Efficient yet robust biometric iris matching on smart cards for data high security and privacy

Smart control access to any service and/or critical data is at the very basis of any smart project. Biometrics have been used as a solution for system access control, for many years now. However, the simple use of biometrics cannot be considered as final and perfect solution. Most problems are related to the data transmission method between the medias, where the users require access and the servers where the biometric data, captured upon registration, are stored. In this paper, we use smart cards as an effective yet efficient solution to this critical data storage problem. Furthermore, iris texture has been used as a human identifier for some time now. This biometric is considered one of the most reliable to distinguish a person from another as its unique yet perfectly stable over time. In this work, we propose an efficient implementation of iris texture verification on smart cards. For this implementation, the matching is done on-card. Thus, the biometric characteristics are always kept in the owner’s card, guaranteeing the maximum security and privacy. In a first approach, the False Acceptance Rate (FAR) and False Rejection Rate (FRR) are improved using circular translations of the matched iris codes. However, after a thorough analysis of the achieved results, we show that the proposed method introduces a significant increase in terms of execution time of the matching operation. In order to mitigate this impact, we augmented the proposed technique with acceptance threshold verification, thus decreasing drastically the execution time of the matching operation, and yet achieving considerably low FAR and FRR. It is noteworthy to point out that these characteristics are at the basis of any access control successful usage.     

A novel framework for automatic 3D face recognition using quality assessment

The quality of biometric samples plays an important role in biometric authentication systems because it has a direct impact on verification or identification performance. In this paper, we present a novel 3D face recognition system which performs quality assessment on input images prior to recognition. More specifically, a reject option is provided to allow the system operator to eliminate the incoming images of poor quality, e.g. failure acquisition of 3D image, exaggerated facial expressions, etc.. Furthermore, an automated approach for preprocessing is presented to reduce the number of failure cases in that stage. The experimental results show that the 3D face recognition performance is significantly improved by taking the quality of 3D facial images into account. The proposed system achieves the verification rate of 97.09% at the False Acceptance Rate (FAR) of 0.1% on the FRGC v2.0 data set.     

From scores to face templates: a model-based approach

Regeneration of templates from match scores has security and privacy implications related to any biometric authentication system. We propose a novel paradigm to reconstruct face templates from match scores using a linear approach. It proceeds by first modeling the behavior of the given face recognition algorithm by an affine transformation. The goal of the modeling is to approximate the distances computed by a face recognition algorithm between two faces by distances between points, representing these faces, in an affine space. Given this space, templates from an independent image set (break-in) are matched only once with the enrolled template of the targeted subject and match scores are recorded. These scores are then used to embed the targeted subject in the approximating affine (non-orthogonal) space. Given the coordinates of the targeted subject in the affine space, the original template of the targeted subject is reconstructed using the inverse of the affine transformation. We demonstrate our ideas using three, fundamentally different, face recognition algorithms: Principal Component Analysis (PCA) with Mahalanobis cosine distance measure, Bayesian intra-extrapersonal classifier (BIC), and a feature-based commercial algorithm. To demonstrate the independence of the break-in set with the gallery set, we select face templates from two different databases: Face Recognition Grand Challenge (FRGC) and Facial Recognition Technology (FERET) Database (FERET). With an operational point set at 1 percent False Acceptance Rate (FAR) and 99 percent True Acceptance Rate (TAR) for 1,196 enrollments (FERET gallery), we show that at most 600 attempts (score computations) are required to achieve a 73 percent chance of breaking in as a randomly chosen target subject for the commercial face recognition system. With similar operational set up, we achieve a 72 percent and 100 percent chance of breaking in for the Bayesian and PCA based face recognition systems, respectively. With three different levels of score quantization, we achieve 69 percent, 68 percent and 49 percent probability of break-in, indicating the robustness of our proposed scheme to score quantization. We also show that the proposed reconstruction scheme has 47 percent more probability of breaking in as a randomly chosen target subject for the commercial system as compared to a hill climbing approach with the same number of attempts. Given that the proposed template reconstruction method uses distinct face templates to reconstruct faces, this work exposes a more severe form of vulnerability than a hill climbing kind of attack where incrementally different versions of the same face are used. Also, the ability of the proposed approach to reconstruct actual face templates of the users increases privacy concerns in biometric systems.     

