RP-LPP : a random permutation based locality preserving projection for cancelable biometric recognition

Biometrics are being increasingly used across the world, but it also raises privacy and security concerns of the enrolled identities. The main reason is due to the fact that biometrics are not cancelable and if compromised may give access to the intruder. Cancelable biometric template is a solution to this problem which can be reissued if compromised. In this paper, we suggest a simple and powerful method called Random Permutation Locality Preserving Projection (RP-LPP) for Cancelable Biometric Recognition. Here, we exploit the mathematical relationship between the eigenvalues and eigenvectors of the original biometric image and its randomly permuted version is exploited for carrying out cancelable biometric recognition. The proposed technique work in a cryptic manner by accepting the cancelable biometric template and a key (called PIN) issued to a user. The effectiveness of the proposed techniques is demonstrated on three freely available face (ORL), iris (UBIRIS) and ear (IITD) datasets against state-of-the-art methods. The advantages of proposed technique are (i) the classification accuracy remains unaffected due to cancelable biometric templates generated using random permutation, (ii) security and quality of generated templates and (iii) robustness across different biometrics. In addition, no image registration is required for performing recognition.

     

Dual-key-binding cancelable palmprint cryptosystem for palmprint protection and information security

Biometric cryptosystems and cancelable biometrics are both practical and promising schemes to enhance the security and privacy of biometric systems. Though a number of bio-crypto algorithms have been proposed, they have limited practical applicability because they lack of cancelability. Since biometrics are immutable, the users whose biometrics are stolen cannot use bio-crypto systems anymore. Cancelable biometric schemes are of cancelability; however, they are difficult to compromise the conflicts between the security and performance. By embedded a novel cancelable palmprint template, namely “two dimensional (2D) Palmprint Phasor”, the proposed palmprint cryptosystem overcomes the lack of cancelability in existing biometric cryptosystems. Besides, the authentication performance is enhanced when users have different tokens/keys. Furthermore, we develop a novel dual-key-binding cancelable palmprint cryptosystem to enhance the security and privacy of palmprint biometric. 2D Palmprint Phasor template is scrambled by the scrambling transformation based on the chaotic sequence that is generated by both the user's token/key and strong key extracted from palmprint. Dual-key-binding scrambling not only has more robustness to resist against chosen plain text attack, but also enhances the secure requirement of non-invertibility. 2D Palmprint Phasor algorithm and dual-key-binding scrambling both increase the difficulty of adversary's statistical analysis. The experimental results and security analysis confirm the efficiency of the proposed scheme.     

生物加密综述

生物加密(BE)将生物模板和密钥相结合生成生物密钥,可以取代传统口令对密钥进行保护。在没有通过验证的情况下,攻击者无法获取密钥或生物模板。BE包含了可撤销生物认证技术,增强了生物认证中的安全性和保护隐私。该文介绍这一领域的主要方案,并指出各类方案的优缺点。     

Random permutation principal component analysis for cancelable biometric recognition

Although biometrics is being increasingly used across the world, it also raises concerns over privacy and security of the enrolled identities. This is due to the fact that biometrics are not cancelable and if compromised may give access to the intruder. To address these problems, in this paper, we suggest two simple and powerful techniques called (i) Random Permutation Principal Component Analysis (RP-PCA) and (ii) Random Permutation Two Dimensional Principal Component Analysis (RP-2DPCA). The proposed techniques are based on the idea of cancelable biometric which can be reissued if compromised. The proposed techniques work in a cryptic manner by accepting the cancelable biometric template and a key (called PIN) issued to a user. The identity of a person is recognized only if the combination of template and PIN is valid, otherwise the identity is rejected. The superiority of the proposed techniques is demonstrated on three freely available face (ORL), iris (UBIRIS) and ear (IITD) datasets against state-of-the-art methods. The key advantages of the proposed techniques are (i) classification accuracy remains unaffected due to cancelable biometric templates generated using random permutation (ii) robustness across different biometrics. In addition, no image registration is required for performing recognition.     

Situation awareness of cancelable biometric system

Recently, cancelable biometrics emerged as one of the highly effective methods of template protection. The concept behind the cancelable biometrics or cancelability is a transformation of a biometric data or extracted feature into an alternative form, which cannot be used by the imposter or intruder easily, and can be revoked if compromised. In this paper, we present a novel architecture for template generation in the context of situation awareness system in real and virtual applications. We develop a novel cancelable biometric template generation algorithm utilizing random biometric fusion, random projection and selection. Proposed random cross-folding method generate cancelable biometric template from multiple biometric traits. We further validate the performance of the proposed algorithm using a virtual multimodal face and ear database.     

