Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Security
Edited by
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Security
Edited by David Chek Ling Ngo, Andrew Beng Jin Teoh and Jiankun Hu
Copyright © 2015 by David Chek Ling Ngo, Andrew Beng Jin Teoh,
Jiankun Hu and contributors
All rights for this book reserved. No part of this book may be reproduced,
stored in a retrieval system, or transmitted, in any form or by any means,
electronic, mechanical, photocopying, recording or otherwise, without
the prior permission of the copyright owner.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
TABLE OF CONTENTS
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
vi Table of Contents
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
PREFACE
Part 1
Chapter 1, “Cancelable Biometrics and Data Separation Schemes,”
discusses several typical parameter management schemes for cancellable
biometrics and their limitations. The chapter introduces a scheme based on
server-side parameter management, in detail, so to address the usability
problem, and also discusses a number of authentication protocols for this
scheme. The security and usability of the schemes are also discussed and
compared.
Chapter 2, “Minutiae-based Fingerprint Representations: Review,
Privacy, Security and Cryptographic Realization,” presents an overview
for fixed-length and variable-size minutiae-based fingerprint representations.
It makes use of three methods, so to provide a case study on the generation
of fingerprint representations from minutiae. An instance of cryptographic
realization using minutiae-based fingerprint representation is also
demonstrated.
Chapter 3, “Palmprint Template Protection Technologies,” introduces
and compares the existing palmprint template protection technologies,
which can be divided into three categories, namely palmprint cryptosystems,
cancelable palmprint, and hybrid methods. The future outlook of these
technologies is highlighted.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Part 2
Chapter 4, “Biometric Discretization for Template Protection and
Cryptographic Key Generation,” reviews recent advances on quantization,
as well as on feature encoding in biometric discretization. The author also
presents an extensive comparative study of several state-of-the-art
discretization schemes, and suggests future directions.
Chapter 5, “Biometric Privacy Using Visual Cryptography and Mixing
Techniques,” explores methods that can be used to extend privacy to
biometric data in the context of an operational system. The authors discuss
a method based on Visual Cryptography that de-identifies a face or
fingerprint image prior to storing it by decomposing the original image
into two images in such a way that the original image can be revealed only
when both images are simultaneously made available; further, each
component image does not reveal the identity of the original image. They
also discuss a method based on the concept of mixing, so to extend privacy
to fingerprint images.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Security ix
Part 3
Chapter 6, “BioPACE: Biometric-Protected Authentication Connection
Establishment,” introduces BioPACE, a biometrics based authentication
protocol. The operation mode of BioPACE is described in detail, the
integration of biometric information is investigated and a security
assessment is given.
Chapter 7, “Privacy and Security Assessment of Biometric Systems,”
illustrates various security and privacy issues, as well as the evaluation of
biometric systems. The EvaBio tool - an evaluation tool for the security
and privacy assessment of biometric systems, is also introduced.
Chapter 8, “A Generalized Framework for Privacy and Security
Assessment of Biometric Template Protection,” establishes a comprehensive
evaluation framework for biometric template security and privacy. The
assessment framework is composed of three components; goals
identification, threat models determination, and evaluation metrics and
process development. A case study on iris fuzzy commitment is
demonstrated.
Part 4
Chapter 9, “Secure and Efficient Iris and Fingerprint Identification,”
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
x Preface
Part 5
Chapter 13, “Biometric Watermarking,” discusses the use of
biometrics in remote identity authentication services via watermarking
technology. The authors showcase a case study of watermark embedding
of fingerprint images based on Wong’s original algorithm, the Discrete
Cosine Transform (DCT), and the Dual Tree Complex Wavelet Transform
(DTCWT).
Chapter 14, “The 3D Fingerprints-A Survey,” investigates the
acquisition of 3D fingerprint images, the compatibility between 3D
fingerprints and 2D fingerprints, and the feature representations of 3D
fingerprints. Specific recommendations for future research directions in
3D fingerprints are also provided.
The target audience for the book includes researchers, scholars,
graduate students, engineers, IT practitioners and developers who are
interested in security and privacy related issues in biometric systems. Also,
managers of organizations with strong security needs will find this book of
great value.
The editors would like to express their sincere gratitude to all
distinguished contributors who make this book possible, and the group of
reviewers who have offered invaluable comments to improve the quality
of each and every chapter. A dedicated team at Cambridge Scholars
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
PART 1.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER ONE
KENTA TAKAHASHI
HITACHI, LTD., YOKOHAMA RESEARCH LABORATORY,
KANAGAWA, JAPAN
Abstract
Protecting biometric information is a critical issue in biometric systems,
since biometric characteristics such as fingerprints, irises, and face and
vein patterns, constitute privacy information, and more importantly, they
cannot be changed or revoked like passwords. To address this issue, a
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 3
1 Introduction
Biometric authentication technology, a technology which automatically
identifies a person based on his/her physical or behavioral features, has
been used for user authentication for various applications, such as physical
access control and computer application login. In future, this technology is
expected to be applied to remote user authentication over networks, e.g.
Internet banking, e-commerce, and various cloud services. A typical
remote biometric authentication system consists of an authentication
server and client terminals with biometric sensors [23]. The server retains
the biometric feature data associated with user IDs called templates, in a
database.
However, problems emerge. The first is a security concern: Because
biometric features such as fingerprint patterns are unchangeable, unlike
passwords, they cannot be changed or revoked even if the templates or
feature data are compromised. The second is a privacy concern: Biometric
information is strongly linked to a person’s identity, and hence some users
have refrained from disclosing their biometric data to servers over the
network.
Conventional remote biometric authentication systems have dealt with
these problems by encrypting templates in the databases, and by using
cryptographic communication. However, the encrypted templates must be
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
4 Chapter One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 5
Biometrics
2.1 Architecture Overview
An overview of BTP architecture described in the ISO/IEC24745 is
provided in Fig.1. During enrollment, the extracted biometric feature is
encoded by a pseudonymous identifier encoder (PIE) to generate a
pseudonymous identifier (PI) and auxiliary data (AD). The PI and AD pair
is called a renewable biometric reference (RBR). During authentication,
the newly extracted biometric feature is transformed to a pseudonymous
identifier (PI*) by a pseudonymous identifier recorder (PIR). Following
this, the pseudonymous identity comparator (PIC) compares PI and PI*
and returns a similarity score.
In the context of cancellable biometrics, an AD is called a parameter
and a PI is called a cancellable template. As discussed above, the
cancellable template (PI) and the parameter (AD) should be stored and
managed separately, in order to avoid being compromised simultaneously.
In the ISO/IEC24745, eight system models (Models A to H) with diěerent
scenarios for the storage of PIs and ADs are listed [11]. However, data
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
6 Chapterr One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 7
where ࣲ㻌is the biometric feature space, ࣥ㻌is the parameter space, and ࣮㻌is
the transformed feature space.
In the enrollment stage, a biometric feature data ܺ is transformed to a
cancellable template ܶ ൌ ܨா ሺܺǡ ܭሻ based on a randomly generated
parameter ܭ, and stored in the server as a PI. ܭis stored in a client-side
storage device such as a USB token or a smart card. In the authentication
stage, a newly extracted feature Y is transformed to ܸ ൌ ܨ ሺܻǡ ܭሻusing
the parameter ܭretrieved from the storage and sent to the server as a PI*.
The server compares V and T and evaluates the similarity. The
transformation functions ܨா and ܨ can be the same or diěerent. Even if
the cancellable template ܶ ൌ ܨா ሺܺǡ ܭሻ or the parameter K leaks out,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
8 Chapter One
these are from the same biometric feature with high probability. Therefore,
as well as irreversibility, we discuss unlinkability from the PI alone or the
AD alone.
1
Although another property: pseudo-authorized-leakage irreversibility (PLI) is
defined in [26], we do not distinguish the PLI from the ALI to reduce argument.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 9
The Cartesian transformation divides the feature space, i.e., the fingerprint
image region, into ܰ ൌ ܰई ൈ ܰ௬ cells of fixed size, after which the cell
positions are shuĝed. Fig.3 illustrates an example of a Cartesian
transformation where ܰ ൌ ͷ ൈ ͷ. In this case, for example, the 3rd and
14th cells are transformed to the same 9th cell. The transformation is not
necessarily a strict permutation, and allows overlapping; more than one
cell can be mapped to the same position. All the minutiae within each cell
are moved along with the cell position, retaining their relative positions.
For each minutiae (xǡ yǡ Ʌ) within a cell position ܿ אሼͳǡʹǡ ڮǡ ܰሽ, the
transformation function can be written as follows:
where ሺܲ௫ ሺܿ ሻǡ ܲ௬ ሺܿ ሻሻ are the coordinates of the center of the ܿ -th cell,
and ܿᇱ is the position where the ܿ -th cell is mapped.
The cell mapping can be written as
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ࢉԢ ൌ ࢉܭ (2)
where ࢉ ൌ ሺܿଵ ǥ ǡ ܿே ሻ் ,ࢉᇱ ൌ ሺܿଵᇱ ǥ ǡ ܿேᇱ ሻ் and ܭis a mapping matrix of size
ܰ ൈ ܰ . Each row vector of K contains only one “1” and the other
elements are all “0”: For example, in the case of Fig.3,
ࢉ ൌ ሺͳǡ ʹǡ ͵ǡ ǥǡ ʹͷሻ் and ࢉᇱ ൌ ሺͳʹǡ ͵ǡ ͻǡ ǥǡ ͳͶሻ் . This means that the 1st
cell is transformed to the 12th position, the 2nd cell is transformed to the
3rd position, and so on.
The transformation functions for enrollment ܨா and for authentication
ܨ are the same, and the mapping matrix K plays the role of a parameter
for the transformation ܶ ൌ ܨா ሺܺǡ ܭሻǡܸ ൌ ܨ ሺܻǡ ܭሻሺൌ ܨா ሺܻǡ ܭሻሻ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
10 Chapterr One
3.22 Random
m Projection
Teoh et al. proposed Biohashing [35] for canc ellable biomeetrics and
applied thiss to fingerprrints [35], thhe face [33]], the palm [8], etc.
Biohashing is based on a linear transforrmation of thee feature vecto
or
Ͳ
Ͳሺݕ Ͳሻ
ሺሺݕଵ ǡ ǥ ǡ ݕ ሻ் ሻ ൌ ሺݐଵ ǡ ǥ ǡ ݐ ሻ் ǡ ݐ ൌ ൜
ͳ ሺݕ Ͳሻ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
12 Chapter One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics
B and Data
D Separationn Schemes 13
Figure 5: Tem
mplate matchingg
௪ ିଵ ିଵ
ሺܺ ܻ څ
ܻሻ ൌ ሾᇞ ݅ǡᇞ ݆ሿሿ ൌ ܺሾ݅ǡ ݆ሿܻሾ݅ ᇞ
ᇞ ݅ǡ ݆ ᇞ ݆ሿ (4)
ୀ ୀ
ܻ
ሺܺ ܻ څሻሾο݅ǡ ο݆ሿ ൌ ൫ܺ ܻ כ൯ሾο݅ǡ ο݆ሿ
௪ ିଵ
ଵ ିଵ
ܻሾݓ െ ο݅ െ ݅ െ ͳǡ ݄ െ ο݆ െ ݆ െ ͳሿ
ൌ ܺሾ݅ǡ ݆ሿܻ
ୀ ୀ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
14 Chapter One
ିଵ ିଵ
௨ ௨ ෨ ሾ݅ǡ (6)
ृ൫ܺ෨൯ሾݑǡ ݒሿ ൌ ߱ ߱ ܺ ݆ሿ ݍ
ୀ ୀ
where q is a prime number and ɘm, ɘn are the elements of the Galois
field ॲ ൌ ԺȀݍԺ whose orders are ݉ǡ ݊ respectively. It is assured that
߱ ǡ ߱ ॲ א exist if ݉ǡ ݊ȁ ݍെ ͳ i.e., ݉ǡ ݊ divide q䌦1. ृ is a kind of DFT
defined over ॲ , and called the number theoretic transform (NTT).
Hereafter, let us assume all the numerical operations are performed over
ॲ and let us omit the notation “mod q”, if not otherwise specified. It is
well known that F has an inverse transformation ृିଵ and has a cyclic
convolution property (CCP) [1]:
(8)
ିଵ ିଵ
ܶ ൌ ܨா ሺܺǡ ܭሻ ൌ ृ൫ܺ෨൯ ܭ לǡ ܸ ൌ ܨ ሺܻǡ ܭሻ ൌ ृ൫ܻ෨൯ ି ܭ לଵ (9)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 15
where ି ܭଵ ሾݑǡ ݒሿ ൌ ܭሾݑǡ ݒሿିଵ . T plays a role as a cancellable template
generated in the enrollment stage, and V as a transformed feature in the
authentication stage. K is called a random filter, and plays the role of a
parameter. We can calculate the cyclic convolution ܺ෨ ٘ ܻ෨ from T and V
as follows:
Since the extended areas of ܺ෨ and ܻ෨ are padded with 0 and do not
contribute to the calculation of the cyclic convolution, the linear
convolution (5), and hence the cross-correlation X څY (4), within the
region D (5), can be calculated exactly. Therefore, the CIRF does not
degrade the accuracy performance of the template matching.
Furthermore, as for the security, the following theorems hold.
Theorem 1 (Irreversibility). Let ܶ ൌ ܨா ሺܺǡ ܭሻ. If ܺ෨ does not contain zero
pixels, i.e.,ृ൫ܺ෨൯ሾݑǡ ݒሿ ് Ͳ for all (uǡ) (*1),
ሺܺȁܶሻ ൌ ሺܺሻ ֞ ሺܺǢ ܶሻ ൌ ͲǤ (11)
I(X; T ) denotes the mutual information between X and T . Refer to [30] for
the proof. This theorem indicates that the cancellable template T does not
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
leak any information about the original feature ܺ෨ , i.e., the CIRF satisfies
the ALI. The same property holds for ܸ ൌ ܨ ሺܻǡ ܭሻ, i.e., I(Y ; V ) = 0.
Theorem 2 (Unlinkability). Let ܶଵ ൌ ܨா ሺܺǡ ܭଵ ሻ and ܶଶ ൌ ܨா ሺܺǡ ܭଶ ሻ . If
the same condition (*1) as in the Theorem.1 holds,
ሺܶଵ ȁܶଶ ሻ ൌ ሺܶଵ ሻ ֞ ሺܶଵ Ǣ ܶଶ ሻ ൌ ͲǤ (12)
Refer to [30] for the proof. This theorem means that two cancellable
templates ܶଵ ǡ ܶଶ generated from the same biometric feature are statistically
independent, thereby they have no correlation.
The primary limitation of the CIRF is that the proof of irreversibility
and the unlinkability require the condition (*1) in reference to the original
feature image. In [31] this problem is solved by generalizing the CIRF
based on a quotient polynomial ring.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
16 Chapter One
Unlike the SOT scheme and the PBPG scheme described in the following
subsections, the SOC scheme does not need a hardware token or a
password. However, if the clients are shared by a large number of users,
such as is the case with bank ATMs, POS and kiosk terminals, each client
has to store and manage the parameters of all the potential users. In this
case, if only one of the authentication clients is compromised, all the
parameters in all the clients have to be revoked at once, which would
require a large operational cost. It should be noted that the risk of
compromise is proportional to the number of clients. For this reason,
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 17
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
18 Chapter One
ܸ ൌ ܨ ሺܻǡ ܭሻ using the parameter K associated with the ID, and
sends it to the authentication server.
3. The authentication server matches the transformed feature V to the
cancellable template T so to decide acceptance or rejection.
As with the SOT scheme, the PBPG scheme can also be viewed as
two-factor authentication using passwords and biometrics if it is
sufficiently hard to impersonate a user without knowing both the biometric
feature and the parameter. Note, however, easy-to-remember passwords
will not have enough complexity against dictionary attacks to recover the
original feature from the transformed one. Sufficiently complex passwords
are required to secure the template, which would reduce the usability of
the authentication system.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 19
protocol for this model does not satisfy the requirement (iii) and degrades
the security of cancellable biometrics. To address this issue, a secure
authentication protocol based on one-time parameters and one-time
templates is introduced.
(A1) The authentication server and the parameter management server are
administered separately by diěerent administrators or organizations, and
they do not collude with each other. This requirement is necessary because
if the parameters and cancellable templates are compromised at once, the
FAR attack can be performed.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
20 Chapterr One
(A4) The auuthentication clients are ta amper evidentt [12] so thatt users or
operators caan easily find unauthorized d alternations, e.g. by securrity seals,
so to detectt physical tam mpering and digital
d signatuures to detect software
tampering. Thus, we assume a that the risk is small for biometric
b
information to be comprromised at an altered cliennt used by a legitimate
l
user during authenticatioon. Note, ho owever, an atttacker may utilize
u an
altered cliennt to obtain some informatio
on from the seervers by execcuting the
authenticatioon protocol.
the client.
4. The client extracts the feature data Y from a user’s biometric
information, transforms it to ܸ ൌ ܨ ሺܻǡ ܭሻ using the parameter K,
and sends it to the authentication server.
5. The authentication server matches the cancellable template T to
the transformed feature V and decides whether to accept or reject
the user.
There is a problem: this protocol does not satisfy the requirement (iii).
In fact, the parameter K is disclosed to any authentication client connected
to the system. Thus, if there is a malicious or altered authentication client
abused by an attacker, the parameters of arbitrary user IDs can be stolen
easily at any time. The probability of this risk is proportional to the
number of authentication clients, which can be abused.
Remember that if the parameter K and the cancellable template
ܶ ൌ ܨா ሺܺǡ ܭሻ are compromised at once, the FAR attack can be performed.
Thus, if an attacker can obtain K at any time, the secrecy of X depends
only on the management of T by the authentication sever.
To deal with this problem, a protocol using one-time parameters and
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
22 Chapter One
We assume the transformation function כܨ, i.e. ܨா or ܨ , and the
parameter space ࣥ㻘㻌satisfy the following mathematical conditions:
߶ǣ ࣥ ൈ ࣬ ՜ ࣥǡ ߰ǣ ࣮ ൈ ࣬ ՜ ࣮ (13)
such that for any ܴ ࣬ אǡ ࣥ א ܭ㻘㻌 and ܺ ࣲ א㻘㻌 the following equation
holds:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics
B and Data
D Separationn Schemes 23
By the Cond
d.,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
24 Chapter One
ࢉᇱ ൌ ࢉܭ (17)
where ࢉǡ ࢉԢ 㻌㻌 represent the cell position vectors before and after the
transformation, and K is a mapping matrix. The transformation functions
can be written as ܶ ൌ ܨா ሺܺǡ ܭሻǡܸ ൌ ܨ ሺܻǡ ܭሻሺൌ ܨா ሺܻǡ ܭሻሻ, where Xǡ Y
are the sets of minutiae (c.f., Sec.3.1).
Let ࣥ㻌be a set of possible mapping matrices. When ࢉԢ is mapped to ࢉԢԢ
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
where ܭᇱ ൌ ܴࣥ א ܭ㻌is a new mapping matrix (i.e., a one-time parameter)
corresponding to the composite transformation function ܨா ሺܨா ሺܺǡ ܭሻǡ ܴሻ.
Now, we can construct the functions ࢥǡɗas follows. Let ࣬ ൌ ࣥ
and
ܨா ൫ܺǡ ߶ሺܭǡ ܴሻ൯ ൌ ܨா ሺܺǡ ܴܭሻ ൌ ߰ሺܨா ሺܺǡ ܭሻǡ ܴሻ (20)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 25
5.3.2 Biohashing
where Sig is the sign function. The matching decision is based on the
Hamming distance between the cancellable template ࢚ and the transformed
feature ࢜.
Let ࣥ 㻌be a space of random matrices whose elements are i.i.d.
according to N(0ǡ 1). Let P be a randomly selected ݊ ൈ ݊ permutation
matrix, i.e., each column and each row contain only one “1” and the other
elements are all “0”, and let ܵ be a randomly selected ݊ ൈ ݊ diagonal sign
matrix defined by
ͳ ݎെ ͳ ሺ݅ ൌ ݆ሻ
ܵǡ ൌ ൜ (21)
Ͳ ሺ݅ ് ݆ሻ
For a random matrix ࣥ א ܭ, the row permutation (by multiplying P) and
the sign inversion (by multiplying S ) keep the statistical property, i.e. each
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
element of
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
26 Chapter One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 27
Let us consider security against malicious outsiders who have free access
to the client. Note that from the assumption (A4) in Sec.5.1, the attacker
cannot obtain biometric data from the client during authentication operated
by genuine users. Thus, we can ignore the risk of compromise of
biometric data from the client. However, the attacker can obtain a one-
time parameter ܭᇱ ൌ ߶ሺܭǡ ܴሻ from the client and may try to guess the
original parameter ܭ. Hereafter we discuss the difficulty of guessing ܭ
from ܭԢ.㻌
The set of possible candidates of the original parameter K given a one-
time parameter ܭԢcan be written as follows:
If the number of the candidates, i.e. ȁࣥᇱ ȁ, is suĜciently large, we can say
that it is suĜciently difficult to guess ܭfrom ܭԢ.
In the case of the Cartesian transform, although㻌 ȁࣥᇱ ȁ 㻌varies
depending on ܭԢ, we can evaluate the lower bound of ȁࣥᇱ ȁ as follows: Let
ࣥ be the set of permutation matrices of size ܰ ൈ ܰ (where ܰ ൌ ܰ௫ ൈ ܰ௬
is the number cells). By definition, ࣥ ࣥ ؿ. Note that each permutation
෩ ෩
matrix ࣥ א ܭhas an inverse matrix ି ܭଵ . Therefore, for each ܭԢ ࣥ אand
for each ܭ ෩ࣥא , there exists ܴ ࣬ אሺൌ ࣥሻ such that ܭᇱ ൌ ߶൫ܭ ෩ ǡ ܴ෨൯ ൌ ܭ
෩ ܴ෨;
in fact, ܴ ൌ ܭ ෩ ܭԢ. This means that ࣥ
ିଵ ࣥ كᇱ and ȁࣥᇱ ȁ หࣥ ห ൌ ܰǨ ൌ
ሺܹܪሻǨǤ For example, if we let ܰ௫ ൌ ܰ௬ ൌ ͳͲ , หࣥ ෩ᇱ ห ͳͲͲǨ ൎ ͻǤ͵ ൈ
ͳͲͲଵହ .
In the case of the Biohashing, for each ܴ ൌ ሺܲǡ ܵሻ ࣬ אwhere ܲ ࣪ א㻌is
a ݊ ൈ ݊ permutation matrix and ܵ ࣭ אis a ݊ ൈ ݊ diagonal sign matrix,
there exist ܲିଵ and ܵ ିଵ . Thus, we can write
Proof. For any fixed ࣥ א ܭ, the mapping from ܴ ࣥ אto ܭᇱ ൌ ࣥ א ܴ ל ܭ㻌
is one-to-one. This is because if ܴ ל ܭൌ ܴ ל ܭԢ, by applying ି ܭଵ to the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 29
Let us consider the secrecy of the original biometric features Xǡ Y
against the semi-honest authentication server who does not collude with
the parameter server or abuse the client, but tries to guess Xǡ Y from all the
received information: ܶ ൌ ܨா ሺܺǡ ܭሻ , ܸ ᇱ ൌ ܨ ሺܻǡ ܭԢሻ and R where ܭᇱ ൌ
߶ሺܭǡ ܴሻ.
We are interested in whether the SOS scheme degrades the
irreversibility compared with conventional schemes of cancellable
biometrics, where the authentication server receives ܶ ൌ ܨா ሺܺǡ ܭሻ and
ܸ ൌ ܨ ሺܻǡ ܭሻ. Thus, we can prove the following theorem:
ܸ ᇱ ൌ ܨ ሺܻǡ ߶ሺܭǡ ܴሻሻ ൌ ߰ሺܨ ሺܻǡ ܭሻǡ ܴሻ ൌ ߰ሺܸǡ ܴሻǤ (35)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
30 Chapter One
߰ ିଵ ሺܸԢǡ ܴሻ.
This theorem indicates that in the SOS scheme, the authentication
server can obtain no more information about the original biometric
features than in the conventional schemes.
Let us consider the secrecy of the original biometric features Xǡ Y against
the semi-honest parameter server who does not collude with the
authentication server. Note that the parameter server does not receive
information other than K. Therefore, the irreversibility against the
parameter server is completely the same as the irreversibility against an
attacker who obtained the parameter K in the conventional scheme of
cancellable biometrics.
In most algorithms of cancellable biometrics, the parameter K is
chosen randomly and independently of the biometric feature X. Thus, in
this case, K provides no information about X, i.e. I(X; K) = 0.
6.1.4 Unlinkability
I(X; K) = 0. In this case, an attacker who obtained two parameters ܭଵ ǡ
ܭଶ cannot tell whether they correspond to the same biometric feature or
not. Therefore the unlinkability against outsiders or semi-honest parameter
server is satisfied in the SOS scheme.
In the following, we discuss the unlinkability against a semi-honest
authentication server. Let us consider that there are two authentication
systems of the SOS scheme, and the authentication servers collude with
each other to “cross-match” the cancellable templates and other
information obtained through authentication.
As described in 6.1.2, one authentication server can know ܶ ൌ
ܨா ሺܺǡ ܭሻǡ ܸ ᇱ ൌ ܨ ൫ܻǡ ߶ሺܭǡ ܴሻ൯ , and R, during authentication. Let ܶ෨ ൌ
෩ ൯ǡ ܸ ᇱ ൌ ܨ ሺܻǡ ߶ሺܭ
ܨா ൫ܺǡ ܭ ෩ ǡ ܴ෨ሻሻ, and ܴ෨ be the corresponding information
obtained by the other authentication server.
Since ܸԢ is determined by (V, R) (c.f. (35)),
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 31
This means that the amount of information about the “linkage” between
the original features obtainable from cancellable templates across the
authentication servers of the SOS scheme is less than or equal to that of
conventional schemes of cancellable biometrics.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
32 Chapter One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 33
7 Conclusion
Biometric template protection (BTP) schemes have been studied for about
a decade. These schemes can be broadly classified into two categories,
namely cancellable biometrics (feature transformations) and biometric
cryptosystems. In this chapter, we overviewed the BTP architecture in Sec.
2 and reviewed several studies on cancellable biometrics in Sec. 3.
To assure the irreversibility of cancellable templates in practice, the
parameters should be managed separately from the cancellable templates.
In Sec. 4 we presented several naive schemes for parameter management:
The Store on Client (SOC), Store on Token (SOT) and Password-Based
Parameter Generation (PBPG). All these schemes, however, have
limitations in usability; the SOC scheme limits the available authentication
clients, the SOT scheme requires a user to carry a hardware token, and the
PBPG scheme requires a user to remember a password.
In Sec. 5 we presented a parameter management scheme with high
usability, i.e., the Store on Server (SOS) scheme, in which the parameters
are stored in a parameter management server administered separately from
the authentication server which manages the cancellable templates.
However, a naive authentication protocol for the SOS scheme is
vulnerable in that the parameters are easily compromised from
authentication clients. To deal with this problem, a secure protocol based
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
References
[1] R. C. Agarwal and C. S. Burrus. Number theoretic transforms to
implement fast digital convolution. In Proc. of IEEE, volume 63, pages
550–560, 1975.
[2] M. Braithwaite, U. Cahn von Seelen, J. Cambier, J. Daugman, R.
Glass, R. Moore, and I. Scott. Application-specific biometric
templates. In AutoID02, pages 167–171, 2002.
[3] J. Bringer, H. Chabanne, and B. Kindarji. Anonymous identification
with cancelable biometrics. In Proc. ISPA 2009, 2009.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
34 Chapter One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Cancelable Biometrics and Data Separation Schemes 35
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
36 Chapter One
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER TWO
MINUTIAE-BASED FINGERPRINT
REPRESENTATIONS:
REVIEW, PRIVACY, SECURITY
AND CRYPTOGRAPHIC REALIZATION
Abstract
Unlike global feature such as singular point, minutia features provide high
reliability, robustness and discriminability for fingerprint analysis.
However, privacy invasion can occur if minutiae are compromised, since a
number of methods have been demonstrated to successfully reconstruct
fingerprint images from minutia templates. To alleviate the possibility of
minutia compromise and to address the privacy and security concerns, in
the past decade, many studies have attempted to transform minutiae into
secure representations while trying to retain high accuracy performance. In
this chapter, we present an overview of the security and privacy issues in
various well-known minutia-based fingerprint representations, which can
be divided into two categories: fixed-length and variable-size. Three
methods are used to demonstrate how to represent minutiae in variable-
size, and a cryptographic realization is developed to make such
representation secure against attackers.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
38 Chapter Two
1 Introduction
At the local level of a fingerprint image, there are approximately 150
different local ridge characteristics. Among these characteristics, two most
prominent ridge characteristics include ridge endings and ridge
bifurcations [1]. A ridge ending is a ridge point that ends abruptly,
whereas a ridge bifurcation is a ridge point that forks or diverges into
branch ridges. They are named minutiae collectively, with each minutia
associated with a number of attributes, including location coordinates,
orientation, type (e.g. ridge ending or ridge bifurcation), a weight based on
the quality of the fingerprint image in the neighbourhood of each minutia,
and so on. However, in the ISO/IEC 19794-2 compliant format, only two
attributes are included: minutia location and orientation, which are usually
considered as the most stable features [1].
In general, minutiae are the most widely used features for representing
a fingerprint for recognition. This is attributed to the following
observations: (i) minutiae are generally reliable and robust to fingerprint
image elastic deformation; (ii) unlike global feature such as singular point
or coarse ridge line shape, minutiae provide sufficient distinctiveness for
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 39
Figure 1. Two different imppressions of the same finger frrom FVC2004 DB1, D with
8 minutiae exxtracted on the left image, wh hile 36 minutiaee occur on the right. The
circle and squuare markers reppresent minutiaae and core poinnts, respectively
y.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
40 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 41
2 Literature review
In this section, we provide an overview of various minutia-based
fingerprint representations converted from fingerprint minutiae. Broadly
speaking, two categories can be named, fixed-length representation and
variable-size representation. The fixed-length representation refers to
ordered fixed-length vectors transformed from minutiae of fingerprints.
The fixed-length representation can be in integer, real value, or bit-string.
On the other hand, the variable-size representation refers to templates with
variations in size based on the number of minutiae in fingerprints. In
general, a variable-size representation can be represented in matrix with
size ݉ ൈ ݊, where m is determined by the number of minutiae extracted
from the fingerprint image, and n is the length of the feature vector
associated with the minutiae. Similar to the fixed-length representation,
the variable-size representation can also appear in integer, real value, or
bit-string. The ordinary minutia representation is indeed under this
category where n = 3, i.e. coordinates x and y, and orientation ș. Table 1.
lists various minutia-based fingerprint representations available in
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
literature.
Generally speaking, the fixed-length representation provides great
advantage over the others in adapting biometric cryptographic protocols
and cryptosystem schemes like fuzzy commitment [5]. On the other hand,
a variable-size representation is usually generated using every minutia
(called reference minutia), thus retaining the local neighborhood structure.
Furthermore, the variable-size representation allows performing a two-
stage matching procedure, which was first introduced by Jiang and Yau
[14]. This procedure has shown better robustness for matching over
precious approaches. In comparison, the variable-size representation is
more suitable for cancellable biometrics [8].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
42 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 43
that helper data is stolen. Apart from this meth thod, Jakubow wski and
Venkatesan [18] proposeed a randomizzed radon traansform, and Jin et al.
[19] proposeed a random triangle hashing scheme. B Both of these methods
adopt a simmilar strategy in converting
g the minutiaee representation into a
discrete featture vector.
proposed by S
Sutcu et al. [15,, 16].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 45
Nagar et all. [20] considder a more robust set of features than n Sutcu’s
approach byy considering the average minutia
m coorddinate within a cuboid,
the standardd deviation off the minutiae coordinates, aand the aggreegate wall
distance. Thhis method offers
o high accuracy
a perfformance but requires
registration points (e.g. high curvatu ure points) too align the fiingerprint
image prior to feature exxtraction. The detection of registration points
p can
be challengiing on poor-quuality images.
Bringer and Despiegeel [21] generatted a minutiaee-vicinity-based binary
feature vecctor, wherebyy a minutiaee vicinity iss referred to o as the
neighbourhoood structure around a ceentral minutiaa within a pre-defined
radius. This method exxtracts N nu umber repressentative viciinities as
reference ussing a vicinityy-selection proocedure. Withh a number of minutia
vicinities exxtracted from
m each fingerrprint, each vvicinity of th he query
template is matched aggainst N num mber of vicinnities of the enrolled
template to identify the correspondin ng enrolled vvicinity to eaach query
vicinity. Coonsequently, the
t matching g score is cooncatenated to o yield a
fixed-lengthh real-valued feature vecttor with N ccomponents, and then
binarised to a bit-string. Figure 4 dep picts the mechhanism for ob btaining a
binary vectoor from a set of representaative vicinitie s and query vicinities.
v
The resultaant bit-string is of approx ximately 50,0000 bits long, which
requires highh storage capaability.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
46 Chapter Two
minutia orientation (S1, S2, S3); and height (H) of the triangle are extracted
and quantized into 24 bits, which yields a 224-bit binary string. Figure 5.
shows the main idea of the proposed scheme. However, this method
requires high computational cost due to the exhaustive calculation of
features for all possible minutiae triplets. Following this work, Jin et al.
[25] attempted to reduce the length of bit-string by using minutiae pairs
instead of minutiae triplets. Four invariant features, i.e. Euclidean distance
between two minutiae, angular difference between two minutiae, two
angles between minutia orientation, and the segment connecting two
minutiae, are extracted for histogram binning. Consequently, the size of
template is reduced to 218 and the performance is enhanced using a
majority-voting-based training process.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 47
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
48 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 49
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
50 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 51
ci3ĺci1, etc. The four coordinate pairs of Vi are then transformed, based on
the 5 (out of 12) randomly selected orientation vectors in the respective
minutia vicinity. Next, the random offsets are added to each Vi, in order to
conceal the local topological relationship among the minutiae in the
vicinity. The transformed minutiae are thus regarded as a protected
minutia vicinity with stored random offsets.
However, Simoens et al. [32] points out that the coordinates and
orientations of minutiae in [31] could easily be revealed if both random
offsets and orientation vectors are disclosed to the adversary. They also
show that the attack complexity is considerably low (e.g., only 217
attempts are required when the random offset table is known, and with
reference to 2120 attempts when the random offsets table is not known).
Wang and Hu [33] propose a cancellable fingerprint template based on
a dense infinite-to-one mapping technique. By refining the features
considered in [25], the proposed method elaborates three invariant features
from a pair of minutiae. The three features are Euclidean distance between
two minutiae, the angle between the orientation of reference minutia and
the direction of the line segment connecting the two minutiae, and the
angle between the orientation of neighbour minutia and the direction of the
line segment connecting the two minutiae. The extracted features are then
quantized, hashed and binarised. Lastly, a complex vector is generated
from the resultant bit-string by applying a discrete Fourier transform, and
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
52 Chapter Two
local point aggregation method [17] has not been considered for the
scenario where stolen helper data is used by the adversary to gain
illegitimate access, which could lead to severe security threat. (c) The
performance of most of the afore-discussed methods [15, 16, 17, 20, 22,
27] depends on accurate pre-alignment or registration, which is infeasible
in practice. (d) Some methods either suffer from high computation cost
[24], or require large template storage [21]. (e) Although generally, the
spectral transform approach outperforms the reference- or histogram-based
approach in many ways, it is still not as accurate as the state-of-the-art
minutia-based variable-sized representations, e.g. MCC [30]. In the
variable-sized representation, we observe that (a) most of the “non-
invertible transforms” are in fact susceptible to partial or full inversion,
e.g. [30, 31, 33]. (b) A lost token attack is applicable if the token/PIN is
revealed to the adversary [28, 29, 31]. Since a fingerprint image can easily
be reconstructed from minutiae, unauthorised reconstruction of the
original biometric data constitutes invasion of privacy.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 53
template may not lead to a high match score with another impression of
the same finger [2]; (iii) it is more complicated to reconstruct a minutiae
template using hill climbing when minutiae descriptors are used for
matching. This is because the matching score only reveals the similarity of
minutiae descriptors instead of the minutiae itself. For example, when a
100% similarity score is obtained, it only implies that a minutiae
descriptor has been perfectly reconstructed. However, there is no
indication of how to identify the reconstructed minutiae descriptor from
the set of synthetic minutia points because no information about the
location of the minutiae is revealed from the similarity score.