Emulating biological strategies for uncontrolled face recognition

Face recognition technology is of great significance for applications involving national security and crime prevention. Despite enormous progress in this field, machine-based system is still far from the goal of matching the versatility and reliability of human face recognition. In this paper, we show that a simple system designed by emulating biological strategies of human visual system can largely surpass the state-of-the-art performance on uncontrolled face recognition. In particular, the proposed system integrates dual retinal texture and color features for face representation, an incremental robust discriminant model for high level face coding, and a hierarchical cue-fusion method for similarity qualification. We demonstrate the strength of the system on the large-scale face verification task following the evaluation protocol of the Face Recognition Grand Challenge (FRGC) version 2 Experiment 4. The results are surprisingly well: Its modules significantly outperform their state-of-the-art counterparts, such as Gabor image representation, local binary patterns, and enhanced Fisher linear discriminant model. Furthermore, applying the integrated system to the FRGC version 2 Experiment 4, the verification rate at the false acceptance rate of 0.1 percent reaches to 93.12 percent.     

A practical implementation of fuzzy fingerprint vault for smart cards

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. To protect the biometric data, we need to store it in a non-invertible transformed version. Thus, even if the transformed version is compromised, the actual biometric data remain safe. Fuzzy vault is a cryptographic construct to secure critical data with the fingerprint data. In this paper, we implement the fuzzy fingerprint vault, combining fingerprint verification and fuzzy vault scheme to protect fingerprint templates, for the smart card environment. To implement the fuzzy fingerprint vault as a complete system, we have to consider several practical issues such as automatic fingerprint alignment, verification accuracy, template size for storing in the smart card, execution time, error correcting code, etc. Especially, we handled the fingerprints having a few minutiae by applying an adaptive degree of the polynomial, and thus our implementation result can be used for real, large-scale applications.     

BinaryFace:基于深层卷积神经网络的人脸模板保护模型

随着生物识别技术的广泛应用,人们越来越担心生物模板信息的安全性和隐私性。为此人们提出很多生物模板信息的保护算法,但其一般需要牺牲可识别性来换取高安全性。为了在保证高安全性的同时尽可能提高可识别性,本文提出一种新的由特征转换和生物加密组成的二阶段人脸模板保护方案。在特征转换阶段,基于VGGFace提出一种新的基于卷积神经网络的BinaryFace网络,通过设计新的随机正交映射矩阵、量化损失函数和最大熵损失函数实现人脸模板的二进制转换。同时为了减少网络参数,设计新的深度可分离瓶颈卷积层,BinaryFace相比VGGFace在参数和浮点数（Flops）上分别减少约75%和约35%。在生物加密阶段,将人脸二进制模板转换中随机正交映射生成的纠错码输入模糊承诺方案,生成加密的人脸模板并存储到数据库中。在验证阶段,通过相同的流程恢复出纠错码,并与原始纠错码进行哈希校验得到最终的匹配结果。在评测阶段,本文提出的方法在CMU-PIE、FEI、Color FERET等3个数据集上,相比之前的工作在GAR上有约6.5%的提升,同时将EER降低了约4倍。     

