-of-art schemes has proven the approach to be robust and secure, by yielding a better result.
There are several fingerprint template protection methods among them the most common method is the symmetric hashing of the fingerprint template. The main problems still unsolved in the case of symmetric hashing are the excessive drop in accuracy, the reversibility and the linkability of hashed template. The experimental analysis of the existing hash method point out that there is an excessive drop in accuracy of matching. In this paper a modified symmetric hash method is proposed in which a key value is used as a multiplication parameter. The modified symmetric hash function is a combination of salting and non invertible transformation. Systematic experimentation point out that the accuracy of matching of the modified symmetric hash method is much better than the existing method. The security of the modified hashed fingerprint template is analysed based on irreversibility and unlinkability and the modified hashed fingerprint templates are more secure than the hashed fingerprint templates.
Fingerprint minutiae is the unique representation of fingerprint image feature points as terminations and bifurcations. Therefore, generating a hash signature from these feature points will unarguably meet the desired properties of a robust hash signature and which will accurately fit in for fingerprint image content authentication purposes. This article proposes a novel minutiae and shape context-based fingerprint image hashing scheme. Fingerprint image minutiae points were extracted by incorporating their orientation and descriptors, then embedded into the shape context-based descriptors in order to generate a unique, compact, and robust hash signature. The robustness of the proposed scheme is determined by performing content preserving attacks, including noise addition, blurring and geometric distribution. Efficient results were achieved from the given attacks. Also, a series of evaluations on the performance comparison between the proposed and other state-of-art schemes has proven the approach to be robust and secure, by yielding a better result.
Access control systems (ACS) are the ones, which people come across frequently while entering places, passing through somewhere or even logging into any online accounts. Public transportation, authorized building or room entrance, highway passing, PC accesses, signing on to online banking or social media accounts are some examples that can be experienced during everday life as the samples of accesses. In most cases, these actions are in under control the reason why personal security plays an important role. Therefore, there are plenty of approaches and electronic systems in the literature to provide control for such cases above. In this thesis, it is proposed an approach for low cost and easy to programme system, which is general purpose and multi-modal. General-purpose feature brings an innovation to these kind of systems to be more generic. The system can easily adapted to new applications, in other words, the system first can control door accesses, but on the other hand, it can also be used for some other applications like payment based paypass implementations. This diversity comes thanks to different input devices like smart card reader, fingerprint scanner, NFC/RFID reader, touchable screen for PIN entering & system response monitoring etc. Consequently, the system satisfies the multi-modal approach with these devices that make system more secure. In the following chapters, firstly the general details of the thesis are presented in the introduction part. There are introductory information about the system scheme and some analysis that are crucial to be held previously like requirement and feasibility. Also, it can be found the hypothesis which this thesis work stands for in terms academic approaches. There is also literature review for the previously handled works. Especially for the fingerprint sensor, there are some studies that use the same device which is controlled by microprocessor. Then, in the second chapter, the important background information for the phylosophy of this thesis is given. It contains about the preliminary explanations on behalf of biometry, cryptography, hash functions etc. Biometry is used in many different areas from security to forensic, even for diagnosis in the medicine. For authentication purposes, access systems can have sensors related to biometrics. This chapter helps the reader to understand the main frame of the study. In the third and the main chapter, all the design issues are presented. It has basically two sub-sections. Firstly, the hardware related knowledge is described. Sensors and controllers are given in here. In this study, the system engineering approaches are used together with embedded systems; therefore, different kind of sensors are to be work synchronously via controllers. The system basically consists of two nodes: Access Node-ACN and Admin Node-ADN. Each has a controller unit and some sensors. For the ACN, fingerprint sensor in the thesis takes the fingerprint image as 256x288 pixels in gray level. Then inside of the sensor, the whole image is transferred into characteristic file, and after into a template. There is no information