Template inversion is another approach used by the attacker to recover
the biometric image from the corresponding features inverted from the
stolen template [2]. Nagar [2] demonstrated the recovery of minutiae
information from a well-known binary representation, Binary Minutiae
Cylinder Codes (B-MCC) [30]. The method is a two-stage inversion
procedure which consists of Local Minutiae Recovery and Global
Minutiae Recovery. The experiment shows that the method makes possible
the recovery of sufficient minutiae information from the Binary Minutiae
Cylinder Codes (B-MCC) [30].
Furthermore, Ferrara et al. [39] also outlined an attack algorithm to
recover the minutiae information (i.e. location and orientation) from the
Minutiae Cylinder Codes (MCC). The attack algorithm was also composed
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
54 Chapter Two
where ݎ௫ and ݎ௬ represent the width and height of a pre-defined two-
dimensional rectangle. The values of ݎ௫ and ݎ௬ are set as two times the size
of the input fingerprint image. This is to ensure that the reference minutia
is located in the centre of the pre-defined two-dimensional rectangle so
that this reference minutia acts as a registration point to align fingerprint
images in the same manner.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 55
locations off the three verrtexes that foorm the randoom triangles. Based
B on
the differentt user-specificc token, the method
m generaates a unique template
for each useer.
Step 2: HHashing. A seet of minutiaee is transform
med into a sho ort integer
vector. In shhort, it countss the number of
o minutiae coontained in th
he regions
of random triangles. The hashing process can be described d as the
following traansformation function:
݂ǣ ȳ ՜ ܼ (3.2)
where ȳ ൌ ሼݔǡ ݕǡ ߠሽ and ߠ אሾͲǡ ʹߨ ߨሻ represent the coordin nate and
orientation of a minutia, and ܼ is an a n-dimensioonal integer vector in
which each element dennotes the num mber of minuutiae to be fo ound in a
random trianngle.
Step 3: O
Orientation hiistogram binning. A histogrram is formed d to count
the number of minutiae that fall into o each of thhe disjoint bin ns in the
histogram. TThe disjoint biins refer to the pre-defined orientation raanges and
the entirely orientation raange is betweeen 0 and ʹߨ. As an examp ple, from
Figure 8, am
mong the five minutiae
m conttained in a triaangle, one of them
t falls
in the rangee ሾͲǡ ߨȀ͵ሻ, onne in ሾߨȀ͵ǡ ʹߨ ߨȀ͵ሻ, two in ሾሾͶߨȀ͵ǡ ͷߨȀ͵ሻ,, and one
in ሾͷߨȀ͵ǡ ʹߨߨሻ. If the orieentation rangee does not haave any correesponding
minutiae, the count is set to zero. Thesee numbers aree concatenated d together
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
56 Chapter Two
where ْ represents the bitwise XOR operation, ܾǡ and ܾǡ denote the kth
bit in ܾ and ܾ , l represents the bit-length of ܾ and ܾ .
In a perfect environment, the two one-dimension bit strings generated
based on the same reference minutiae will be the same. However, there is
no information for us to locate the corresponding minutiae used for
alignment in the enrolled template and query template. Therefore, it
requires comparing all the one-dimensional bit-strings between the
enrolled and query sets, so to determine the closest pair. To do this, a
matrix D={dij} is used to store the dissimilarity scores, where ݀ ൌ
݁ݎܿݏሺ݅ǡ ݆ሻ. The next step is to calculate
ത the mean of the minimum
distance for each column in dij , as shown in Eq. (3.4) and Eq. (3.5):
ܽ ൌ ሼ݀ ሽ (3.4)
j=1,2,3……n; (n is the number of columns for matrix D)
i=1,2,3……m; (m is the number of rows for matrix D)
ͳ
ܿҧ ൌ ܽ (3.5)
݊
ୀଵ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 57
ܾ ൌ ሼ݀ ሽ (3.6)
i=1,2,3……m; (m is the number of rows for matrix D)
j=1,2,3……n; (n is the number of columns for matrix D)
ͳ
ݎҧ ൌ ܾ (3.7)
݉
ୀଵ
ܿҧ ݂݅ ܿҧ ݎҧ
ݏൌ൜ (3.8)
ݎҧ ݂݅ܿҧ ݎҧ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
58 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 59
ଶ
ݏൌ ݉ (3.9)
ୀଵ
where s is the total number of minutiae pair for all ʹ of bins, ʹ is the
total number of bins.
Next, the histogram mi is binarised by retaining the count of value 1
while setting the rest of the count values to 0. This is to ensure that the
fingerprint image can be represented by a set of unique minutiae pairs, i.e.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
those that occur only once in the fingerprint image. The Binarisation rule
is:
ͳ ݂݅ ݉ ് ͳ
א ݅ሾͲǡ ʹ ሻǡ ܾ ൌ ቄ (3.10)
Ͳ ݁ݏ݅ݓݎ݄݁ݐ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
60 Chapter Two
σୀଵሺܾ Ȉ ܾ ሻ
ܵሺܾ ǡ ܾ ሻ ൌ
(3.11)
ටσୀଵ ܾ σୀଵ ܾ
where Ȉ represents a bitwise AND operator. σୀଵሺܾ Ȉ ܾ ሻ counts the
positions in the bit-strings that have a value of 1 in both enrolled and query
templates, and then sums them. σୀଵ ܾ and σୀଵ ܾ denote the total
number of 1’s of the enrolled and query templates. The score ranges from
0 to 1, where S = 1 indicates a perfect match, and otherwise is not a perfect
match.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 61
ߠ െ ߠ Ǣ ߠ ߠ
ߠ௧ ൌ ൜ ൠ (3.13)
͵Ͳ ߠ െ ߠ Ǣ ߠ ൏ ߠ
Step 2: Shifting. The translated and rotated minutiae points are then
shifted to the new coordinates, based on the following equation:
where ݔᇱ , ݕᇱ and ߠᇱ אሾͲǡ ʹߨሻ represent the new coordinates and
orientation, while ݓ௫ ,ݓ௬ are two times the width and the height of the
fingerprint image. After going through Eq. (3.12) - (3.14), the transformed
minutiae ݉ᇱ ൌ ሼݔᇱ ǡ ݕᇱ ǡ ߠᇱ ȁ݅ ൌ ͳǡ ǥ ǡ ܰ െ ͳሽ are located in a new 2-
dimensional space, with a width of ݓ௫ and a height of ݓ௬ . The new
coordinates of the reference minutia are now ሺݓ௫ Ȁʹǡ ݓ௬ Ȁʹሻ- the centre of
the new 2-dimensional space. The remaining minutiae also shift
invariantly. Hence, the reference minutia serves the purpose of aligning
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ଶ ଶ
ߩᇱ ൌ ටݔᇱ ݕᇱ (3.15)
ݕᇱ
ߙᇱ ൌ
ሺ ᇱ ሻ (3.16)
ݔ
where ߩᇱ and ߙᇱ indicate the radial distance and the radial angle of the ith
minutia in Polar coordinates, and measured in pixels and degree ሾͲǡ ʹߨሻ
respectively.
2 3-Tuple-based Quantisation. The 3-tuple based quantisation is a
polar grid quantisation on all the minutiae. Subsequently, each of the
minutiae can be represented as a vector, ߱ ൌ ሼߩ ǡ ߙ ǡ ߠ ሽ with three
positive integers, x, y, and z described as follows:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
62 Chapter Two
ߩ ൌ ߩہᇱ Ȁۂݔ (3.17)
ߙ ൌ ߙہᇱ Ȁۂݕ (3.18)
ߠ ൌ ߠہᇱ Ȁۂݖ (3.19)
where / denotes the quotient, x, y and z indicate the radius of the polar grid
segment, radial angle for tolerance, and orientation angle to be tolerated,
respectively. The x is measured in pixels and y, z אሾͲǡ ʹߨሻ . The
quantisation level is hence determined by x, y and z.
3 Bit-string Generation. Since there are ݈ ൌ ݉݊ number of polar
grids available, where ݉ ൌ ݓ௫ Ȁ ݔ, ݊ ൌ ݓ௬ Ȁ ݕ, ൌ ʹߨȀ ݖ, a number of
histogram bins, hi, can be formed to record the number of minutiae that
fall in each of the polar grids. Mathematically, the total number histogram
bins can be calculated as:
ܰ ൌ ݄ (3.20)
ୀଵ
where N depicts the total number of minutiae, and l is the total number of
polar grids (histogram bins).
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
The bit-string can be obtained based on the rule that if a polar grid
contains more than one minutia then it is marked as 1, otherwise 0. The
length of the resultant bit-string is l, which is equivalent to the total
number of polar grids. The Binarisation rule is given as:
ͳ ݂݅ ݄ ͳ
א ݅ሾͲǡ ݈ሻǡ ܾ ൌ ቄ (3.21)
Ͳ ݁ݏ݅ݓݎ݄݁ݐ
It should be noted that the bit-string generated thus far is based on only
one reference minutia. The processes aforementioned are repeated by
using different minutiae as reference minutiae until the entire minutiae set
has been traversed. Consequently, the length of the resultant bit string is
σேୀଵ ݈ .
4 Calculating the Similarity Score between Bit-strings. The
matching score in between two bit-strings can be simply obtained by
finding the intersection of two bit-strings. However, the large difference of
magnitude defined by the total number of ones in the bit-string is a
drawback. Therefore, the matching score can be normalized as follows:
assume that ܾ represents the enrolled binary template, and ܾ represents
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 63
the query binary template, the similarity matching score can be calculated
as follows:
ሺ݊ ݊ ሻ σௗୀଵሺܾǡ Ȉ ܾǡ
ሻ
݁ݎܿݏሺ݅ǡ ݆ሻ ൌ (3.22)
ሺ݊ ሻଶ ሺ݊ ሻଶ
ௗ
݊ ൌ ܾǡ (3.23)
ୀଵ
ௗ
݊ ൌ ܾǡ
(3.24)
ୀଵ
where Ȉ represents a bitwise AND operator. σௗୀଵሺܾǡ Ȉ ܾǡ ሻ counts the
positions in the bit-strings that have a value 1 in both query and enrolled
templates, and sums them.݊ and ݊ denote the total number of 1’s of the
query and enrolled templates, respectively. The score ranges from 0 to 1,
where score = 1 indicates a perfect match, and otherwise is not a perfect
match.
Ideally, two bit-strings generated from the same reference minutia have
a perfect match. However, there is no information that indicates that the
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
reference minutia used in the enrolled template is the same as that used in
the query template. Thus, this requires that we compare all the bit-strings
generated based on the corresponding minutiae, and that we calculate the
maximum similarity score. To do this, a matrix D={dij} is used to store the
similarity scores, where ݀ ൌ ݁ݎܿݏሺ݅ǡ ݆ሻ. Next, we calculate ܿҧ the mean
of the maximum distance for each column in dij, shown below:
ܽ ൌ ሼ݀ ሽ (3.25)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
64 Chapter Two
Similarly, ݎҧ the mean of the maximum distance of each row in dij is
computed as follows:
ܾ ൌ ሼ݀ ሽ (3.27)
i=1,2,3……m; (m is the number of rows for matrix D)
j=1,2,3……n; (n is the number of columns for matrix D)
ͳ
ݎҧ ൌ ܾ (3.28)
݉
ୀଵ
The bigger value of ܿҧ and ݎҧ is taken as the final score, s, as in (3.29),
where each of
ത and ҧ ranges between 0 and 1. s = 0 indicates a perfect
match, and otherwise is not a perfect match.
ܿҧ ݂݅ ܿҧ ݎҧ
ݏൌ൜ (3.29)
ݎҧ ݂݅ܿҧ ൏ ݎҧ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
66 Chapter Two
good use of the key escrow feature in closed group operations practice,
such as company proxies and gateways.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 67
uniqueness iin practice, deespite that thee security of thhe scheme is provable.
A new useer needs to register an “identity”
“ wiith the system m where
troublesomee procedures anda documen nts are involveed. Besides, there
t will
be cases succh as the loss or
o outdate of user
u public keeys.
The soluution for thee above prob blems is thee fuzzy identtity-based
identificatioon (FIBI), whhich uses a usser public bioometric identiity easily
obtainable aas the public key
k [50].
enrolled bioometric data viiolates user prrivacy but thiss concern is resolvable
using biom metric templatte protection n techniques as discussed d in the
previous secctions.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
68 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 69
Table 2. Sim
milarities of FIBC
F primitives
Verify - Verify -
using ID
Prover
Identification Protocol - - authenticate
using ܦܫԢ
Authentication No Yes Yes
Repudiation No No Yes
Need Public Directory Yes No No
to store ID
The first and second requirements are due to the use of polynomials in
binding the public biometric identity to a user private key, whereby the
polynomial degree d is used as a threshold to verify the genuineness of
biometrics identity. The last requirement is caused by the way the matching
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
score works, because the AND operation is the only feasible method that can
calculate the matching score in the form of integers. We could view a real
number as a string, but this would require a biometric feature extraction
algorithm to reproduce an identical real number for matching using the
string representation; however, in practicality, this is unlikely to happen.
These requirements originated from the fact that FIBC tolerates errors via
polynomial interpolation. Unfortunately, most biometric modalities are
represented in a set of continuous arrays, such as real numbers.
In this section, we provide proof of the concept of FIBC, by realising
Tan et al.’s FIBI [50] scheme using the minutiae pair-based histogram and
Binarisation method in Section 3.2. The binary string representation
allows calculation of a system-wide biometrics matching score using bit-
wise AND operation which works exactly the same as the predefined
threshold d in the FIBI scheme. Although the current feature elements are
only 1 or 0, and can be used as the public identity elements for user private
key extraction, polynomial interpolation will fail during an identification
protocol, because we can only obtain two pairs of polynomial values (0,
q(0)) and (1,q(1)). Since the AND operation provides the matching score,
we use the index of the bit 1 instead, as a public identity element, and
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 71
PKG
SETUP
1) Generate p, q s.t. q|(p-1)
bit length 2) ݃ ܼ א ǡ ܼ א ݏ ǡ
mpk = (p, q, g, v, H)
k ି݃ ؠ ݒ௦ ݉݀
3)ܪǣ ሼͲǡͳሽ כൈ ܩൈ ܩ՜ ܼଶሺೖሻ
4) Select a secure polynomial
degree d for interpolation.
EXTRACT
ID = {1, 5, 97789, 1) (d - 1)-degree polynomial
ݍሺȉሻ s.t. ݍሺͲሻ ൌ ݑ՚ ܼ ݇ݑൌ ሺሼߙ ሽǡ ሼܻ ሽǡ ݇ݐூ ሻ
…, 262144}
2) ܺ ൌ ݃௨
3) ሼߙ ሽ ൌ ሼܪሺ݅ǡ ܺǡ ݒሻሽאூ
4) ሼܻ ሽ ൌ ሼݍሺ݅ሻ ߙݏ ሽאூ
The FIBI scheme requires a Private Key Generator (PKG) which runs the
Setup algorithm as follows (Figure 14):
The master public key, mpk=(p, q, g, v, H) will be made public while the
master secret key, msk=s will be kept secret to PKG only.
When a user enrols with the public biometric identity ID to generate
the user private key upk, PKG will run the Extract algorithm as follows
(Figure 14):
During the identification process as shown in Figure 15., the user (prover)
first sends a commitment to the verifier to initiate the protocol. In return,
the verifier sends the challenge to the user, and based on the challenge, the
user generates a response for the verifier. Ultimately, based on the user’s
response, the verifier will output reject or accept:
1 The user chooses random values ሼݎ ሽאூ ܼ א , computes ሼݔ ሽ ൌ
ሼ݃ ሽאூ ݉ ݀and the shares of ܺ ൌ ݃௨ ǣ ሼܺ ሽ ൌ ሼ݃ ݒఈ ሽאூ ൌ
ሼ݃ሺሻ ሽאூ . The user then sends ሺሼܺ ሽǡ ሼݔ ሽǡ ܦܫǡ ܦܫᇱ ǡ ݇ݐூ ሻ to the
verifier.
2 In return, the verifier chooses a random ܿ ܼ אଶሺೖሻ as the challenge
and sends c to the user.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 73
Identification Protocol
ID, upk, mpk mpk
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
74 Chapter Two
We now present a toy example for FIBI. Consider the scenario where a
credit card company would like to adopt FIBI as a customer identity
verification mechanism. The security administrator Bob will instruct the
Private Key Generator (PKG) to run the Setup algorithm of FIBI for
defining the security parameters mpk and msk as well as the desired
threshold t. To register a user Alice to the system, the PKG runs the
Extract algorithm which takes fingerprint images of Alice as the input. At
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
the end of biometric feature extraction, a bit string, b is generated and the
indexes of bit 1, ID, are recorded. Then ݍሺܦܫሻ of the (t-1)-degree random
polynomial ݍሺȉሻ is constructed and bound to the master secret key msk=s
along with the corresponding ߙூ (See step 3 of the Extract algorithm in
Figure 14).
For the purpose of key revocation, the PKG may concatenate the credit
card expiry date to Alice’s ID in the Extract algorithm, such as ߙூ ൌ
ܪሺܦܫȁȁ݁݁ݎ݅ݔௗ௧ ǡ ܺǡ ݒሻ. The PKG will return to Alice her public key ID
and ݇ݑൌ ሺሼߙ ሽǡ ሼܻ ሽǡ ݇ݐூ ሻ, which are stored in her cryptography-enabled
credit card. Since a biometric trait is used as the public key and no further
documentation is required, we can see that the credit card initialization
process can be completed within minutes under a trained operator.
After receiving her credit card, Alice plans to make some purchases,
and verifies her identity on a credit card verification device, V, comprised
of a fingerprint scanner and a credit card reader. Alice will give V her
fingerprint reading ܦܫԢ while scanning her credit card which contains her
public key ܦܫand upk. V will first calculate Alice’s biometric matching
score ȁ ܦܫ ת ܦܫᇱ ȁ and reject this if the matching score is lower than the
predefined threshold t. Otherwise, V continues to verify the validity of
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 75
ܷ 116
Extract
ܺ 669450
ݍሺȉሻ 116+520x+3x2
ߙ {48, 288, 21, 469, 320}
ܻ {349, 30, 338, 350, 324}
ܺ {953382, 177830, 1032349,
354429, 824705}
ݎ {8, 14, 435, 106, 63}
ݔ {633433, 828074, 735186,
404711, 994240}
Identification C 372
Protocol ݕ {55, 34, 289, 525, 279}
ܦܫᇱ {2, 8, 14, 23, 28}
ᇱ
ܦܫbit string 0010000010000010000000010000
1000000
ȁ ܦܫ ת ܦܫᇱ ȁ 3
οǡௌ ሺݔሻ {17, 49, 492}
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
76 Chapter Two
where Ȉ represents a bit-wise AND operator. σୀଵ ቀܾௗ Ȉ ܾௗ ቁ counts the
positions in the bit-string that have a bit 1 in both enrolled and query
templates, and sums them. The resultant score is an integer which
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Noted a genuine user is rejected if ܵ൫ܾௗ ǡ ܾௗ ൯ ൏ ݀.
௨௧ௗ௦௧
ܴܣܨൌ ൈ ͳͲͲΨ (4.2)
௧௧௨௦௧௦௦
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 77
Noted an impostor is accepted if ܵ൫ܾௗ ǡ ܾௗ ൯ ݀.
Figure 16. FRR, FAR against threshold for FVC2002 DB1. (EER=3.9% at d=17
and FAR=0%, and FRR=27.67% when d=51).
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
78 Chapter Two
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Figure 17. FRR, FAR against threshold for FVC2002 DB2. (EER=3.21% at d=30
and FAR=0%, and FRR=28% when d=70).
Table 4. A series of data for threshold (d), FAR and FRR for
FVC2002 DB1.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 79
Table 5. A series of data for threshold (d), FAR and FRR for
FVC2002 DB2.
where Ȉ represents a bit-wise AND operator. σୀଵ ቀܾௗ Ȉ ܾௗ ቁ counts the
positions in the bit-string that have a bit 1 in both enrolled and query
templates and sums them. σୀଵ ܾௗ and σୀଵ ܾௗ denote the total number of
1’s of the enrolled and query templates.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
80 Chapter Two
The same experiment is run again using the normalized matching score.
The results are displayed in Tables 6-7. To avoid statistical biasness,
cross-validation by examining ଼ܥൌ ͺ combinations is performed. The
average FRR (when FAR=0%) is 0.625%, where the threshold t is set to
0.11 for DB1. Alternatively, the average FRR (when FAR=0%) is 0.25%,
where the threshold t is set to 0.08 for DB2.
Figure 18. depicts the plot of FAR and FRR against the normalized
threshold, when the fifth image is used for testing in FVC2002 DB1,
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiaee-based Fingerp
print Representaations 81
where EER= =1.44% at t=0.06 and FAR R=0%, and F FRR=2% when n t=0.11.
Similarly, F
Figure 19. illuustrates the plot
p of FAR and FRR ag gainst the
normalized tthreshold wheen the fifth im
mage is used ffor testing in FVC2002
F
DB2, wheree EER= 0.99% % when t=0.0 06 and FAR = 0%, and FR RR = 1%
when t=0.088.
Figure 18. F
FRR, FAR against the norm malized threshoold for FVC20
002 DB1.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Figure 19. F
FRR, FAR against the norm malized threshoold for FVC20
002 DB2.
(EER=0.99%% at t=0.06 and FAR=0%,
F and FRR=1%
F whenn t=0.08).
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
82 Chapter Two
etc. to generate a public key for the IBI scheme. On the contrary, FIBI
binds the ID and the matching score with its user private key generation
process, and thus one can mathematically prove the security of the
biometrics ID. The differences of unnormalized and normalized matching
scores are shown in Table 7.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 83
PKG
SETUP
1) Generate p, q s.t. q|(p-1)
2) ݃ ܼ א ǡ ܼ א ݏ ǡ mpk = (p, q, g, v, H)
bit length k ି݃ ؠ ݒ௦ ݉݀
3)ܪǣ ሼͲǡͳሽ כൈ ܩൈ ܩ՜ ܼଶሺೖሻ
4) Select a secure polynomial
degree d for interpolation.
EXTRACT
ோ
ID = {1262144} 1) ݑ՚ ܼ ݇ݑൌ ሺߙǡ ܻሻ
2) ܺ ൌ ݃௨
3) ߙ ൌ ܪሺܦܫǡ ܺǡ ݒሻ
4) ܻ ൌ ݑ ߙݏ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
84 Chapter Two
public biometric identity extraction method. When d=0, the ܦܫᇱ becomes a
singleton, and the FIBI scheme becomes an IBI scheme. The upk will
change to ܻ ൌ ݑ ܪݏሺܦܫǡ ܺǡ ݒሻ, and the secret value u can be viewed as
ݑൌ ݍሺͲሻ, where ݍሺݔሻ is a 0-degree random polynomial.
Although the resultant d from the experiment appeared to be quite
large, and subsequently yields a longer polynomial which consumes
undesirable processing time, we show in the simulation that the FIBI is
still considerably fast, and the extracted public biometric identity serves
the FIBI scheme perfectly.
4.6.1 Optimizations
After the first step of the protocol, the verifier can decide to continue or
abort the Identification Protocol, based on the condition ȁܦܫ ת ܦܫԢ ݀ȁ.
If the condition is met, the verifier can now randomly select d elements
from ሼܦܫ ת ܦܫԢሽ so to form the set S, such that ȁܵȁ ൌ ݀ and to send both
the set S and the challenge c to the prover. Thus prover and verifier can
reduce the computations in step 3 and step 4 for a factor of n-d. Note that
this optimization does not affect the security because the verifier only
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 85
ο ሺሻ
needs to know d out of n elements of ܺ to reconstructܺ ൌ ςௌ ܺ ǡೄ ,
and so the prover only needs to prove partial knowledge of upk
corresponding to the set S, which constitutes a partial amount of the
elements of a public biometric identity.
Furthermore, some pre-calculations can be performed for the last step
of the identification protocol. Firstly, the PKG can compute, for the
verifier, the value v-1 during the setup phase, so to avoid the expensive
inverse computation of ݒఈ for ͳ ߟ ݐ. The value v-1 can be used in the
ആ ఈ ആ
last step of every Identification Protocol, such that ഀ ൌ ܺആ ሺି ݒଵ ሻ .
௩ ആ
Secondly, the verifier can compute the Lagrange coefficient on the point 0,
οǡௌ ሺͲሻ immediately after determining the set S in step 2, instead of doing
so after receiving the response in step 3.
4.6.2 Results
images are used as the query public biometric identity, ܦܫԢ in the
Identification Protocol. During the execution, we randomly select the enroll
IDi for the Extract algorithm and the query ܦܫԢǡ for the Identification
Protocol, where dDB1=51 and dDB2=70 for respective databases, ͳ ݅ ͳͲ
and ͳ ݆ ͵. We set the prime q to 160 bits in length, and the prime p to
1024 bits in length, with SHA-1 as the hashing algorithm.
The FIBI is executed for 1000 rounds, where the algorithms Setup,
Extract, and Identification Protocols are executed sequentially. The
average timing is calculated in nanoseconds, as shown in Table 8.
Time (ns)
Algorithm
FVC2002 DB1 FVC2002 DB2
Setup 79,404,858 65,972,061
Minutiae to bit string 143,200,000 223,400,000
Extract 64,518,216 102,428,066
Identification Protocol 1,545,331,531 2,218,116,221
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
86 Chapter Two
5 Conclusion
In this chapter, we review the security and privacy concerns associated
with the minutiae-based fingerprint representation, and then implement a
technique for securing fingerprint minutia templates by a cryptographic
realization. The first of the two parts investigates various minutia-based
fingerprint representations, which can be categorized as fixed-length and
variable-size. Three methods are used to demonstrate the generation of
fingerprint representations from minutiae. The second part of this chapter
introduces a cryptographic realization transforming such representations
into secure templates. The integration of biometrics and cryptography
based on fuzzy identity-based identification (FIBI) is illustrated by
manipulating fingerprint templates using a minutiae indexing mechanism.
The experimental result shows that our three-move identification protocol
for handling the FIBI scheme can be completed within two seconds, with
high accuracy performance FAR=0% and FRR=28%. Finally, we discuss
the impact of the normalized/unnormalized threshold on the security of
FIBI.
References
[1] D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar. Handbook of
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 87
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
88 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 89
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
90 Chapter Two
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Minutiae-based Fingerprint Representations 91
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER THREE
LU LENG
KEY LABORATORY OF NON-DESTRUCTIVE TEST (MINISTRY
OF EDUCATION), NANCHANG HANGKONG UNIVERSITY,
NANCHANG, P. R. CHINA
SCHOOL OF ELECTRICAL AND ELECTRONIC ENGINEERING,
COLLEGE OF ENGINEERING, YONSEI UNIVERSITY, SEOUL,
SOUTH KOREA
Abstract
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
1 Introduction
Compared with other biometrics such as the fingerprint, face, and iris, the
history of palmprint biometrics is relatively short. However, due to the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 93
2 Preliminary Knowledge
Before delving into the palmprint template protection, we first provide a
brief account of the background of palmprint biometrics.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
94 Chapter Three
and extracted.
Binary coding expresses features with a bit string, which saves
computation/storage cost and has favourable verification performance
even in large databases. In [6], palmprint images are filtered with a Gabor
filter; after this the real and imaginary results are respectively binarized to
be PalmCode. Thereafter, techniques like Fusion Code [7], Competitive
Code [8], Ordinal Code [9], Robust Line Orientation Code [10] and Binary
Orientation Co-Occurrence Vector [11] were developed further, taking full
advantage of the binarized features along with multi-orientations.
Feature-based matching measures the similarity/dissimilarity between
two feature vectors/matrices with Euclidean distance, Hamming distance,
angular distance, etc.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 95
¦a i
bi
H a, b i 1 (1)
n
¦¦ A i, j
Ǻi , j
H A, Ǻ (2)
i 1 j 1
mn
where the size of A and B is m×n, Ai,j and Bi,j are the entries of A and B in
the i-th row and j-th column, respectively.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
96 Chapter Three
Token/key/seed/ID card
(variable factor)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 97
3 Palmprint Cryptosystems
There are a large number of cryptosystems available. If palmprint features,
considered as an authentication factor, are embedded in the existing
cryptosystems, the application range of palmprint biometrics will become
much broader. With the reference of embedding mechanisms, existing
palmprint cryptosystems can be divided into palmprint key generation and
key-binding. Furthermore, key-binding-based palmprint protection
technologies include palmprint fuzzy commitment and palmprint fuzzy
vault.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
98 Chapter Three
Plaintext S Encrypting
Ciphertext
Palmprint key Hash PB
CS
function
Palmprint Feature
extraction Error correction Database
encoding
Ciphertext CS
PB
Decrypting
Palmprint Plaintext
Database
key S
In the encrypting phase, the enrolled binary feature code is firstly extracted
as a palmprint key. Then, the BCH code and hash value of the palmprint
key are computed. The BCH code constitutes two parts: the original word
and parity bits (PB) used for word correction. Here, plaintext S is
encrypted. Finally, PB and ciphertext CS are stored in the database.
In the decrypting phase, the query binary feature code is extracted and
its error is corrected with PB to recover the palmprint key. Finally, CS can
be decrypted and S is retrieved.
Advantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 99
Disadvantages:
Template CS
Secret S Encoding XOR
Codeword
Template CS Codeword
XOR
Feature
code Decoding
Database
Feature
Palmprint extraction Secret S
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
100 Chapter Three
Advantages:
Disadvantages:
4.
In the enrolment phase, secret S is encoded to generate a codeword SE
with Reed-Solomon ECC. Following this, the codeword-grid is generated
by filling it with pseudo-random numbers (PRNs) and SE. Palmprint
features are extracted and normalized, and then a palmprint-grid is
generated, which is filled by the normalized features at the same position
of SE. A codeword-grid and palmprint-grid are bound to lock Vault V.
In the authentication phase, a query palmprint-grid is generated and
used to de-bind V. The true positions of SE can be retrieved with the
genuine palmprint-grid, so that the codeword can be restored. Through
decoding, V can be unlocked and S can be released.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 101
Codeword-grid
Secret S SE Filling PRN
Encoding Binding
and SE
Feature extraction
Palmprint
and normalization
Palmprint-grid Noise
codeword-grid
Noise codeword
Secret S Decoding
Advantages:
Disadvantages:
x The palmprint feature is not secure once V and S are both leaked,
i.e. non-invertibility is not satisfied.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
102 Chapter Three
x It is difficult to ensure that the genuine points and chaff points are
mixed uniformly.
x There is a conflict between security and accuracy. Security level is
low if the number of chaff points is small. However, it is hard to
retrieve enough genuine points if too many chaff points are added
into the vault.
x An attacker can exploit the correlation between the multiple
templates in different databases to retrieve genuine points.
3.4 Summary
Although several palmprint cryptosystems have been developed, a number
of open problems persist:
4 Cancellable Palmprints
Cancellable palmprint methods encrypt or transform an original palmprint
feature to its protected version through specific functions, a process which
can be briefly classified into invertible and non-invertible methods.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 103
Database Match
Result
Enrolment Authentication
Advantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
104 Chapter Three
Disadvantages:
icmp=argminIJ(I(x,y)*ȥR(x,y,Ȧ,șIJ)) (3)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 105
Winning index 0 1 2 3 4 5
0 0 1 2 3 2 1
1 1 0 1 2 3 2
2 2 1 0 1 2 3
3 3 2 1 0 1 2
4 2 3 2 1 0 1
5 1 2 3 2 1 0
iccmp=argminIJ(I(x,y)*ȥR(x,y,Ȧ,șIJ+Į)) (4)
iccmp=mod[argminIJ(I(x,y)*ȥR(x,y,Ȧ,șIJ))–Ȝ,6]=mod[icmp–Ȝ,6] (5)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
106 Chapter Three
x, y , T , u , V
G
(6)
1 § x2 y2 ·
exp ¨ ¸ exp ª¬ 2S 1 ux cos T uy sin T º¼
2SV 2
© 2V ¹
2
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 107
S S
¦ ¦ G x, y,T , u,V
G x, y , T , u , V G
x, y , T , u , V i S j =S (7)
2S 1
2
uc r1 u u , T c r2 u T , V c r3 u V (8)
Substitute u, ș and ı with u', ș' and ı', then Eq.(6) and Eq.(7) become:
x, y, T c, uc, V c
G r
(9)
1 § x2 y2 ·
exp ¨ 2 ¸
exp ª¬ 2S 1 ucx cos T c ucy sin T c º¼
2SV c 2
© 2V c ¹
G r x, y, T c, uc, V c
S S
(10)
¦ ¦ G x, y,T c, uc, V c
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
r
x, y, T c, uc, V c i
G S j =S
2S 1
r 2
The original palmprint images are filtered with a randomized Gabor filter,
so to extract features. X denotes the cancellable feature matrix with the
size of m×2n. xi,j denotes the entry of X, i=1,2,…,m, j=1,2,…,2n. The left
and right halves of X are generated with the real and imaginary parts of
Gabor filter, respectively.
0, if xi , j D
bi , j ® (11)
¯1, if xi , j t D
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
108 Chapter Three
Step 6. Matching
Advantages:
Disadvantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 109
Step 7. Matching
Advantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
110 Chapter Three
Disadvantages:
(2) 2DPalmHashing
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 111
0, if yi , j D (13)
bi , j ®
¯1, if yi. j t D
Advantages:
Disadvantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
112 Chapter Three
(3) (2D)2PalmHashing
The sizes of two pseudo-random matrices are a×m and n×b, a<m, b<n.
Advantages:
Disadvantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 113
(4) (2D)2FusionPalmHashing
Advantages:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
114 Chapter Three
Disadvantages:
PalmPhasor Code [25] and PalmHash Code [26]. Both PalmHash Code
and PalmPhasor Code have their 1D and 2D modes [37].
The difference between the PalmHash Code and PalmPhasor Code is
that different cancellable transformations are employed. The difference
between 1D and 2D modes is whether the feature matrix needs to be
reshaped to a vector, and whether the cancellable transformation is in 2D
mode. Four types of cancellable palmprint codes are introduced.
I, as the ROI, is cropped; and its mean and variance are normalized.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 115
W x, y , T , u , V =
G W
(14)
x2 y2 ½
2SV
1
2
exp ®
¯ 2V ¿
2 ¾ ^
exp 2S 1 ux cos TW uy sin TW `
șIJ [0,ʌ), u denotes the frequency of the sinusoidal wave, ı denotes the
standard deviation of the Gaussian envelope.
TW =
W 1 S ,W =1, 2,..., L (15)
L
GW x, y , TW , u , V =
S S
¦ ¦ G W i, j,TW , u, V (16)
W x, y , T , u , V i
G
S j S
W
2S 1
2
W
A I * GW (17)
* denotes convolution operation. ARIJ and AIIJ are the uniformly down-
sampled real and imaginary parts of A W , respectively. AIJ is the down-
sampled feature matrix, whose size is T×2T, where T=32.
Reshape AIJ to a vector aIJ, whose entries are taken column-wise from AIJ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
116 Chapter Three
^ 2
`
A set of PRN vectors rj j 1, 2,..., T are generated with a variable
2T 2
factor, in which the entries obey standard normal distribution. Use Gram-
Schmidt process to transform PRN vectors into an orthonormal set
^r Aj
2
2T j 1, 2,..., T 2 . `
Step 5. Perform 1DHash projection
The 1DHash projected vector of aIJ is ijIJ, whose entries are computed by:
2T 2
Mj W
¦ aW r
k 1
k A j ,k (19)
Step 7. Matching
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 117
`
obey non-zero standard normal distribution. Use Gram-Schmidt process to
transform PRN vectors into an orthonormal set rA j j 1, 2,..., T .
2T 2
^ 2
`
Step 5. Perform 1DPhasor projection
The 1DPhasor projected vector of aIJ is ijIJ, whose entries are computed by:
2T 2 § aWk ·
M Wj ¦ arctan ¨¨ r ¸¸ (21)
k 1 © A j ,k ¹
factor, in which the entries obey standard normal distribution. Use Gram-
Schmidt process to transform PRN vectors into an orthonormal set
^rA j 2T j 1, 2,..., T ` .
Step 5. Perform 2DHash projection
The 2DHash projected matrix of AIJ is ijIJ, whose entries are computed by:
2T
M iW, j ¦ aW
k 1
r
i ,k A j ,k (22)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
118 Chapter Three
where aIJi,k is the entry of AIJ in the i-th row and k-th column. rA j , k is the k-
th entry of rA j .
The 2DPhasor projected matrix of AIJ is ijIJ, whose entries are computed by:
2T § aiW,k ·
MiW, j ¦ arctan ¨¨ ¸¸ (24)
k 1 © rA j , k ¹
(5) Comparison
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 119
1D 2D
Original feature vector matrix
Cancellable transformation 1D 2D
Projected feature vector matrix
Accuracy performance low high
Computational cost high low
Storage cost high low
(1) Transposition
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
120 Chapter Three
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 121
with another code many times. The final matching score is the minimum
distance of the multi-translated matchings.