Fingerprint-Based Fuzzy Vault: Implementation and Performance

Reliable information security mechanisms are required to combat the rising magnitude of identity theft in our society. While cryptography is a powerful tool to achieve information security, one of the main challenges in cryptosystems is to maintain the secrecy of the cryptographic keys. Though biometric authentication can be used to ensure that only the legitimate user has access to the secret keys, a biometric system itself is vulnerable to a number of threats. A critical issue in biometric systems is to protect the template of a user which is typically stored in a database or a smart card. The fuzzy vault construct is a biometric cryptosystem that secures both the secret key and the biometric template by binding them within a cryptographic framework. We present a fully automatic implementation of the fuzzy vault scheme based on fingerprint minutiae. Since the fuzzy vault stores only a transformed version of the template, aligning the query fingerprint with the template is a challenging task. We extract high curvature points derived from the fingerprint orientation field and use them as helper data to align the template and query minutiae. The helper data itself do not leak any information about the minutiae template, yet contain sufficient information to align the template and query fingerprints accurately. Further, we apply a minutiae matcher during decoding to account for nonlinear distortion and this leads to significant improvement in the genuine accept rate. We demonstrate the performance of the vault implementation on two different fingerprint databases. We also show that performance improvement can be achieved by using multiple fingerprint impressions during enrollment and verification.     

Masquerade attack on transform-based binary-template protection based on perceptron learning

With the increasing deployment of biometric systems, security of the biometric systems has become an essential issue to which serious attention has to be given. To prevent unauthorized access to a biometric system, protection has to be provided to the enrolled biometric templates so that if the database is compromised, the stored information will not enable any adversary to impersonate the victim in gaining an illegal access. In the past decade, transform-based template protection that stores binary one-way-transformed templates (e.g. Biohash) has appeared being one of the benchmark template protection techniques. While the security of such approach lies in the non-invertibility of the transform (e.g. given a transformed binary template, deriving the corresponding face image is infeasible), we will prove in this paper that, irrespective of whether the algorithm of transform-based approach is revealed, a synthetic face image can be constructed from the binary template and the stolen token (storing projection and discretization parameters) to obtain a highly-probable positive authentication response. Our proposed masquerade attack algorithms are mainly composed of a combination of perceptron learning and customized hill climbing algorithms. Experimental results show that our attack algorithms achieve very promising results where the best setting of our attack achieves 100% and 98.3% rank one recognition rates for the CMU PIE and FRGC databases correspondingly when the binarization algorithm (transformation plus discretization) is known; and 85.29% and 46.57% rank one recognition rates for the CMU PIE and FRGC databases correspondingly when the binarization algorithm is unknown.     

A Channel Coding Approach for Human Authentication From Gait Sequences

Human authentication using biometric traits has become an increasingly important issue in a large range of applications. In this paper, a novel channel coding approach for biometric authentication based on distributed source coding principles is proposed. Biometric recognition is formulated as a channel coding problem with noisy side information at the decoder and error correcting codes are employed for user verification. It is shown that the effective exploitation of the noise channel distribution in the decoding process improves performance. Moreover, the proposed method increases the security of the stored biometric templates. As a case study, the proposed framework is employed for the development of a novel gait recognition system based on the extraction of depth data from human silhouettes and a set of discriminative features. Specifically, gait sequences are represented using the radial and the circular integration transforms and features based on weighted Krawtchouk moments. Analytical models are derived for the effective modeling of the correlation channel statistics based on these features and integrated in the soft decoding process of the channel decoder. The experimental results demonstrate the validity of the proposed method over state-of-the-art techniques for gait recognition.      

模糊逻辑在人脸特征保护算法中的应用

随着人脸识别在门禁、视频监控等公共安全领域中的应用日益广泛,人脸特征数据的安全性和隐私性问题成为备受关注的焦点。近年来出现了许多关于生物特征及人脸特征的安全保护算法,这些算法大都是将生物特征数据转变为二值的串,再进行保护。针对已有的保护算法中将实值的人脸特征转换为二值的串,从而导致信息丢失的不足,应用模糊逻辑对人脸模板数据的类内差异进行建模,从而提高人脸识别系统的性能。给出了算法在CMU PIE的光照子集、CMU PIE带光照和姿势的子集和ORL人脸数据库中的实验结果。实验表明,该算法能够进一步提高已有安全保护算法的识别率。     

多印痕指纹识别的数据融合技术

由于指纹图像中存在非线性变形和噪声干扰,当前的指纹识别系统不能满足某些系统要求保持很低的误接受率(FAR)的同时达到较低误拒绝率(FRR)的要求。提高识别性能的一个有效的方法是融合多个模板和多个指纹的数据融合技术。该文研究的一种多印痕指纹数据融合技术能够改善系统性能。通过实验证明了这种数据融合技术能够有效提高系统性能,可以使系统在保持低误接受率的条件下降低误拒绝率。     