related to algorithm neither in the datasheet nor in any of the source in the internet such as vendor. In our system, the data from the sensor is saved in the smart card securely and later newly captured data is to be compared with this smart card originated information. Extracted data from fingerprint must be stored securely in the smart card which does not have any extra protection mechanism. Therefore, biometric data hiding or encryption must be handled as the smart card can be on wrong hands. When access operation is needed, data in the card and the freshly read one from the user via sensor is to be compared, either does fingerprint sensor. Moreover, in the software structure part of this thesis in the second branch of Chapter three, hardware handling software details are given in the scope of software engineering. UML diagram contains the Role Based Access Control Pattern – RBACP to give different privileges to the different users. Thesis has general purpose approach by this way. Besides, in the admin part, the Windows operating system based GUI is designed thanks to C# programming language. This monitoring screen allows admin to control the system from far. Comnunication between access node and admin node is in wireless communication thanks to XBee sensors, so communication protocol that proposed by this thesis must be secure indeed, too. As the “access” needs to be secure, designed system must rely some scientifically secure algorithms that thesis mainly aims at. In 1976, public key cryptography released some opportinities to make system security by key exchange. Even when two wireless devices communicate with each other, man-in-the-middle attack can be less hazardous thanks to Diffie-Hellman key exchange algorithm. System Analysis is given in Chapter four. There are details about the system operation and some limitations related to some seperating devices that are occured during the design and the tests. All the overall system details are presented in this chapter. Any researcher who reads that thesis work can construct the system by using the hardware and software details inside. Thus, the researcher can have an ACS environment to work for security algorithms by implementation of cryptography or secure image-processing issues for future work together ciphering with fingerprint issues. In the last chapter, last results of the project are presented. In this conclusion part, the future considerations related to thesis are introduced, too. Smart cards and NFC/RFID technology are in use for loads of applications. If the biometric information is intended to be embedded into these technologies, then some scientific questions arise related to security. Moreover, if wireless technology is in use as a hardware module, then another security circumstance emerges to be academically handled as this thesis does via design of communication protocol in the scope of Petri nets. Modelling the own protocol together with data packages, instruction codes etc. makes the thesis more academic and the system more secure. To conclude, the system was successfully designed and all academic approaches were explained in this thesis report.
Physical access control is an indispensable component of a critical infrastructure. Traditional password-based methods for access control used in the critical infrastructure security systems have limitations. With the advance of new biometric recognition technologies, security control for critical infrastructures can be improved by the use of biometrics. In this paper, we propose an enhanced cancelable biometric system, which contains two layers, a core layer and an expendable layer, to provide reliable access control for critical infrastructures. The core layer applies random projection-based non-invertible transformation to the fingerprint feature set, so as to provide template protection and revocability. The expendable layer is used to protect the transformation key, which is the main weakness contributing to attacks via record multiplicity. This improvement enhances the overall system security, and undoubtedly, this extra security is an advantage over the existing cancelable biometric systems.
Fingerprint unique Hash code and template protection are the new technologies in biometric identification and verification system. Fingerprint hashing is the new technique which combines biometrics and cryptography. The modern study reveals that fingerprint is not so secured like secured passwords which consist of alphanumeric characters, number and special characters. Fingerprint Hash code acts as a key, which can uniquely identify every person. So it can be replaceable with user-id or username and can work along with text-based or picture based or pattern based passwords. In this paper, a fingerprint Hash code is generated using a novel Contrast Adjustment algorithm, modified segmentation algorithm, and Gabor filtering. The Hash code is generated from the extracted features of the grayscale fingerprint image using MD5 Algorithm. Fingerprint Hash code is not used for full security or authentication purpose but it can be combined with other security elements like password or OTP in order to enhance security. This study makes use of fingerprint Hash code as a unique key for human identification purpose.