In 1D cancellable palmprint code, the structure between the adjacent
entries in the matrix is completely destroyed, so translations are not
conducive to dislocation remedy.
With regard to 2D cancellable palmprint code, the structure between
the adjacent columns in the matrix is destroyed. Thus horizontal
translation fails to remedy horizontal dislocation. On the contrary, the i-th
row vector of ijIJ is the fusion result of the PRN vector set and the i-th row
vector of AIJ with 2D cancellable transformation, so the structure between
the adjacent rows in the matrix is preserved. Thus vertical translation
assists to remedy vertical dislocation. This process informs to describe
why 2D cancellable palmprint codes outperform 1D cancellable palmprint
codes in terms of accuracy performance.
According to the aforementioned analysis on feature correlations, when
W W
șIJĺʌ/2, wij wy m decreases and wij wx m increases. In other words, the
vertically adjacent entries of ijIJ are similar; while the horizontal adjacent
entries of ijIJ are dissimilar. Thus the remedy of horizontal dislocation is
more important than that of vertical dislocation. However, horizontal
translation is useless to remedy horizontal dislocation, and hence accuracy
performance deteriorates.
When șIJĺʌ/2, the serious disturbance of horizontal dislocation can be
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
1 L
dF ¦ dW
LW 1
(25)
The decidability index d' measures how well the genuine and impostor
distributions are separated.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
122 Chapter Three
PG P I
dc
V 2
G V I2 (26)
2
1 L
Statement 1 E d F ¦ E dW , E(x) refers to the expectation of x.
LW 1
2 ª º
§1· « L
Statement 2 Var F ¨ ¸ «¦ W
d
© L¹ W 1
Var d 2 ¦
1dW1 d L1
cov dW1 , dW2
»
» , Var(x)
«¬ W1 1dW 2 d L »¼
refers to the variance of x. cov(x,y) refers to the covariance of x and y.
From Statement 2, two factors affect the variance of the fusion score with
mean rule. One is Var(dIJ); the other is cov dW1 , dW 2 .
§ ·
L
1
cov dW1 , dW 2 Var dW , so Var d F
Var ¨ ¦ dW ¸ . The denominator of
L ©W 1 ¹
the decidability index is reduced by mean rule, i.e. the decidability index is
enlarged, so accuracy performance improves.
However, with the increment of L, the correlation between the
matching scores along different șIJ becomes stronger, so cov dW1 , dW 2
increases. Thus the accuracy performance improvement by mean rule is
leveled off when L exceeds a threshold. Normally, L=4 or 6 is appropriate.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 123
4.7 Summary
Invertible cancellable palmprints do not meet non-invertibility
requirements, so this technique is less useful in practice. However, the
security of non-invertible cancellable palmprints is seriously threatened by
the following factors:
5 Hybrid Methods
No single palmprint template protection method is able to satisfy all the
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
124 Chapter Three
Encoding DKB
PB
Protection
Database function
DKB key
Palmprint Feature
extraction
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Database
Protection
function
DKB key
In the enrolment phase, the extracted feature and the variable factor are
fused with a cancellable transform to generate a cancellable key. The
parity bits (PB) of the cancellable key are computed with BCH ECC, and
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 125
stored in database. The cancellable key and variable factor are bound to
constitute a key that controls the protection function. The protection
function can be encryption, scrambling, or hash function. Since the
protection function is tied to its key, any DKB rule can be used, such as
concatenation of the cancellable key and the variable factor. The
protection function then converts the cancellable key into a DKB key.
In the authentication phase, the cancellable feature is generated with a
cancellable transformation. The errors are corrected with PB so that the
corrected code is identical to the cancellable key in the enrolment phase.
The subsequence steps follow the same as those in the enrolment phase.
Finally, an identical DKB key is retrieved.
Advantages:
Disadvantages:
x Parity bits (PB) stored in the database are likely to leak some
information of cancellable key.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
126 Chapter Three
Genuine point
Secret key Encoding Fuzzification
generation
Vault
Enrolment
Authentication
Feature Random Genuine point
Palmprint extraction projection filtration
Advantages:
Disadvantages:
5.3 Summary
Existing hybrid palmprint protection methods directly combine cancellable
palmprint and palmprint cryptosystems. However, how to effectively
couple them to contribute more is still unsolved satisfactorily.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 127
Acknowledgments
This work was partially supported by National Natural Science Foundation
of China (61305010), Institute of BioMed-IT, Energy-IT and Smart-IT
Technology (BEST), a Brain Korea 21 Plus Program, Yonsei University
(2014-11-0007), Basic Science Research Program through National
Research Foundation (NRF) of Korea funded by Ministry of Science, ICT
and Future Planning (2013006574), China Postdoctoral Science
Foundation (2013M531554), Postdoctoral Foundation of Jiangxi Province
(2013RC20), Voyage Project of Jiangxi Province (201450) and Doctoral
Starting Foundation of Nanchang Hangkong University (EA201308058).
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
128 Chapter Three
References
[1] A. Kong, D. Zhang, and A. Kamel. “A survey of palmprint
recognition.” Pattern Recognition 42.7 (2009): 1408-1418.
[2] N. Ratha, J. Connell, and R. Bolle. “Enhancing security and privacy in
biometrics-based authentication systems.” IBM System Journal 40.3
(2001): 614-634.
[3] A.K. Jain, K. Nandakumar, and A. Nagar. “Biometric template
security.” EURASIP Journal on Advances Signal Processing, Special
Issue on Biometrics (2008): 1-20.
[4] D. Zhang. Palmprint authentication. Dordrecht: Kluwer Academic
Publishers, 2004. 11-16.
[5] A.B.J. Teoh, and L. Leng. Palmprint matching (in Encyclopedia of
Biometrics, 2nd edn). Berlin: Springer-Verlag Publisher, 2014. 1-8.
[6] D. Zhang, A. Kong, J. You, and M. Wong. “Online palmprint
identification.” IEEE Transactions on Pattern Analysis and Machine
Intelligence 25.9 (2003): 1041-1050.
[7] A.W.K. Kong, and D. Zhang. “Feature-level fusion for effective
palmprint authentication,” Proceedings of the 1st International
Conference on Biometric Authentication, Hong Kong, China, 15-17
July 2004. 761-767.
[8] A.W.K. Kong, and D. Zhang. “Competitive coding scheme for
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 129
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
130 Chapter Three
[27] L. Leng, A.B.J. Teoh, M. Li, and M.K. Khan. “A remote cancelable
palmprint authentication protocol based on multi-directional two-
dimensional PalmPhasor-fusion.” Security and Communication
Networks 7.11 (2014): 1860-1871.
[28] A.B.J. Teoh, D.C.L. Ngo, and A. Goh. “BioHashing: two factor
authentication featuring fingerprint data and tokenised random
number.” Pattern Recognition 37.1 (2004): 2245-2255.
[29] A.B.J. Teoh, and D.C.L. Ngo. “Cancellable biometrics featuring with
tokenised random number.” Pattern Recognition Letters 26.10 (2005)
1454-1460.
[30] W. Johnson, and J. Linderstrauss. “Extensions of lipshitz mapping
into Hilbert space.” Contemporary Mathematics 26 (1984): 189-206.
[31] K.H. Cheung, A. Kong, D. Zhang, M. Kamel, J.T. You, and H.W.
Lam. “An analysis on accuracy of cancelable biometrics based on
BioHashing,” Proceedings of the 9th International Conference on
Knowledge-Based Intelligent Information and Engineering Systems,
Melbourne, Australia, 14-16 September 2005. 1168-1172.
[32] A. Kong, K.H. Cheung, D. Zhang, and M. Kamel. “An analysis of
BioHashing and its variants.” Pattern Recognition 39.7 (2006): 1359-
1368.
[33] P. Sanguansat. “Two-dimensional random projection for face
recognition,” Proceedings of the 1st International Conference on
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Palmprint Template Protection Technologies 131
[38] L. Leng, A.B.J. Teoh, M. Li, and M.K. Khan. “Orientation range for
transposition according to the correlation analysis of 2DPalmHash
Code,” Proceedings of the IEEE International Symposium on
Biometrics & Security Technologies, Chengdu, China, 2-5 July 2013.
230-234.
[39] L. Leng, A.B.J. Teoh, M. Li, and M.K. Khan. “Analysis of correlation
of 2DPalmHash Code and orientation range suitable for transposition.”
Neurocomputing, 131 (2014): 377-387.
[40] C. Li, and J.K. Hu. “Attacks via record multiplicity on cancelable
biometrics templates.” Concurrency and Computation: Practice and
Experience 26.8 (2014): 1593-1605.
[41] C. Rathgeb, and C. Busch. “Irreversibility analysis of feature
transform-based cancelable biometrics,” Proceedings of the 15th
International Conference on Computer Analysis of Images and
Patterns, York, UK, 27-29 August 2013. 177-184.
[42] Y.C. Feng, M.H. Lim, and P.C. Yuen. “Masquerade attack on
transform-based binary-template protection based on perceptron
learning.” Pattern Recognition 47.9 (2014): 3019-3033.
[43] Y.J. Lee, Y.S. Chung, and K.Y. Moon. “Inverse operation and
preimage attack on BioHashing,” Proceedings of the IEEE Workshop
on Computational Intelligence in Biometrics: Theory, Algorithms, and
Applications, Nashville, USA, 30 March-2 April 2009. 92-97.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
PART 2.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER FOUR
MENG-HUI LIM
DEPARTMENT OF COMPUTER SCIENCE,
HONG KONG BAPTIST UNIVERSITY
Abstract
Biometric discretization converts real-valued biometric features (e.g., face,
fingerprint, and signature) into a binary string for template protection and
cryptographic key generation. Biometric discretization can be decomposed
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 135
1 Introduction
Uniqueness of biometric features has rendered biometrics a potential
source for biometric template protection and biometric-generated
cryptographic (Bio-Crypto) key generation. Template protection schemes
such as fuzzy commitment [9], fuzzy extractor [5], helper data system
[10][18][22], and secure sketch [12] leverage biometric features to protect
the biometric template itself; while Bio-Crypto key generation extracts a
digital key from biometrics, in which the Bio-Crypto key will later serve
as a “representative” cryptographic key that can be used in a variety of
cryptographic applications. Both these applications require biometrics to
be represented in binary. However, the commonly-extracted features of
many modalities (e.g., face, fingerprint, and signature) are inherently real-
valued. To bridge the gap between the required binary form of biometric
representation by these applications and the inherent continuous form of
extracted features, biometric discretization is developed.
Biometric discretization is the process of transforming a real-valued
biometric representation into its binary counterpart. In general, biometric
discretization can be decomposed into two essential components:
biometric quantization and feature encoding. These components may be
governed by a bit allocation algorithm that determines the quantity of
binary bits allocated to every feature dimension. According to the
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
136 Chapter Four
Enrolment: Verification:
Raw Biometric Data Raw Biometric Data
Acquisition Acquisition
Discretization Discretization
Bit Allocation Bit Allocation
Helper data Helper data
Quantization Quantization
Storage
Encoding Encoding
Concatenation Concatenation
Binary
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Binary
Representation Representation
Verification of De-
committed output or
Reconstructed
Representation
the Hamming distance between the query and the enrolled binary
representation is greater than the threshold. Otherwise, it will result in a
false accept. Hence, a false rejection rate (FRR) quantifies the likelihood
of incorrect rejection of a genuine user, while a false acceptance rate
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 137
σ
ൌ σ௭ୀ ǡ୧୴ୣ୬ௗ ࢊ ࢊ ௗ ሺݒሻ݀ݒ (1)
ಹ ൫࢈࢚ ǡ࢈ ൯ୀ௭ ௧
ߚௗ ሺ݇ ௗ ȁ݊ௗ ሻ ൌ ܲ ൫݀ு ൫࢈ࢊ࢚ ǡ ࢈ࢊ ൯ ൌ ݖ൯
௭ୀ ାଵ
ൌ σ௭ୀ ାଵ σǡ୧୴ୣ୬ௗ ࢊ ࢊ ௗ ሺݒሻ݀ݒ (2)
ಹ ൫࢈࢚ ǡ࢈ ൯ୀ௭ ௧
where ݅݊ݐௗ represents the interval with index ݍon the ݀-th feature
dimension,ܲ denotes the imposter's probability and ܲ denotes the
genuine user's probability. Figure 2. presents a pictorial illustration of the
one-dimensional four-interval discretization with FAR and FRR
illustrations for ݇ ௗ ൌ Ͳ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
138 Chapter Four
genuine measurement would lie) embraced by the boundaries with the mark 'X'.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 139
2 Advances in Quantisation
Biometric discretization can be classified according to its quantization
fashion: univariate vs. semi-multivariate vs. multivariate; and static vs.
dynamic. Considering that a -dimensional feature space is divided into
multiple ɗ-dimensional subspaces, univariate quantization takes ɗ ൌ ͳ
and performs quantization on every single-dimensional feature element by
assuming independence among these components. Semi-multivariate
quantization takes ͳ ൏ ɗ ൏ and performs quantization on each subset
of single-dimensional feature components by assuming independency
among these subsets. Finally, by taking ɗ ൌ ǡ multivariate discretization
performs quantization directly on a -dimensional feature space. The
discretization schemes in the literature mostly belong to a univariate
category and only a few belong to the semi-multivariate and multivariate
categories.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 141
Medoid-based
Segmentation
Multivariate
[16]
Polar Quantization
Semi-Multivariate
Static
[2]
Quantization
Reliability-Dependent
Dynamic DROBA [13]
Dynamic
DROBA [4]
Univariate
Quantization [21][23]
Quantization [6][11]
Equal Probable
Entropy-based
Quantization
Equal Width
Static
[3][10][22]
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
142 Chapter Four
ୢ ୢ
where ୫ୟ୶ and ୫୧୬ denote the maximum and minimum feature value in
the -th dimension, respectively. Despite its simplicity, equal-width
quantization is sensitive towards the range of the feature values. Hence,
the quantization outcome can easily be affected by outliers. In addition,
when the background probability distribution is not uniform, the samples
tend to have higher probabilities in certain intervals. An adversary could
search for and produce the label of the interval with the highest probability
as his guess for the output of a particular feature dimension, resulting in
suboptimal entropy of the final representation.
Alternatively, equal-probable quantization partitions every feature
space into non-overlapping intervals encapsulating equal background
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ଵ
probability mass [3][10][22]. The constructed intervals constitute
ୗ
different widths when the background distribution is not uniform. This
quantization technique produces equally-probable binary representation
and offers maximum entropy for optimal security provision. Both equal-
width and equal-probable quantization schemes are illustrated in Figure 4.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 143
ȁॺభ ȁ ȁॺమ ȁ
ܧሺ݀ǡ ݍǢ ॺሻ ൌ ȁॺȁ
ܧሺॺଵ ሻ ȁॺȁ
ܧሺॺଶ ሻ (5)
where ࡱሺॺ ሻ and ࡱሺॺ ሻ are the entropy of subset ॺ and ॺ , respectively
and ȁॺȁ ൌ ȁॺ ȁ ȁॺ ȁ . The interval cutpoint for which ࡱሺࢊǡ Ǣ ॺሻ is
minimal among all candidate cutpoints is taken to be the best cutpoint for
a split. The final intervals are induced in such a way that majority samples
enclosed within each interval belong to a specific identity.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
144 Chapter Four
where ୢ୨ and ୢ୯ౠ represent the probability density function and the
genuine interval of the -th user, respectively.
DROBA
For the ݆-th user, ݆ ͳ אǡ ǥ ǡ ܬ,
Enrolment
Input: ܦǡ ܰǡ ݊௫ ;
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Initialize:ሼ݊ௗ ሽ
ௗୀଵ ൌ ͲǤ
Repeat steps (a) and (b) for N times:
a) Identify among the feature spaces that has the
highest detection rate:
݀ כൌ ቊ ൫ߜሺ݊ௗ ͳሻ൯ȁ݊ௗ ൏ ݊௫ ቋ,
ௗאሼଵǡǥǡሽ
b) Add one to the allocated bits of the ݀ כ
dimension:
כ כ
݊ௗ = ݊ௗ + 1,
۱ ܜ܋ܝܚܜܛܖܗቄ݅݊ݐଵ ǡ ݅݊ݐଶ ǡ ǥ ǡ ݅݊ݐ ቀ ቁ ቅ if ݊ௗ ് Ͳ
ଶ ௗୀଵ
ௗ ௗ
Store ݄݈݁ ൌ ൜݊ Ǣ ቄ݅݊ݐଵ ǡ ǥ ǡ ݅݊ݐ ቅൠ Ǥ
ଶ ௗୀଵ
Query
Input: Real-valued extracted features ൛ݒௗ ൟ
ௗୀଵ
۳݈݄݁ܜ܋܉ܚܜܠ & ۱ ܜ܋ܝܚܜܛܖܗቄ݅݊ݐଵ ǡ ݅݊ݐଶ ǡ ǥ ǡ ݅݊ݐ ቀ ቁ ቅ
ଶ ௗୀଵ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 145
܌ܖ܉܍ܢܑܜܖ܉ܝۿ۳ ܍܌ܗ܋ܖ൛ݒௗ ൟ ՜
ௗୀଵ
ቄࣟ ቀ࣫ ቀݒௗ ǡ ʹ ቁ ǡ ݊ௗ ቁቅ where ࣟ൫࣫൫ݒௗ ǡ ͳ൯ǡ Ͳ൯ ൌ Ǥ
ௗୀଵ
Concatenate ቄࣟ ቀ࣫ ቀݒௗ ǡ ʹ ቁ ǡ ݊ௗ ቁቅ ൌ ࢈
ௗୀଵ
Output: Bit string ࢈
ߜ௫ ൌ ς ௗ
ௗୀଵ ߜሺ݊ ሻ
σವ
సభ ୀே
identify among the dimensions the one that has the highest detection rate.
Once a dimension (say ) כis found, a 1-bit allocation is officially assigned
to the כ-th dimension. For the next bit allocation, a new detection rate is
calculated for the כ-th dimension, based on the 2-bit allocation setting.
This detection rate will be compared to the 1-bit-allocation-based
detection rate of all other dimensions, and the dimension with the highest
detection rate will be selected for the second bit allocation. The same
procedure is repeated until all bits are allocated. Finally, an -bit query
binary string is derived from the feature dimensions.
With this, DROBA maximizes the overall detection rate through
extracting bits corresponding to quantization settings. In fact,
maximizing the overall detection rate is equivalent to maximizing the
probability of genuine features staying within the relative genuine
intervals, thus attempting to achieve a minimum intra-user variation in
producing the final binary string.
Compared to the entropy, equal-width and equal-probable quantization
schemes, the additionally-stored bit allocation information only describes
which of the feature components are more important. Hence, revealing it
to an adversary would not facilitate the reconstruction of the binary string
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
146 Chapter Four
nor the biometric features of the genuine user. Hence, security and privacy
violation using the helper data remain difficult.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 147
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
148 Chapter Four
user scatter). Due to that the distance between the mean of the feature pair
and the origin is found to dominate the inter- and intra-user scatters, two
feature pairing strategies are proposed to determine how the feature
components should be paired in order to optimize the discrimination of the
final binary string. The pairing strategies are:
(medoid) that characterizes the segment itself, such that the average
dissimilarity from the medoid to all training measurements in the segment
is minimal. Apart from being more robust to outliers, medoid-based
segmentation restricts segment representatives to sample points belonging
to the data set and thus explores a smaller solution space than other
centroid-based methods. Compared to univariate discretization techniques
that induce hyper-cubical/rectangular segments from a high dimensional
point of view, multivariate medoid-based segmentation produces convex
irregular hyper-polygonal segments shown in Figure 6., so to capture non-
uniform intra-user distribution that may not able to be well-captured by a
hyper-cubic/rectangular segment.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 149
Multivariate Discretization
1
0.9
0.8
0.7
0.6
Dimension 2
0.5
0.4
0.3
0.2
0.1
0
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1
Dimension 1
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Medoid-based Segmentation
1. Given ࢜ for ݆ ൌ ሼͳǡ ǥ ǡ ܬሽ and ݅ ൌ ሼͳǡ ǥ ǡ ܫሽǡ create an initial
solution ܵܮ௧ by randomly selecting a non-overlapping set of k
medoids (representatives), such that
ܵܮ௧ ൌ ܵ ܮൌ ሼ ǡ ǡ ǥ ǡ ሽǤ
2. Identify the non-representative points ࢜ associated with ࢛
for ݑൌ ሼͳǡʹǡ ǥ ǡ ݇ሽ and ݅ ൌ ሼͳǡʹǡ ǥ ǡ ȁݏݑ݈ܥ௨ ȁሽ to form the initial
segments.
3. For each segmentݑ, exchange every ࢜ሺ࢛ሻ with ࢛ and
compute
ௗ
݃൫࢜ሺ࢛ሻ ൯ ൌ หݒሺ௨ሻ െ ݉௨ௗ ห
ௗୀଵ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
150 Chapter Four
4. For each segment ݑ, select the lowest ݃ሺ࢜ሺ࢛ሻ ሻ and replace ࢛
with ࢜ሺ࢛ሻ Ǥ
5. Repeat steps 2 to 4 until there is no change in ܵ ܮand return the
final solution ܵܮ .
Segmentation Encoding
1. With the final solution ܵܮ ൌ ሼ ǡ ǡ ǥ ǡ ሽ from the
segmentation phase, sort the medoids ascending according to
their d-th component value to obtain the sorted indices
ݏଵௗ ǡ ݏଶௗ ǡ ǥ ǡ ݏௗ :
ሾݏଵௗ ǡ ݏଶௗ ǡ ǥ ǡ ݏௗ ሿ ൌ ܽݐݎݏ̴݃݊݅݀݊݁ܿݏ൫݉ଵௗ ǡ ݉ଶௗ ǡ ǥ ǡ ݉ௗ ൯ǡ ݀
ൌ ͳǡʹǡ ǥ ǡ ܦǤ
2. Assign the codeword of index ߟ to the ሺߟ ͳሻ-th medoid
component, such that
݉௦ௗ ՚ ࢈ࢊࣁࢊ ǡ
ആశభ
ߟௗ ൌ ሼͲǡͳǡ ǥ ǡ ݇ െ ͳሽǢ ݀
ൌ ሼͳǡʹǡ ǥ ǡ ܦሽǤ
3. As a result, a D-dimensional sample point that falls within a
segment is eventually mapped to a concatenation of ܦ
codewords representing the corresponding medoid:
࢈ = ቄ࢈ࣁ ȁȁ࢈ࣁ ȁȁ ǥ ȁȁ࢈ࡰ
ࣁࡰ
ቅ
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
BRGC is a code which visits all ʹ୬ binary -tuples orderly, such that
every successive pair of codewords differs by a single bit. By labelling
quantization intervals with BRGC codewords, the Hamming distance
between the output bits of any two adjacent intervals can be confined to
one. This could minimize intra-class variations in the Hamming domain.
Given a specific number of quantization intervals or encoding
elements in a code, the code length for both DBR and BRGC can be
determined as ୈୖ ൌ ୖୋେ ൌ ڿଶ ۀbits. Instances of DBR and
BRGC with ୈୖ ǡ ୖୋେ ൌ ሼ͵ǡͶሽ sizes ൌ ሼͺǡͳሽ are illustrated in Table
1, where the codewords used for labeling the quantization intervals are
indexed from 0 to െ ͳ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
152 Chapter Four
Table 1. Complete code instances: DBR and BRGC for ܁ൌ ሼૡǡ ሽ
with [࣎] indicating the codeword index.
DBR BRGC
ୈୖ ൌ ͵ ୈୖ ൌ Ͷ ୖୋେ ൌ ͵ ୖୋେ ൌ Ͷ
ൌͺ ൌ ͳ ൌͺ ൌ ͳ
[0] 000 [0] 0000 [8] 1000 [0] 000 [0] 0000 [8] 1100
[1] 001 [1] 0001 [9] 1001 [1] 001 [1] 0001 [9] 1101
[2] 010 [2] 0010 [10] 1010 [2] 011 [2] 0011 [10] 1111
[3] 011 [3] 0011 [11] 1011 [3] 010 [3] 0010 [11] 1110
[4] 100 [4] 0100 [12] 1100 [4] 110 [4] 0110 [12] 1010
[5] 101 [5] 0101 [13] 1101 [5] 111 [5] 0111 [13] 1011
[6] 110 [6] 0110 [14] 1110 [6] 101 [6] 0101 [14] 1001
[7] 111 [7] 0111 [15] 1111 [7] 111 [7] 0100 [15] 1000
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 153
Table 2. Instances of LSSC for ܁ൌ ሼǡ ǡ ǡ ሽ where [࣎] denotes the
codeword index.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
154 Chapter Four
Table 3. Instances of PLSSC for ܁ൌ ሼǡ ǡ ૡǡ ሽ where [࣎] denotes
the codeword index.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 155
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
156 Chapter Four
to the size ofͳ ൈ ͵ for both data sets. Finally, histogram equalization
was applied to the cropped images.
In the experiments, three rounds of four-fold cross-validation were
carried out with different training/testing partition and the experimental
results were averaged over the rounds to avoid bias in the classification
accuracy. Prior to discretization, discriminative/representative features
were initially extracted based on the raw features using Eigenfeature
Regularization and Extraction (ERE) [8]. Generally, the raw dimensions of
the images from both data sets were reduced to 128. For dynamic
discretization, the maximum number of quantization bits in each feature
dimension ୫ୟ୶ is limited to 6. As for static discretization, if the length of
(୫ୟ୶ -bit) binary strings exceeds the specified entropy, the first bits
of the binary strings will be adopted for performance evaluation.
For measuring false acceptance rate (FAR) of the system, each image
of every identity was matched against a random image of every other
identity within the testing partition (without overlapping selection), while
for evaluating the system false rejection rate (FRR), each image was
matched against every other images of the same identity for every identity
within the testing partition. Hamming distance is taken as the dissimilarity
measure. The Equal Error Rate (EER), that is, the error rate where FAR =
FRR, is used as a comparative measure for classification performance. The
lower the EER a scheme achieves, the better the scheme is considered to
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
be.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 157
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
158 Chapter Four
24 [LSSC] Flexi-DROBA
[LSSC] RDBA
22
20
18
16
14
12
10
8
6
64 128 192 256 320 384
Entropy L (bits)
(Ia)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 159
1000
500
0
64 128 192 256 320 384
Entropy L (bits)
(Ib)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
160 Chapter Four
12 [LSSC] Flexi-DROBA
[LSSC] RDBA
10
0
64 128 192 256 320 384
Entropy L (bits)
(IIa)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 161
1000
500
0
64 128 192 256 320 384
Entropy L (bits)
(IIb)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
162 Chapter Four
References
[1] Chang, Y., Zhang, W., Chen, T., “Biometric-based Cryptographic Key
Generation,” IEEE International Conference on Multimedia and Expo
(ICME 2004), vol. 3, pp. 2203-2206, 2004.
[2] Chen, C., Veldhuis, R., “Binary Biometric Representation through
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Biometric Discretization for Template Protection 163
[7] Gray, F., “Pulse Code Communications,” U.S. Patent 2632058, 1953.
[8] Jiang, X.D., Mandal B., Kot A., “Eigenfeature Regularization and
Extraction in Face Recognition,” IEEE Transactions on Pattern
Analysis and Machine Intelligence, vol. 30, no. 3, pp. 383-394, 2008.
[9] Juels, A., Wattenberg, M., “A Fuzzy Commitment Scheme,” the 6th
ACM Conference in Computer and Communication Security (CCS'99),
pp. 28-36, 1999.
[10] Kevenaar, T.A.M., Schrijen, G.J., Van der Veen, M., Akkermans,
A.H.M., Zuo, F., “Face Recognition with Renewable and Privacy
Preserving Binary Templates,” the 4th IEEE Workshop on Automatic
Identification Advanced Technologies (AutoID '05), pp. 21-26, 2005.
[11] Kumar, A., Zhang, D., “Hand Geometry Recognition using
Entropy-based Discretization,” IEEE Transactions on Information
Forensics and Security, vol. 2, pp. 181-187, 2007.
[12] Li, Q., Sutcu, Y., Memon, N., “Secure Sketch for Biometric
Templates,” the 12th International Conference on the Theory and
Application of Cryptology and Information Security (ASIACRYPT
‘06), Lecture Notes in Computer Science, vol. 4284, pp. 99-113, 2006.
[13] Lim, M.-H., Teoh, A.B.J., and Toh, K.-A., “Biometric
Discretization via a Dynamic Detection Rate-based Bit Allocation with
Genuine Interval Concealment, The IEEE Transactions on Systems,”
Man, and Cybernetics, Part B (TSMCB), vol. 43, no.3, pp. 843-857,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
2013.
[14] Lim, M.-H. and Teoh, A.B.J., “A Novel Encoding Scheme for
Effective Biometric Discretization: Linearly Separable SubCode,” The
IEEE Transactions on Pattern Analysis and Machine Intelligence
(TPAMI), vol. 35, no. 2, pp. 300-313, 2013.
[15] Lim, M.-H., Teoh, A.B.J., and Toh, K.-A., “An Efficient
Dynamic Reliability-Dependent Bit Allocation for Biometric
Discretization,” Pattern Recognition (PR), vol. 45, no. 5, pp. 1960-
1971, 2012.
[16] Lim, M.-H. and Teoh, A.B.J., “Non-User-Specific Multivariate
Biometric Discretization with Medoid-based Segmentation,” the 6th
Chinese Conference on Biometric Recognition (CCBR 2011), LNCS,
vol.7098, pp.279-287, 2011.
[17] Lim, M.-H. and Teoh, A.B.J., “An Effective Biometric
Discretization Approach to Extract Highly Discriminative, Informative
and Privacy-Protective Binary Representation,” EURASIP Journal on
Advances in Signal Processing, vol. 2011, no. 107, 2011.
[18] Linnartz, J.-P., Tuyls, P., “New Shielding Functions to Enhance
Privacy and Prevent Misuse of Biometric Templates,” the 4th
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
164 Chapter Four
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER FIVE
Abstract
The goal of this chapter is to discuss methods that can be used to extend
privacy to biometric data in the context of an operational system.
Biometric data can be viewed as personal data, since it pertains to the
biological and behavioural attributes of an individual. Besides being used
to recognize individuals, biometric data can potentially be used to glean
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
166 Chapter Five
1 Introduction
Classical image-based biometric systems capture the biological and
behavioural attributes of an individual in the pixel space and transform it
to a lower dimensional feature space (i.e., feature sets). Preserving the
privacy of the stored biometric data (i.e., biometric images and/or feature
sets) is essential to the integrity of a biometrics system. Loss of privacy
occurs if the biometric data is used by authorized or unauthorized
agencies to glean additional information such as an individual’s health,
gender, age, ancestry origin, etc. [1], or to link biometric databases
belonging to different applications. Recently, Acquisti et al. [2]
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 167
(a)
(b)
Figure 1: Illustration of de-identifying biometric data at (a) the image-level and (b)
the feature-level.
feature sets. This is because the noninvertible functions in the case of the
former are constrained to retain the transformed images in the same image
space as the original images while, at the same time, preserve the
discriminability of the original images. Zuo et al. [4] de-identified iris
images by combining the original image with a synthetic one and by
shifting and combining rows of the unwrapped iris image. In [5][6],
geometric transformations suggested by Ratha et al. [3], such as block re-
mapping and grid morphing, have been applied to iris images.
Newton et al. [7] and Gross et al. [8] introduced a face anonymisation
method that minimized the chances of performing automatic face
recognition while preserving details of the face such as expression, gender
and age. Bitouk et al. [9] proposed a face swapping technique that
protected the identity of a face image by automatically substituting it with
replacements taken from a large library of public face images. However, in
the case of both face anonymisation and swapping, the original face
images are irrevocably lost, thereby impacting their use for face
recognition.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 169
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
170 Chapter Five
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 171
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
172 Chapter Five
x Condition (1): For any matrix ܤin ܥ , the OR operation on any ݇
of the ݊ rows satisfies ܪሺܸሻ ൏ ݀ െ ߙ݉.
x Condition (2): For any matrix ܤin ܥଵ , the OR operation on any ݇
of the ݊ rows satisfies ܪሺܸሻ ݀.
x Condition (3): Consider extracting ݍrows, ݍ൏ ݇ , from two
matrices, ܤ ܥ א and ܤଵ ܥ אଵ ǡ resulting in new matrices ܤᇱ and
ܤଵᇱ . Then, ܤᇱ and ܤଵᇱ are indistinguishable in that there exists a
permutation of columns of ܤᇱ that would result in ܤଵᇱ . In other
words, any ݍൈ ݉ matrix ܤ ܥ א and ܤଵ ܥ אଵ are identical up to a
column permutation.
Conditions (1) and (2) define the image contrast due to VCS. Condition
(3) imparts the security property of a ȋ݇ǡ ݊Ȍ VCS which states that the
careful examination of fewer than k shares will not provide information
about the original pixel ܲ . Therefore, the important parameters of the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 173
ͳ ͳ ͲͲ
C0 = {all the matrices obtained by permuting the columns of ቂ ቃ }
ͳ ͳ ͲͲ
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ͳ ͳ ͲͲ
C1 = {all the matrices obtained by permuting the columns of ቂ ቃ }.
Ͳ Ͳ ͳͳ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
174 Chapter Five
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 175
evident that the contrast of the original image is better restored in the
latter.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
176 Chapter Five
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 177
(a) (b)
Figure 7: Encryption of a private face image using the basic VCS leads to
unsatisfactory results. (a) is a private face image. (b) is the result of overlaying the
random noise sheets.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
178 Chapter Five
Let ܲ ൌ ሼܪଵ ǡ ܪଶ ǡ Ǥ Ǥ Ǥ ǡ ܪே ሽbe a public dataset containing a set of candidate
host images that can hide the assigned private face image, O. The task is to
select two host images ܪ and ܪ , ݅ ് j and ݅ǡ ݆ ൌ ͳǡʹǡ Ǥ Ǥ Ǥ ǡ ܰ from ܲ .
Therefore, first, an Active Appearance Model (AAM) [27] that
characterizes the shape and texture of the face is utilized to determine the
similarity between the private face image and candidate host images
(Figure 8). Next, for selecting compatible hosts, the cost of registering
(aligning) each image in the public dataset with the private image is
computed, ܶ . These costs are sorted in order to locate two host images,
ܪ௦ଵ and ܪ௦ଶ , with the minimum registration costs. However, as shown in
[21], utilizing this cost alone is not sufficient. Thus, the texture is used as
an additional criteria and the cost associated with this is denoted as ܣ .
Therefore, the final cost ܨ , which is associated with each host image, is
the sum of the normalized transformation cost ܶ and the normalized
appearance cost ܣ . The simple min-max normalization technique is used
to normalize both costs. After aligning the two selected host images
(ܪ௦ଵ ǡ ܪ௦ଶ ) with the secret image (ܱ), the aligned hosts and the secret
image are cropped to capture only the facial features which have been
located by AAM. Finally, GEVCS is used to hide the secret image,ܱ, in
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 179
the two host images ܪ௦ଵ and ܪ௦ଶ resulting in two sheets denoted as ܵଵ and
ܵଶ , respectively. ܵଵ and ܵଶ are superimposed in order to reveal the secret
private image. The final target image is obtained by the reconstruction
process that reverses the pixel expansion step to obtain the original image
size. Figure 9 shows examples of private face images, their corresponding
sheets and reconstructed images.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Figure 9: Illustration of the proposed approach using face images from the IMM
Database [25].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
180 Chapter Five
private image. Maintaining the ownership of one of the sheets (i.e., a part
of the secret) with the user minimizes information leakage and improves
privacy since the user controls the collection, storage and usage of the
biometric information. Moreover, the secret, i.e., the biometric image, can
be reconstructed by a simple binary operation, i.e., an OR-operation.
Therefore, utilizing visual cryptography schemes avoids the design of
complicated decryption and decoding routines unlike classical watermarking
[31][32], steganography [33], or cryptosystem [16] approaches. This
makes VCS an appropriate de-identifying method for mobile devices due
to the simplicity of the decryption process.