Secure multimodal biometric authentication with wavelet quantization based fingerprint watermarking

As malicious attacks greatly threaten the security and reliability of biometric systems, ensuring the authenticity of biometric data is becoming increasingly important. In this paper we propose a watermarking-based two-stage authentication framework to address this problem. During data collection, face features are embedded into a fingerprint image of the same individual as data credibility token and secondary authentication source. At the first stage of authentication, the credibility of input data is established by checking the validness of extracted patterns. Due to the specific characteristics of face watermarks, the face detection based classification strategies are introduced for reliable watermark verification instead of conventional correlation based watermark detection. If authentic, the face patterns can further serve as supplemental identity information to facilitate subsequential biometric authentication. In this framework, one critical issue is to guarantee the robustness and capacity of watermark while preserving the discriminating features of host fingerprints. Hence a wavelet quantization based watermarking approach is proposed to adaptively distribute watermark energy on significant DWT coefficients of fingerprint images. Experimental results which evaluate both watermarking and biometric authentication performance demonstrate the effectiveness of this work.     

Biometric keys: suitable use cases and achievable information content

This article surveys use cases for cryptographic keys extracted from biometric templates (“biometric keys”). It lays out security considerations that favor uses for the protection of the confidentiality and privacy of biometric information itself. It is further argued that the cryptographic strength of a biometric key is determined by its true information content. I propose an idealized model of a biometric system as a Shannon channel. The information content that can be extracted from biometric templates in the presence of noise is determined within this model. The performance of state-of-the-art biometric technology to extract a key from a single biometric feature (like, e.g., one iris pattern or one fingerprint) is analyzed. Under reasonable operating conditions the channel capacity limits the maximal achievable information content k of biometric key to values smaller than about 30 bits. This upper length limit is too short to thwart “brute force” attacks on crypto systems employing biometric keys. The extraction of sufficiently long biometric keys requires either: (a) technological improvements that improve the recognition power of biometric systems considerably or (b) the employment of multimodal and/or multiinstance biometrics or (c) the use of novel biometric features, such as, e.g., the pattern DNA nucleotides in the human genome.     

混合卷积神经网络的人脸验证

人脸验证对于个人身份认证很重要, 它在系统安全和犯罪识别中具有重要意义. 人脸验证的任务是给定一对人脸图像判断是否为相同的身份(即二进制分类). 传统的验证方法包括两个步骤: 特征提取和人脸验证. 本文提出了一个混合卷积神经网络, 用于进行人脸验证, 主要过程分为三个步骤: 特征提取, 特征选择和人脸验证. 这个模型关键点是直接使用混合卷积神经网络从原始像素直接学习相关的视觉特征, 并通过单变量特征选择和主成分分析(PCA)进一步处理特征. 这样可以实现从原始像素提取到具有较好鲁棒性和表达性的特征. 在顶层使用支持向量机(SVM)判读是否为同一个人. 通过实验可以发现混合卷积神经网络模型与传统方法相比在人脸验证得准确率上有着较好的表现.     

Secure biometric template generation for multi-factor authentication

In the light of recent security incidents, leading to compromise of services using single factor authentication mechanisms, industry and academia researchers are actively investigating novel multi-factor authentication schemes. Moreover, exposure of unprotected authentication data is a high risk threat for organizations with online presence. The challenge is how to ensure security of multi-factor authentication data without deteriorating the performance of an identity verification system? To solve this problem, we present a novel framework that applies random projections to biometric data (inherence factor), using secure keys derived from passwords (knowledge factor), to generate inherently secure, efficient and revocable/renewable biometric templates for users? verification. We evaluate the security strength of the framework against possible attacks by adversaries. We also undertake a case study of deploying the proposed framework in a two-factor authentication setup that uses users? passwords and dynamic handwritten signatures. Our system preserves the important biometric information even when the user specific password is compromised – a highly desirable feature but not existent in the state-of-the-art transformation techniques. We have evaluated the performance of the framework on three publicly available signature datasets. The results prove that the proposed framework does not undermine the discriminating features of genuine and forged signatures and the verification performance is comparable to that of the state-of-the-art benchmark results.     