Authentication is the process to validate the user identity and to grant some resources or services to the user. Authentication process uses many factors like password, biometrics, or One Time Password. Multifactor authentication model always gives higher security than single-factor authentication model. Fingerprint Hash code is not used for full security or authentication purpose but it can be combined with other security elements like password or OTP in order to enhance security. Fingerprint Hash code acts as a key, which can uniquely identify every person. So it can be replaceable with user-id or username and can work along with text-based or picture based or pattern based passwords. In this paper based on focus group interaction, first, we define an Ideal Authentication System. The Ideal Authentication System used in this study consists of different components like Ideal Security, Ideal User-Friendly, Ideal Input, Ideal Process, and Ideal Performance Evaluation Matrices. In this paper, we also compare new Multifactor Authentication Model based on Fingerprint Hash code, OTP, and Password with existing authentication systems. The traditional user-id, password-based internet/mobile banking system, Apple iPhone X face recognition system, HDFC OTP Checkout for online transactions and Indian Aadhaar card registration process are the different existing systems used in this study to compare with the new model.
By definition, Authentication is using one or multiple mechanisms to show that you are who you claim to be. As soon as the identity of the human or machine is demonstrated, then human or machine is authorized to grant some services. The modern research study reveals that fingerprint is not so secured like secured a password which consists of alphanumeric characters, number and special characters. Fingerprints are left at crime places, on materials or at the door which is usually class of latent fingerprints. We cannot keep fingerprint as secure like rigid passwords. Using some modern technology with copper and graphite spray it's easy to mimic fingerprint image. Fingerprints are a half-secret if passwords are leaked or hacked, it easily revocable using another password. But in a biometric security system, which uses only biometric features, is not easy to change fingerprint key or fingerprint are static biometric, which never change much throughout the lifespan. Fingerprints are left at car, door or anyplace where every person goes and places his finger. Fingerprint Hash code is not used for full security or authentication purpose but it can be combined with other security elements like password or OTP in order to enhance security. In this paper, a novel method for Authentication is proposed by making use of Fingerprint Hash Code, Password, and OTP. In this study, we make use of Euclidean Distance to generate fingerprint Hash Code. Fingerprint Hash code is generated using MD5 Hash Function. The Model is implemented using MATLAB2015a. This paper also analyzes novel Authentication model used in this study with the aid of ABCD analysis.
In this paper, the fundamental insecurities hampering a scalable, wide-spread deployment of biometric authentication are examined, and a cryptosystem capable of using fingerprint data as its key is presented. For our application, we focus on situations where a private key stored on a smartcard is used for authentication in a networked environment, and we assume an attacker can launch o -line attacks against a stolen card.Juels and Sudan's fuzzy vault is used as a starting point for building and analyzing a secure authentication scheme using fingerprints and smartcards called a figerprint vault. Fingerprint minutiae coordinates mi are encoded as elements in a nite eld F and the secret key is encoded in a polynomial f(x) over F[x]. The polynomial is evaluated at the minutiae locations, and the pairs (mi, f(mi)) are stored along with random (ci, di) cha points such that di ≠ f(ci). Given a matching fingerprint, a valid user can seperate out enough true points from the cha points to reconstruct f(x), and hence the original secret key.The parameters of the vault are selected such that the attacker's vault unlocking complexity is maximized, subject to zero unlocking complexity with a matching fingerprint and a reasonable amount of error. For a feature location measurement variance of 9 pixels, the optimal vault is 269 times more difficult to unlock for an attacker compared to a user posessing a matching fingerprint, along with approximately a 30% chance of unlocking failure.
An important issue gaining attention in biometrics com-munity is the security and privacy of biometric systems: How robust are these systems against attacks? What hap-pens if the biometric template is lost or stolen? Can the pri-vacy of the users be preserved even when a security breach occurs? Among the numerous attacks that can be launched against these systems, protecting the user template that is stored either locally (e.g., on a smart card) or centrally (e.g., on the server) is a major concern. As a possible so-lution to this problem, a new class of algorithms, termed biometric cryptosystems has been proposed. These systems do not store the original template but only a transformed version of the template within a cryptographic framework. An example of such systems is the fuzzy vault construct pro-posed by Juels and Sudan. In this construct, the biomet-ric template is converted to a 2D point cloud, containing a secret such as a symmetric encryption key. The opera-tion of the vault requires some "helper" data. In this paper, we present an implementation of the fuzzy fingerprint vault based on orientation field based helper data that is automat-ically extracted from the fingerprints. We further show that this helper data does not leak any information about fin-gerprint minutiae, hence complementing the increased user privacy afforded by the fuzzy fingerprint vault. We demon-strate the vault performance on a public domain fingerprint database.