Finally, using face images as hosts (as opposed to using random noise
or other natural images) has several benefits in the context of biometric
applications. First, soft biometric attributes of the private face images such
as age, gender, ethnicity, etc. can be retained in the host images thereby
preserving the soft biometric aspects of the face while perturbing its
identity. Alternately, these soft biometric attributes, as manifested in an
individual’s face, can also be deliberately distorted by selecting host
images with opposite attributes as that of the private image. Second, a set
of public face images (e.g., those of celebrities) may be used to host the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 181
private face database. In essence, a small set of public images can be used
to encrypt an entire set of private face images. Third, using non-face
images as hosts may result in visually revealing the existence of a secret
face [26] [21]. Fourth, while decomposing the face image into random
noise structures may be preferable, it can pique the interest of an
eavesdropper by suggesting the existence of secret data. Also,
decomposing into random noise images can degrade the quality of the
reconstructed face images as well as the recognition performance.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
182 Chapter Five
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 183
Figure 11: Decomposing a fingerprint. The red circles represent some of the
irregularities in the fingerprint, i.e., the minutiae points.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
184 Chapter Five
Since ridges and minutiae can be completely determined by the phase [37],
we are only interested in ߖሺݔǡ ݕሻ. The other three parameters in Equation
(2) contribute to the realistic textural appearance of the fingerprint. Before
fingerprint decomposition, the phase ߖሺݔǡ ݕሻmust be reliably estimated;
this is termed as demodulation.
In this work, a special demodulation technique was adapted and
referred to as vortex demodulation. The objective of vortex demodulation
[39] is to extract the amplitude ܾሺݔǡ ݕሻ and phase ߖሺݔǡ ݕሻ of the
fingerprint pattern. First, the DC term ܽሺݔǡ ݕሻhas to be removed since the
failure to remove this offset correctly may introduce significant errors in
the demodulated amplitude and phase [39]. To facilitate this, a normalized
fingerprint image, ݂ሺݔǡ ݕሻ, containing the enhanced ridge pattern of the
fingerprint [35] is used. From Equation (2), ݂ሺݔǡ ݕሻ ൌ ܫሺݔǡ ݕሻ െ
ܽሺݔǡ ݕሻ ܾሺݔǡ ݕሻ
൫ߖሺݔǡ ݕሻ൯. The vortex demodulation operator V
takes the normalized image ݂ሺݔǡ ݕሻ and applies a spiral phase Fourier
multiplier ݁ݔሾ݅ߔሺݑǡ ݒሻሿ:
where, ܨis the Fourier transform, ܨെଵ is the inverse Fourier transform and
݁ݔሾ݅ߔሺݑǡ ݒሻሿis a 2-D signum function [39] defined as a pure spiral phase
function in the spatial frequency space ሺݑǡ ݒሻ:
௨ା௩
ሾ݅ߔሺݑǡ ݒሻሿ ൌ Ǥ (4)
ඥ௨మ ା௩ మ
Note that in Equation (3) there is a new parameter, ߚሺݔǡ ݕሻ, representing
the perpendicular direction of the ridges. In Equation (5), this directional
map is used to isolate the desired magnitude and phase from Equation (3),
i.e.,
Then, Equation (5) can be combined with the normalized image, ݂ሺݔǡ ݕሻ,
to obtain the magnitude ܾሺݔǡ ݕሻand the raw phase map ߖሺݔǡ ݕሻas follows:
Therefore, determining ߚሺݔǡ ݕሻis essential for obtaining the amplitude and
phase functions, ܾሺݔǡ ݕሻ and ߖሺݔǡ ݕሻ , respectively. The direction map
ߚሺݔǡ ݕሻcan be derived from the orientation image of the fingerprint by a
process called unwrapping.
In [36], a sophisticated unwrapping technique using the topological
properties of the ridge flow fields of fingerprints has been developed to
estimate the direction map ߚሺݔǡ ݕሻ. Finally, the Helmholtz Decomposition
Theorem [38] is used to decompose the determined phase ߖሺݔǡ ݕሻof a
fingerprint image into two phases, continuous and spiral, as shown in
Figure 11 [22].
angle.
3.1.3 Mixing
Let ܨଵ and ܨଶ be two different fingerprint images from different fingers,
and let ߰ ሺݔǡ ݕሻand ߰௦ ሺݔǡ ݕሻbe the pre-aligned continuous and spiral
phases, ݅ ൌ ͳǡʹ. As shown in Figure 12, there are two different mixed
fingerprint image that can be generated, ܨܯଵ and ܨܯଶ :
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
186 Chapter Five
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
188 Chapter Five
infeasible to obtain the original fingerprint features, i.e., the locations and
orientations of fingerprint minutia from the mixed fingerprint.
3. Cancelability: Does mixing result in cancellable templates? In case
a stored fingerprint is compromised, it must be possible to generate a new
mixed fingerprint by mixing the original with a new fingerprint. The new
mixed fingerprint and the compromised mixed image must be sufficiently
different, even though they are derived from the same finger. Another way
of looking at this is as follows: if two different fingerprints, ܨଵ and ܨଶ , are
mixed with the same fingerprint ܨ , are the resulting mixed fingerprints,
ܨܯଵ and ܨܯଶ , similar? From the perspective of security, they should not
be similar.
database. The resultant rank-1 accuracy was less than 30% (and the EER
was more than 30%) suggesting that the original identity cannot be easily
deduced from the mixed image. Moreover, to confirm that the
changeability property of the mixing fingerprint approach is independent
of the nature of the used matcher, the mixed fingerprints were matched
against the original fingerprint based on only the locations of minutiae and
omitting the orientation features. The EER in this case increased from 30%
to 40% and the rank-1 accuracy decreased from 30% to 12%. This
suggests that the mixed and the original fingerprints are sufficiently
dissimilar even if only minutiae information is used.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 189
ே
ܲ ൌ σே
ୀ ൫ ൯ఏ ሺͳ െ ߠሻ
ேെ
, (10)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
190 Chapter Five
reasonably high identification rate suggests that the 500 mixed fingerprints
are different from each other. This means, the fingerprint from the
FVC2002-DB2_A database was successfully “cancelled” and converted
into a new “identity" based on the choice of the fingerprint selected from
the WVU database for mixing.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 191
Non-invertible
transformations Decomposition [21] Mixing [22]
[4][5][6]
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
References
[1] E. Mordini and S. Massari, “Body, biometrics and identity,” Bioethics,
vol. 22, no. 9, pp. 488–498, 2008.
[2] A. Acquisti, R. Gross, and F. Stutzman, “Faces of facebook: Privacy in
the age of augmented reality,” BlackHat USA, 2011.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
192 Chapter Five
[3] N.K. Ratha, J.H. Connell, and R.M. Bolle, “Enhancing security and
privacy in biometricsbased authentication systems,” IBM Systems
Journal, vol. 40, no. 3, pp. 614–634, 2001.
[4] J. Zuo, N.K. Ratha, and J.H. Connell, “Cancelable iris biometric,” in
IEEE 19th International
Conference on Pattern Recognition (ICPR), 2008, pp. 1–4.
[5] J. Hämmerle-Uhl, E. Pschernig, and A. Uhl, “Cancelable iris
biometrics using block remapping and image warping,” in Proceedings
of the 12th International Conference on Information Security, Berlin,
Heidelberg, 2009, ISC ’09, pp. 135–142, Springer-Verlag.
[6] P. Färberböck, J. Hämmerle-Uhl, D. Kaaser, E. Pschernig, and A. Uhl,
“Transforming rectangular and polar iris images to enable cancelable
biometrics,” in Image Analysis and Recognition, pp. 276–286.
Springer, 2010.
[7] E.M. Newton, L. Sweeney, and B. Malin, “Preserving privacy by de-
identifying face images,” IEEE Transactions on Knowledge and Data
Engineering, vol. 17, pp. 232–243, 2005.
[8] R. Gross, L. Sweeney, F. De la Torre, and S. Baker, “Model-based face
de-identification,” in Computer Vision and Pattern Recognition
Workshop (CVPRW’06), Los Alamitos, CA, USA, 2006, pp. 161–168,
IEEE Computer Society.
[9] D. Bitouk, N. Kumar, S. Dhillon, P. Belhumeur, and S.K. Nayar, “Face
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 193
[15] C. Lee, J.Y. Choi, K.A. Toh, and S. Lee, “Alignment-free cancelable
fingerprint templates based on local minutiae information,” IEEE
Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics,
vol. 37, no. 4, pp. 980–992, 2007.
[16] U. Uludag, S. Pankanti, S. Prabhakar, and A.K. Jain, “Biometric
cryptosystems: issues and challenges,” Proceedings of the IEEE, vol.
92, no. 6, pp. 948–960, 2004.
[17] K. Nandakumar, A. Nagar, and A.K. Jain, “Hardening fingerprint
fuzzy vault using password,” in Advances in biometrics, pp. 927–937.
Springer, 2007.
[18] YC Feng, P.C. Yuen, and A.K. Jain, “A hybrid approach for face
template protection,” in Proc. of SPIE Conference of Biometric
Technology for Human Identification, Orlando, FL, USA, 2008, vol.
6944.
[19] Walter J Scheirer and Terrance E Boult, “Cracking fuzzy vaults and
biometric encryption,” in Biometrics Symposium, 2007. IEEE, 2007,
pp. 1–6.
[20] A. Nagar, K. Nandakumar, and A.K. Jain, “Biometric template
transformation: a security analysis,” in Proc. of SPIE, Electronic
Imaging, Media Forensics and Security XII, San Jose, Jan. 2010.
[21] A. Ross and A. Othman, “Visual cryptography for biometric privacy,”
IEEE Transactions on
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
194 Chapter Five
[28] C.I. Watson and C.L. Wilson, “Nist special database 4,” Fingerprint
Database, National Institute of Standards and Technology, vol. 17,
1992.
[29] K. Messer, J. Matas, J. Kittler, J. Luettin, and G. Maitre,
“XM2VTSDB: The extended M2VTS database,” in Second
International Conference on Audio and Video-based Biometric Person
Authentication, 1999, pp. 965–966.
[30] M. B. Stegmann, B. K. Ersbøll, and R. Larsen, “FAME – a flexible
appearance modelling environment,” IEEE Transactions on Medical
Imaging, vol. 22, no. 10, pp. 1319–1331, 2003.
[31] A.K. Jain and U. Uludag, “Hiding biometric data,” IEEE Transactions
on Pattern Analysis and Machine Intelligence, vol. 25, pp. 1494–1498,
2003.
[32] J. Dong and T. Tan, “Effects of watermarking on iris recognition
performance,” in 10th International Conference on Control, Automation,
Robotics and Vision, 2008, pp. 1156–1161.
[33] N. Agrawal and M. Savvides, “Biometric data hiding: A 3 factor
authentication approach to verify identity with a single image using
steganography, encryption and matching,” Computer Vision and
Pattern Recognition Workshop, pp. 85–92, 2009.
[34] D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar, Handbook of
fingerprint recognition,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
De-Identifying Biometric Images by Decomposition and Mixing 195
Analysis and Machine Intelligence, vol. 20, no. 8, pp. 777 –789, Aug.
1998.
[41] S. Crihalmeanu, A. Ross, S. Schuckers, and L. Hornak, “A protocol
for multibiometric data acquisition, storage and dissemination,” Tech.
Rep., Lane Department of Computer Science and Electrical
Engineering, WVU, 2007.
[42] S. Chikkerur, NK Ratha, JH Connell, and RM Bolle, “Generating
registration-free cancelable fingerprint templates,” in 2nd IEEE
International Conference on Biometrics: Theory, Applications and
Systems, 2008, pp. 1–6.
[43] R. Cappelli, A. Lumini, D. Maio, and D. Maltoni, “Fingerprint image
reconstruction from standard templates,” IEEE Transactions on Pattern
Analysis and Machine Intelligence, vol. 29, no. 9, pp. 1489 –1503,
sept. 2007.
[44] A. Ross, J. Shah, and A.K. Jain, “From template to image:
reconstructing fingerprints from minutiae points,” IEEE Transactions
on Pattern Analysis and Machine Intelligence, vol. 29, no. 4, pp. 544–
560, 2007.
[45] J. Feng and A.K. Jain, “Fingerprint reconstruction: From minutiae to
phase,” IEEE Transactions on Pattern Analysis and Machine
Intelligence, vol. 33, no. 2, pp. 209 –223, Feb. 2011.
[46] S. Li and A.C. Kot, “A novel system for fingerprint privacy
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
PART 3.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER SIX
BIOPACE: BIOMETRIC-PROTECTED
AUTHENTICATION CONNECTION
ESTABLISHMENT
Abstract
This book chapter is intended to introduce Biometric-Protected
Authentication Connection Establishment (BioPACE) protocol. Based on
a comprehensive overview of eMRTD protocols and a description of the
major benefits of biometric template protection technologies the potential
of the proposed BioPACE protocol is highlighted. The operation mode of
the protocol is described in detail, the integration of biometric information
is investigated and a security assessment of the protocol is given. Further,
an in-depth discussion of resulting issues and challenges is presented and
conclusions are drawn.
1 Introduction
The regulations of the European Union (EU) Council in 2004 form the
basis for the deployment of electronic passports within the EU [21, 22].
Since then EU member states adopt the format and the access protocols to
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 199
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
200 Chapter Six
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPA
ACE 201
Table 1: eM
MRTD securitty protocols and
a their secu
urity goals
Readable Zoone (MRZ). The T terminal authenticates itself to the chip c with
the data readd from the MR RZ, and both entities
e agree on session keys during
BAC to estaablish a securre channel wh hich providess authenticity, integrity
and confideentiality of the t transferreed data by m means of the Secure
Messaging ssub-protocol.
To proteect the sensittive data grou ups, which coontain biomeetric data,
BAC alone is not sufficiient. Thereforre Extended A Access Contro ol (EAC)
protects datta group 3 (DG3), which contains tthe fingerprin nts. EAC
consists of Terminal Auuthentication and a Chip Aut uthentication [9].
[ After
performing E EAC the term minal can read the fingerprinnts, capture a biometric
b
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
202 Chapter Six
3.1 Categorization
Biometric template protection schemes are commonly categorized as,
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 203
3.2 Advantages
Biometric cryptosystems and cancelable biometrics offer several
advantages over generic biometric systems. Most important advantages are
summarized in table 2. These major advantages over conventional
biometric systems call for several applications. With respect to the design
goals, biometric cryptosystems and cancelable biometrics offer significant
advantages to enhance the privacy and security of biometric systems,
providing reliable biometric authentication at high security levels. Several
new issues and challenges arise deploying these technologies [16].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
204 Chapter Six
3.3 Issues
One fundamental challenge, regarding template protection, represents the
issue of alignment, which significantly effects recognition performance.
Biometric templates are obscured within both technologies, i.e. alignment
of obscured templates without leakage is highly non-trivial. For instance,
if iris biometric textures or templates (iris-codes) are transformed in a non-
row-wise manner, e.g. block permutation of preprocessed textures or a
permutation of iris-code bits. Consequentially, additional information,
which must not lead to template reconstruction, has to be stored [49].
Focusing on biometric template protection technologies it is not
actually clear which biometric characteristics to apply in which type of
application. In addition, stability of biometric features is required to limit
information leakage of stored helper data [55]. In addition, feature
adaptation schemes that preserve accuracy have to be utilized in order to
obtain common representations of arbitrary biometric characteristics.
Several approaches to extract fixed-length binary fingerprint templates
have been proposed, e.g. [8, 67].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 205
3.4 State-of-the-art
Focusing on the current state-of-the-art in biometric template protection
key approaches to biometric cryptosystems and cancelable biometrics are
summarized in table 3. Representing one of the simplest key binding
approaches the fuzzy commitment scheme [38] has been successfully
applied to iris recognition [27] (and other biometrics). The fuzzy vault
scheme [37] which represents one of the most popular biometric
cryptosystem has frequently been applied to fingerprints. Early
approaches, e.g. [17], which required a pre-alignment of biometric
templates, have demonstrated the potential of this concept. Several
techniques, e.g. [60, 45], to overcome the shortcoming of pre-alignment
have been proposed. Quantization schemes, e.g. [63, 57], have been
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
206 Chapter Six
brute-force attacks [9]. The shared password is denoted by ʌ and can either
be received from the MRZ, a PIN, or the Card Access Number (CAN),
which is printed on the data page of the eMRTD and consists of a six-digit
number. PACE is based on symmetric and asymmetric cryptography,
while BAC is based solely on symmetric cryptography. PACE is depicted
in Figure 2 and roughly consists of the following steps:
confidentiality.
PACE represents the constituent building block for the BioPACE protocol
introduced in the next section.
1. Initialisation phase
2. Regular use phase.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
For every eMRTD the initialisation phase has to be conducted before the
manufacturer can personalise the eMRTD. During the application of an
eMRTD a user is enrolled and feature extraction is applied to the captured
biometric sample, resulting in a biometric reference consisting of a
pseudonymous identifier P I and auxiliary data AD.
After the biometric enrolment AD is printed on the eMRTD in form of
a 2D barcode (e.g., a QR code [33] or a Data Matrix code [32]), which is
shown as part of Figure 3. P I is not publicly available, instead it is stored
in the internal memory of the eIDAS token chip and is therefore only
available to the chip itself, but not to the eMRTD terminal.
After initialisation BioPACE is ready for the regular use phase which
consists of a new feature extraction from a biometric sample and an optical
scan of previously enrolled AD. An eMRTD terminal requires optical
access to the eMRTD in order to scan the 2D barcode and receive AD to
calculate PI כ, which equals PI if and only if the same person provided the
biometric sample and therefore a biometric match occurs, this phase is
depicted in Figure 4.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 209
After this pre-processing step PI* is used as input for the PACE
protocol. PI* is implicitly compared to PI by the completion of the PACE
protocol, because if PI* and PI do not match the PACE protocol will fail.
With respect to provided entropy biometric-based PI s exhibit sufficient
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
210 Chapter Six
6 Assessment of BioPACE
Our security assessment of BioPACE was conducted with respect to
common security features of an eMRTD. Every paragraph first presents a
short assessment regarding a specific security aspect, and then explains
specific design decisions, whenever applicable.
6.2 No Tracking
PACE guarantees the unlinkability of eMRTD activities on the wireless
channel, BioPACE does not destroy this property even so it relies on two
unique identifiers P I and AD. On the one hand P I is never directly
transferred over the wireless channel, instead it is used to encrypt a
random value and matched on the eMRTD chip and on the other hand AD
is not wirelessly transferred at all, but instead optically read from the
printed 2D barcode making tracking infeasible via sniffing the BioPACE
communication between an eMRTD and an eMRTD terminal.
1. the shared secret P I has a much higher entropy, than the currently
utilized secrets (PIN, PUK, CAN or MRZ) and therefore BioPACE
provides a higher security level for any transferred data, which
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 211
data of the eMRTD without the owner even being aware. This would
render skimming attacks facile, for example in airport bars (given that one
can extract the fingerprint from a glass in a timely manner). One does not
need to fool the terminal's fingerprint reader (which is hard, since one has
to make a dummy finger, possible liveness detection) but the raw image
data is good enough for direct processing. As boundary condition, the
attacker also needs a terminal and the attack is only justified if a name or
facial image to a corresponding fingerprint is the goal of the attacker. By
making a link to the printed data page of the eMRTD this attack is
mitigated, because the printed content is not revealed in airport bars.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
212 Chapter Six
With EAC, one can provide a more fine grained access control and the
eMRTD receives an explicit authorisation from its issuing country that this
terminal is indeed authorised to read certain data groups. A possible
solution is to replace the raw fingerprints by a protected biometric
template that leaks no sensitive information.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 213
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
214 Chapterr Six
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 215
by 45% maintaining error rates [52]. This example underlines the fact that
biometric cryptosystems may generate arbitrary long keys while inter-class
distances (=Hamming distance between keys) remain low. Ballard et al.
[2, 3] propose a new measure to analyse the security of a biometric
cryptosystem, termed guessing distance. The guessing distance defines the
number of guesses a potential imposter has to perform in order to retrieve
either the biometric data or the cryptographic key. Thus, the guessing
distance directly relates to intra-class distances of biometric systems and,
therefore, provides a more realistic measure of the entropy of biometric
keys.
Kelkboom et al. [39] analytically obtained a relationship between the
maximum key size and a target system performance. An increase of
maximum key size is achieved in various scenarios, e.g. when applying
several biometric templates at enrolment and authentication or when
increasing the desired false rejection rates. In theory-oriented work Tuyls
et al. [61, 59] estimate the capacity and entropy loss for fuzzy commitment
schemes and shielding functions, respectively. Similar investigations have
been done in [42, 56] providing a systematic approach of how to examine
the relative entropy loss of any given scheme, which bounds the number of
additional bits that could be extracted if optimal parameters were used.
We discuss the idea to replace the current infrastructure (i.e., the EAC
protocols, the Country Verifying PKI, and the storage of index finger
images in data group 3) by BioPACE. We analyse advantages and
disadvantages of our approach and include boundary conditions, which
have to be fulfilled to make BioPACE expedient. Fundamental changes to
an established infrastructure are a challenging task and require as a
boundary condition both innovative ideas and enhanced security. We
consider BioPACE to meet these demands as discussed below. In our
context, for instance, a sample representative idea is the Biocryptographic
Key Infrastructure [53] to replace a common Public Key Infrastructure,
yielding a higher security level. An example of enhancing an applied and
proven protocol is the Biotokens [54] approach, where biometric digital
signatures and Bio-Kerberos increases security. Therefore the redundant
protocols have to be dropped, and the BioPACE has to provide a
significant enhancement to become a new eMRTD standard.
If BioPACE is used without a subsequent EAC accomplishment, we
see the following benefits:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
216 Chapter Six
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 217
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
218 Chapter Six
Acknowledgement
This work was supported by the European Commission through the
FIDELITY EU-FP7 project (Grant No. SEC-2011-284862), CASED and
the Research Council KU Leuven: GOA TENSE (GOA/11/007).
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
References
[1] A. Adler, R. Youmaran, and S. Loyka. Towards a measure of
biometric information. In Canadian Conference on Electrical and
Computer Engineering, (CCECE'06)., pages 210--213, 2006.
[2] L. Ballard, S. Kamara, F. Monrose, and M. Reiter. On the requirements
of biometric key generators. Technical Report TR-JHU-SPAR-BKMR-
090707, 2007. Submitted and available as JHU Department of
Computer Science Technical Report.
[3] L. Ballard, S. Kamara, and M. K. Reiter. The practical subtleties of
biometric key generation. In SS'08: Proc. of the 17th Conf. on Security
symposium, pages 61--74, 2008.
[4] Mihir Bellare, David Pointcheval, and Phillip Rogaway. Authenticated
key exchange secure against dictionary attacks. In Advances in
Cryptology -- EUROCRYPT 2000, volume 1807 of LNCS, pages 139-
155. Springer, 2000.
[5] Jens Bender, Özgür Dagdelen, Marc Fischlin, and Dennis Kügler. The
pace|aa protocol for machine readable travel documents, and its
security. In Financial Cryptography and Data Security, volume 7397
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 219
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
220 Chapter Six
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 221
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
222 Chapter Six
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
BioPACE 223
2002.
[64] R. Viveros, K. Balasubramanian, and N. Balakrishnan. Binomial and
negative binomial analogues under correlated bernoulli trials. The
American Statistician, 48(3):243--247, 1984.
[65] Y. Wang and K.N. Plataniotis. Face based biometric authentication
with changeable and privacy preservable templates. In Proc. of the
IEEE Biometrics Symposium 2007, pages 11--13, 2007.
[66] X. Wu, N. Qi, K. Wang, and D. Zhang. A Novel Cryptosystem based
on Iris Key Generation. Fourth Int. Conf. on Natural Computation
(ICNC'08), pages 53--56, 2008.
[67] H. Xu and R. N.J. Veldhuis. Binary representations of fingerprint
spectral minutiae features. In Proc. of the 20th Int. Conf. on Pattern
Recognition (ICPR'10), pages 1212--1216, 2010.
[68] J. Zuo, N. K. Ratha, and J. H. Connel. Cancelable iris biometric. In
Proc. of the 19th Int. Conf. on Pattern Recognition 2008 (ICPR'08),
pages 1--4, 2008.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER SEVEN
Abstract
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
1 Introduction
The increasing need for security leads to the involvement of biometrics in
daily life. Biometrics has become part of many aspects of life, including
border control and e-payment [1]. Currently, many biometric
authentication systems have been proposed, ranging from morphological
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 225
2 Biometric Technology
2.1 Biometric Modalities
Biometrics refers to the automatic verification or recognition of
individuals by measuring their physical/behavioural characteristics. Any
such characteristic can be considered as biometric information if it
satisfies the following properties, detailed in [8]: universality, uniqueness,
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
226 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 227
Direct attacks on biometric sensors (point 1) are the most known attacks in
the literature. Several works show the feasibility of such attack on
modalities such as face [10, 11, 12, 13], iris [7, 14, 15, 16], on-line writer
verification system [17], and speech verification [18, 19, 20, 21, 22, 23,
24]. A classic example is that of fake fingers that can be built with
silicone, gelatine, wood glue or latex [25, 26, 27, 28, 29, 30, 31]. Fake
fingers constructed with all these technologies are used on different sensor
technologies. An example of such attack is presented in Figure 3, which
illustrates a successful attack using a fake finger created out of latex that
we have created to evaluate several sensors of different technologies
(optical and capacitive). Countermeasures including liveness detection are
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
228 Chapter Seven
presented in [32, 33, 34, 35, 36, 37] for fingerprints, [38, 39, 40, 41, 42,
43] for speech verification, or [44, 45, 46, 47, 48] for face.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Figure 3. Successful attack resulting from the comparison between a fake finger
(on the left) and a genuine one stored in the database (right).
Attacks are also possible on other parts of the biometric system. Thus, an
attacker can introduce a Trojan horse into the system, or realize a denial-
of-service attack and hence can corrupt the authentication system so that
legitimate users cannot use it. The attacker can also intercept and/or replay
the biometric data in order to illegally access or modify the system. The
biometric database (point 6) is another important target for attackers,
particularly for centralized databases and non-protected databases. This
point is directly related to a user's privacy in that a biometric trait cannot
be replaced if it is compromised. The biometric database is vulnerable to
several types of attacks, such as the possibility to fraudulently create a new
template, or to modify existing templates without authorization. These
attacks are classified as direct attacks and indirect attacks.
Direct or masquerade attacks construct new biometric data from
information contained within one or several biometric templates. Thus,
Galbally et al. [49] refutes the popular belief of minutiae template non-
reversibility using fake fingers generated from ISO templates, where the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 229
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
230 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 231
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Figure 4. Security EvaBio on-line evaluation tool accessible through the following
link: http://www.epaymentbiometrics.ensicaen.fr/securityEvaBio/
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
232 Chapter Seven
Reference Description
I_DATA_BIO Acquired biometric raw data
I_TEMPLATE User template
I_DECISION System decision (yes or no)
F_EXTRACTION Processing data function implemented on the feature
extractor component
F_MATCHER Matcher function between the acquired biometric
data and its corresponding template
M_SENSOR Biometric sensor
M_COMPONENT Materials in which the F_EXTRACTION and
F_MATCHER are implemented
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 233
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
234 Chapter Seven
For the three retained system overall vulnerabilities (see Section 5.5.2), the
tool uses a set of rules for the risk factor computation process, as depicted
in Table 2. For system performance vulnerability, EER is multiplied by ʹ,
since a biometric system providing a performance measure (such as the
Equal Error Rate EER) more than or equal to ͷͲ is not usable. For such
systems, the risk factor is rated to the highest scoreͳͲͲ. For the quality
aspect, there are four rules according to whether the system implements
quality checking during the enrollment step. For template database
protection, there also exists a set of rules according to whether the system
implements protection mechanisms (such as encryption schemes,
cancellable techniques, etc.).
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 235
൫ሺ௫ሻ൯ భ ሺ௫ሻௗ௫
ݔ݁݀݊ܫൌ ߙ ൬ͳ െ ൰ ൌ ߙ ൬ͳ െ ൰
൫ሺ௫ሻ൯ భ ሺ௫ሻௗ௫
(1)
where ߙ ൌ ͳͲͲ , ݊ ൌ ݎ ݏwith ݎbeing the number of locations of
possible attacks in a generic biometric system, and ݏbeing the number of
the retained system overall vulnerabilities (in the presented method, ݎൌ ͺ
and ݏൌ ͵); ݂ሺݔሻ is the curve resulting from the set of risk factors retained
from the ݊ points (the maximal risk factor is retained from each point);
and ݃ሺݔሻ is the curve resulting from the highest risk factors from each
point (according to our model, they are equal to ͳͲͲ). The use of the
security index for comparing and evaluating biometric systems is as
follows; the nearer the index is to ͳͲͲ, the better the robustness of the
target system against attacks.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
236 Chapter Seven
Attack Description
ܣଵଵ Attacker presents fake biometric data to the sensor (e.g.,
prosthetic fingers created out of latex). Such attacks are called
spoofing.
Affect: Authenticity on I_DECISION
ܣଵଶ Attacker exploits the similarity of blood relationship to gain
access (e.g., case of identical twins and biometric systems using
specific modalities such as face).
Affect: Authenticity on I_DECISION
ܣଵଷ Authorized users willingly provide their biometric sample to
attacker.
Affect: Authenticity on I_DECISION
ܣଵସ Attacker provides own biometric sample as a zero-effort
attempt to impersonate an authorized user.
Affect: Authenticity on I_DECISION
ܣଵହ Attacker exploits a residual biometric image left on the sensor
to impersonate the last authorized user.
Affect: Confidentiality on I_DATA_BIO; Authenticity on
I_DECISION
ܣଵ Attacker physically destroys the biometric sensor to render it
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
unoperable.
Affect: Availability on M_SENSOR
Attack Description
ܣଶସଵ The attacker intercepts an authorized biometric sample from a
communication channel in order to be replayed (replay attack),
bypassing the biometric sensor, at another time for gaining
access.
Affect: Confidentiality on I_DATA_BIO; Authenticity on
I_DECISION
ܣଶସଶ The attacker cuts the communication link in order to make the
system unavailable to its intended authorized users (Denial of
Service attack).
Affect: Availability on M_CHANNELS
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 237
Attack Description
ܣଷହଵ Biometric system components may be replaced with a Trojan
horse program that functions according to its designers'
specifications.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Attack Description
ܣଵ The attacker illegally reads the biometric templates.
Affect: Confidentiality on I_TEMPLATE; Authenticity on
I_DECISION
ܣଶ The attacker modifies (adding, replacing, or suppressing)
biometric templates from storage.
Affect: Availability on I_TEMPLATE; Integrity on
I_TEMPLATE
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
238 Chapter Seven
Attack Description
ܣଵ The attacker reads biometric templates from a communication
channel in order to replay them (replay attack).
Affect: Confidentiality on I_TEMPLATE; Authenticity on
I_DECISION
ܣଶ The attacker alters the transported information from a
communication channel in order to deny legitimate users access
to the system (Denial of Service attack).
Affect: Integrity on I_TEMPLATE; Integrity on
M_CHANNELS
ܣଷ The attacker cuts the communication link in order to make the
system unavailable to its intended authorized users (Denial of
Service attack).
Affect: Availability on M_CHANNELS
Attack Description
଼ܣଵ The attacker alters the transported information (yes or no) in
order to deny access to a legitimate user, or even to allow
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
access to an impostor.
Affect: Integrity on I_DECISION; Authenticity on
I_DECISION
଼ܣଶ The attacker cuts the communication link in order to make the
system unavailable to its intended authorized users (Denial of
Service attack).
Affect: Availability on M_CHANNELS
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 239
system. Doddington et al. [126] places users into four categories; sheep,
lambs, goats and wolves. The sheep correspond to users who are easily
recognized (contribute to a low FRR). The lambs correspond to users who
are easy to imitate (contribute to a high FAR). The goats represent users
who are difficult to recognize (contribute to a high FRR). The wolves
represent users who have the capability to spoof the biometric
characteristics of other users (contribute to a high FAR). Thus, a poor
biometric in terms of performance may be easily attacked by lamb and
wolf users.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
240 Chapter Seven
Tables 9 and 10 present the risk analysis of both target systems. For the
“Impact” and “Easiness” criteria (݂ଵ and ݂ଶ , respectively), we have used
the symbol “െ” in the last three lines, since the corresponding risk factors
are computed according to the set of rules presented in Table 2. Here we
present the main findings from these tables:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 241
ܣଵ ൈ ൈ ͺ Ͷͺ
8 ଼ܣଶ ൈ ʹ ͳͲ ʹͲ
଼ܣଵ ൈ ൈ ͵
9 Performance ൈ െ െ ͵ͷǤͲʹ
10 Multiple captures ൈ െ െ Ͳ
without quality
assessment
11 Unsecure database and ൈ ൈ ൈ ൈ െ െ ͳͲͲ
central storage
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
242 Chapter Seven
Using Equation 1, the security index (total risk) of the keystroke dynamics
system is equal to ͷǤ, while for the fingerprint lock system it is equal to
ͺ. These indices show clearly that the overall security of the keystroke
system is less important than the fingerprint lock system against attacks.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 243
Because the fingerprint lock system is a black box, we cannot say much
for different locations. Despite that we have not presented security
problems for these locations, the possibility of attackers locating these still
remains high, building on techniques of reverse engineering (hardware and
software). However, the use of the commercial system in this study was
taken as an illustration case for the comparison. More generally, during the
security evaluation process of an IT system, system designers should
provide all the details/characteristics of the intended system for evaluators.
7 Future Trends
We focus in this section in presenting some of the recently used techniques
so to improve the robustness of biometric systems against attacks.
7.1 Multibiometrics
Multibiometric authentication systems use multiple biometric sources in
order to recognize a person. These systems are gaining popularity since
they provide better performance and larger population coverage compared
to classical biometric systems [128]. Besides enhancing matching
performance, these systems are considered to be promising against spoof
attacks that are commonly encountered in classical biometric systems, as
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
244 Chapter Seven
References
[1] A. K. Jain, S. Pankanti, S. Prabhakar, L. Hong, and A. Ross,
“Biometrics: A grand challenge,” International Conference on Pattern
Recognition (ICPR), vol. 2, pp. 935 - 942, 2004.
[2] Y. Chen and A. Jain, “Beyond minutiae: A fingerprint individuality
model with pattern, ridge and pore features,” in International
Conference on Biometrics (ICB), pp. 523 - 533, 2009.
[3] R. Giot, M. El-Abed, and C. Rosenberger, “Keystroke dynamics with
low constraints SVM based passphrase enrollment,” in IEEE Third
International Conference on Biometrics: Theory, Applications and
Systems (BTAS), pp. 425 - 430, 2009.
[4] M. Hashiyada, “Development of biometric dna ink for authentication
security,” Tohoku Journal of Experimental Medicine, pp. 109 - 117,
2004.
[5] ISO/IEC FCD 19792, “Information technology - security techniques -
security evaluation of biometrics,” 2008.
[6] CC, “Common Criteria for Information Technology Security
Evaluation,” 1999.
[7] V. Ruiz-Albacete, P. Tome-Gonzalez, F. Alonso-Fernandez, J.
Galbally, J. Fierrez, and J. Ortega-Garcia, “Direct attacks using fake
images in iris verification,” in Biometrics and Identity Management,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 245
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
246 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 247
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
248 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 249
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
250 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 251
[92] M. Ao and S. Z. Li. “Near infrared face based biometric key binding”.
In 3rd International Conference on Biometrics (ICB), volume 5558, pp.
376–385. Lecture Notes in Computer Science, 2009.
[93] V. Tong, H. Sibert, J. Lecoeur, and M. Giraul. “Biometric fuzzy
extractors made practical: a proposal based on fingercodes”. In
International Conference on Biometrics (ICB), volume 4642. Lecture
Notes in Computer Sciences, 2007.
[94] F. Hao, R. Anderson, and J. Daugman. “Combining crypto with
biometrics effectively”. IEEE Transactions on Computers, 55(9): pp.
1081–1088, 2006.
[95] J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, and G. Zémor.
“Optimal iris fuzzy sketches”. In IEEE International Conference on
Biometrics : Theory Applications and Systems (BTAS), pp. 27 - 29,
2007.
[96] A. Juels and M. Sudan. “A fuzzy vault scheme”. In IEEE
International Symposium on Information Theory (ISIT), 2002.
[97] A.K. Jain K. Nandakumar and S.C. Pankanti. “Fingerprint-based
fuzzy vault: Implementation and performance”. IEEE Transactions on
Information Forensics and Security, 2(4): pp. 744–757, 2007.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
252 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Privacy and Security Assessment of Biometric Systems 253
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
254 Chapter Seven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER EIGHT
Abstract
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
256 Chapter Eight
1 Introduction
Due to the advantages in convenience and security, applications of
biometrics broaden rapidly. Meanwhile, related privacy and security
issues, such as exposure of user sensitive information, cross matching of
different databases, or identity theft, raise many concerns of end users,
government agencies and public sectors. In order to prevent abuse of
stored biometric information, privacy protection techniques, also referred
to as template protection, biometric encryption, untraceable biometrics,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 257
ሺܯǡ ݉ ǡ ݈ǡ ݐሻ – secure sketch and a ሺܯǡ ݉ǡ ݈ǡ ݐǡ ߝሻ – fuzzy extractor for
arbitrarily distributed biometric data ܺ in space ܯwith min-entropy of ݉.
