Cancelable biometrics

Avantika Singh (D16027)

May 27, 2019

1 / 18
Outline

Why to secure biometric traits?

Possible solutions for securing biometric traits
Cancelable biomerics
Fundamental requirements of cancelable biometrics
Available techniques
Security analysis

2 / 18
Introduction
In today’s digitized World fingerprints, iris, face and other biological
features have been widely used for authentication purposes.
But if a biometric trait is compromised, it is rendered worthless.
Biometrics is permanently associated with an individual and cannot
be replaced even if compromised.

1 2
Figure: Fake finger prints (source )

1
https://www.hindustantimes.com/mumbai-news/
you-will-be-glued-to-this-mumbai-college-s-students-trick-biometric-system
story-W64f1jdMtecxKDml2DakeI.html
2
https://www.jagran.com/uttar-pradesh/
chandauli-fake-thumb-for-biometric-attendance-18516208.html
3 / 18
Biometric verification system

Figure: Block diagram of biometric verification system

4 / 18
Cont...

Figure: Possible attacks on biometric verification systems

5 / 18
Possible solutions for preventing database template attack

Three main solutions:

Encryption
Biometric Cryptosystem
Template transformation or Cancelable biometrics

6 / 18
Key requirements of template protection scheme

Non-invertibility
Revocability
Diversity
Performance

7 / 18
Encryption systems

Figure: Block diagram for enrollment and authentication stages in encryption

system

8 / 18
Biometric Cryptosystem
The biometric cryptosystem encrypts the biometric data to store it. Then,
during authentication, the stored template is decrypted for comparison.

Figure: Block diagram for enrollment and authentication stages in cryptosystem

system
9 / 18
Cancelable biometrics
Cancelable biometrics matches the templates in the transformed domain
itself during the authentication phase.

Figure: Block diagram for enrollment and authentication stages in cancelable

system
10 / 18
Comparative analysis

Figure: Characteristics of software based template protection techniques.

11 / 18
Literature review
Some of the proposed techniques in literature:
Salting methods3 : biometric template is mixed with a totally
artificial pattern to generate a distorted version of the biometric
template. Two main techniques are:
1 GRAY-SALT
2 BIN-SALT
Random permutations: features obtained from the biometric
template are randomly permutated. Two main techniques are:
1 GRAY-COMBO
2 BIN-COMBO

3
J. Zuo, N. K. Ratha, and J. H. Connell, Cancelable iris biometric, in 19th
International Conference on Pattern Recognition (ICPR 2008)
12 / 18
Literature review

Bio-Hashing4 : Bio-Hashing is a technique that combines biometric

features and a tokenized pseudo random number . It is a four step
process:
Step 1: Set of pseudo-linearly independent m random vectors each
having dimension n are generated that acts as a user-specific key and
stored in the database (used during verification process) as:

ri ∈ R m |i = 1, − − −, n (1)

Step 2: Orthonormalization of the vectors:

r⊥i ∈ R m |i = 1, − − −, n (2)

4
A. T. B. Jin et al. Biohashing: two factor authentication featuring fingerprint data
and tokenised random number, Pattern Recognition, vol. 37,no. 11, pp. 2245-2255,
2004
13 / 18
Literature review
Step 3: To project the n dimensional feature vector fi —fn of any
biometric trait computed using any approach on orthonormal basis
computed in Step 2 by calculating the inner product as:
 
r11 .......... r1m
 ....... ......... ...... 
 ...... ......... .......  = [B1 ....Bm ]
[f1 ......fn ]   (3)
r1n ....... rnm

Step 4: The resultant feature vectors obtained in Step 3 are real

value feature vectors which are further thresholded using
Zero-crossing technique as :
(
1, if Bi > 0.
Qi = (4)
0, otherwise.

back

14 / 18
Advantages of cancelable biometrics

The main advantage is that the biometric templates can be replaced

just like a password and token once lost or stolen.
Even if the biometric template has been lost or compromised, it is
challenging for the intruders to reconstruct the original pattern from
the transformed one.
Using one original template several unique transformed templates can
be generated to use for different applications. Therefore, it is not
required for the users to provide their biometric trait for enrolment on
different applications.
It might increase the social acceptance of biometric applications since
users need not to worry about their biometric trait being stored.

15 / 18
Limitations and challenges in cancelable biometrics

Finding an appropriate transformation function for cancelable

biometrics is a complicated task. Standard non-invertible
transformation functions do not operate properly with biometric data
because of the intra class variability of the biometric pattern.
There is no standard parameter to check the security strength
regarding the non-invertibility of the method. Therefore, it is hard to
perform security analysis, particularly when the algorithm for the
transformation and associated keys/parameters are negotiated as well.
The claim that non-invertible transformation doesnt allow
reconstruction of original biometrics, even the key or transformation
parameter is known, is somehow an assumption. In Record
Multiplicity attack, the invader can reconstruct the original biometric
template by interlinking multiple copies of the transformed templates.

16 / 18
Cont..

One fundamental challenge signifies the problem of alignment, which

considerably affects the recognition performance.
Most of the existing cancelable biometric schemes are tested on a mid
or small-scale database. To evaluate the impact and the practicality
of those schemes, it is necessary to test those methods on large-scale
database of the biometric samples.

17 / 18