Extraction and fusion of partial face features for cancelable identity verification

In this paper, we propose to extract localized random features directly from partial face image matrix for cancelable identity verification. Essentially, the extracted random features consist of compressed horizontal and vertical facial information obtained from a structured projection of the raw face images. For template security reason, the face appearance information is concealed via averaging several templates over different transformations. The match score outputs of these cancelable templates are then fused through a total error rate minimization. Extensive experiments were carried out to evaluate and benchmark the performance of the proposed method based on the AR, FERET, ORL, Sheffield and BERC databases. Our empirical results show encouraging performances in terms of verification accuracy as well as satisfying four cancelable biometric properties.     

基于指纹的可撤销Fuzzy vault方案

Fuzzy vault是一种用生物特征保护密钥的加密框架,其主要缺点在于攻击者可以通过交叉比较同一用户的不同vault来获得生物模板的准确信息,从而可以破解vault。提出了一种使用基于指纹细节点的可撤销的变换模板作为生成vault的模板,保护不同密钥时采用不同变换模板,从而解决了这个问题。采用以巴特沃斯低通滤波器为核的函数组作为生成可撤销模板的变换函数。此外还使用了用户口令加密vault,从而进一步增强了被保护密钥的安全性。     

PalmHashing: a novel approach for cancelable biometrics

We propose a novel cancelable biometric approach, known as PalmHashing, to solve the non-revocable biometric issue. The proposed method hashes palmprint templates with a set of pseudo-random keys to obtain a unique code called palmhash. The palmhash code can be stored in portable devices such tokens and smartcards for verification. Multiple sets of palmhash codes can be maintained in multiple applications. Thus the privacy and security of the applications can be greatly enhanced. When compromised, revocation can also be achieved via direct replacement of a new set of palmhash code. In addition, PalmHashing offers several advantages over contemporary biometric approaches such as clear separation of the genuine-imposter populations and zero EER occurrences. In this paper, we outline the implementation details of this method and also highlight its potentials in security-critical applications.     

Random multispace quantization as an analytic mechanism for BioHashing of biometric and random identity inputs

Biometric analysis for identity verification is becoming a widespread reality. Such implementations necessitate large-scale capture and storage of biometric data, which raises serious issues in terms of data privacy and (if such data is compromised) identity theft. These problems stem from the essential permanence of biometric data, which (unlike secret passwords or physical tokens) cannot be refreshed or reissued if compromised. Our previously presented biometric-hash framework prescribes the integration of external (password or token-derived) randomness with user-specific biometrics, resulting in bitstring outputs with security characteristics (i.e., noninvertibility) comparable to cryptographic ciphers or hashes. The resultant BioHashes are hence cancellable, i.e., straightforwardly revoked and reissued (via refreshed password or reissued token) if compromised. BioHashing furthermore enhances recognition effectiveness, which is explained in this paper as arising from the random multispace quantization (RMQ) of biometric and external random inputs     

Cancelable features using log-Gabor filters for biometric authentication

Wide spread use of biometric based authentication requires security of biometric data against identity thefts. Cancelable biometrics is a recent approach to address the concerns regarding privacy of biometric data, public confidence, and acceptance of biometric systems. This work proposes a template protection approach which generates revocable binary features from phase and magnitude patterns of log-Gabor filters. Multi-level transformations are applied at signal and feature level to distort the biometric data using user specific tokenized variables which are observed to provide better performance and security against information leakage under correlation attacks. A thorough analysis is performed to study the performance, non-invertibility, and changeability of the proposed approach under stolen token scenario on multiple biometric modalities. It is revealed that generated templates are non-invertible, easy to revoke, and also deliver good performance.