In addition to theoretical analysis, attack-based analysis exploits
vulnerabilities of template protection, and conducts concrete attacks on
special algorithms. Due to overlap between intraclass and interclass
distributions in biometrics, false acceptance and false rejection can occur.
An adversary who owns or has access to a large biometric database can
exploit the false acceptance properties and can find a similar biometric
datum to that of a victim. Some template protection algorithms such as
fuzzy vault [5] and fuzzy commitment [6] are vulnerable to linkage attack,
and templates of the same subjects can be reidentified. In the case that a
soft comparison score is used, hill climbing attacks can be applied on a
template protection algorithm [7].
The existing work analyses the security and privacy of biometric
template protection from different aspects. However, only part of security
and privacy requirements are addressed, and analysis on a general level is
still lacking. In this work, we propose a generalized evaluation framework,
which aims to enable a comprehensive assessment of biometric template
protection regarding privacy and security.
This chapter is organized as follows: Section 2 will give a detailed
introduction of template protection. Section 3 will elaborate the proposed
evaluation framework. Section 4 will apply the framework on real
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
258 Chapter Eight
score ݒ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 259
3 Evaluation Framework
In order to enable a comprehensive privacy and security assessment, we
propose a generalized evaluation framework. This consists of three main
steps, identifying protection goals, determining threat models, and
developing of evaluation metrics and process.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
the adversary’s own database, and can find biometric data that has
sufficient similarity to that of a target person. If ܴܣܨis a false
acceptance rate of the system under a given setting, ͳȀ ܴܣܨis the
average number of biometric data from different users, which an
adversary needs in the adversary’s own database.
Naive and advanced models are comparable with the models in the
cryptanalysis, which a cryptanalyst defines during assessment of
cryptosystems. The naive model is the basic and weakest. The advanced
model is stricter, and can verify the security of a system against an
experienced adversary. The collision model is derived from inherent
properties of biometric systems. Threat models can be refined and new
requisitions can be extended, according to security and privacy
requirements on biometric systems. Threat models are prerequisites for
quantifying security and privacy.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 261
the original biometric data. It is not always the same as that of ܲܫ.
Data, which can pass ܲ ܫ-verification processes, may not have
enough similarity to the original biometric data. If a “pre-image”
space of a ܲ ܫis larger than its corresponding biometric data space,
the system has a better protection of biometric data. The security
shows only expense to retrieve biometric data. However, it cannot
disclose the leakage of biometric data.
x Privacy leakage shows the amount of information about biometric
data exposed in protected templates. In many template protection
algorithms, privacy leakage exists to compensate variation of
biometric data, as shown in [16, 17]. However, exposure of
biometric information is not only a threat for privacy but also a
serious security shortcoming. It can be exploited to retrieve
activities of a subject in other biometric applications. The
revelation is permanent and difficult to amend, and can also
influence the renewability of ܲܫ. Therefore, the protected template
ሾܲܫǡ ܦܣሿ should contain as little biometric information as possible.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
262 Chapter Eight
ܶࣛ ࢀ
ଶ ݊ ࢿ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 263
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
264 Chapter Eight
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 265
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
266 Chapter Eight
Solomon (RS) codes compensate burst errors that might occur due to
undetected eyelashes and specular reflections. In [19], Bringer et al. used
the product codes and a two-dimensional iterative min-sum decoding
algorithm in the error correction process. They modelled errors between
reference and queried iris codes with a binary symmetric channel (BSC)
with erasure. In order to handle burst errors, an interleaver (random
permutation) is applied to break the burst errors. They assumed
independently distributed iris codes and showed that the results are close
to the theoretical limit of the ideal BSC coding according to Shannon's
information theory. In [20], Vetro et al. used the syndrome coding to
protect iris codes. This algorithm can be seen as a fuzzy extractor with
syndrome coding [4]. Instead of storing the code offset of an iris code to a
randomly selected codeword, as in fuzzy commitment, the syndrome of
iris features is calculated with low density parity coding. In the verification
process, the decoding process uses a belief propagation process. The
security properties of fuzzy commitment and fuzzy extractor with
syndrome coding are very similar.
We implemented the scheme of Hao et al [18]. The iris features are
extracted with the open source algorithm of Masek [21]. In the
preprocessing phase, the Hough transformation is applied on an iris image
so to localize and segment the iris region. Additionally, the probable
eyelid and specular reflection areas are marked black. Then the detected
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
iris ring is mapped from the cartesian capture coordinate system to the
dimensionless polar coordinate system. During feature extraction, the 1D
log-Gabor filter is convoluted with each row of the normalized iris region.
Here the spatial combination of 1D log-Gabor filters is considered as a 2D
Gabor filter. The complex-valued frequencies are derived and the phase of
each frequency value is quantized with 2 bits. The final iris code is a 2D
binary matrix.
We generate iris features for the CASIA database [22] with Masek's
algorithm, and transform the resulting feature vectors with the fuzzy
commitment scheme of Hao et al. [18]. In the enrolment, a randomly
selected secret ܵ is at first encoded with the RS encoder and then with the
Hadamard encoder. The codeword ܥis XOR-ed with the input iris feature
vector ܺ. The XOR output ܹ ൌ ܱܴܺሺܥǡ ܺሻ is stored together with the
hash of the secret ݄ሺܵሻ as a protected template and serves as a reference
for the respective subject. During the verification, a probe iris feature
vector is derived from the captured sample and XOR-ed with the stored
ܹ . From this operation, a corrupted codeword ܥԢ is obtained. The
Hadamard decoder and the RS decoder can correct the errors in ܥԢ. The
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 267
hash of the estimated secret ܵԢ is compared with the stored ݄ሺܵሻ. If they
are identical, the system has verified the identity claim.
In the coding process, a randomly generated secret ܵ with the length of
ݏܮbits is divided into ݉ ݏblocks, and each block is ݈ bits long. The RS
encoder adds ʹݐோௌ parity blocks at the end of the secret blocks, where ݐோௌ
is the number of the correctable block errors of the RS code. Then the
Hadamard encoder extends each block into a ʹିଵ bit Hadamard code.
Hadamard coding can correct up to ʹିଷ െ ͳ bit errors in each block. The
final codeword contains ܯோௌ ൈ ʹିଵ bits. The codeword is XOR-ed with
an iris code, so to obtain ܹ.
In the experiments, the length of the iris code ݉ is set to 9600. The
length of the Hadamard block ܮுௗ is 128. We analyze the security of the
system using Definition 1. The metrics ࢿ and ࢀ are proposed, which show
the average number of attempts needed to guess a pre-image of ܲܫ, namely
ܪሺܵሻ, and the computational time required for one attempt. They represent
average computational complexity required in an attack scenario. These
unified metrics allow the comparison of different template protection
systems.
In Table 1, the security assessment using Definition 1 in three threat
models is displayed. In the naive model, an adversary can only guess the
plain text of the hash. Therefore, ࢿ is dependent on the secret size and ࢀ
corresponds to the computational time of the hash function. The
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
268 Chapter Eight
At this point, we analyse the privacy protection ability. In the naive model,
an adversary cannot obtain information about biometric data lacking
knowledge about the systems. In the collision model, the adversary can
only find biometric data, from which the same or a similar ܲ ܫas that of the
target person can be generated. In this case, the privacy of ܲ ܫis similar to
the security of ܲ ܫ. Therefore, it makes more sense to assess privacy
protection ability in the advanced model, and the results appear in Table 2.
The privacy leakage measures the amount of information about biometric
features contained in protected templates, where the irreversibility of ܲ ܫis
measured with Definition 2. The threshold ࢚ in the definition is equal to 0.
The privacy leakage of the fuzzy commitment schemes is evaluated as
the conditional entropy ܪሺܺȁܹሻ. The entropy of iris features is 4325.88 at
a feature length of 9600, where the privacy leakage is extremely high. A
detailed proof and calculation can be found in [23].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 269
All these results are based on statistical models, which are utilized to
simulate the distribution of biometric features. A more accurate estimation
is possible if better methods can be found for modelling the distributions.
Additionally, it is shown that the privacy leakage increases when reducing
the secret size in fuzzy commitment. This confirms the similar conclusion
drawn in [17].
5 Conclusion
The proposed systematic evaluation framework adheres to the essential
criteria and requirements of biometric template protection techniques. The
applicability of the framework is demonstrated with the analysis of a
protected iris recognition system. The assessment presented in this work is
fundamental for a thorough analysis, and also provides evidence on
security and privacy performance. Therefore, the proposed framework is
an indispensable tool for technical innovation and improvement, and helps
system designers in selecting a suitable template protection algorithm for
their applications and needs. The framework creates a basis for
benchmarking and certification of biometric template protection
techniques.
References
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
[1] Breebaart, J., Busch, C., Grave, J., and Kindt, E. “A reference
architecture for biometric template protection based on pseudo
identities,”. In Biosig 2008: Biometrics and electronic signatures,
Germany, 2008.
[2] Linnartz, J. P., and Tuyls, P. “New shielding functions to enhance
privacy and prevent misuse of biometric templates,” In 4th
international conference on audio- and video-based biometric person
authentication, 2003.
[3] Tuyls, P., and Goseling, J. “Capacity and examples of template
protecting biometric authentication systems, ” In LNCS (Ed.),
Biometric authentication workshop (bioaw 2004), Prague, 2004, p.
158- 170.
[4] Dodis, Y., Ostrovsky, R., Reyzin, L., and Smith, A. (2008), “Fuzzy
extractors: How to generate strong keys from biometrics and other
noisy data,” SIAM Journal on Computing, 38, 2008.
[5] Scheirer, W. J., and Boult, T. E., “Cracking fuzzy vaults and biometric
encryption,” In Proceedings of the biometrics symposium. Baltimore,
Md, USA., 2007.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
270 Chapter Eight
[6] Simoens, K., Tuyls, P., and Preneel, B., “Privacy weaknesses in
biometric sketches,” In the 2009 ieee symposium on security and
privacy, ieee computer society (p. 188-203), 2009.
[7] Adler, A., “Vulnerabilities in biometric encryption systems”, In Audio-
and video-based biometric person auth. Tarrytown, NY, USA. 2005.
[8] Jain, A. K., Nandakumar, K., and Nagar, A., “Biometric template
security”. In Eurasip journal on advances in signal processing, , special
issue on biometrics, 2008.
[9] Roberge, C. S. D., Stoianov, A., Gilroy, R., and Kumar, B. V,
“Biometric encryption,” ICSA Guide to Cryptography, Chapter 2,
1999.
[10] Jin, A. T. B., Ling, D. N. C., and Goh, A., “Biohashing: two factor
authentication featuring fingerprint data and tokenised random
number,” Pattern Recognition Issue 11, 37, 2245-2255, November
2004.
[11] Jin, A. T. B., Toh, K.-A., & Kuan, Y. W., “2n discretisation of
biophasor in cancellable biometrics.” In ICB, p. 435-444, 2007.
[12] Ratha, N. K., Chikkerur, S., Connell, J. H., and Bolle, R. M.,
“Generating cancelable fingerprint templates,” In IEEE transactions on
pattern analysis and machine intelligence, Vol. 29., April 2007.
[13] Juels, A., and Sudan, M., “A fuzzy vault scheme,” In IEEE
international symposium on information theory, 2002.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Framework for Privacy and Security Assessment of BTP 271
[20] Vetro, A., Draper, S., Rane, S., and Yedidia, J., “Securing biometric
data”, In Distributed source coding, Elsevier, 2009.
[21] Masek, L., “Recognition of human iris patterns for biometric
identification,” The University of Western Australia, 2003
[22] CASIA iris image database, collected by the Chinese Academy of
Sciences Institute of Automation (CASIA),
http://biometrics.idealtest.org/.
[23] Zhou, X., Kuijper, A., & Busch, C., “Cracking iris fuzzy
commitment,” In IEEE the international conference on biometrics (ICB
12), 2012.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
PART 4.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER NINE
Abstract
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 275
1 Introduction
Recent advances in biometric recognition have made the use of biometric
information more susceptible to veri¿cation and identi¿cation purposes.
Large-scale collections of biometric data in use today include, for
example, ¿ngerprint, face, and iris images, collected by the US
Department of Homeland Security (DHS) from visitors [48]; ¿ngerprint
and iris images collected by the government of India from (more than
billion) citizens [56]; iris, ¿ngerprint, and face images collected by the
United Arab Emirates (UAE) Ministry of Interior from visitors [57]; and
adoption of biometric passports in several countries. While biometric
systems serve as an excellent tool for authentication and identi¿cation of
individuals, biometric data is undeniably extremely sensitive and must be
well protected. Furthermore, once leaked, biometric data cannot be
revoked or replaced. For these reasons, biometric data cannot be easily
shared between organizations or agencies. However, there could be
legitimate reasons to carry out computations on biometric data belonging
to different entities. For example, a non-government agency may need to
know whether a biometric sample it possesses belongs to an individual on
the government watch-list. In this case the agency would like to maintain
the privacy of the individual if no matches are found, and the government
also does not want to release its database to third parties.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
276 Chapter Nine
2 Description of Computation
Without loss of generality, in what follows, we assume that client ܥholds
a single biometric template ܺ and server holds a database of biometric
data . The goal is to learn whether 's biometric template has a match in
's database without learning any additional information. This is
accomplished by comparing ܺ to each biometric templateܻ ܦ א, and as a
result of each comparison, learns a bit that indicates whether the
comparison resulted in a match.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
2.1 Iris
Let an iris code be represented as an ݉-bit binary string. We use ܺ to
denote the ݅-th bit of ܺ. In iris-based recognition, after feature extraction,
biometric comparison is normally performed by computing the normalized
Hamming distance between two biometric representations. To simplify
presentation, we refer to normalized Hamming distance simply as
Hamming distance henceforth. Furthermore, the feature extraction process
is such that some bits of the extracted string ܺ are unreliable and are
ignored in the comparison process. Information about such bits is stored in
an additional ݉-bit string, called mask, where its ݅-th bit is set to 1 if the ݅-
th bit of ܺ should be used in the comparison process and is set to 0
otherwise. For iris code ܺ, we use ܯሺܺሻ to denote the mask associated
with the iris code. Often, a predetermined number of bits (e.g., 25% in [31]
and 35% in [6]) are considered unreliable in each biometric template.
Thus, to compare two biometric templates ܺ and ܻ, their Hamming
distance takes into account the respective masks. That is, if the Hamming
distance between two iris codes without masks is computed as:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 277
ԡܺ ْ ܻԡ σ
ୀଵሺܺ ْ ܻ ሻ
ܦܪሺܺǡ ܻሻ ൌ ൌ
݉ ݉
the computation of the Hamming distance that uses masks becomes [23]:
Throughout this chapter, we assume that the latter formula is used, and we
simplify the notation to ܦܪሺܺǡ ܻሻ. Then, the computed Hamming distance
is compared with a speci¿c threshold ܶ, and the biometric samples ܺ and
ܻ are considered to be a match if the distance is below the threshold, and a
mismatch otherwise. The threshold ܶ is chosen based on the distributions
of authentic and impostor data; in the likely case of overlap of the two
distributions, the threshold is set to achieve the desired levels of false
accept and false reject rates based on the security goals.
Two iris representations can be slightly misaligned. This problem is
usually caused by head tilt during image acquisition. To account for this,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
the matching process attempts to compensate for the error and rotates a
biometric representation by a ¿xed amount to determine the lowest
distance. More precisely, each iris code is represented as a two-
dimensional bit array, and rotation corresponds to a circular shift which is
applied to each row. Each biometric is then rotated to the left and to the
right a small ¿xed number of times, which we denote byܿ. The minimum
Hamming distance across all rotations is then compared to the threshold.
That is, if we let ܵܮ ሺȉሻ (resp., ܴܵ ሺȉሻ) denote a circular left (resp., right)
shift of the argument by a ¿xed number of bits (normally 2 bits due to the
properties of the feature extraction process), the matching process
becomes:
Throughout this chapter, we assume that the algorithms for comparing two
biometric samples are public, as well as any constant thresholds ܶ. The
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
278 Chapter Nine
2.2 Fingerprints
Work on ¿ngerprint identi¿cation dates back to the late 1800s, with a
number of diơerent approaches currently available (see, e.g., [46] for an
overview). The most popular and widely used techniques extract
information about minutiae from a ¿ngerprint and store that information as
a set of points in the two-dimensional plane. Fingerprint comparison in
this case consists of ¿nding a matching between two sets of points, so that
the number of paired minutiae is maximized. In more detail, a biometric
template is represented as a set of ݉௫ points
ܺ ൌ ۃሺݔଵ ǡ ݕଵ ǡ ܽଵ ሻǡ ǥ ǡ ൫ݔೣ ǡ ݕೣ ǡ ܽೣ ൯ۄ, where ݔ and ݕ are coordinates of
minutia i in a two-dimensional space and ߙ is its orientation (represented
as an angle in degrees). A minutia ܺ ൌ ሺݔ ǡ ݕ ǡ ܽ ሻ in ܺ and minutia
ܻ ൌ ൫ݔᇱ ǡ ݕᇱ ǡ ܽᇱ ൯ in ܻ are considered matching if the spatial (i.e.,
Euclidean) distance between them is smaller than a given threshold ݀ ,
and the directional diơerence between them is smaller than a given
threshold ߙ . That is, we compute this as:
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 279
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
280 Chapter Nine
ǫ
ඨ ሺݔ െ ݕ ሻଶ ൏ ܶ (4)
ୀଵ
3 Cryptographic Preliminaries
Security model. Intuitively, the level of security that a privacy-preserving
construction should achieve is the same as having the participants
privately send their inputs to a trusted third party who performs the
computation and privately sends the result back. Then a secure technique
should provide the same level of data privacy, but without assuming the
existence of such a trusted third party.
Our security model is the standard model for secure two-party
computation in the presence of semi-honest participants [27] (also known
as honest-but-curious or passive). In particular, it means that the parties
follow the prescribed behavior, but might try to compute additional
information from the information obtained during protocol execution.
Security in this setting is de¿ned using a simulation argument: The
protocol is secure if the view of protocol execution for each party is
computationally indistinguishable from the view simulated using that
party's input and output only. This means that the protocol execution does
not reveal any additional information to the participants. The de¿nition
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 281
൛ܵ ൫݅݊ ǡ ݂ ሺ݅݊ଶ ǡ ݅݊ଶ ሻ൯ǡ ݂ሺ݅݊ଵ ǡ ݅݊ଶ ሻൟ ؠሼܸܹܧܫగ ሺܲ ሻǡ ሺݐݑଵ ǡ ݐݑଶ ሻሽǡ
where ݂ሺ݅݊ଵ ǡ ݅݊ଶ ሻ denotes the ݅th element that ݂ሺ݅݊ଵ ǡ ݅݊ଶ ሻ outputs, and ''Ł''
denotes computational indistinguishability.
designed to work with small plaintext spaces and has shorter cipher-text
size than other randomized encryption schemes, a public key consists of (i)
a (small, possibly prime) integer that de¿nes the plaintext space, (ii) ݇-bit
RSA modulus ܰ ൌ ݍsuch that and ݍare ݇/2-bit primes, ݒ and ݒ are
ݐ-bit primes for another security parameter ( ݐsmaller than ݇), and
ݒݑ ȁሺ െ ͳሻ and ݒݑ ȁሺ ݍെ ͳሻ, and (iii) elements ݃ǡ ݄ אԺכே such that ݃ has
order ݒݑ ݒ and ݄ has order ݒ ݒ . Given a message ݉ אԺ௨ , encryption is
performed as ܿ݊ܧሺ݉ሻ ൌ ݃ ݄ ݉ܰ݀, where ݎ՚ோ ሼͲǡͳሽଶǤହ௧ . We refer
the reader to the original publications [50] and [21,20] for any additional
information.
that it sees during evaluation). At the end, the result of the computation
can be recovered by linking the computed output labels to the bits which
they encode.
Recent literature provides optimizations that reduce computation and
communication overhead associated with circuit construction and
evaluation. Kolesnikov and Schneider [40] describe an optimization that
permits XOR gates to be evaluated for free, i.e., there is no communication
overhead associated with such gates, and their evaluation does not involve
cryptographic functions. Pinkas et al. [51] additionally give a mechanism
for reducing communication complexity of binary gates by 25%. Now
each gate can be speci¿ed by encoding only three outcomes of the gate
instead of all four. Finally, Kolesnikov et al. [39] improve the complexity
of certain commonly used operations such as addition, multiplication,
comparison, etc., by reducing the number of non-XOR gates. Adding two
݊-bit integers requires ͷ݊ gates, ݊ of which are non-XOR gates;
comparing two ݊-bit integers requires 4݊ gates, ݊ of which are non-XOR
gates; and computing the minimum of ݊ ݐ-bit integers (without the
location of the minimum value) requires 7݊( ݐí 1) gates, 2݊( ݐí 1) of
which are non-XOR gates. Garbling and evaluation of large circuits can
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 283
also be pipelined [32], so that the entire circuit does not have to reside in
memory.
With the above techniques, evaluating non-XOR gates involves one
invocation of the hash function [40] (which is assumed to be correlation
robust [42]) or one call to AES [7]. During garbled circuit evaluation, ܲଶ
directly obtains keys corresponding to ܲଵ 's inputs from ܲଵ and engages in
the oblivious transfer (OT) protocol to obtain keys corresponding to ܲଶ 's
inputs.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
284 Chapter Nine
ܦ൫ܺǡ ܵܮ ሺܻሻ൯ ൏ǫ ܶ ȉ ܯ൫ܺǡ ܵܮ ሺܻሻ൯ שǥ ܦ שሺܺǡ ܴܵ ሺܻሻሻ ൏ǫ ܶ (5)
ܯ ڄሺܺǡ ܴܵ ሺܻሻሻ
When this computation is carried out over real numbers, ܶ lies in the range
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
[0, 1]. In our case, it is desirable to carry out the computation over the
integers, which means that we ''scale up'' all values with the desired level
of precision. That is, by using κ bits to achieve desired precision, we
multiply ܦሺܺǡ ܻሻ by ʹκ and let range between 0 and ʹκ . Now ʹκ ܦሺܺǡ ܻሻ
and ܶ ܯ ڄሺܺǡ ܻሻ can be represented using ۀ݈݉݃ڿ κ bits.
1
Secure evaluation of the division operation in the multi-party setting was reported
in [30, 12, 1], but such techniques cannot be directly used in the two-party setting
that we employ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 285
ݐ 's and ܵ enters ݎௌ 's and
a ݐௌ 's, and they learn a bit, which indicates
whether ܻ wwas a match.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 287
Note that since ݎ 's, ݎௌ 's, ݐ 's and ݐௌ 's are used as inputs to the garbled
circuit and will need to be added inside the circuit, we want them to be as
small as possible. Therefore, instead of providing unconditional hiding by
choosing ݐௌ and ݎ from Ժכே (where ܰ is from )݇, the protocol achieves
statistical hiding by choosing these random values to be ߢ bits longer than
the values that they protect, where ߢ is a security parameter (so that the
value ݐ revealed to ܥstatistically hides the computed distance).
4.3 Optimizations
Pre-computation and oƫine communication. Similar to other literature
on secure biometric identi¿cation, we distinguish between oƫine and
online stages, where any computation and communication that does not
depend on the inputs of the participating parties can be moved to the
oƫine stage. In our protocol, we ¿rst notice that most modular
exponentiations (the most expensive operation in the encryption scheme)
can be precomputed. That is, the client needs to produce 2݉ encryptions
of bits. Because both ݉ and the average number of 0's and 1's in a
biometric template and a mask are known, the client can produce a
suƥcient number of bit encryptions in advance. In particular, ܺ normally
will have 50% of 0's and 50% of 1's, while 75% (or a similar number) of
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ܯሺܺሻ's bits are set to 1 and 25% to 0 during processing. Let and ଵ (ݍ
and ݍଵ ) denote the fraction of 0's and 1's in an iris code (resp., its mask),
where ଵ ൌ ݍ ݍଵ ൌ ͳ. Therefore, to have a suƥcient supply of
ciphertexts to form tuples ܽۃଵ ǡ ܽଶ ۄ, the client needs to precompute
൫ʹݍ ݍଵ ሺଵ ߝሻ ݍଵ ሺ ߝሻ൯݉ ൌ ሺͳ ݍ ʹݍଵ ߝሻ݉ encryptions of
0 and ൫ݍଵ ሺଵ ߝሻ ݍଵ ሺ ߝሻ൯݉ ൌ ݍଵ ሺͳ ʹߝሻ݉ encryptions of 1,
where ߝ is used as a cushion, since the number of 0's and 1's in might not
be exactly and ଵ , respectively. Then at the time of the protocol the
client simply uses the appropriate ciphertexts to form its transmission.
Similarly, the server can precompute a sufficient supply of encryption
of ݎௌ ’s and ݐௌ ’s for all records. That is, the server needs for produce
ʹሺʹܿ ͳሻȁܦȁ encryptions of diơerent random values of length ۀ݉ ڿ
κ ݇, where ȁܦȁ denotes the size of the database ܦ. The server also
generates one garbled circuit per record ܻ in its database (for step 3(b) of
the protocol) and communicates the circuits to the client. In addition, the
most expensive part of the oblivious transfer can also be performed during
the oƫine stage, as detailed below.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
288 Chapter Nine
The above implies that only ݍଵ ݉ ciphertexts ܾ need to be added in step
3(a).ii to form ܾ (i.e.,ݍଵ ݉ െ ͳ modular multiplications to compute the
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 289
ܯሺܻାଵ ሻ for each odd ݅) and ݉ሺݍ ሺͳ െ ʹݍ ሻȀʹሻ ൌ ሺܯ݄݊݁ݓሺܻ ሻ ്
ଶ
ܯሺܻାଵ ሻ for as many odd ݅'s as possible). This approach can be also
applied to the computation of ݀ (where only the value of ܽଷ ܽሺାଵሻଷ needs
to be precomputed for each odd ݅) resulting in the same computational
savings during computation of the hamming distance. Furthermore, by
precomputing the combinations of more than two values additional
savings can be achieved during processing of each ܻ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
290 Chapter Nine
as one of their inputs, we reduce the complexity of the circuit for addition
to ݊ í 1 non-XOR gates and ͷሺ݊ െ ͳሻ െ ͳ total gates. Similarly, after
eliminating gates with one constant input, the complexity of the circuit for
comparison of ݊-bit values becomes ݊ non-XOR gates and Ͷ݊ െ ʹ gates
overall. Since in the protocol there are two additions and one comparison
per each ݆ followed by ʹܿ OR gates, the size of the overall circuit is
ͳͶሺ݊ െ ͳሻሺʹܿ ͳሻ ʹܿ gates, where ሺ͵݊ െ ʹሻሺʹ ͳሻ ʹܿ of which
are non-XOR gates. Note that this circuit does not use multiplexers, which
are required (and add complexity) during direct computation of minimum.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 291
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
292 Chapter Nine
chosen strings ݎ and ݐ of length ݊. The simulator next creates a garbled
circuit for the computation given in step 3(b) that, on input client's ݎ 's and
ݐ 's, computes bit ܾ, sends the circuit to the client, and simulates the OT.
Note that the simulator can set the other party's inputs in such a way that
the computation results in bit ܾ. It is clear that given secure
implementation of garbled circuit evaluation in the real protocol, the client
cannot distinguish simulation from real protocol execution. Furthermore,
the values that ܥrecovers in step 3(a).iv of the protocol are distributed
identically to the values used in the real protocol execution that uses DGK
encryption (and they are statistically indistinguishable when other
encryption schemes are used).
Now consider the server's view. The server has its database ܦ
consisting of ܻ, ܯሺܻሻ, and the threshold.
ܶ as the input and no output. In this case, a simulator with access to ܦ
¿rst sends to ܵ ciphertexts (as in step 1 of the protocol) that encrypt bits of
its choice. For each ܻ ܦ א, ܵ performs its computation in step 3(a) of the
protocol, and forms garbled circuits as speci¿ed in step 3(b). The server
and the simulator engage in the OT protocol, where the simulator uses
arbitrary bits as its input to the OT protocol and the server sends the key-
value mapping for the output gate. It is clear that the server cannot
distinguish the above interaction from the real protocol execution. In
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Effficient Iris and Fingerprint Ideentification 293
As the table indicates, the design of the solution and the optimizations
employed in it allow for a particularly eƥcient performance. In particular,
comparison of two iris codes, which among other things includes
computation of 2(2ܿ + 1) = 22 Hamming distances (i.e., for the numerator
and denominator in Equation 1) over 2048-bit biometric templates in
encrypted form, is done in 0.15 sec. This is comparable in speed to the
latest developments in other functionalities (e.g., [32, 15, 54], which can
be used to compute the Hamming distance) and in part due to the use of
eƥcient DGK encryption scheme and other optimizations. When iris
images are well aligned and no rotation is necessary, our protocol requires
only 14 msec online computation time and under 2KB of data to compare
two biometric templates.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Effficient Iris and Fingerprint Ideentification 295
improve thee eƥciency off the secure prrotocol for FinngerCode iden
nti¿cation
in [5].
5.1 FingerCode
F Identificatioon
The commputation invoolved in FingeerCode compaarisons is verry simple,
which resultts in an extremmely eƥcientt privacy-presserving realizaation. We
rewrite the computation in Equation 4 as σ ଶ
ୀଵሺݔ െ ݕ ሻ ൌ σୀ
ଶ
ୀଵሺݔ ሻ
ଶ ଶ
σୀଵሺݕ ሻ െ σୀଵ ʹݔ ݕ ൏ ܶ . In our protocol, the Euclidean diistance is
computed uusing homom morphic encry yption, while the compariisons are
performed uusing garbled circuits. The secure
s FingerC
rCode protoco ol is given
in Figure 2. The client coontributes enccryptions of െെʹݔ and σሺݔ ሻଶ to the
computationn, while thee server contributes σ ሺݕ ሻଶ and computes c
encryption oof െʹݔ ݕ froom െʹݔ . Notte that by usinng ܿ݊ܧሺെʹݔ ሻ instead
of ܿ݊ܧሺݔ ሻ, the server's work
w for each ܻ is reduced , since negativ
ve values
typically usee signi¿cantlyy longer representations. Thhe protocol in
n Figure 2
uses DGK eencryption witth the plaintex xt space of ሾͲǡ ʹ െ ͳሿ. To be
b able to
represent thhe Euclidean distance,
d we need to set݊݊ ൌ ۀ݉ ڿ ʹκ ͳ,
where κ is the bitlengthh of elementss ݔ and ݕ . This impliess that all
computationn on plaintextss is performed d modulo ʹ ; for instance, ʹ െ ʹݔ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
296 Chapter Nine
is used in sttep 1 to form m ܿ݊ܧሺെʹݔ ሻ. The circuit uused in step 2(c) 2 takes
two ݊-bit vvalues, adds themt modulo ʹ , and com mpares the reesult to a
constant as ddescribed in Section
S 4.3.
Finally, some of the computation can be perfoormed oƫine. For the
client it inccludes precom mputing the random valuues used in the ݉+1
ciphertexts iit sends in steep 1 (i.e., the computation oof ݄ ݉))ܰ݀. For the
server it inccludes precom mputing ܿ݊ܧሺሺݎௌ ሻ, preparingg a garbled circuitc for
each, and oone-time compputation of random valuess for ܿ݊ܧሺσ ୀଵ
ሺݕ ଶ
ሻ
ሻ
since the reeuse of cipherrtexts in this case does noot aơect secu urity. The
client and tthe server also perform some s of OT functionality prior to
protocol inittiation, as prevviously discusssed.
In literatture on FingerrCodes, each ¿ngerprint
¿ in tthe server's daatabase is
represented by ܿ FingerC Codes that corrrespond to ddiơerent orienttations of
the same ¿nngerprint, which improves the t accuracy oof comparison n. Then if
the client iss entitled to receiving
r all matches withhin the ܿ FingerCodes
correspondinng to the sam me ¿ngerprint,, our protocoll in Figure 2 computes
c
exactly this functionalityy. If, on the other
o hand, it is desirable to output
only a singlee bit for all ܿ instances of a ¿ngerprint, iit is easy to modify
m the
circuit evaluuated in step 2(c)
2 of the pro otocol to comppute the OR of o the bits
produced byy the original ܿ circuits.
Security. T The security of
o this protoco ol is straightfoorward to show w and we
omit the dettails of the siimulator from m the current ddescription. As A before,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
by using onnly tools know wn to be securre and protectting the inform mation at
intermediatee stages, neithher the clientt nor the servver learns infformation
beyond whaat the protocoll prescribes.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 297
To preserve secrecy of the data, each bit of the array ܯis maintained by ܥ
and ܵ in XOR-split form, i.e., ܥstores ܯ ሾ݅ሿ and ܵ stores ܯௌ ሾ݅ሿ such that
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
298 Chapter Nine
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 299
In the beginning of the protocol, the client sends information about its
¿ngerprint ܺ. For best performance, the solution utilizes DGK encryption
with two pairs of keys. The ¿rst pair ሺ݇ǡ ݇ݏሻ is used for encrypting
spatial coordinates ݔ ǡ ݕ and computing Euclidean distance between
points, and the second pair ሺ݇ଶ ǡ ݇ݏଶ ሻ is used for encrypting orientation
information ߙ and directional diơerence. Therefore, we set the plaintext
space ݑൌ ʹଶκାଶ in ݇ଵ , where κ is the bitlength of coordinates ݔ , ݕ ,
and ݑൌ ͵Ͳ in ݇ଶ . This implies that computing ܽᇱ െ ܽ on encrypted
values will automatically result in the value being reduced modulo 360,
which simpli¿es computation with the directional diơerence in this form.
Also note that, while decryption in the DGK encryption scheme involves
solving the discrete logarithm, when ݑൌ ͵Ͳ, this can be achieved at
low cost using the Pohlig-Hellman algorithm, because 360 has only small
factors.
Our secure ¿ngerprint identi¿cation protocol is given in Figure 3. At
iteration, after computing the distances in encrypted form (step 2(b).i) and
decrypting them in a secret-shared form (step 2(b).ii), the parties engage in
garbled circuit evaluation using a circuit that performs the main
computation and produces an ݉ -bit vector ܣwith at most one bit set to
one, indicating the position of the mate of minutia ܺ . This (optimized)
circuit is the most involved part of the protocol, and is discussed in detail
below. At the end of each iteration, the vector ܯis updated with the
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
output of the circuit. And after all iterations have been performed, the rest
of the protocol consists of counting the number of marked elements in and
comparing that number to the threshold ܶ. This is done using an additional
garbled circuit, where the client learns the output bit.
Note that the protocol requires that both parties know the number of
minutiae in client ܺ and server ܻs, which is assumed not to leak
information about the ¿ngerprints themselves. While biometric images of
similar quality are expected to have similar numbers of minutiae, if for the
purposes of this computation ݉ and ݉ are considered to be sensitive
information, the ¿ngerprints can be slightly padded to always use the same
number ݉ of minutia points. This can be achieved by agreeing on a ¿xed
݉ and inserting fake elements into each ¿ngerprint until its size becomes
݉. The fake elements should not aơect the result of the computation,
which means that the fake elements of client's ܺ should not match either
the original or fake elements of any ܻ. The easiest way to ensure this is by
setting fake ݔ in ܺ to its maximum value plus ݀ and by setting fake ݔᇱ in
each ܻ to its maximum value plus ʹ݀ . This slightly increases the range of
values that spatial distances between minutia points can take, but is not
likely to result in additional overhead due to the increased space (i.e., the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
300 Chapter Nine
overhead can increase only when the bitlength needed to represent the
distances grows).
We design the circuit in step 2(b).iii of the protocol to minimize the
number of comparisons. In particular, each directional diơerence ܽᇱ െ ܽ
is compared to the threshold ߙ in the beginning, and if it exceeds the
threshold, the corresponding distance between ܺ and ܻ is modi¿ed so that
it will not be chosen as the minimum. This is done by prepending the
resulting bit of computation ሺሺܽᇱ െ ܽ ሻ ܽ רሺ൫ܽᇱ െ ܽ ൯ ሺ͵Ͳ െ ܽ ሻሻ
to the spatial distance between ܺ and ܻ (as the most signi¿cant bit). The
same technique is used to ensure that marked minutiae from ܻ are not
selected as well. What remains to be done is to verify what spatial
distances fall below the threshold and compute the minimum of such
values. In the (oblivious) garbled circuit, instead of ¿rst comparing each
distance to the threshold and then computing the minimum of (possibly
modi¿ed) distances, the solution directly computes the minimum and then
compares the minimum to the threshold. This reduces the number of
distance comparisons from ʹ݉ െ ͳ݉ݐ . The two previously
prepended bits are preserved throughout the comparisons, and the ¿nal
result will have no mate for ܺ selected if the computed minimum
(squared) distance is not below the threshold ሺ݀ ሻଶ .