In biometrics, a human being needs to be identified based on some characteristic physiological parameters. Often this recognition is part of some security system. Secure storage of reference data (i.e., user templates) of individuals is a key concern. It is undesirable that a dishonest verifier can misuse parameters that he obtains before or during a recognition process. We propose a method that allows a verifier to check the authenticity of the prover in a way that the verifier does not learn any information about the biometrics of the prover, unless the prover willingly releases these parameters. To this end, we introduce the concept of a delta-contracting and epsilon-revealing function which executes preprocessing in the biometric authentication scheme. It is believed that this concept can become a building block of a public infrastructure for biometric authentication that nonetheless preserves privacy of the participants.
We show the feasibility of template protecting biometric authentication systems. In particular, we apply template protection schemes to fingerprint data. Therefore we first make a fixed length representation of the fingerprint data by applying Gabor filtering. Next we introduce the reliable components scheme. In order to make a binary representation of the fingerprint images we extract and then quantize during the enrollment phase the reliable components with the highest signal to noise ratio. Finally, error correction coding is applied to the binary representation. It is shown that the scheme achieves an EER of approximately 4.2% with secret length of 40 bits in experiments.
Two years after the first edition, a new Fingerprint Verification Competition (FVC2002) was organized by the authors, with the aim of determining the state-of-the- art in this challenging pattern recognition application. The experience and the feedback received from FVC2000 allowed the authors to improve the organization of FVC2002 and to capture the attention of a significantly higher number of academic and commercial organizations (33 algorithms were submitted). This paper discusses the FVC2002 database, the test protocol and the main differences between FVC2000 and FVC2002. The algorithm performance evaluation will be presented at the 16th ICPR.
The possibility that a database with biometric data is com- promised is one of the main concerns in implementing biometric identifi- cation systems. In this paper we present a method of hashing fingerprint minutia information and performing fingerprint identification in a new space. Only hashed data is transmitted and stored in the server data- base, and it is not possible to restore fingerprint minutia locations using hashed data. We also present a performance analysis of the proposed algorithm.
Because biometrics-based authentication offers several advantages over other authentication methods, there has been a significant surge in the use of biometrics for user authentication in recent years. It is important that such biometrics-based authentication systems be designed to withstand attacks when employed in security-critical applications, especially in unattended remote applications such as e-commerce. In this paper we outline the inherent strengths of biometrics-based authentication, identify the weak links in systems employing biometrics-based authentication, and present new solutions for eliminating some of these weak links. Although, for illustration purposes, fingerprint authentication is used throughout, our analysis extends to other biometrics-based methods.
In traditional cryptosystems, user authentication is based on possession of secret keys; the method falls apart if the keys are not kept secret (i.e., shared with non-legitimate users). Further, keys can be forgotten, lost, or stolen and, thus, cannot provide non-repudiation. Current authentication systems based on physiological and behavioral characteristics of persons (known as biometrics), such as fingerprints, inherently provide solutions to many of these problems and may replace the authentication component of traditional cryptosystems. We present various methods that monolithically bind a cryptographic key with the biometric template of a user stored in the database in such a way that the key cannot be revealed without a successful biometric authentication. We assess the performance of one of these biometric key binding/generation algorithms using the fingerprint biometric. We illustrate the challenges involved in biometric key generation primarily due to drastic acquisition variations in the representation of a biometric identifier and the imperfect nature of biometric feature extraction and matching algorithms. We elaborate on the suitability of these algorithms for digital rights management systems.
