Are you Heinrich Ihmor?

Claim your profile

Publications (6)0 Total impact

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The fuzzy vault is an error tolerant authentication method that ensures the privacy of the stored reference data. Several publications have proposed the application of the fuzzy vault to fingerprints, but the results of subsequent analyses indicate that a single finger does not contain sufficient information for a secure implementation. In this contribution, we present an implementation of a fuzzy vault based on minutiae information in several fingerprints aiming at a security level comparable to current cryptographic applications. We analyze and empirically evaluate the security, efficiency, and robustness of the construction and several optimizations. The results allow an assessment of the capacity of the scheme and an appropriate selection of parameters. Finally, we report on a practical simulation conducted with ten users.
    Full-text · Article · Aug 2010
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We investigate the security of privacy enhancing techniques for biometric applications. The fuzzy vault of Jules and Sudan is a technique that allows error tolerant authentication, while preserving the privacy of the reference data. Several publications have proposed its application to fingerprints in order to implement privacy-enhanced biometric authentication. While the heuristic security estimates given are promising, no rigid security analysis has been presented so far. We explore if and under what circumstances a provably secure fuzzy fingerprint vault can be implemented. Based on bounds on the loss of entropy for the general fuzzy vault and realistic models for minutiae distributions, we deduce lower bounds for attacks that attempt to recover the template. Furthermore, we show how to select optimal parameters and evaluate both, minimum minutiae match rates and minimum number of minutiae needed to obtain an appropriate security level. Our results indicate that a provable secure scheme is hard to achieve with current fingerprint technology.
    Full-text · Conference Paper · Jun 2010
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Over the past decades, a number of methods have been reported in the scientific literature to protect the privacy of biometric information stored in biometric systems. Keyless Biometric Template Protection (KBTP) methods aim to protect biometric information without the use of long-term secrets by deploying one-way functions. These KBTP methods are currently developed to an extent that commercial products have become available. When assessing and comparing different KBTP methods it is important to have a common and generic approach. Therefore, in this paper we present a reference framework that can be used in assessing and comparing the privacy properties of KBTP systems.
    Full-text · Conference Paper · Jan 2010
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The fuzzy vault is an error tolerant authentication method that ensures the privacy of the stored reference data. Several publications have proposed the application of the fuzzy vault to fingerprints, but the results of subsequent analyses indicate that a single finger does not contain sufficient information for a secure implementation. In this contribution, we present an implementation of a fuzzy vault based on minutiae information in several fingerprints aiming at a security level comparable to current cryptographic applications. We analyze and empirically evaluate the security, efficiency, and robustness of the construction and several optimizations. The results allow an assessment of the capacity of the scheme and an appropriate selection of parameters.
    Full-text · Article · Jan 2010
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We investigate the security of a privacy enhancing technique for fingerprint authentication known as fuzzy fingerprint vault. This technique is based on the fuzzy vault of Jules and Sudan, a scheme that allows error tolerant authentication, while pre-serving the privacy of the reference data. We explore if and under what circumstances a secure fuzzy fin-gerprint vault can be implemented. We derive both upper and lower security bounds for any attacks that attempt to recover the template from the stored reference data, and, at the same time, significantly improve the best known attack. Furthermore, we show how to select optimal parameters and evaluate both minimum minutiae match rates and minimum number of minutiae needed to obtain an appropri-ate security level. Our results quantify the security capacity of the fuzzy fingerprint vault and provide important tools for selection of suitable parameters.
    Full-text · Article · Jan 2010
  • M. Arnold · C. Busch · H. Ihmor
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents a comparative study on fingerprint recognition systems. The goal of this study was to investigate the capability characteristics of biometric systems regarding integration of biometric features in personnel documents such as ID cards and Visa application documents. Thus the designed test has the focus on performance testing of selected algorithms and systems with dedicated investigations on side effects such as independence of matching rates and results from the scanning device or the impacts of ageing effects on the received operator characteristics. The study was carried out in close collaboration between German Federal Criminal Police Office (Bundeskriminalamt, BKA), the German Federal Office for Information Security (Bundesamt fuer Sicherheit in der Informationstechnik, BSI) and the Fraunhofer-IGD.
    No preview · Conference Paper · Jul 2005