Both the computation of the minimum and creation of vector ܣrequire
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
the use of multiplexers in the circuit. In particular, after comparing the two
values ܽଵ andܽଶ , one type of multiplexer used in our circuit chooses either
the bits of ܽଵ orܽଶ based on the resulting bit of the comparison. This
permits the computation of the minimum in a hierarchical manner using a
small number of non-XOR gates as described in [39]. We also use
multiplexers to collect information about ܣthroughout the circuit. In
particular, after a single comparison of distances ܽଵ andܽଶ , the portion of
ܣcorresponding to these two bits will be chosen to be either 01 or 10.
Suppose that after comparing ܽଵ andܽଶ , this value is 01 and after
comparing ܽଷ andܽସ , the value is 10. Then, after performing the
comparison of ሺܽଵ ǡ ܽଶ ሻ and ሺܽଷ ǡ ܽସ ሻ, either 0100 or 0010 will be
chosen as the current portion of ܣ. This process continues until the overall
minimum and the entire ܣis computed. This value of ܣwill have a single
bit set to 1, and after the ¿nal comparison of the minimum with the
threshold, ܣwill either remain unchanged or will be reset to contain all 0s.
Figure 4 shows the initial computation in the circuit performed for
each value of ݆, where ݊ ൌ ʹκ ʹ, and Figure 5 shows the computation
of the minimum and the output for a toy example of ݉ ൌ Ͷ. In Figure 4,
after adding ݐ and െݐ (mod 360) together, the sum is compared to 360.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Effficient Iris and Fingerprint Ideentification 301
Figure 4. Com
mponent of circcuit in ¿ngerprin
nt identi¿cationn protocol perfo
ormed for
f݆ אሾͳǡ ݉ ሿ.
each value of
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
If it exceeds the value, 360 3 is subtraccted from thee sum (in our concrete
realization tthe subtractedd value is bittwise AND oof the outcom me of the
comparison and each bit of the binary representatioon of 360). Fin nally, the
resulting value is comparred to two thrresholds and tthe result is prepended
p
to the spatiaal distance ݎ െ ݎௌ . In Figu
ure 4, multipleexer ݉ݔݑଵ ch
hooses the
smaller valuue based on thhe result of thhe comparisonn, ݉ݔݑଶ chooses either
01 or 10, bbased on the result
r of the comparison, ݉ ݉ݔݑଷ choosees a 4-bit
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
302 Chapter Nine
string based on its inputs from two multiplexers ݉ݔݑଶ and the outcome of
another comparison, and ݉ݔݑସ chooses either its input from ݉ݔݑଷ or a
zero string based on the result of the ¿nal comparison. The server (circuit
creator) supplies a stream of random bits ܣௌ to the circuit, and the client
learns the outcome of the XOR of that stream and the output of the last
multiplexer.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Effficient Iris and Fingerprint Ideentification 303
We also would like too mention thatt a protocol soolely based on n garbled
circuit evalluation for thhis type of computation
c is likely to result in
comparable or possibly even faster perrformance duee to recent adv vances in
the speed off garbled circuuit evaluation and OT extennsions (such as
a [7] and
[38, 2], resppectively). Too realize that, the circuit w
would need too perform
additional ʹ ʹ݉ଶ multipliications (as well as addditional additions and
subtractionss) per ܻ, withh the addition nal number oof gates exceeeding the
current num mber of gatees in the cirrcuits. This m means that using
u the
techniques tthat we impllement the oƫ ƫine work aassociated witth circuit
constructionn (per ܻ) willl increase, buut the online ccommunicatio on should
decrease.
6S
Summary of
o Design Principles
P aand Resultss
The prootocol designn presented in this chappter suggestss certain
principles thhat lead to an eƥcient implementation oof a privacy-p preserving
protocol forr biometric identi¿cation. First,
F notice thhat in the com mputation
described inn this chapter, as well as in other literatuure, a distancee between
biometric teemplate ܺ annd each biomeetric templatee in the daatabase is
¿rstly compputed, followeed by a comp parison operaation. The co omparison
ne whether thee distance ݀݅ݐݐݏሺܺǡ ܻሻ is
can be perfoormed to eitheer (i) determin
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
304 Chapter Nine
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 305
7 Further Reading
Most of the material presented in this chapter appeared in [10]. Two
privacy-preserving approaches for FingerCodes (with higher overhead) are
available in [5] and in [33]. Minutia-based ¿ngerprint matching (also with
higher overhead) is available in [55]. Additionally, some publications
(e.g., [25]) propose alternative mechanisms for privacy-preserving
authentication (as opposed to identi¿cation) without using standard
algorithms for comparing two biometric templates.
A number of publications [24, 53, 49] target the problem of privacy-
preserving face recognition. The ¿rst two of these [24, 53] build solutions
based on the Eigenfaces algorithm (where [53] improves the performance
of the technique in [24]), while [49] designs a new face recognition
algorithm together with its privacy-preserving realization called SciFi. The
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
306 Chapter Nine
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 307
References
[1] M. Aliasgari, M. Blanton, Y. Zhang, and A. Steele. Secure
computation on Àoating point numbers. In Network and Distributed
System Security Symposium (NDSS), 2013.
[2] G. Asharov, Y. Lindell, T. Schneider, and M. Zohner. More eƥcient
oblivious transfer and extensions for faster secure computation. In
ACM Conference on Computer and Communications Security (CCS),
pages 535-548, 2013.
[3] M. Atallah, M. Bykova, J. Li, K. Frikken, and M. Topkara. Private
collaborative forecasting and benchmarking. In ACM Workshop on
Privacy in the Electronic Society (WPES), pages 103-114, 2004.
[4] M. Barbosa, T. Brouard, S. Cauchie, and S. de Sousa. Secure biometric
authentication with improved accuracy. In Australasian conference on
Information Security and Privacy (ACISP), pages 21-36, 2008.
[5] M. Barni, T. Bianchi, D. Catalano, M. Di Raimondo, R. Labati, P.
Failla, D. Fiore, R. Lazzeretti, V. Piuri, F. Scotti, and A. Piva. Privacy-
preserving ¿ngercode authentication. In ACM Workshop on
Multimedia and Security (MM&Sec), pages 231-240, 2010.
[6] N. Barzegar and M. Moin. A new user dependent iris recognition
system based on an area preserving pointwise level set segmentation
approach. EURASIP Journal on Advances in Signal Processing, pages
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
1-13, 2009.
[7] M. Bellare, V. T. Hoang, S. Keelveedhi, and P. Rogaway. Eƥcient
garbling from a ¿xed-key blockcipher. In IEEE Symposium on Security
and Privacy, pages 478-492, 2013.
[8] M. Blanton. Empirical evaluation of secure two-party computation
models. Technical Report TR 2005-58, CERIAS, Purdue University,
2005.
[9] M. Blanton and M. Aliasgari. Secure computation of biometric
matching. Technical Report 2009-03, Department of Computer Science
and Engineering, University of Notre Dame, 2009.
[10] M. Blanton and P. Gasti. Secure and eƥcient protocols for iris and
¿ngerprint identi¿cation. In European Symposium on Research in
Computer Security (ESORICS), pages 190-209, 2011.
[11] M. Blanton, A. Steele, and M. Aliasgari. Data-oblivious graph
algorithms for secure computation and outsourcing. In ACM
Symposium on Information, Computer and Communications Security
(ASIACCS), pages 183-194, 2013.
[12] D. Bogdanov, M. Niitsoo, T. Toft, and J. Willemson. High-
performance secure multi-party computation for data mining
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
308 Chapter Nine
2010.
[19] R. Cramer, I. Damgård, and J. Nielsen. Multiparty computation from
threshold homomorphic encryption. In Advances in Cryptology -
EUROCRYPT, pages 280-300, 2001.
[20] I. Damgård, M. Geisler, and M. Krøigård. A correction to eƥcient
and secure comparison for on-line auctions. Cryptology ePrint
Archive, Report 2008/321, 2008.
[21] I. Damgård, M. Geisler, and M. Krøigård. Homomorphic encryption
and secure comparison. Journal of Applied Cryptology, 1(1):22-31,
2008.
[22] I. Damgård, M. Geisler, and M. Krøigård. Asynchronous multiparty
computation: Theory and implementation. In Public Key Cryptography
(PKC), pages 160-179, 2009.
[23] J. Daugman. How iris recognition works. IEEE Transactions on
Circuits and Systems for Video Technology, 14(1):21-30, 2004.
[24] Z. Erkin, M. Franz, J. Guajardo, S. Katzenbeisser, I. Lagendijk, and
T. Toft. Privacy-preserving face recognition. In Privacy Enchancing
Technologies Symposium (PETS), pages 235-253, 2009.
[25] Q. Feng, F. Su, and A. Cai. Privacy-preserving authentication using
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 309
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
310 Chapter Nine
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure and Efficient Iris and Fingerprint Identification 311
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER TEN
Abstract
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
1 Introduction
Cloud computing and biometric identification. Cloud computing offers
new interesting opportunities in the field of biometrics. A client holding a
biometric database can outsource it to the cloud and enjoy the availability
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 313
and the elasticity of cloud facilities. Moreover, one could use the cloud to
compute over these biometric data, for instance for computing
authentications or 1-vs-N identifications.
As for any other data outsourcing, delegating biometric data storage
and identification to a cloud facility raises many security and privacy
problems [50, 32]. The sensitive nature of biometric data and
consequences of a biometric data server breach encourage taking special
precautions when outsourcing biometric data. In particular, we do not want
an untrusted server S to learn the biometric data stored.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
314 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 315
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
316 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 317
related to a point of ࣪.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
318 Chapter Ten
In this chapter, we make the hypothesis that the biometric data b are
represented as vectors in an n-dimensional metric vector space ሺܧǡ ݀ሻ, in
such a way that the following conditions hold:
Condition 1. Two different captures ܾ, ܾԢ from the same user ࣯ are, with
high probability, at a distance ݀ሺܾǡ ܾԢሻ ߣ .
Inputs: A metric space ሺܧǡ ݀ሻ, a set of points ࣪ ܧ ؿ, a point ܧ א ݔ, a
family of LSH functions = {݄ଵ ǡ ǥ ǡ ݄ఓ } : E ĺ U , a threshold IJ { א1, . . .
, μ}.
Preprocessing
Let ܶଵ ǡ Ǥ Ǥ Ǥ ǡ ܶஜ be empty look-up tables with ܷ as input domain.
• For all ࣪ א , do ܶ ሾ݄ ሺሻሿ ՚ ሼሽ ܶ ሾ݄ ሺሻሿ, for ͳ ݅ Ɋ.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 319
Figure 1. Generic algorithms for solving the ANN and NN problems using LSH
functions
Inputs
Common: vector space ሺܧǡ ݀ሻ for biometric data.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Now let us assume that the vector space ܧcan be equipped with a LSH
family ൌ ሺ݄ଵ ǡ ǥ ǡ ݄ఓ ሻ ܧ ՜ ܷ. The NN protocol described in Figure
1. can then be adapted to accelerate biometric identification. Indeed,
computing a few hash function evaluations and doing some look-ups can
be much more efficient than computing the distances between ܾ௦ and
all the ܾ ݏ. The enrollment procedure includes a preprocessing part and the
identification procedure is a direct application of the algorithm of Figure 1.
The thus obtained protocol is described in Figure 3. This generic protocol
is used in all secure solutions presented in Section 4.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
320 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 321
ሺ݉ଵᇱ ǡ ǥ ǡ ݉ଶସ଼
ᇱ
ሻ, compute
ԡሺܺ۩ܻሻܯځሺܺሻܯځሺܻሻԡ
ܦܪሺܺǡ ܻሻ ൌ
ԡܯሺܺሻܯځሺܻሻԡ
(1)
σଶସ଼ ᇱ
ୀଵ ሺݔ ْ ݕ ሻ ݉ ڄ ݉ ڄ
ൌ
σଶସ଼
ୀଵ ݉ ݉ ڄ
ᇱ
for some rotations of the second template – to deal with the iris
orientation’s variation – and to keep the lowest distance.
For the LSH functions considered in our protocol, we use the beacon
guided search (BGS) algorithm introduced in [27]. The range of this LSH
family is the m = 10-dimensional Hamming space, and μ = 128 hash
functions are considered. Hashing simply consists in taking 10
uncorrelated bits of the IrisCodes. More details on the choice of these bits
can be found in [27].
Take IrisCodes with ݊ ൌ ʹͲͶͺ, μ = 128 and ݉ ൌ ͳͲ. Let
ߣ =0.25·2048 = 512, ߣ௫ = 0.35·2048 = 716.8 be the values of
Conditions 1 and 2. If we consider that biometric acquisitions are
sufficiently independent and uniformly distributed, we can get estimations
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
322 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 323
x Snd can run Enrollment (ܾ ) to enrol a new person ࣯ into the
database. The Enrollment protocol is run in interaction with the
server.
x Rcv can run Identification (ܾ௦ ) to obtain an identification result
on ܾ௦ against the biometric data enrolled in the database. The
Identification protocol is run in interaction with the server.
For privacy issues, we want to ensure that the identification system is not
misused and that function creep (i.e. use for another purpose) is prevented.
This means in particular that a component should not be able to learn more
information than what is really needed for a correct result. For instance,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 325
The last requirement applies to the receiver’s side. We do not want to let
an adversary learn more information from the result of an identification
query than needed. This is not mandatory for all applications, but seems to
be a nice objective for non-criminal implementations of biometric
identification systems:
x The Receiver Rcv can run readDB(u) to obtain the content of a block
at address u in the database ࣞࣜ;
x The Sender Snd can run writeDB(u, b) to place data block b at
address u in the database ࣞࣜ.
We assume that we are in the setting of Figure 3., i.e., that biometric data
lie in an appropriate space E where a LSH family ൌ ሼ݄ଵ ǡ ǥ ǡ ݄ఓ ሽ ՜
can be used in an identification protocol. For the sake of simplicity, we
assume that is the m-dimensional Hamming space, for some integer m.
We also assume that at most users can be enrolled in the database.
A server database is split into two parts. Biometric data of enrolled
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
326 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 327
without letting the mail provider learn information on the content of the
user’s mails.
Three entities are involved; a sender Snd who wants to store data, a
server ܵ that stores the data sent by the server, and a receiver Rcv who may
retrieve part of the data detained by the server. Depending on the setting,
the sender and the receiver could be distinct persons or the same person
(client )ܥ. In the latter case, the construction usually relies on symmetric
cryptography, whereas asymmetric cryptography is used in the first case.
The main functionalities are Send and Receive:
The two main security properties that are associated with searchable
encryption schemes are sender privacy and receiver privacy. Namely,
sender privacy models the fact that the server should not learn information
about what is stored on the server’s side (this always includes
confidentiality of the messages, of the keywords and may encompass
indistinguishability of the queries as well, using asymmetric
cryptography). Receiver privacy corresponds to confidentiality of the
receiver’s queries: The server should not learn which data are retrieved
and, possibly, should also not distinguish queries. Depending on the level
of security, the scheme can prevent non-adaptive or adaptive attack
strategies. The scheme of Boneh et al. [6] achieves the highest known
level of security (indistinguishability against adaptive adversaries) owing
to the use of Private Information Retrieval (PIR) [18] techniques. A PIR
protocol enables the retrieval of a specific block from a database, without
allowing the database to learn anything about the query (see Section
4.2.3).
The general principle, in particular in [6, 13], to construct these
primitives, is to consider each sent keyword as a virtual address where the
receiver can recover a link toward the associated messages. To do so
without increasing too much memory cost, several works [6, 23, 3] rely on
Bloom filters (see Section 4.2.1 for more details on Bloom filters).
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 329
We do not mention interactions with ࣞࣜ1. This database does not need to
be equipped with a SSE functionality. Depending on the level of privacy
that one wants to obtain, ࣞࣜ1 can be simple (encrypted) database or can be
associated to a Private Information Retrieval protocol (see Section 4.2).
For some functionalities, outputting Sx can also be sufficient. The protocol
using SSE is summed up in Figures 5. and 6.
The benefit of symmetric searchable encryption compared to
asymmetric schemes concerns complexity; computation cost at the
database’s side is much lower.
When data are organized as look-up tables, a search can be made in
constant time and only μ searches (one per keyword j||hj ሺܾ௦ ).) are
needed for an identification query.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
330 Chapter Ten
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
4.1.3 Complexity
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 331
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
332 Chapter Ten
In other words, the bucket structure is empty at first, and, for each element
࣪ א ݕto be indexed, we add to the bucket TĮ the tag associated to ݕ. This
construction enables the retrieval of a tag ȥ(y) associated to an element
࣪ א ݕby computing ځ௩ୀଵ ܶᇲ ሺ௬ሻ .This intersection may capture
ೕ
inappropriate tags, but the choice of relevant hash functions and increasing
their number enables the reduction of the probability of that event. These
properties are summed up in the following lemma.
We want to apply Bloom filters to data that are very likely to vary, like
biometric data. The following section shows how to apply LSH families as
inputs to Bloom filters.
We choose Ɋ hash functions from an adequate LSH family ൌ
ሺ݄ଵ ǡ Ǥ Ǥ Ǥ ǡ ݄ஜ ሻ:
ܧ՜ ሼͲǡͳሽ . And hash functions dedicated to a Bloom filter with
Storage ᇱ ൌ ൫݄ᇱ ǡ ǥ ǡ ݄௩ᇱ ൯ǣ ሼͳǡ ǥ ǡ ߤሽ ൈ ሼͲǡͳሽ ՜ ሼͳǡ ǥ ǡ ܯሽ. To obtain a
BFS with locality-sensitive functionality, we use a ρ ൈ composite hash
function by combining both families.
We denote by ݄ሺǡሻ ܧ ՜ ሼͳǡ ǥ ǡ ܯሽ the corresponding composite
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 333
functions (ܿ stands for composite) with ݄ሺǡሻ ሺݕሻ ൌ ݄ᇱ ሺ݅ǡ ݄ ሺݕሻሻ. Let
ୡ
ൌ ሼ݄ሺǡሻ ǡ ሺ݆ǡ ݅ሻ אሼͳǡ ǥ ǡ ݒሽ ൈ ሼͳǡ ǥ ǡ ߤሽሽ be the set of all these
functions.
To sum up, we modify the update of the buckets in Definition 5 by
setting Ƚ ൌ ݄ᇱ ሺ݄ ሺݕሻǡ ݅ሻ. Later on, to recover the tag related to an
approximate query ݔԢ ܤ א, all we have to consider is
ఓ
ܾ݅݃ܿܽୀଵ ځ௩ୀଵ ܶᇲ ሺ ൫௫ᇲ ൯ǡሻ (or, at least, the items appearing in more than
ೕ
ɒ tables ܶᇲ ሺ ൫௫ᇲ ൯ǡሻ , where ɒ is a fixed threshold). Indeed, if ݔand ݔԢ are
ೕ
close enough, then the LSD function outputs the same result on ݔand ݔԢ;
we thus build a Bloom filter with storage that has the LSH property. This
property is numerically estimated in the following lemma:
1. If two points ݔand ݔԢ are far enough apart, then except with a small
probability, ߰ሺݔԢሻ does not intersect all the buckets that index ݔ, i.e.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ͳ ȁ ȁ
൬߳ଶ ሺͳ െ ߳ଶ ሻ ൰
ܯ
2. If two points x and ݔԢ are close enough, then except with a small
probability,
߰ሺݔԢሻ is in all the buckets that index ݔ, i.e.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
334 Chapter Ten
that ࣭ does not know which data was read. This is done through a method
ࣞࣜ ሺݑሻ, that allows the client ܥto recover the element stored at index
ݑin ࣞࣜ by running a PIR protocol.
Suppose a database ࣞࣜ is constituted with M blocks ܺ ൌ ݔଵ ǡ Ǥ Ǥ Ǥ ǡ ݔெ .
To be secure, the protocol should satisfy the following properties [22]:
• Soundness: When the user and the database follow the protocol, the
result of the request is exactly the requested block.
• User Privacy: For all ൌ ݔଵ ǡ Ǥ Ǥ Ǥ ǡ ݔெ , for ͳ ݅ǡ ݆ ܯ, for any
algorithm used by the database, it cannot distinguish, with a non-
negligible probability, between a read request on index ݅ and a read
request on index ݆.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 335
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
336 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 337
Remark 4. Proposition 2 assumes that the Bloom filter hash functions are
pseudo-random; this hypothesis is quite standard for a Bloom filter
analysis. It can be achieved by using cryptographic hash functions with a
random oracle-like behaviour.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
338 Chapter Ten
client privacy.
Client ࣝ can make two kinds of requests:
x a read request on a specified block u;
x a write request of a B bytes data on a specified block u.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 339
The path to the first leaf is then fully re-written, while placing the data
block somewhere in the intersection with the path to the second leaf.
To preserve confidentiality, all data are encrypted by client ࣝ using a
symmetric encryption scheme (e.g. AES). The computational cost for ࣝ to
encrypt/decrypt/re-encrypt data blocks thus remains very low, compared to
the use of public-key cryptography.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
340 Chapter Ten
1024TB), the server stores less than 4N blocks, and the client has to store
less than 0.3% of the ORAM capacity (this proportion decreases when the
ORAM capacity increases). The practical performance, measured as the
ratio between the bandwidth consumptions of an ORAM request and of a
request on a remote database without privacy, is between 20 and 35.
Moreover, Stefanov et al. prove that their construction leads to a secure
ORAM, following the model of Definition 6.
The protocol of [9] also follows the generic construction of Figure 4. in the
symmetric setting. Both databases ࣞܤଵ and ࣞܤଶ are equipped with ORAM
functionalities. As in the previous construction, elements in ࣞܤଵ
(biometric and identity data) are indexed by user identifiers, while
elements in ࣞܤଶ (identification pre-processing) are indexed by hash
values. The protocol using ORAM is summed up in Figures 9. and 10.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 341
Guided Search of [27], does not degrade much identification results [10,
Section 5.2].
If the value of l is not considered to be sensitive, it becomes sufficient
to follow the protocol described in Figure 4., and without modifications.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
342 Chapter Ten
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
4.3.3 Complexity
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 343
Accesses to ࣞܤଵ . ࣞܤଵ contains the (encrypted) biometric data. With the
notations of Section 3.2, N blocks of 512 bytes (IrisCodes with masks) are
stored in ࣞܤଵ . (Notice that identity information could also be added.) The
performances of the first ORAM consequently only depend on N. Server ࣭
needs to store about 4 times the size of the actual database (i.e. 4N blocks
of 512 bytes), while the storage required by client ܥdecreases with N,
reaching about 1% of the actual database size for a few thousand enrolled
users. Reading or writing in the ࣞܤଵ database requires less than 1 ms of
computational time.
Indeed, the blocks are indexed by the 2m = 210 possible outcomes of the μ
= 128 = 27 LSH functions. Consequently the ORAM capacity (i.e. the
number of actual blocks that are outsourced by ܥ, while server’s database
contains additional fake blocks) is set to 217 and only the block size varies
with N. The ratio between server storage and ORAM capacity does not
change much with N and is approximately equal to 4.22. For N § 250, 000
users, client storage is approximately 2 MB, while 314ms are required for
μ = 128 accessed to ࣞܤଶ . Recall that Enrollment requires 256 accesses to
ࣞܤଶ while Identification requires 128 ones.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
344 Chapter Ten
5 Concluding Remarks
To conclude this chapter, we suggest some elements of comparison
between the different protocols that were described and expose some open
issues.
use of PIR/PIS implies a work for the server that is linear in the size of the
databases, while ܵ only has to do look-ups for SSE and data
storage/retrieval for ORAM. On the client’s side, it depends on the
parameters, and requires a sublinear number of encryptions/decryptions
that are either public-key operations (PIR/PIS) or symmetric operations
(SSE, ORAM).
The ORAM construction is the only construction for which
implementation performances were published, and the performances given
in [9] and summed up above show its computational efficiency for quite
large databases (see Section 4.3).
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 345
query, then about 1/4 of the whole ࣞܤଵ size is exchanged and the
advantage of using outsourcing and privacy-preserving primitives instead
of downloading the whole database is limited.
To make outsourcing valuable, one should choose a primitive with low
communication complexity, adapt the LSH family (see Section 5.3),
and/or find an appropriate use case (see below).
Stateful vs Stateless and Concurrency. The first two protocols (SSE and
PIR/ PIS) are stateless, meaning that the client does not need to store data.
Moreover, accessing data on the remote server does not change the
database, thus using these protocols can easily be done in a concurrent
setting. However, use of ORAM often requires some synchronization
between the client ܥand the server ܵ, and might ask ܥfor storing up-to-
date information (e.g. [48, 49]). Concurrency is thus more difficult to
achieve and use of stateless ORAMs ([26]) could be valuable, if one wants
to let several clients access the identification system. This could be the
case, for instance, if the database is a central database of the police and
police officers on the field have devices that they use to exchange
information with the remote database, so to identify citizens who are under
surveillance.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
346 Chapter Ten
Acknowledgements
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
This work has been partially funded by the European FP7 FIDELITY
project (SEC-2011-284862). The opinions expressed in this document are
only those of the authors. They reflect neither the view of the European
Commission nor the view of the employer of the authors.
References
[1] M. Adjedj, J. Bringer, H. Chabanne, and B. Kindarji. Biometric
identifica- tion over encrypted data made feasible. In A. Prakash and I.
Gupta, editors, ICISS, volume 5905 of Lecture Notes in Computer
Science, pages 86–100. Springer, 2009.
[2] A. Andoni and P. Indyk. Near-optimal hashing algorithms for
approximate nearest neighbor in high dimensions. Commun. ACM,
51(1):117–122, 2008.
[3] J. Bethencourt, D. X. Song, and B. Waters. New constructions and
practical applications for private stream searching (extended abstract).
In IEEE Sym- posium on Security and Privacy, pages 132–139. IEEE
Computer Society, 2006.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 347
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
348 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Identification Over Outsourced Biometric Data 349
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
350 Chapter Ten
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER ELEVEN
Abstract
Over the past several years, many companies have benefited from the
implementation of cloud solutions within their own organisations. Due to
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
352 Chapter Eleven
1 Introduction
Cloud computing is an emerging technology which allows users to request
services and resources from their service providers in an on-demand
environment. It is a complex yet resource-saving infrastructure for today’s
modern business needs, providing the means through which services are
delivered to the end users via Internet access. In the cloud environment,
users can access services based on their needs, without knowing how the
services are delivered or where the service is hosted.
The US National Institute of Standards and Technology (NIST) has
defined cloud computing as follows [1]: Cloud computing is a model for
enabling ubiquitous, convenient, on-demand network access to a shared
pool of configurable computing resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly provisioned and released
with minimal management effort or service provider interaction. Hardware
devices, software, storage and network infrastructure are available to cloud
users through Internet access. Rather than purchasing expensive but
powerful resources, users lease these resources from the service providers.
With cloud computing, users can access the services via the Internet
regardless of time or location. In addition, they do not have to install
software on their local machine but are still able to enjoy a high level of
availability of services. Furthermore, high efficiency and fast deployment
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
benefits are also attractions for companies and individuals who move to
cloud services. Due to advantages such as flexibility, mobility, and cost
saving, the number of cloud users has increased tremendously. Industry
analysts have made projections that the entire computing industry will be
transformed into a cloud environment [2].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 353
In this cloud-driven era, user authentication is often the key issue in the
cloud environment. It is important for the service provider to verify who
can access their services and to identify each user. Some commonly-used
authentication services include Kerberos [3] and OpenID [4]. The service
provider authenticates its users based on the credentials submitted such as
a password, token or digital certificate. Unfortunately, these credentials
can be stolen, accidentally revealed or difficult to remember.
A biometric system is a pattern recognition system that uses biometric
features extracted from physiological (e.g., fingerprint or face) or
behavioural characteristics (e.g., voice or handwriting) of the user. It is
commonly used to recognize an individual, based on characteristics such
as iris patterns, facial features, fingerprints, palm prints, or voice patterns.
Biometric authentication is an emerging approach to authenticate cloud
users. Recently, the German company BioID proposed the world’s first
biometric authentication service for cloud computing [5]. In their solution,
biometric authentication as a service (BaaS) was proposed to provide
single sign-on for user authentication. With large-scale biometrics
deployment, the amount of biometric data collected has grown
tremendously. For example, India launched a biometric data project to
collect biometric data for its 1.3 billion residents [6].
The attempt to use cloud computing to quantify the scope of the
biometric database size explosion was first proposed by associates at Booz
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Allen Hamilton in 2010 [7]. Their idea was to utilize the processing power
of the cloud to facilitate the big data biometrics-matching problem.
Recently, Intel’s McAfee started offering a biometric authentication
service to allow its users to securely store their files online [8].
The primary concern in any biometric-based system is the protection of
the biometric templates. This is of particular concern because biometric
characteristics for humans are limited (they cannot be changed or
reissued). Biometric templates uniquely represent the strong identity
information of their owner. Although they provide a higher degree of
security, compared with passwords or security tokens, they can still be
stolen or exchanged. Hence, the leakage of biometric templates will
compromise the user’s privacy forever. For example, if users enrol in
different systems using the same biometric features, the leakage in one
system will compromise their privacy in other systems at the same time.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
354 Chapter Eleven
1.3 Organization
The rest of this chapter is organized as follows: The background and
related work for this research are presented in Section 2. We describe the
system settings and model of our framework in Section 3. We present our
solution in Section 4, followed by the analysis and discussions in Section
5. Our conclusion is in Section 6.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 355
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
356 Chapter Eleven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 357
Notation Description
ट individual who provides his or her biometric data for
ࢄ authenticate
biometric sample extracted from ࣯ during the enrolment
process
ࢅ biometric sample extracted from ࣯ during the verification
ࢄԢ process
transformed biometric sample during the enrolment process
ࢅԢ transformed biometric sample during the verification process
ࢄ̶ shuffled sample during the enrolment process
ࢅ̶ shuffled sample during the verification process
ࢀ biometric template
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
358 Chapter Eleven
ࡽ query feature
࣊ट shuffling protocol o ࣯
࢞ᇱ ݅-th element of ܺԢ
࢟ᇱ ݅-th element of ܻԢ
࢙ comparison score between ܺ and ܻ (based on squared
Euclidean distance)
length of the original feature vector
length of the verification code
length of the transformed vector where, ݇ ൌ ݊ ݉
ࢀࡵࡰ template identification number
ࢂࡵࡰ verification code identification number
ट encryption key from ࣯
࢘ट decryption key from ࣯
ࡱࢉट ሺȉሻ encryption operation by using ࣯݇
ࡰࢋࢉ࢘ट ሺȉሻ decryption operation by using ࣯ݎ
࣓ random non-zero noise
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
360 Chapter Eleven
our protocol.
In this chapter, we design a collaborative framework that can improve
the model proposed in [28]. In particular, we aim to prevent any entity
from learning all the sensitive information. To do so, we include an
additional entity (e.g., a transformation agent), and introduce the usage of
a verification code and noise to protect the biometric samples.
Furthermore, we utilize a homomorphic cryptosystem in our framework
design so to allow the computation of a comparison score in an encrypted
form. This can prevent the matcher from knowing the actual score between
the two biometric samples. We will discuss the details of our framework
design in the following section.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 361
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
362 Chapter Eleven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 363
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
364 Chapter Eleven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 365
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
366 Chapter Eleven
4 Our Solution
In this section, we explain the details of the enrolment and the verification
process.
Users can use the same biometric data to enrol into new or existing
systems that allow multiple enrolments. The enrolment process begins by
scanning biometric trait of the user. The biometric sensor scans the
biometric trait of ࣯ and then the feature extractor extracts a biometric
sample ܺ from the scanned data. Since ܺ is sensitive information, we will
not use it directly as the template of ࣯. Instead, we will use a verification
code ܸ to transform ܺ into a mixture for which it is difficult for the
adversary to identify a genuine ܺ . The transformed sample will be
encrypted by using the encryption key ࣯݇of ࣯, before it is shuffled and
stored as a template ܶ of ࣯ in ்ࣞࣜ . Note that the cryptosystem used in our
protocol is semantically secure such that the encryption of the same
message will produce different ciphertexts due to randomization in the
encryption process [31]. The shuffle protocol is used to permute the order
of elements in the transformed sample, and we will use the same shuffle
protocol for ࣯ during the verification process.
A user who successfully enrols into our system will obtain two
identifiers: (1) the template identifier, ܶ ܦܫand (2) the verification code
identifier, ܸ ܦܫ. The first identifier is used to retrieve template ܶ from
்ࣞࣜ , while the second identifier is used to access the verification code ܸ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 367
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
368 Chapter Eleven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 369
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
370 Chapter Eleven
In this section, we present the correctness and security analysis for our
proposed solution. We will consider all possible attacks from each semi-
honest entity. In addition, we will discuss joint attacks which occur when
two or more adversaries who control the semi-honest entity collude.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 371
ܿ݊ܧ࣯ ሺ̶̶ܻܺሻ
ܿ݊ܧ࣯ ሺെʹݔଵ ݕଵ ሻǡ ܿ݊ܧ࣯ ሺെʹݔଶ ݕଶ ሻǡ ǥ ǡ ܿ݊ܧ࣯ ሺെʹݔ ݕ ሻǡ
ൌቊ ቋ
ܿ݊ܧ࣯ ሺെʹݒଵଶ ሻǡ ܿ݊ܧ࣯ ሺെʹݒଶଶ ሻǡ ǥ ǡ ܿ݊ܧ࣯ ሺെʹݒ
ଶሻ
ܿ݊ܧ࣯ ሺݏሻ ൌ
ܿ݊ܧ࣯ ሺσୀଵ െʹݔ ݕ ሻ ܿ݊ܧ࣯ ൫σ ଶ ଶ
ୀଵ െʹݒ ൯ ܿ݊ܧ࣯ ሺσୀଵ ݔ ሻ
ൌ ܿ݊ܧ࣯ ሺσୀଵ ݔଶ ሻ ܿ݊ܧ࣯ ሺσୀଵ െʹݔ ݕ ሻ ܿ݊ܧ࣯ ሺσୀଵ ݕଶ ሻ
ൌ ܿ݊ܧ࣯ ሺσୀଵ ݔଶ െ ʹݔ ݕ ݕଶ ሻ
ൌ ܿ݊ܧ࣯ ሺσୀଵሺݔ െ ݕ ሻଶ ሻ (1)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
372 Chapter Eleven
assuming that ࣛ only controls one semi-honest entity to achieve its attack
goal:
sample of ࣯ᇱ .
4. To learn the comparison score, and the system threshold, ߬.
The adversary ࣛ cannot achieve this attack if it only has control
over ࣝԢ. In our protocol design, the comparison score has been
distorted with a noise. After ࣝԢ performs the decryption operation,
it cannot learn the actual comparison score between ܺ and ܻ. Since
߬ is determined by the system administrator and this information is
never exchanged during the protocol execution, we can assume that
ࣛ cannot learn ߬ from ࣝԢ. Therefore, we can ensure that ࣛ cannot
modify the decrypted result from ࣝԢ so to bypass the authentication
system. If ࣝԢ performs a hill-climbing attack for the same attack
goal, we can foresee that this attack is unlikely to succeed. For each
authentication request, the noise module will generate random
noise to hide the actual comparison score. Therefore, any obvious
modification (e.g., obtaining a negative result after removing the
noise) detected by the noise module will lead to a failed
authentication.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 373
collude with any entities to bypass the authentication process. In order for
ࣝԢ to perform such an attack, it needs the computation result from ࣧԢ (i.e.,
ܿ݊ܧ࣯ ሺݏሻ). After the decryption, ࣝԢ can learn the value of ݏ. Later, ࣝԢ can
deduce ɘ from the data it received from ࣪ (i.e., ܿ݊ܧ࣯ ሺ߱ ȉ ݏሻ). Hence, it
is possible for ࣝԢ to bypass the authentication process by sending a
relatively small fake comparison score back to ࣪. The adversary ࣛ who
controls ࣝԢ can achieve the same attack goal if it colludes with ࣪Ԣ during
the verification process. For instance, ࣪Ԣ reveals the value of ɘ to ࣝԢ, and
ࣝԢ carries the same operations as discussed previously. We summarize all
the possible joint attacks between ࣝԢ and other entities in Table 3. We use
an arrow symbol ()to denote the joint attack.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
374 Chapter Eleven
As shown in Table 3., the most powerful joint attack occurs when ࣝԢ
obtains sensitive information from ࣮Ԣ, ࣧԢ, and ࣪Ԣ during the verification
process. However, in the real world, we assume that no attacker can attack
two or more entities at the same time. This assumption is realistic because
the background knowledge and skills required for each attack point are
different. Further, the attacker may not have sufficient resources and
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 375
5.4 Discussion
Our notion of a verification code is somewhat similar to the secret token
for a biohash[32] or a cancellable biometric [33]. In fact, we can design an
additional entity to generate a cancellable biometric sample for the user,
and use it in our transformation process so to increase the security of our
system. The inclusion of ܸ during the transformation process is to make it
difficult for the attacker to determine the genuine biometric sample from
the mixture. Note that all elements of ܸ will be eliminated at the end of the
computation so to ensure that the comparison result is correct and it can be
used to authenticate the legitimate user.