We combine well-known techniques from the areas of errorcorrecting codes and cryptography to achieve a new type of cryptographic primitive that we refer to as a fuzzy commitment scheme. Like a conventional cryptographic commitment scheme, our fuzzy commitment scheme is both concealing and binding: it is infeasible for an attacker to learn the committed value, and also for the committer to decommit a value in more than one way. In a conventional scheme, a commitment must be opened using a unique witness, which acts, essentially, as a decryption key. By contrast, our scheme is fuzzy in the sense that it accepts a witness that is close to the original encrypting witness in a suitable metric, but not necessarily identical. This characteristic of our fuzzy commitment scheme makes it useful for applications such as biometric authentication systems, in which data is subject to random noise. Because the scheme is tolerant of error, it is capable of protecting biometric data just as conventi...
Despite advances in fingerprint identification techniques, matching
incomplete or partial fingerprints still poses a difficult challenge.
While the introduction of compact silicon chip-based sensors that
capture only a part of the fingerprint area have made this problem
important from a commercial perspective, there is also considerable
interest on the topic for processing partial and latent fingerprints
obtained at crime scenes. Attempts to match partial fingerprints using
singular ridge structures-based alignment techniques fail when the
partial print does not include such structures (e.g., core or delta). We
present a multi-path fingerprint matching approach that utilizes
localized secondary features derived using only the relative information
of minutiae. Since the minutia-based fingerprint representation, is an
ANSI-NIST standard, our approach has the advantage of being directly
applicable to already existing databases. We also analyze the
vulnerability of partial fingerprint identification systems to brute
force attacks. The described matching approach has been tested on one of
FVC2002"s DB1 database11. The experimental results show that our
approach achieves an equal error rate of 1.25% and a total error rate of
1.8% (with FAR at 0.2% and FRR at 1.6%).
We describe a simple and novel cryptographic construction that we refer to as a fuzzy vault. A player Alice may place a secret value κ in a fuzzy vault and “lock” it using a set A of elements from some public universe U. If Bob tries to “unlock” the vault using a set B of similar length, he obtains κ only if B is close to A, i.e., only if A and B overlap substantially. In constrast to previous constructions of this flavor, ours possesses the useful feature of order invariance, meaning that the ordering of A and B is immaterial to the functioning of the vault. As we show, our scheme enjoys provable security against a computationally
unbounded attacker. Fuzzy vaults have potential application to the problem of protecting data in a number of real-world, error-prone
environments. These include systems in which personal information serves to authenticate users for, e.g., the purposes of
password recovery, and also to biometric authentication systems, in which readings are inherently noisy as a result of the
refractory nature of image capture and processing.
Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier–Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.
Biometrics-based user authentication has several advantages over traditional password-based systems for standalone authentication applications, such as secure cellular phone access. This is also true for new authentication ar- chitectures known as crypto-biometric systems, where cryptography and bio- metrics are merged to achieve high security and user convenience at the same time. In this paper, we explore the realization of a previously proposed crypto- graphic construct, called fuzzy vault, with the fingerprint minutiae data. This construct aims to secure critical data (e.g., secret encryption key) with the fin- gerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint. The results show that 128-bit AES keys can be secured with fingerprint minutiae data using the proposed system.
We propose a method of extracting cryptographic key from dynamic handwritten signatures that does not require storage of the biometric template or any statistical information that could be used to reconstruct the biometric data. Also, the keys produced are not permanently linked to the biometric hence, allowing them to be replaced in the event of key compromise. This is achieved by incorporating randomness which provides high-entropy to the naturally low-entropy biometric key using iterative inner-product method as in Goh-Ngo, and modified multiple-bit discretization that deters guessing from key statistics. Our proposed methodology follows the design principles of block ciphers to result in unpredictable key space and secure construction.