In general, we can generate ܸ from a distribution that is identical or
approximately close to the original biometric sample. For each user, we
can generate ܸ with different lengths so to increase the difficulty level for
the attacker to attack the system. By using different verification codes, we
can transform a biometric sample into different templates. In order words,
our solution allows the users to use the same biometric sample to enrol
into various services. The leakage of a user template in one service will
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
376 Chapter Eleven
not affect templates used for other services. Hence, the adversary is not
able to use a compromised or stolen template to perform the cross-
matching attack.
The noise module of ࣪ is responsible for inserting and removing noise
߱ from the comparison score. For security purposes, it should generate a
new random noise for each authentication request. This is an important
way to prevent any adversary from launching a hill-climbing attack to
bypass the authentication system. With random noise, the decrypted result
at the client will be different. In our protocol design, we required a
shuffling protocol ߨ࣯ to permute the order of elements in the transformed
sample. To enhance the security of our system, ࣮ may use difference
shuffling protocols for each user. However, this enhancement requires
additional maintenance to store all shuffling protocols in ࣞࣜ .
As discussed in [28], there are still some open problems that need to be
solved before a fully anonymous biometric authentication system can be
realized. For instance, their framework has the following open problems:
By using our framework, we can avoid the first problem, since ࣧ will
receive ܶ and ܸ from ࣭ and ࣮ , respectively. Consequently, ࣧ does not
need to verify the inputs (ܶ and ܸ) because they are directly retrieved from
the data storages by using the ܶ ܦܫand ܸ ܦܫof the user. We can assume
that the second problem will not occur in our framework, because we
attached ࣞࣜ to ࣭.
6 Conclusion
Biometric-based authentication offers many advantages over other existing
authentication methods. However, processing time during the verification
process is a main concern in any biometric-based system. The integration
of biometric-based authentication in the cloud environment can benefit
from the advantages that cloud computing offers, such as extra resources
and processing power. In this chapter, we propose a collaborative
framework to support biometrics matching for cloud users.
In our solution, the leakage of a user biometric template will not
compromise the security of the system and the privacy of the user. In
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 377
References
[1] P. Mell and T. Grance. (2009, The NIST Definition of Cloud
Computing. Available: http://www.csrc.nist.gov/groups/SNS/cloud-
computing/cloud-def-v15.doc
[2] R. Buyya, et al., "Cloud computing and emerging IT platforms: Vision,
hype, and reality for delivering computing as the 5th utility," Future
Gener. Comput. Syst., vol. 25, pp. 599-616, 2009.
[3] B. C. Neuman and T. Ts'o, "Kerberos: An Authentication Service for
Open Network Systems," IEEE Communications, vol. 32, pp. 33-38,
September 1994.
[4] D. Recordon and D. Reed, "OpenID 2.0: a platform for user-centric
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
378 Chapter Eleven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Distributed Biometrics-based Authentication in the Cloud 379
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
380 Chapter Eleven
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER TWELVE
Abstract
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
1 Introduction
Biometric data play an increasingly important role in our society for
identifying individuals. The recent introduction of biometric authentication
by Apple in their smartphones [1] makes biometrics usable at home by
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
382 Chapter Twelve
two protected data (vaults), it is easy to check whether they are coming
from the same biometric sample by correlating the vaults. Those schemes
require as well some concessions in terms of accuracy. [42, 43] are based
on error correcting techniques and there is a tradeoff between security -
that depends on the size of the code - and performances - that depend on
the correcting capacity of the code. [66] relies on a public and somewhat
non-invertible geometric transformation so to protect the biometric data;
therefore the transformation has to decrease the entropy of the biometric
data so to be truly irreversible; this has a bad impact on the performances.
We here focus on techniques that guarantee full privacy of these data,
using encryption techniques and a multi-party model to distribute the data
and keys, rather than encoding techniques with a storage model.
In the context of Secure Multi-Party Computation [77] (SMC), a set of
parties engage in an interactive computation on their inputs in such a way
that no information leaks about the inputs that cannot be deduced from the
outputs. Secure Computation is a hot topic in the cryptographic
community. While having mostly been of theoretic interest during the 80s
and the 90s, it has recently become increasingly practical. Many generic or
specific protocols and implementations have been introduced during the
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 383
last decade, and some of these techniques can be applied to the security of
Cloud Computing applications. Such techniques are even already used in
real-life applications [10].
In particular, several proposals [26, 69, 6, 60, 8, 38, 16, 14, 15, 73]
consider the application of SMC to biometric identification protocols. In a
biometric identification process, a server S holds a database of biometric
templates, and a client ࣝ owns one biometric sample. They execute a
protocol to know if the biometric sample is similar, w.r.t. a given metric,
to one of the elements of the database.
The result of the computation can be, for instance, a Boolean indicating
if there is a match in the database, or the index of the closest element in
the database, or a list of indices of the closest elements, or a probabilistic
measure of similarity or dissimilarity between templates.
We thus focus on the Secure Two-party Computation (2PC) setting,
where the parties are server ࣭ and client ࣝ. These parties can interactively
compute biometric identification, while, in particular, not revealing to each
other the biometric data that are involved in the protocol, which is of great
interest given their sensitive nature regarding privacy issues. Many
applications could benefit from such security properties, such as
anonymous biometric access control or private biometric database
intersection (see Section 1.1).
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
In our context, this means that only an identification result is output and
that a client ࣝ never gives biometric acquisition in the clear to server ࣭
(and server ࣭ does not disclose own database to client ࣝ). The privacy
notion goes even further; if only a match/non-match answer is to be
output, no information about the actual score or the level of similarity of
biometric data is disclosed.
Security is guaranteed through a specific model of adversaries. We
here focus on the case of semi-honest (or passive) adversaries that follow
the protocol but try to learn more information than they should. This is
currently the only setting where SMC protocols can be efficiently
implemented.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
384 Chapter Twelve
be over 21), that is a requirement for the services of ࣭࣪. To access the
services of ࣭࣪, C identifies himself against the database of ࣭. If ܥmatches
one in the database, ࣭ gives him a token to present ࣭࣪ so to prove that he
fulfils the requirements. Throughout the whole process, ܥdoes not reveal
his identity to other parties.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 385
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
386 Chapter Twelve
Adversarial Model
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 387
Complexity. One can consider adversaries that are not limited in time and
computational power. In this case, protocols achieve information-theoretic
security. However, in this case, one cannot achieve secure computation for
every function if half of the parties or more are corrupted, for the semi-
honest setting, or one third or more, for the malicious setting. For instance,
in the 2PC setting, it is impossible to achieve information-theoretical
security in both models.
Consequently, one might construct protocols that are computationally
secure, i.e. that resist adversaries that run in a polynomial time.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
388 Chapter Twelve
– The actual users using the secure protocol might not have access to
the code that is executed and to the data that are used; in this case
they can only inspect transcripts to gain information and thus
remain passive.
– Security against semi-honest adversaries is retroactive: even if a
malicious adversary corrupts one of the parties after the execution
of the protocol, the adversary will not be able to gain information
about the inputs of the protocol, since the adversary can no longer
change the computation.
– Sanctions against parties caught cheating might enforce parties to
behave honestly, but they can still try to learn information
passively, without getting caught.
and output only. Thus, the simulation does not depend on the input of the
other party P3íi, which proves that Pi does not learn more information
about P3íi’s input than what can be deduced from the output.
More formally, let f = (f1, f2) be a deterministic functionality and let ʌ
be a 2PC protocol for computing f. The view of party Pi during an
execution of ʌ on inputs (x, y) denoted by ୧ (x, y) is made of the input
of Pi, of the party’s internal random tape ݎ and of the messages ݉ଵ ǡ ǥ ǡ ݉௧
received by ܲ during the execution of the protocol. Privacy is given by
describing a simulator for the view of each party
The protocol ʌ ensures privacy against a corrupted P1 if there exists a
probabilistic polynomial-time algorithm S1 such that:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 389
One should also check correctness, i.e., verify that a legitimate execution
of the protocol ʌ on inputs (x; y), and outputs (f1(x, y); f2(x, y)), except with
negligible probability.
ఒ ଶ ଵ ଵ ଶ
ܱܶଵ ǣ ൫ሺݔ ǡ ݔଵ ሻǡ ǥ ǡ ሺݔ ǡ ݔଵ ሻ൯Ǣ ሺ݅ଵ ǡ ǥ ǡ ݅ ሻሻ א ൫ሼͲǡͳሽఒ ൯ ൈ ሼͲǡͳሽ
ሺ߳Ǣ ሺݔଵభ ǡ ǥ ǡ ݔ ሻሻ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
390 Chapter Twelve
restrictive.
1
The preprocessing phase is sometimes called the offline phase in SMC papers.
However, this pre-computation phase requires communication between the parties
and is not off-line in a strict sense.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 391
For Yao’s protocol, we need to go one step further. The output wire keys
are encrypted using the corresponding input keys, and then the rows are
permuted. In our example, a possible final garbled table is:
where ܧభǡ మ ሺ݇ଷ ሻ is an encryption scheme taking as inputs 2 keys k1, k2, a
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
392 Chapter Twelve
both parties learn the result. (Recall that we are in the semi-honest model
and that parties are assumed to follow the protocol. In particular, it means
that P2 provides P1 with f(x, y) even if this result does not suit P1.
Remark 1. A garbled circuit can only be used once. Indeed, if one plays
Yao’s protocol on the same garbled circuit using different inputs, one
could decrypt more garbled table rows than expected, and learn
information about the other party’s input that should not have been
learned. Therefore, a new set of garbled values and, thus, a new set of
garbled tables, have to be used if P1 and P2 wish to securely evaluate f
again, on different inputs.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 393
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
One can then easily be convinced that, for any pair of bits (a, b) { א0, 1}2,
ْ
݇௪ ൌ ݇௨ ْ ݇௩ , which is precisely what the evaluator of the garbled
circuit will compute instead of evaluating a “real” garbled gate. This
optimization is very important and has an impact on the circuit
representation. When designing a circuit for integration in Yao’s protocol,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
one should not optimize the total number of gates of the circuit, but the
number of non-XOR gates, even by adding more XOR gates, since their
impact on the overall execution time is negligible. We refer the reader to
[45, 44] for a description of circuits minimizing the number of non-XOR
gates for basic functionalities (addition, subtraction, comparison,
multiplexer, minimum, and multiplication). For example, addition,
comparison or subtraction on n-bit inputs requires n non-free XOR gates
only.
The Garbled Row Reduction technique [56, 62] enables the reduction
of the size of a garbled table to 3 elements2, instead of 4, by appropriately
picking the garbled values (see [62, Section 4] for more details). For
instance, for a security parameter equal to 80 (resp. 128), a garbled non-
XOR gate is 240-bit (resp. 384) long. This optimization substantially
reduces bandwidth consumption, which is often a bottleneck when
deploying 2PC protocols. However, the workload of the creator does not
change (4 encryptions).
2
This number can even be reduced to 2, if one does not want to use the free XOR
technique.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 395
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
396 Chapter Twelve
without the knowledge of the secret key. RSA [68] and ElGamal [28]
cryptosystems that are homomorphic for the multiplication operation on
plaintexts are called multiplicatively homomorphic. Constructing a
cryptosystem that is homomorphic for any operation on plaintexts (called
fully homomorphic) has been a challenge for a long time. It has only been
solved in 2009 by Gentry [30]. We discuss the use of fully homomorphic
encryption in Section 5.3.
If the homomorphic properties of the cryptosystem enable the
computation of Epk(f(x, y)) from Epk (x) and y, without knowing the secret
key, then one can design a simple 2PC protocol for securely evaluating f ,
as described in Figure 3.
In the following, we focus on additively homomorphic schemes, i.e.,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 397
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
398 Chapter Twelve
DGK cryptosystem. DGK encryption [19, 20, 21] answers this problem.
The public key still includes a ț-bit RSA modulus N = pq, in addition to a
small integer u, and two elements g, h אচכே (with restrictions about their
order, linked to u, p, and q). Plaintext space is now Ժu, while ciphertext
space is ԺN (instead of চேమ for Paillier encryption). Encryption of a
message m אԺu is performed by picking a random integer r, and
computing c = Epk(m)=gm·hr אԺN .
during an execution of the protocol, using Pi’s input and output only. To
construct such a simulator for 2PC protocols based on homomorphic
encryption, it suffices to send ciphertexts encrypting random data instead
of real data for all communication rounds, except for the last one (the
ciphertext encrypting the output should be an actual encryption of the
output). If the corrupted party is P2 (that does not know pk), then, from the
indistinguishability property of E, the adversary cannot distinguish the real
execution from the simulation. If the corrupted party is P1, then the
adversary only receives either encryptions of masked data, which are
perfectly simulated by sending encryptions of random data, or the
encryption of the output, which is not simulated, and thus the adversary’s
view can also be simulated in this case. Thus, the scheme described in
Figure 3. achieves privacy. This analysis remains true if one runs
interactive multiplications or uses packing.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
400 Chapter Twelve
parties, and the latency of the network. We can however give some
elements of comparison.
Yao’s protocol is more dedicated to functions that have an efficient
representation as a binary circuit. It enjoys many optimizations that reduce
its cost to few public-key operations and mostly symmetric operations.
Moreover, it is a1-round protocol, which can be useful when suffering
from low network latency. The drawbacks are that a garbled circuit can
only be used once, and that sending garbled circuit and garbled values
leads to significant communication costs.
GMW protocol is also more dedicated to binary functions and enjoys
optimizations on oblivious transfer. Moreover, compared to Yao’s
protocol, the cost for sending garbled circuit is removed. However, the
number of rounds depends on the depth (not taking XORs into
consideration) of the binary circuits.
The solution employing homomorphic encryption is more suited to
arithmetic functions on integer inputs. Homomorphic ciphertexts also have
the advantage that they can be used for several secure evaluations. The
communication cost depends on the size of the inputs and on the
multiplicative depth of the function. In particular, encrypting small values
with homomorphic ciphertexts can lead to large communication
overheads. The number of rounds also depends on the multiplicative
depth. The major drawback is that encryption, decryption, and
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 401
pipelining, which makes it the more efficient current tool for executing
Yao’s protocol, to our knowledge. An intermediate language and an
interpreter (GCParser) [2] have later been introduced, in order to facilitate
the use of FastGC with personalized circuits. Performances on FastGC
applied to biometric identification appear in Section 4.3.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
402 Chapter Twelve
using the tools described in Section 2.2. The distances considered in this
section are metrics found in state-of-the-art of biometric matching:
(normalized) Hamming distance (Sections 3.2.1 and 3.2.3), Euclidean
distance and scalar product (Section 3.2.2). We also discuss secure
computation of comparison and minimum search operations (Section
3.2.4).
To compare the different techniques exposed in this section, we refer
the reader to the analysis made in Section 2.2.5, and to implementation
results given in Section 4.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 403
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
404 Chapter Twelve
where ْ is the XOR operation seen as a function with range {0, 1} (over
the integers). If one sees the coordinates of x and y as integers, instead of
bits, then xi ْ yi = xi + yi í 2xi·yi and thus
1. Encryption. Client ܥpicks a key pair (sk, pk) for E, and encrypts
each of his inputs bits, separately, using E, i.e., computes c1 = Epk
(y1),…, cn = Epk (yn). Client ܥsends pk and (c1,…, cn) to server ܵ.
2. Computation over encrypted data. Server ܵ does the following for
each ݔ ൌ ሺݔଵ ǡ ǥ ǡ ݔ ሻ in his database:
ೕ
ଵିଶȉ௫
x Compute ݀ ൌ ܿ ȉ ܧ ൫ݔ ൯Ǥ(Thanks for homomorphic
properties, ݀
ൌ ܧ ሺݔ ْ ݕ ሻሻ
x Compute ܵ ൌ ςୀଵ ݀ . (Thanks to homomorphic properties,
ܵ ൌ ܧ ሺσୀୀଵሺݔ ۩ݕ ሻሻ ൌ ܧ ሺ݀ு ሺ ݔ ǡ ݕሻሻሻ
୨
x Send ࣝ.
3. Decryption. Client ࣝ computes ݀ு ሺ ݔ ǡ ݕሻ ൌ ܦ௦ ሺܵ ሻ for ݆ ൌ
ͳǡ ǥ ǡ ܰ
Remark 2. As explained in Section 2.2.4, if one wants the server to get the
result or one wants to get the output of comparison operations only, one
should let server ܵ homomorphically add a mask toܵ .
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 405
GMW Protocol. As for Yao’s protocol, the circuit should be optimized for
reducing the number of AND gates, but also for reducing the depth of the
circuit. Schneider and Zohner [73] implemented the GMW protocol using
the Boyar and Peralta circuit [11] (see Section 4.3).
Using Oblivious Transfer only. Bringer et al. [15] proposed a new protocol
called SHADE (Secure HAmming DistancE) for computing Hamming
distance in the 2PC setting using OT only. In the 1-vs-N setting, it can be
described as follows.
̈́
1. ࣭picks ݊ ȉ ܰ random values ൫ݎ ൯אሾଵǡሿǡאሾଵǡேሿ ՚ ሺሾͲǡ ݊ሿሻൈே .
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
ڿሺାଵۀ
ଶ
2. ࣭ and ࣝ perform a ܱܶଵ protocol where
x ࣭acts as the sender with inputs ሺሺݎଵଵ ݔଵଵ ԡǥ ԡݎଵே ݔଵே ǡ ݎଵଵ
ሺݔଵଵ ۩ ͳሻԡǥ ԡݎଵே ሺݔଵே ۩ ͳሻǡ ǥ ǡ ǥ ሺݎଵ ݔଵ ԡǥ ԡݎே
ݔே ǡ ݎଵ ሺݔଵ ۩ ͳሻԡǥ ԡݎே ݔே ሺݔே ۩ ͳሻሻ
x ࣝ acts as received with inputs ሺݕଵ ǡ ǥ ǡ ݕ ሻ
x ࣝ thus obtains ቀݐ ൌ ݎ ൫ݔ ۩ݕ ൯ቁ
אሾଵǡሿǡאሾଵǡேሿ
3. For j[ א1, N], client ࣝ computes ܶ ൌ σୀଵ ݐ .
4. For j[ א1, N], server ࣭computes ܴ ൌ σୀଵ ܴ
1 N
5. Client ࣝ sends (T ,…,T ) to server ࣭.
6. For j[ א1, N], server ࣭ computes Tj í Rj = dH(xj, y)
Remark 3 (Variants)
x The last two steps can be inverted (࣭ sends the Rjs and ܥcomputes
the distances) if one wants the client to learn the output.
x The last two steps can be avoided and replaced by a comparison
protocol (see Section 3.2.4) if one does not want Hamming
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
406 Chapter Twelve
1. Encryption. Client ܥpicks a key pair (sk, pk) for E, and encrypts
each of his input’s coordinates, separately, using E, i.e. computes c1
= Epk (y1),…, cn = Epk(yn). In addition, client ࣝ computes ܿାଵ ൌ
σୀଵ ݕଶ . Client ࣝ sends ݇and ሺܿଵ ǡ ǥ ǡ ܿ ǡ ܿାଵ ሻto server ࣭.
2. Computation over encrypted data. Server ࣭ does the following for
each ݔ ൌ ሺݔଵ ǡ ǥ ǡ ݔ ሻ in his database.
ೕ
ିଶȉ௫
x Compute ݀ ൌ ܿ . (Owing to homomorphic properties,
݀ ൌ ܧ ሺെʹ ȉ ݔ ȉ ݕ ሻሻ
ଶ
x Compute ܵ ൌ ܧ ቀσୀଵ൫ݔ ൯ ቁ ȉ ܿାଵ ȉ ςୀଵ ݀ (Owing to
ଶ
homomorphic properties, ܵ ൌ ܧ ቀσୀଵ൫ݔ ൯ ሺݕ ሻଶ െ ʹ ȉ
ݔ ݕ ቁ ൌ ܧ ቀ݀ா ሺ ݔ ǡ ݕሻቁ
x Send ܵ to ࣝ
3. Decryption. Client ࣝ computes ݀ா ሺ ݔ ǡ ݕሻ ൌ ܦ௦ ሺܵ ሻ, for ݆ ൌ
ͳǡ ǥ ǡ ܰ
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 407
Remark 4. As explained in Section 2.2.4, if one wants the server to get the
result, or one wants to get the output of comparison operations only, one
should let server ࣭ homomorphically add a mask to ܵ .
Yao’s Protocol. Bringer et al. [16] suggest using Yao’s protocol instead of
homomorphic encryption. The same idea of separately computing
numerator and denominator before running a comparison protocol is used.
Details on the circuit design can be found in [16].
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 409
x party P2 plays the role of sender with inputs ((i í R)(mod m)
൏
t)i=0,...,mí1 אሼͲǡ ͳሽ .
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
410 Chapter Twelve
4.1 FingerCodes
The FingerCode representation of fingerprints was introduced by Jain et
al. in [40]. Although fingerprint representations are usually based on local
reference points called minutiae, this representation does not take them
into consideration in order to achieve a much simpler comparison
algorithm. Simply put, in order to encode the image, one first locates a
central reference point and, preferably, a direction in order to define a disk
of analysis. Each sector of the disk is filtered using a bank of Gabor filters.
For each sector, one computes the standard deviation of the Gabor phases
to obtain the FingerCode. The matching operation between two
FingerCodes is an Euclidean distance. In proposals described below,
experiments were conducted on FingerCodes made of vectors of 16
coordinates, each coordinate being a 7-bit integer (except for [38]).
Using DGK cryptosystem and Yao’s Protocol. Blanton and Gasti [8]
described a proposal that uses DGK encryption [19, 20, 21] for Euclidean
distance computation, and Yao’s protocol for comparison of the distances
to a threshold.
In another proposal, Huang et al. [38] also propose a hybrid protocol. It
uses Paillier encryption for Euclidean distance computation, with an
optimization using packing techniques. Yao’s protocol, and a specific
backtracking protocol are used for retrieving the index of the closest
match. Their implementation considers 640 ×8-bit vectors. It requires
about 17.7 second per record for online computation, and 7.5KB per
record online communication.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 411
4.2 Eigenfaces
In 1991, Turk and Pentland introduced a new approach to human face
recognition known as Eigenfaces [75]. Using this representation, face
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
412 Chapter Twelve
The distance between two feature vectors and ’ can then be defined
(in the simplified version that we consider) as the squared Euclidean
distance D(, ’ ) = || í ’||2 = (Ȧ1 – Ȧ’1)2 + ā ā ā + (ȦK – Ȧ’K )2.
In the secure versions of this protocol, in addition to the feature vectors
in the database, the Eigenfaces u1,…, uK and the average vector Ȍ are also
assumed to be private inputs of ࣭. Implementations use 192 × 112-pixel
images as inputs, where pixels are 8-bit values, and K = 12 Eigenfaces.
The distances are 50-bit.
Using hybrid solutions. Hanecka et al. [35] suggest to still use (Paillier)
homomorphic encryption for the projection and distance phases, but to use
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 413
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
414 Chapter Twelve
Using Yao’s Protocol. Huang et al., in their paper [37] aiming at showing
the good performances of Yao’s protocol (especially by introducing
pipelining), describe an implementation of Hamming distance computation
using this protocol.
Using SHADE. Bringer et al. [15] propose the SHADE protocol that is
dedicated to Hamming distance computation. The execution time is
approximately divided by 4, compared to Yao’s protocol using FastGC.
Using the GMW Protocol. Schneider and Zohner [73] show that using the
GMW protocol leads to a very efficient identification protocol that deals
with 50,000 elements in the database in less than 1 second.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 415
4.4 IrisCodes
In the case of iris recognition using IrisCodes [23], biometric templates
can be represented as binary vectors. A 256-byte (2048 bits) iris template,
together with a 256-byte mask, is computed from an iris image using the
algorithm reported in [23]; the mask filters out the unreliable bits, i.e.,
stores the erasures positions of the iris template. The resulting template is
called IrisCode.
Given an image of the eye, the first step of the encoding algorithm is to
find the part of the image that corresponds to the iris area between the
pupil-iris and the iris-sclera boundaries. Upon isolating the iris, its texture
is normalized using a rubber sheet model, in which the iris image is
remapped from a Cartesian coordinate system to a polar coordinate
system, regardless of the iris size and the pupil dilation. After
normalization, a set of Gabor filters is applied on every direction and
location of the normalized and rectangular shaped iris image. Each
computed Gabor phase value is then coded into 2 bits depending on its
position on the trigonometric circle.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
416 Chapter Twelve
ԡሺܺ۩ܻሻܯځሺܺሻܯځሺܻሻԡ
݀ேு ሺܺǡ ܻሻ ൌ
ԡܯሺܺሻܯځሺܻሻԡ
(1)
σଶସ଼ ᇱ
ୀଵ ሺݔ ْ ݕ ሻ ݉ ڄ ݉ ڄ
ൌ
σଶସ଼
ୀଵ ݉ ݉ ڄ
ᇱ
Using hybrid solutions. Blanton and Gasti [8] propose to follow the
homomorphic encryption approach for normalized Hamming distance
evaluation, as described in Section 3.2. Comparison operations are done
using Yao’s protocol. Performances are reported in the following table.
Using Yao’s Protocol. Bringer et al. [16] suggested using Yao’s protocol
instead of homomorphic encryption. The aim of Bringer et al. was more to
introduce a protocol that takes filtering into account (see Section 5.1) than
to introduce a faster protocol for secure iris identification. Indeed, they
report a performance of about 2.4 seconds per rotation per element in the
database. Concurrently, Luo et al. [53] also proposed a protocol using
Yao’s protocol with the same parameters, requiring 563 ms to compare
two Iriscodes.
5 New Directions
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
5.1 Filtering
In all protocols that we have described so far, identification is roughly
done by computing the same distance operation between the client’s input
and all database elements, and doing some comparison operations that
depend on the input we want to obtain. In actual biometric identification
systems with large databases, using the same operation for all database
elements is not the way to proceed. Indeed, either the distance operation is
discriminative enough (i.e. it enables the separation of matching and non-
matching elements with low error rates), but too computationally
expensive to be computed on all elements of the database, or this operation
is lightweight but does not discriminate enough. This is why a filtering
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 417
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
418 Chapter Twelve
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 419
Acknowledgements
This work has been partially funded by the European FP7 BEAT project
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
(SEC-2011-284989).
References
[1] Apple - iPhone 5s. http://www.apple.com/iphone-5s/.
[2] GCParser, an interpreter for garbled circuits intermediate language.
Code available at http://www.mightbeevil.com/gcparser/.
[3] UIDAI: Unique Identification Authority of India. http://uidai.gov.in.
[4] G. Asharov, Y. Lindell, T. Schneider, and M. Zohner. More efficient
oblivious transfer and extensions for faster secure computation. In A.-
R. Sadeghi, V. D. Gligor, and M. Yung, editors, ACM Conference on
Computer and Communications Security, pages 535–548. ACM, 2013.
[5] Y. Aumann and Y. Lindell. Security against covert adversaries:
Efficient protocols for real- istic adversaries. In S. P. Vadhan, editor,
TCC, volume 4392 of Lecture Notes in Computer Science, pages 137–
156. Springer, 2007.
[6] M. Barni, T. Bianchi, D. Catalano, M. Di Raimondo, R. Donida Labati,
P. Failla, D. Fiore, R. Lazzeretti, V. Piuri, F. Scotti, and A. Piva.
Privacy-preserving fingercode authentication. In ACM workshop on
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
420 Chapter Twelve
Multimedia and Security (MM & Sec), pages 231–240. ACM, 2010.
[7] D. Beaver. Precomputing oblivious transfer. In D. Coppersmith, editor,
CRYPTO, volume 963 of Lecture Notes in Computer Science, pages
97–109. Springer, 1995.
[8] M. Blanton and P. Gasti. Secure and efficient protocols for iris and
fingerprint identification. In V. Atluri and C. D´Õaz, editors, ESORICS,
volume 6879 of Lecture Notes in Computer Science, pages 190–209.
Springer, 2011. Extended version available at http://eprint.
iacr.org/2010/627.
[9] D. Bogdanov, R. Talviste, and J. Willemson. Deploying secure multi-
party computation for financial data analysis - (short paper). In A. D.
Keromytis, editor, Financial Cryptography, volume 7397 of Lecture
Notes in Computer Science, pages 57–64. Springer, 2012.
[10] P. Bogetoft, D. L. Christensen, I. DamgaÛrd, M. Geisler, T. P.
Jakobsen, M. Krøigaard, J. D. Nielsen, J. B. Nielsen, K. Nielsen, J.
Pagter, M. I. Schwartzbach, and T. Toft. Secure multi- party
computation goes live. In R. Dingledine and P. Golle, editors,
Financial Cryptography, volume 5628 of Lecture Notes in Computer
Science, pages 325–343. Springer, 2009.
[11] J. Boyar and R. Peralta. Concrete multiplicative complexity of
symmetric functions. In R. Kralovic and P. Urzyczyn, editors, MFCS,
volume 4162 of Lecture Notes in Computer Science, pages 179–189.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Springer, 2006.
[12] Z. Brakerski, C. Gentry, and V. Vaikuntanathan. (Leveled) fully
homomorphic encryption without bootstrapping. In S. Goldwasser,
editor, ITCS, pages 309–325. ACM, 2012.
[13] Z. Brakerski and V. Vaikuntanathan. Efficient fully homomorphic
encryption from (standard) LWE. In R. Ostrovsky, editor, FOCS,
pages 97–106. IEEE, 2011.
[14] J. Bringer, H. Chabanne, and A. Patey. Privacy-preserving biometric
identification using secure multiparty computation: An overview and
recent trends. IEEE Signal Process. Mag., 30(2):42–52, 2013.
[15] J. Bringer, H. Chabanne, and A. Patey. SHADE: Secure Hamming
distance computation from oblivious transfer. In A. A. Adams, M.
Brenner, and M. Smith, editors, Financial Cryp- tography Workshops,
volume 7862 of Lecture Notes in Computer Science, pages 164–176.
Springer, 2013. Extended version available at
http://eprint.iacr.org/2012/586.
[16] J. Bringer, M. Favre, H. Chabanne, and A. Patey. Faster secure
computation for biometric identification using filtering. In A. K. Jain,
A. Ross, S. Prabhakar, and J. Kim, editors, ICB, pages 257–264. IEEE,
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 421
2012.
[17] R. Cramer, I. Damgard, and J. B. Nielsen. Secure multiparty
computation and secret sharing- an information theoretic appoach.
Book draft. Available at http://www.daimi.au. dk/˜ivan/MPCbook.pdf.
[18] R. Cramer, I. DamgaÛrd, and J. B. Nielsen. Multiparty computation
from threshold homo- morphic encryption. In B. Pfitzmann, editor,
EUROCRYPT, volume 2045 of Lecture Notes in Computer Science,
pages 280–299. Springer, 2001.
[19] I. DamgaÛrd, M. Geisler, and M. Krøigaard. Efficient and secure
comparison for on-line auctions. In J. Pieprzyk, H. Ghodosi, and E.
Dawson, editors, ACISP, volume 4586 of Lecture Notes in Computer
Science, pages 416–430. Springer, 2007.
[20] I. DamgaÛrd, M. Geisler, and M. Krøigaard. Homomorphic
encryption and secure comparison. IJACT, 1(1):22–31, 2008.
[21] I. DamgaÛrd, M. Geisler, and M. Krøigaard. A correction to ’efficient
and secure comparison for on-line auctions’. IJACT, 1(4):323–324,
2009.
[22] I. DamgaÛrd and M. Jurik. A generalisation, a simplification and some
applications of Pail- lier’s probabilistic public-key system. In K. Kim,
editor, Public Key Cryptography, volume 1992 of Lecture Notes in
Computer Science, pages 119–136. Springer, 2001.
[23] J. Daugman. How iris recognition works. IEEE Trans. Circuits Syst.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
422 Chapter Twelve
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 423
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
424 Chapter Twelve
http://www.cs.huji.ac.il/project/Fairplay/Fairplay.html.
[55] C. A. Melchor, S. Fau, C. Fontaine, G. Gogniat, and R. Sirdey.
Recent advances in homo- morphic encryption: A possible future for
signal processing in the encrypted domain. IEEE Signal Process. Mag.,
30(2):108–117, 2013.
[56] M. Naor and B. Pinkas. Efficient oblivious transfer protocols. In S.
R. Kosaraju, editor, SODA, pages 448–457. ACM/SIAM, 2001.
[57] M. Naor, B. Pinkas, and R. Sumner. Privacy preserving auctions and
mechanism design. In ACM Conference on Electronic Commerce,
pages 129–139, 1999.
[58] J. B. Nielsen, P. S. Nordholt, C. Orlandi, and S. S. Burra. A new
approach to practical active-secure two-party computation. In Safavi-
Naini and Canetti [70], pages 681–700.
[59] M. Osadchy and B. Moskovich. Illumination invariant representation
for privacy preserving face identification. In IEEE Computer Society
and IEEE Biometrics Council Workshop on Biometrics (CVPRW),
2010.
[60] M. Osadchy, B. Pinkas, A. Jarrous, and B. Moskovich. SCiFI - a
system for secure face identification. In IEEE Symposium on Security
and Privacy, pages 239–254. IEEE Computer Society, 2010.
[61] P. Paillier. Public-key cryptosystems based on composite degree
residuosity classes. In J. Stern, editor, EUROCRYPT, volume 1592 of
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Secure Two-Party Computation and Biometric Identification 425
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
PART 5.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER THIRTEEN
WATERMARKED BIOMETRICS
1. Introduction
The release of iPhone 5S, which integrates a fingerprint sensor into the
home button for opening the device, has triggered another round of debate
on the security protection by using biometrics. Apple device users love the
advanced feature of opening the phone by using their fingerprints rather
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
than by a password. However, only two days after the iPhone 5S went on
sale, it was reported that a "fake fingerprint" photographed from a glass
surface could unlock the phone [1]. Soon after, it was pointed out: to use
something that you cannot change (biometrics) and that you leave
everywhere, such as the fingerprint on the glass surface as a security
token, is ‘stupid’ [2].
Identity theft has incurred significant loss in the real world [3].
Biometrics describes features of the person that are permanent and ideally
unchangeable, which serves as a more effective authentication technique
compared to traditional methods such as tokens that can be lost or stolen,
or passwords that can be forgotten [4, 5]. However, biometrics is only the
representations of people; they are not secrets. The biometrics therefore
should not be used to secure anything. Consequently, to ensure that the
given biometric samples are genuine, watermarking techniques have been
introduced. A digital watermark refers to a secret code-dependent signal
typically inserted into a noise-tolerant sampled digital data (audio, video,
or image), which could later be decoded or extracted. Through digital
watermarking, information such as legal destination, origin, and rights to
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 429
2. Digital Watermarking
The digital watermark process is often linked to a data signalling ‘channel
model’ [7]. That is, the host data acts as a channel medium or carrier, and
the watermark is the data within the carrier.
The generic watermarking or ‘steganographics’ channel model
resembles the traditional communications channel model in most respects
[8]. The embedding and extraction processes are often symmetric, or at
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
430 Chapter Thirteen
T
(a)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
(b)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 431
A. Security
The security requirement in a watermarking system can vary, depending
on its application. It must be difficult or virtually impossible to eliminate
the watermark, at least without tampering with the original image. It must
also survive any modifications carried out on the images, including colour
re-quantification, which are commonly achieved by picture editors, or the
lossy compression methods such as JPEG, popular with storage and
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
432 Chapter Thirteen
B. Imperceptibility
Imperceptibility here refers to the watermark’s perpetual transparency.
Ideally, there should be no discernible difference between the original and
watermarked signals [9], [10]. In some watermarking applications, a
watermark should be readily perceptible to the appropriate authorities,
even when it is not observable to the ordinary eye. A simple way of
reducing distortion during watermarking is embedding it in the host
signal’s perpetually insignificant portion [10], though this makes it
relatively easy for an attacker also to alter the watermark information
without being noticed.
C. Robustness
Robustness refers to the ability of the watermark to survive manipulations
of the signal. It has to be difficult for an attacker attempting to counterfeit
the data to remove it. However, not every watermark application requires a
watermark to be so robust as to withstand all attacks and signal processing
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
D. Capacity
Channel Capacity in watermarking usually refers to the amount of data
that can be embedded within a host signal. The capacity requirement often
comes into conflict with the two other vital requirements: robustness and
imperceptibility. A higher capacity comes at the expense of
imperceptibility, robustness, or both.
In addition to the above four principal properties, there are other
properties such as implementation complexity, embedding speed, in-
channel detection, false-positive rate and additional parameters depending
on the specific implementation. We will return to these in detail, in the
next section.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 433
x Human perception.
o Visible / perceivable / detectable
o Invisible / unperceivable / undetectable
Fragile – watermarks that ‘break’ when tampered with
Robust – watermarks that can resist any attempt to remove it
x Working domain.
o Spatial – 1:1 correspondence between the data and the watermark
elements
o Transform – 1:1 correspondence with a set of templates describing
the data
x Type of data.
o Designed for human consumption
o Designed for machine consumption
x Application.
o Source-based – one unique watermark with many copies of it
o Destination-based – many watermarks and each copy is unique
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
In the above categories, the human perception has two main image
subcategories that include the invisible and visible. The invisible can be
further divided into fragile and robust. A visible watermark could be a
company or channel logo superimposed over an image or video. It would
serve the social purpose of informing the user of its presence, which may
deter copying. For the more determined copier, who would visibly remove
such a watermark, there exist the invisible watermarks. Not only are these
harder to remove, but also are harder to confirm by the copier whether
they have been removed.
We can divide the subcategory of the working domain to include the
spatial domain and the transform domain. Typically, the transform domain
templates are a set of complex, cosine, or wavelet [13] basis functions,
such as Fourier, DCT and DWT transform domains, respectively [12]. We
describe these domains later in the chapter.
The type of data can be further divided into data meant for human
consumption, such as freeform text, images, audio, or video. These
suggest that it is human perception that determines whether a watermark is
noticeable or not. By being unnoticeable, the watermark can ‘silently’
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
434 Chapter Thirteen
move with the data wherever the data goes, without interfering with its
use.
If the data is instead usually consumed by a machine, or some
program, then the method of making the watermark undetectable depends
on the application, not just on human perceptibility. For example, a list of
coordinates are used to draw an agricultural field on a satellite map can be
watermarked by perturbing the coordinates in some controlled way. These
perturbations may be small according to a human observer looking at the
map, who still sees the field, but they could have a major impact on a
program measuring the total area of fields using these coordinates.
Finally, the algorithms can be classified by the target application as
well. Such watermarking techniques can be categorised into source-based
and the destination-based techniques. In the source-based case, the
watermark that identifies the sender is uniquely provided to all distributed
contents, whereas in the destination-based case, every distributed content
target receives a particular watermark that identifies the receiver uniquely.
Taking fingerprint images as an example, the watermark techniques of
a fingerprint image are mainly classified by two parameters, such as the
visibility of the watermark on multimedia content and the domain where
the watermark data will be embedded into the host images.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 435
B. Spatial Watermarking
Many novel techniques have been proposed to conceal watermarks in
digital images. These methods can be classified into different categories
depending on the domain type in which embedding takes place. Two
major domain types exist, spatial and transform, each with its own
advantages and disadvantages.
In the spatial domain [16], one can simply embed the watermark in a
host image by altering the gray-scale levels of some pixels. The earlier-
mentioned watermarking techniques are spatial in nature, and the simplest
are those that modify least significant bits (LSB) in an image’s pixel data
[17]. Variants and improvements to these methods were proposed in [18],
[19]. The same techniques have been demonstrated to be robust against
filtering, "lossy" image compression, and scanning.
As an example, consider the algorithm by PW Wong [20], as shown
in Fig. 3-1(a). below. In this case, the host image is subdivided into 8×16
blocks of 8-bit RGB pixel data. For each RGB channel, the leading 7 bits
are preserved. Thus we obtain MD5(8×16×7 bits || height || width). The
MD5 is 128 bits long, which is reshaped into an 8×16 block. This block is
XORed with a corresponding block of a binary company logo image, and
the result is encrypted using RSA with a private key. The lowest bit is then
replaced as shown, by the generated watermark.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
C. Transform-based Watermarking
In the transform domain [7], [8], [11], [21], [22], one can insert the
watermark in the coefficients of a transformed image. In the spatial
domain, ideally, the transform domain has the effect of apportioning
hidden information in varying ordered bits in a robust manner. There are
several transformations that can be applied to the digital images, but only
three are most notably used in watermarking. These include Discrete
Cosine Transform (DCT), Discrete Wavelet Transform (DWT), and
Discrete Fourier Transform (DFT). Transform-based methods can insert
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
436 Chapter Thirteen
T
(a)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
(b)
Figure 3-1 (aa). The Wong embedding meethod. (b) Extrraction process using the
Wong methodd.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 437
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
438 Chapter Thirteen
compaction” characteristic [29], which means that most of the signal data
is frequently concentrated in a few low-frequency DCT components.
The JPEG compression technique makes use of this property to
separate and remove high frequency components that are insignificant in
images. Srayazdi et al [30] proposes a grey-level watermarking method
through division of the cover image into 4×4 non-overlapping blocks,
aligned with the 8×8 blocks used for a DCT. This allows the use of their
blocks to derive 4 estimates of the first five 8×8 block DCT coefficients.
Thereafter, a grey-level value is embedded through perturbation of the
low-frequency DCT value in a block with the respective estimated
modified values. One fault of this scheme is that the attackers can do this
too, suggesting that it is only the secrecy of the algorithm that hides it.
Sverdlov et al [31] developed a novel hybrid robust non-blind
watermarking scheme that is discrete cosine transform (DCT) and Singular
Value Decomposition (SVD) based. In this method, following the
application of DCT in the host image, DCT coefficients are remapped,
forming four quadrants, representing frequency bands from the highest to
the lowest. Thereafter, the SVD is applied in each quadrant. The process is
repeated on the watermark. The technique subsequently modifies single
values found in each quadrant, so to achieve a set of adjusted DCT
coefficients. The process of decoding involves mapping the altered DCT
coefficients back to their original positions, while applying an inverse
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 439
4. Watermarked Biometrics
Biometrics recognition has been widely deployed for user identity
authentication when biometrics samples are obtained under monitoring.
However, for remote identity authentication, biometric authentication is
far from being a mature technology. Biometrics is not secret, where for
example, fingerprint or face biometrics could be acquired easily without
the consent or permission from the owner [36, 37]. The fake fingerprint
acquired from a glass surface in the iPhone 5S story is a typical example
used to indicate how sensors can be tricked [1, 2]. Encryption, in this
case, does not provide security. There is an urgent need to reconsider how
to use biometrics for identity authentication effectively. Watermarked
biometrics is one of the possible solutions for how future biometric
authentication applies to remote personal identification.
In remote biometric authentication systems, raw biometric samples
could be sampled by third parties at the user-end. To embed a watermark
to biometrics samples at the time of acquisition will help to confirm that
the biometric sample is genuine. Similar to the security features
incorporated in paper currencies, the embedded watermark proves
genuineness of the samples. The watermark can be detected and removed
only when a secret key is provided. A key is used for watermark
embedment. Compared with that of the original biometric data, the format
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
440 Chapter Thirteen
By checking the difference between the retrieved value and the original
value of the pixel, a confidence value for the watermark retrieval can be
estimated, based on a bit priority function. Phasemark is a semi-robust
Fourier domain authentication watermark to be embedded in the images
[40]. A signature extracted from the Fourier phase of the original image,
which has been decomposed in the Fourier transform frequency domain, is
encoded into the original image as a watermark [41]. The parity check
method has been proposed for embedding an invisible watermark to a
biometric template [42]. A seed produced from a pseudo random number
generator is used as a key to determine the pixel location to hide “0” or
“1”. By checking the odd parity and even parity at the selected pixel
location for watermark embedment, a match score is obtained by
comparing the sample with that of reference. A predefined threshold is
given, then the parity after insertion of watermark is calculated.
The main concern for these algorithms is that the watermark
embedding and extraction procedure does not alter the biometric features
required for recognition. Adding voice biometrics to face images of the
same individual has been investigated [43] using a 3-level Redundant
Discrete Wavelet Transform (RDWT) watermarking algorithm. When
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 441
embedding schemes that do not affect the biometric features are critical
research topics.
5. Biometric-Kerberos Authentication
The story of a "fake fingerprint" photographed from a glass surface
unlocking the iphone 5S by a Germany’s Chaos Computer Club (CCC)
should raise awareness that biometrics is only a measurable distinctive
representation of a person, and that it should not be used by itself as a
security measure, since it is possible to obtain biometrical data without the
individual’s notice or permission.
Recent research efforts endeavouring to add watermark to biometrics
are the possible solution to the above problem. Kerberos is an
authentication protocol in which client and server can mutually
authenticate each other across an insecure network connection [44, 45].
However, Kerberos is not effective against password compromise, which
is one of the most frequent attacks in mobile computing services. For
example, if the user enters a password to a program that has already been
modified by an attacker (a Trojan horse), it is not difficult for attackers to
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
442 Chapter Thirteen
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 443
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
444 Chapter Thirteen
x y
® (6-1)
¯ y x ay ui
¦
m
where x, y are the state variables, and ui i 0
hysi ( x) is a hysteresis-
series.
When a < 0 and a2 – 4 < 0, the trajectory of the linear part runs
unboundedly. With the switching of the hysteresis-series, the outgoing
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 445
trajectories of the linear part switches back when it hits the boundary of
hysteresis. This process repeats, and chaos may appear, shown in (6-1).
For the sake of simplicity, a hysteresis-series shown in Fig. 6-1(a). is
chosen. If a = í0.125, and a trajectory starts within the domain of the
chaos attraction, a three-scroll attractor is obtained as shown in Fig. 6-1(b).
The solution of the system (6-1) is:
°
x (t ) eG ( t t 0 ) cos( Z (t t )) GZ 1 sin( Z (t t )) x (t ) i
0 0 0
G
°° Z e 1 ( t t )
0 sin( Z (t t )) y (t ) i
0 0
®
° y ( t ) Z 1 G ( t t 0 )
e sin( Z ( t t 0 )) x ( t 0 i
)
°
°¯
eG ( t t 0 ) cos( Z (t t0 )) GZ 1 sin( Z (t t 0 )) y (t 0 )
(6-2)
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
446 Chapter Thirteen
(a)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
(b)
Figure 6-1. (a) Hysteresis-series. (b) A three-scroll chaotic attractor. The solution
(6-2) is a simple closed formula which can be easily programmed in resource
constrained environment.
A. Fingerprint Pre-processing
The captured fingerprint images often suffer deterioration due to an
irrelevant background and signal processing limitations. Consequently,
enhancement techniques are usually employed for fingerprint minutiae
extraction and matching. The following are the steps taken to extract valid
minutia points [24]:
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 447
I ( x, y) 255 if I ( x, y) ! T
I B x, y ®
¯I ( x, y) 0 otherwise
(7-1)
Figure 7-1. (a) Input fingerprint image, (b) Fingerprint image after binarization and
thining, (c) Fingerprint minutiae are highlighted.
The results of the previous step may include false minutia points which
may occur due to the presence of broken ridges. Generally, the spurious
minutia points occur at the borders, since the image ends abruptly as
presented in Fig. 7-1(c). To address this problem, we remove these false
points using a masked fingerprint image. Region of Interest (ROI)
extraction is an important step for removing spurious extreme minutia
points. For this purpose, we first perform a morphological closing
operation and then apply erosion to the binary image. We consider only
those minutia points that are present inside the ROI region, as shown in
Fig. 7-2.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
(a) (b)
Figure 7-2. (a) ROI extracted image, (b) Final minutia points.
B. Watermark Embedding
The minutiae on the fingerprint are extracted and used without necessary
reference to the watermark. The watermark can be generated from the
capturing device related information, such as the IEMI number, the camera
serial number, or the time stamp. In this case, user biometric images
belong to that capturing device with a serial number. This information is
encoded by using the hash function. It is not feasible to alter the message
without modifying the respective hash value. Moreover, it would not be
possible to obtain two varied messages for a single hash value.
P.W. Wong’s classic public watermark algorithm [20] is used for
watermark embedding. The hash is stored as an 8×16 bit array, and each
bit is then replicated 8 times to a 64×128 element array, so as to protect
against JPEG compression artifacts. This is then tiled over the image in
order to match its size. A corresponding binary logo image is also tiled as
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 449
needed to fit the image. These two are mutually XORed, resulting in a bit
image. A second bitplane image is generated which specifies the bitplane
in which to insert the watermark for each pixel. This bitplane is
dynamically determined using HVS [17] parameters. The image bitplanes
are then replaced with the combined logo/hash bit array, and the
watermarking process is complete. This is shown in Fig.7-3.
To extract the watermark, the same HVS parameters are determined
from the watermarked image, so to regenerate the bitplanes, and are
extracted into a binary array.
Without access to the hash, a simple symmetry operation will reveal
the general 8×8 replication of this bitplane, which is very unlikely to
happen by chance. The recovery is not perfect due to the compression
artifacts, but for JPG quality of around 30% or higher, the 8×8 symmetry
will be readily visible.
(a) (b)
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
(c) (d)
Figure 7-3. (a) The original fingerprint image, (b) The company logo, (c) The
extracted logo after the file was saved as JPEG with 20% quality, (d) The result of
using an invalid hash value.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
450 Chapter Thirteen
corresponding block in the Basis Set, shown in Fig. 7-4. The scaled result
then corresponds to the DCT component.
If a block contains uniform values, for example, then the uppermost-
left block would yield the largest value. If, instead, a vertical edge occurs
in the 8×8 block, then the component immediately to the right of the
upper-left would resonate the most. A block with high frequency data in it
would most resemble a block to the lower-right.
At its core, a DCT is a form of block classification using DCT vectors
as the classifiers. The variations between papers relate mostly to the
details of this process.
In compression, the high frequency components are often filtered out,
so placing watermark data there would be vulnerable to compression loss.
In contrast, placing a watermark in the upper-left components would make
it visible as a wave-like texture superimposed over the image. It is for this
reason that DCT watermarks involve changing the components in the
second or third row or column.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 451
D. Wateermarking in
n DTCWT S
Space
One of the pproblems withh the DCT ap pproach is thaat it assumes each 8×8
block is sepparated and unnconnected to o its neighborring blocks. In
I reality,
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
images are smoother thann that and thiis smoothnesss can scale. Hence
H we
need a transsform that smmoothly scaless over differennt levels in a way that
DCT does ppoorly. This iss one of the reeasons for usinng wavelet traansforms.
Another is tthat the DCT does not respond well to the translatio on of less
than one 8× ×8 block increement, and soo shift invariaance and croppping will
present probblems as the blocks
b are no
ow not synchrronized on thee original
block bounddaries, and so the DCT coeffficients can vvary significan
ntly.
A Dual Tree Compleex Wavelet trransform (DT TCWT) for watermark
w
embedding is applied [577], which is a variation onn the standard d wavelet
watermarkinng approach [88, 13, 25, 32],, and has beenn applied recenntly.
In a norrmal wavelet encoding of an image, thee image is su ubdivided
into four reggions. For thee most commmon Haar waveelet ܦ , an immage I of
size ܹǡ ʹ א ܪfor integger n., and lo ocation x,y ݊݁ݒ݁ א ݔǡ ݊݁ݒ݁ א ݕ, is
ௐ ு
mapped into the follow wing regions within D, eaach of size ǡ . For
ଶ ଶ
iteration ݇ ൌ ͳ as
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
452 Chapter Thirteen
T
ଵ
ܦ௫Ȁଶǡ௬Ȁଶ
ଶ ൌ ܫ௫ǡ௬ ܫ௫ାଵǡ௬ ܫ௫ǡ௬ାଵ
௫ ܫ௫ାଵǡ௬ାାଵ ሺܮܮሻ
ଵ
ܦሺ௫ାௐሻȀଶǡ௬
௬Ȁଶ ൌ ܫ௫ǡ௬ െ ܫ௫ାଵǡ௬ ܫ௫ǡ௬ାଵ
௫ െ ܫ௫ାଵǡ௬ାାଵ ሺܮܪሻ
ଵ
ܦ௫Ȁଶǡሺ௬ାுሻ
ሻȀଶ ൌ ܫ௫ǡ௬ ܫ௫ାଵǡ௬ െ ܫ௫ǡ௬ାଵ
௫ െ ܫ௫ାଵǡ௬ାାଵ ሺܪܮሻ
ଵ
ܦሺ௫ାௐሻȀଶǡሺ௬ା
ାுሻȀଶ ൌ ܫ௫ǡ௬ െ ܫ௫ାଵǡ௬ െ ܫ௫ǡ௬ାଵ
௫ ܫ௫ାଵǡ௬ାାଵ ሺܪܪሻ
(7-2)
These compprise regions laabeled LL, HL L LH, HH. Inn other wordss, the first
quadrant contains the sum m of 4 pixelss in a 2×2 grooup – a low-p pass filter
output, and the four quaadrant contain ns the differeence of each of the 4
pixels, resuulting in a hiigh-pass filterr output. Thhe two quad drants are
projections iin x and y resspectively. Wee then reiteratte this process only on
the first quadrant. Fig. 7--5. shows the result
r of threee iterations.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 453
combined in specific ways in order to achieve the even and odd symmetry
properties of a complex decomposition. Effectively, this allows the
DTCWT to ‘borrow’ some of the properties of the DFT, such as shift
invariance.
As demonstrated in [57], the shift invariance property of the DTCWT
allows the image to be made crop-resistant. In this way, the DTCWT
avoids the blocking limitations of the blocked DCT approach. Similar
components (LH4 and HL4) are used in a four level decomposition.
8. Conclusion
This chapter discussed various image watermarking techniques as applied
to the domain of biometric template protection. We concentrated on
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
454 Chapter Thirteen
References
1. C. Arthur, iPhone 5S fingerprint sensor hacked by Germany's Chaos
Computer Club.
http://www.theguardian.com/technology/2013/sep/22/apple-iphone-
fingerprint-scanner-hacked.
2. B. Reed, iPhone 5S seen spawning wave of fingerprint scanning
copycats,
http://www.telegraph.co.uk/technology/apple/iphone/10327635/iPhone
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
-5s-fingerprint-sensor-hacked-within-days-of-launch.html.
http://www.insurancenetworking.com/news/insurance_technology_mo
bile_payments_risk_fraud_credit-26090-1.html.
3. A. K. Jain, L. Hong, S. Pankanti, Biometric identification.
Communications of the ACM, 43(2), pp.90-98, 2000.
4. Federal Bureau of Investigation, The Science of Fingerprints:
Classification and Uses. Washington, D.C.: U.S. Government Printing
Office, 1984.
5. T. Y. Chung, M. S. Hong, Y. N. Oh, D. H. Shin, and S. H. Park,
Digital watermarking for copyright protection of mpeg2 compressed
video. Consumer Electronics, IEEE Transactions on, 44(3), pp.895–
901, 1998.
6. S. Stankovic, I. Orovic, and N. Zaric. An application of
multidimensional time-frequency analysis as a base for the unified
watermarking approach. Image Processing, IEEE Transactions on,
19(3), pp.736–745, 2010.
7. I. J. Cox, M. Miller, J. Bloom, J. Fridrich, T. Kalker, Digital
Watermarking and Steganography, ISBN 978-0123725851, Morgan
Kaufman, 2007
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 455
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
456 Chapter Thirteen
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
Watermarked Biometrics 457
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
458 Chapter Thirteen
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
CHAPTER FOURTEEN
3D FINGERPRINTS: A SURVEY
Abstract
Fingerprint has been one of the most successful biometrics applied in both
forensic law enforcement and security applications. Fingerprint
acquisition, for many years, has been accomplished by first pressing a
finger on a hard plane, and then converting the image into a digital form.
Recent developments in fingerprint acquisition technology have resulted in
touchless live scan devices that generate 3D representation of fingerprints.
By capturing the fingerprints in 3D using a non-contact based imaging
technique, much higher quality fingerprint images can be obtained and
higher matching performance can be achieved if a fingerprint's quality is
sufficiently good. Besides, 3D fingerprints are more difficult to duplicate
or counterfeit. All these result in more secure and robust fingerprint
recognition systems. In this chapter, we investigated the advantages of this
new technology, the acquisition of 3D fingerprint images, the compatibility
between 3D fingerprints and 2D fingerprints, the feature representation of
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
460 Chapter Fourteen
Keywords: S
Security, Biom
metrics, Fingeerprint, 3D.
1 Introd
duction
Fingerprint recognition has been thee most practtical and wid dely used
biometric teechnique sincce the 1980ss. Over the llast decade, computer
technology hhas facilitatedd both the acqquiring and prrocessing of fingerprint
f
data. Thereefore, automaated fingerprrint identificaation and veerification
systems are widely used in commerciaal and security ty applicationss, such as
access contrrol, denial opeerations, and criminal
c identiifications.
Fingerprrint acquisitioon, for several decades, hhas evolved from ink
(rolled or pplain) to cappacitive, ultraasonic, pyro--electric, therrmal, and
optoelectronnic approachhes (see Fig gure 1.). A Among thesee capture
approaches, contact-baseed methods detect the geometric difference d
between conntact and nonn-contact parts (e.g., ridgees and valley ys) of the
fingertips onn a device. The
T optical approach, on thhe other hand, captures
the texture innformation off the fingerprin
nt under exam
mination.
Recent developments in fingerp print acquisittion technolo ogy have
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprintts: A Survey 461
fingerprint aarea usable foor the recogniition is widerr than the onee captured
by traditionnal contact-baased acquisition techniquees. Therefore, the new
generation oof touchless livve scan devicees that generaate 3D represeentation of
fingerprints has been inntroduced to the market. A 3D singlee and ten
fingerprint ssystem that uses
u shape from shading aand stereovision-based
techniques to obtain 3D fingerprin nts in a nonn-contact fash hion was
developed bby TBS Nortth America [1]. [ Flashscann3D LLC [2]] and the
University oof Kentucky have
h developeed a non-contaact, 3D fingerr scanning
system, which can capturee the 3D ridgee-valley detaills of the fingertips.
To be ccompatible wiith existing 2D 2 fingerprinnting technolo ogy, there
have been many attem mpts that extend
e the ttraditional fingerprint
f
identificatioon methods too 3D fingerp print identificcation. Howeever, it is
necessary too unroll the 3D fingerprin nt images intto 2D equivaalent ones
before matcching. Availabble unrolling algorithms caan be divided d into two
categories--pparametric annd non-parameetric--accordinng to whetherr a model
is assumed for the fingerr surface or not.
n Parametriic unrolling algorithms
a
assume that the finger suurface can be represented aas a parametric surface,
e.g., cylindeer, tube or sphhere. Unlike parametric
p meethods, non-p parametric
methods do not assume any a models for f the finger surfaces, insttead, they
directly commpute the corrresponding pix xels in the 2D
D equivalent fingerprint
f
image from the points in thet 3D fingerp print model.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
462 Chapter Fourteen
2.2.1 Automaticity
time feedbaack for correct placement of o the finger. The operatorr does not
need to interract with the user
u unless there is a speciaal circumstancce such as
a physical ddeformity. Theerefore, quality of the print is no longer tied
t to the
skills of thhe operator manipulating
m the acquisitioon. Besides, enhanced
segmentatioon can be donee for multi-fin
ngers capture [[4].
2.2.3 Speed
d
2.2.4 Stabiliity
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
464 Chapter Fourteen
2.2.5 Compatibility
2.2.7 Security
x the image resolution is not constant within the image, and decreases
from the centre to the image extremities;
x the contrast between the ridges and the valleys is low in fingerprint
images;
x defocus and motion blurriness are acquired sometimes.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 465
B.Y. Hiew et al. [6] proposed to use a digital camera to acquire the
fingerprint images with the size of 640*480 (see Figure 4). The captured
raw images will be normalized, segmented, enhanced and followed by the
core point detection. After the core point detection, the image is cropped
again into the size of 200*200 with the core point as the centre. The
normalized images will then be proposed by the Gabor filters to extract
features. Chulhan et al. [7] introduced a hardware approach that used a
camera and the wavelengths of light. Besides, they proposed a strong view
difference image rejection method using the distance between the core and
the centre axis of the finger, in order to overcome the 3D to 2D image
mapping problem.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
466 Chapter Fourteen
improve the realism of the simulated data, the lens focus blur is simulated.
The model is then completed with the estimation of a realistic colour
pattern, obtained by applying a low-pass filter to a real contactless
fingerprint image, and by adding the properties of reflectance that match
the ones of the human skin. Finally, a virtual light source is used to
illuminate the scene and make the details of the ridges visible.
Disadvantages: Such acquisition methods cannot get the 3D model of
the fingerprint, some parts of the fingerprint region are in focus but some
parts are out of focus, and the effective region of the fingerprint is very
limited.
3.1.2 Multi-Images
Gil et al. [9] proposed to use a linescan camera and a mechanical motion
system to acquire the equivalent of a rolled fingerprint collected by contact
means. The system captures four high-resolution images at different
depths, using polarization rotation and birefringence at frame rate and with
no moving parts. Then the depth from focus is used to generate a coarse
3D data file. The captured images are registered and combined into a
single 500 PPI (points per inch) high-resolution image. Finally, the 3D data
is used to create the equivalent of a rolled fingerprint for comparison with
standard fingerprint databases.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 467
ridge points as the correspondences for initial alignment, and use the thin
plate spline (TPS) model and ridge mapping for finer alignment. In
particular, to reduce the ridge width variation caused by perspective
distortion and to preserve the ridge intervals of a mosaicked image as
consistently as possible, they select the regions to be mosaicked from three
views, by comparing the ridge width values in all images.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
468 Chapter Fourteen
known relative positions under the assumption that the images were
obtained by cameras via orthogonal projection and the minutiae did not
contain angle information. Then, two planar minutiae sets were extracted
from these two images to reconstruct 3D minutia points.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprintts: A Survey 469
3D target onn which, poinnts with known n positions arre marked. Too facilitate
the integratiion of the Surrround Imagerr into existingg systems, a 2D D version
of the reconnstructed finggerprint is also o provided affter the reconnstruction.
The compuuted 3D fingeer geometry can be usedd to virtually y roll the
fingerprint oonto a plane, obtaining
o a co
omplete rolledd-equivalent fingerprint
f
of the acquirred finger.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
470 Chapter Fourteen
In the SLI single POV approach, the scanner, which can simultaneously
acquire 3D scans of all the five fingers and the palm in high speed and
fidelity, consists of a commercial off-the-shelf projector to project the SLI
patterns and a high resolution camera to capture the shape deformed SLI
patterns reflected from the target being scanned.
The algorithm for fingerprint scanning is phase measuring profilometry
(PMP), which originates from classical optical interferometry techniques,
and can make a 3D scan of the human finger with sufficiently high
resolution so as to record 3D ridge depth information. Post processing of
these scans is performed later to virtually extract the finger and palm
surfaces, and create 2D flat equivalent images.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
In the SLI Sub-window technique, the scanner uses a custom LED line
source with a static SLI pattern and cameras operating in sub-window
mode rather than full-frame for increased frame rates.
The hardware [17] consists of a simple projection system with an LED-
based illumination module and a photographic slide with encoded sine
wave patterns. The projection system effectively projects a static image
pattern on a target surface. A small region of interest (ROI) of the pixel
resolution in the camera sensor is chosen. The ROI is called an image slice.
Additionally, the exposure time of the camera is set very low, which limits
the amount of light available per frame but helps in capturing the 2D image
slices at a very high frame rate. Using the sub-window based approach, the
2D image slices are captured at a much higher frame rate with the finger
moving across the projector and camera's fields of view in a swipe like
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 471
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
472 Chapter Fourteen
fingerprint iis obtained byy flattening thee cylinder. Eaach point ሺݔǡ ݕǡ
ݖ ݕሻ in the
fingerprint iis transformedd to the cylin ndrical coordiinateሺߠǡ ݖሻ, whereߠ
w ൌ
ି݊ܽݐଵ ሺ ݔΤݕሻሻ.
Shortcom mings: This method doess not preservee the relativee distance
between thee points on thhe original fin ngerprint surfface, so it intrroduces a
horizontal ddistortion to thhe flattened fin
ngerprint.
4.1.2 Tube m
model
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 473
The spring algorithm [20] first extracts the smooth surface of the 3D
fingerprint by smoothing the ridge and valleys by a weighted, non-linear,
least square algorithm. The weights are obtained by a Gaussian function.
Then the smoothed 3D surface is transformed to the 2D unrolled surface
using the spring algorithm [21]. The texture of the fingerprint (ridges and
valleys) is calculated by taking a difference between the original 3D
surface and the smoothed 3D surface. Therefore, the final, unrolled, 2D
fingerprint is obtained by putting the texture onto the unrolled surface
which is extracted by the spring algorithm.
Sara et al. [22] also adopted the spring algorithm to convert the 3D
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
474 Chapter Fourteen
results than the parametric method, since it preserves the relative distance
between minutiae in the fingerprint.
Qijun et al. [23] took distortion into consideration when converting 3D
fingerprints into 2D equivalent fingerprints using direct sampling, and
proposed a distortion model. The distortion model aims to simulate non-
uniform sampling rates caused by the non-uniform pressure across a plain
fingerprint. For simplicity, two assumptions on plain fingerprint
acquisition are made: 1) The finger moves towards the fingerprint sensor
along the direction perpendicular to the acquisition plane of the sensor.
The point on the finger surface which touches the acquisition plane first is
defined as the centre of the obtained fingerprint. 2) No traction or torsion is
applied to the finger once it gets in contact with the acquisition plane.
Under these assumptions, the pressure reaches the maximum at the centre
and gradually decreases as we approach the boundary of the fingerprint.
Correspondingly, the sampling interval gradually increases from the centre
to the boundary.
surface and to represent the local point cloud area. On the basis of the
fitting surface, the 3D fingerprint surface’s curvature and curvature tensors
were calculated. By referring to the curvatures, potential valley-ridge
points were detected. Through statistical means, those points were
projected to the most likely valley-ridge lines. Then, by growing the
polylines that approximate the projected points and removing the
perturbations between the sampled points, the 3D valley-ridge lines were
obtained.
This approach can directly extract the features of valley-ridge lines
without employing the unwrapping that converts 3D models into 2D but
introduces distortions.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 475
5.2 3D Minutiae
The 2D fingerprint templates ሺݔǡ ݕǡ ߠሻ typically include the position of the
minutiae ሺݔǡ ݕሻ and the angle ߠ representing the orientation of the minutiae
in 2D space. This representation can be extended to include new
(extended) features, which can more accurately localize such minutiae in
3D space. The 3D feature ݖcan represent the height of the vertex on the
reconstructed 3D fingerprint surface at position ሺݔǡ ݕሻ, while the ߮can
represent the minutiae orientation in spherical coordinates with unit length
1. Such extended minutiae templates can more effectively localize the
minutiae in 3D space, and referred to as 3D minutiae ሺݔǡ ݕǡ ݖǡ ߠǡ ߮ሻ
[11][14], as is shown in Figure 10.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
476 Chapter Fourteen
6 Quality Analyses
For the 3D fingerprint study, as large public databases have not been
available to test its matching performance, it is specifically important to
evaluate the performance of fingerprint scanner in terms of the fingerprint
image quality.
6.1 Tools
Software, developed by the National Institute of Standards and Technology
(NIST) for conventional 2D fingerprints, can be employed to evaluate the
performance of 3D fingerprints after unravelling them into 2D equivalent
images [3][15].
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 477
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
478 Chapter Fourteen
In this test, there are 5 groups (5 subjects in total), where each group
contains 20 (10*2) 2D fingerprints, 20 unravelled 2D equivalent
fingerprint images, 20 post-processed images using algorithm ‘TH6’, and
20 post-processed images using algorithm ‘R414’. We use False Reject
Rate (FRR) to evaluate the recognition performance. The lower the FRR is,
the better the performance is. Figure 11. demonstrates the performance
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 479
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
480 Chapter Fourteen
In this test, there are 10 groups: left thumb finger, left index finger, left
middle finger, left ring finger, left little finger, right thumb finger, right
index finger, right middle finger, right ring finger, and right little finger.
Each group contains 10 (5*1*2) 2D fingerprints, 10 unravelled 2D
equivalent fingerprint images, 10 post-processed images using algorithm
‘TH6’, and 10 post-processed images using algorithm ‘R414’. We also use
False Reject Rate (FRR) to evaluate the recognition performance. Figure
12. demonstrates the performance regarding different finger names in three
scenarios: 2D to unravelled 2D equivalent images, 2D to post-processed
images using algorithm ‘TH6’, and 2D to post-processed images using
algorithm ‘R414’.
As is shown in Figure 12., the recognition performance of ring fingers
is the worst since the FRR regarding both left ring and right ring fingers
are all very high in three scenarios, the FRR reaches 60% when identifying
2D to unravelled 2D equivalent images for the left ring fingers; the
recognition performance of little fingers is a little better than that of the
ring fingers, but still not good. Relatively speaking, the performance of
identifying the thumb fingers is the best, which may be due to the large
region and smooth surface of the thumb fingers.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 481
Figure 13. Two captures of the same finger using the same 3D scanner
The singular points and minutiae in Figure 13. are marked red by
VeriFinger. We can see that the area of the fingerprint in Figure 13(b). is
wider than that in Figure 13(a)., and the number of minutiae in Figure
13(b). is larger than that in Figure 13(a). Actually, there are too many
spurious minutiae in both images, especially near the brim of the
fingerprints. Certain minutiae near the singular area are missing, and the
extracted singular point in Figure 13(b). deviates obviously from the
ground truth. The same observations also apply to images in Figure 14. All
these may result from the difference between the finger poses of two
captures and the creases on the fingerprints.
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Because of the different nature of the 3D finger image with respect to the
traditional approaches, in the near future, new methods for image quality
check, analysis, enhancement, and protection, can be implemented to
provide additional flexibility for specific applications. We tried to enhance
the contrast of the collected 3D fingerprint images and again conducted the
experiment. The results showed that the performance of 2D to 3D and 3D
to 3D fingerprint matching was improved greatly. Besides, new forensic
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
482 Chapter Fourteen
8 Conclusion
Non-contact 3D fingerprint technology has the tendency of replacing
traditional fingerprint acquisition and recognition in many applications.
Recent research on 3D fingerprint biometrics focuses on the acquisition of
3D fingerprint models, unwrapping 3D fingerprints into 2D equivalent
ones, and using existing algorithms for 2D to 3D fingerprint recognition.
This chapter presents a comprehensive study of this new technology and
points out some future research in the 3D fingerprint domain, including
direct 3D to 3D recognition, accurate algorithms for feature extraction of
unravelled 2D equivalent fingerprint images, enhancement of the 3D
fingerprint images using image processing techniques, and novel methods
for 2D to 3D fingerprint recognition.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 483
References
[1] Tbs biometrics. [Online]. Available: http://www.tbs-biometrics.com.
[2] Flashscan3d. [Online]. Available: http://www.flashscan3d.com.
[3] Y. Wang, Q. Hao, A. Fatehpuria, L. G. Hassebrook, and D. L. Lau.
“Quality and matching performance analysis of three-dimensional
unraveled fingerprints,” Optical Engineering, 49.7 (2010): 077 202–
077 202–10.
[4] V. Yalla, L. Hassebrook, R. Daley, C. Boles, and M. Troy. “Full-hand
3d non-contact scanner using sub-window-based structured light
illumination technique,” Proc. SPIE, 8371 (2012): 83 711O–83 711O–
15.
[5] M. Troy, L. Hassebrook, V. Yalla, and R. Daley. “Non-contact 3d
fingerprint scanner using structured light illumination,” Proc.SPIE,
7932 (2011): 79 320C–79 320C–13.
[6] B. Hiew, A. Teoh, and Y. Pang. “Touch-less fingerprint recognition
system,” Proceedings of the 2007 IEEE Workshop on Automatic
Identification Advanced Technologies, 2007. 24–29.
[7] C. Lee, S. Lee, and J. Kim. “A study of touchless fingerprint
recognition system,” in Structural, Syntactic, and Statistical Pattern
Recognition, ser. Lecture Notes in Computer Science, D.-Y. Yeung, J.
Kwok, A. Fred, F. Roli, and D. Ridder, Eds. Springer Berlin
Copyright © 2015. Cambridge Scholars Publisher. All rights reserved.
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
484 Chapter Fourteen
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.
3D Fingerprints: A Survey 485
Biometric Security, edited by David Chek Ling Ngo, et al., Cambridge Scholars Publisher, 2015. ProQuest Ebook Central,
http://ebookcentral.proquest.com/lib/aut/detail.action?docID=2076603.
Created from aut on 2020-03-10 15:37:43.