In developing secure applications and systems, the designers often must incorporate secure user identification in the design specification. In this paper, we study secure off-line authenticated user identification schemes based on a biometric system that can measure a user's biometric accurately (up to some Hamming distance). The schemes presented here enhance identification and authorization in secure applications by binding a biometric template with authorization information on a token such as a magnetic strip. Also developed here are schemes specifically designed to minimize the compromise of a user's private biometrics data, encapsulated in the authorization information, without requiring secure hardware tokens. In this paper we furthermore study the feasibility of biometrics performing as an enabling technology for secure system and application design. We investigate a new technology which allows a user's biometrics to facilitate cryptographic mechanisms.
This paper considers generating binary feature vectors from biometric face data such that their privacy can be protected using recently introduced helper data systems. We explain how the binary feature vectors can be derived and investigate their statistical properties. Experimental results for a subset of the FERET and Caltech databases show that there is only a slight degradation in classification results when using the binary rather than the real-valued feature vectors. Finally, the scheme to extract the binary vectors is combined with a helper data scheme leading to renewable and privacy preserving facial templates with acceptable classification results provided that the within-class variation is not too large.
Fingerprint matching is used in many noncriminal identification
applications. Flash, a similarity-searching algorithm akin to geometric
hashing, proves suitable for one-to-many matching of fingerprints on
large-scale databases
In spite of numerous advantages of biometrics-based personal authentication systems over traditional security systems based on token or knowledge, they are vulnerable to attacks that can decrease their security considerably. In this paper, we analyze these attacks in the realm of a fingerprint biometric system. We propose an attack system that uses a hill climbing procedure to synthesize the target minutia templates and evaluate its feasibility with extensive experimental results conducted on a large fingerprint database. Several measures that can be utilized to decrease the probability of such attacks and their ramifications are also presented.
Information Technology – Finger Minu-tiae Format for Data. Interchange, InterNational Committee for Information Technology Standards
- References Ansi
References ANSI/INCITS 378-2004, 2004. Information Technology – Finger Minu-tiae Format for Data. Interchange, InterNational Committee for Information Technology Standards.
Applied Cryptography Second International Fingerprint Verification Competition. <http:// bias.csr.unibo.it Biometric encryption
- B Schneier
- C Soutar
- D Roberge
- A Stoianov
- R Gilroy
- V Kumar
Schneier, B., 1996. Applied Cryptography. John Wiley, New York. Second International Fingerprint Verification Competition. <http:// bias.csr.unibo.it/fvc2002/>. Soutar, C., Roberge, D., Stoianov, A., Gilroy, R., Kumar, V., 1999. Biometric encryption. In: Nichols, R. (Ed.), ICSA Guide to Cryptog-raphy. McGraw-Hill.
Practical biometric authentication with template protection Attacks on biometric systems: A case study in fingerprints
- P Tuyls
- A H M Akkermans
- T A M Kevenaar
- G J Schrijen
- A M Bazen
- R N J Veldhuis
Tuyls, P., Akkermans, A.H.M., Kevenaar, T.A.M., Schrijen, G.J., Bazen, A.M., Veldhuis, R.N.J., 2005. Practical biometric authentication with template protection. In: Proc. 5th Internat. Conf. on Audio and Video-based Biometric Person Authentication, Rye Town, NY. Uludag, U., Jain, A., 2004. Attacks on biometric systems: A case study in fingerprints. In: SPIE-EI 2004, Security, Steganography and Water-marking of Multimedia Contents VI.
Error-Correcting Codes, second ed Enhancing security and privacy in biometrics-based authentication system
- W W Peterson
- E Weldon
- Usa Ratha
- N K Connell
- J H Bolle
Peterson, W.W., Weldon, E., 1972. Error-Correcting Codes, second ed. MIT Press, Cambridge, USA. Ratha, N.K., Connell, J.H., Bolle, R., 2001. Enhancing security and privacy in biometrics-based authentication system. IBM Systems J. 40 (3), 614–634.
Applied Cryptography Second International Fingerprint Verification Competition
- B Schneier
Schneier, B., 1996. Applied Cryptography. John Wiley, New York.
Second International Fingerprint Verification Competition. <http://
bias.csr.unibo.it/fvc2002/>.
Applied Cryptography
- Schneier