Cancelable features using log-Gabor filters for biometric authentication

Wide spread use of biometric based authentication requires security of biometric data against identity thefts. Cancelable biometrics is a recent approach to address the concerns regarding privacy of biometric data, public confidence, and acceptance of biometric systems. This work proposes a template protection approach which generates revocable binary features from phase and magnitude patterns of log-Gabor filters. Multi-level transformations are applied at signal and feature level to distort the biometric data using user specific tokenized variables which are observed to provide better performance and security against information leakage under correlation attacks. A thorough analysis is performed to study the performance, non-invertibility, and changeability of the proposed approach under stolen token scenario on multiple biometric modalities. It is revealed that generated templates are non-invertible, easy to revoke, and also deliver good performance.     

Biometric template protection using cancelable biometrics and visual cryptography techniques

Wide spread use of biometric based authentication implies the need to secure biometric reference data. Various template protection schemes have been introduced to prevent biometric forgery and identity thefts. Cancelable biometrics and visual cryptography are two recent technologies introduced to address the concerns regarding privacy of biometric data, and to improve public confidence and acceptance of biometric systems. Cancelable biometrics is an important technique that allows generation of revocable biometric templates. As the number of biometric instances are limited and once compromised they are lost forever. Cancelable biometrics allows templates to be cancelled and revoked like passwords innumerable times. Recently, various approaches that utilize visual cryptography to secure the stored template and impart privacy to the central databases have been introduced. This work attempts to summarize the existing approaches in literature making use of these two technologies to protect biometric templates.     

Face Templates Encryption Technique Based on Random Projection and Deep Learning

Cancellable biometrics is the solution for the trade-off between two concepts: Biometrics for Security and Security for Biometrics. The cancelable template is stored in the authentication system’s database rather than the original biometric data. In case of the database is compromised, it is easy for the template to be canceled and regenerated from the same biometric data. Recoverability of the cancelable template comes from the diversity of the cancelable transformation parameters (cancelable key). Therefore, the cancelable key must be secret to be used in the system authentication process as a second authentication factor in conjunction with the biometric data. The main contribution of this paper is to tackle the risks of stolen/lost/shared cancelable keys by using biometric trait (in different feature domains) as the only authentication factor, in addition to achieving good performance with high security. The standard Generative Adversarial Network (GAN) is proposed as an encryption tool that needs the cancelable key during the training phase, and the testing phase depends only on the biometric trait. Additionally, random projection transformation is employed to increase the proposed system’s security and performance. The proposed transformation system is tested using the standard ORL face database, and the experiments are done by applying different features domains. Moreover, a security analysis for the proposed transformation system is presented.     

Generating cancelable fingerprint templates

Biometrics-based authentication systems offer obvious usability advantages over traditional password and token-based authentication schemes. However, biometrics raises several privacy concerns. A biometric is permanently associated with a user and cannot be changed. Hence, if a biometric identifier is compromised, it is lost forever and possibly for every application where the biometric is used. Moreover, if the same biometric is used in multiple applications, a user can potentially be tracked from one application to the next by cross-matching biometric databases. In this paper, we demonstrate several methods to generate multiple cancelable identifiers from fingerprint images to overcome these problems. In essence, a user can be given as many biometric identifiers as needed by issuing a new transformation "key". The identifiers can be cancelled and replaced when compromised. We empirically compare the performance of several algorithms such as Cartesian, polar, and surface folding transformations of the minutiae positions. It is demonstrated through multiple experiments that we can achieve revocability and prevent cross-matching of biometric databases. It is also shown that the transforms are noninvertible by demonstrating that it is computationally as hard to recover the original biometric identifier from a transformed version as by randomly guessing. Based on these empirical results and a theoretical analysis we conclude that feature-level cancelable biometric construction is practicable in large biometric deployments     

ECB4CI: an enhanced cancelable biometric system for securing critical infrastructures

Physical access control is an indispensable component of a critical infrastructure. Traditional password-based methods for access control used in the critical infrastructure security systems have limitations. With the advance of new biometric recognition technologies, security control for critical infrastructures can be improved by the use of biometrics. In this paper, we propose an enhanced cancelable biometric system, which contains two layers, a core layer and an expendable layer, to provide reliable access control for critical infrastructures. The core layer applies random projection-based non-invertible transformation to the fingerprint feature set, so as to provide template protection and revocability. The expendable layer is used to protect the transformation key, which is the main weakness contributing to attacks via record multiplicity. This improvement enhances the overall system security, and undoubtedly, this extra security is an advantage over the existing cancelable biometric systems.     

PalmPhasor算法性能的理论分析

模板的安全性和隐私性是掌纹系统实际应用的关键问题,然而生物特征保护的多项指标通常相互冲突并且难以同时满足.作为解决上述冲突的一种可撤销掌纹编码算法,PalmPhasor实现了高效、安全的掌纹认证.建立了系统分析PalmPhasor性能的完整框架.为了便于具体分析,将情景分为4种情况,并且提供了支持相应分析的预备知识,包括辅助定理以及Gabor滤波掌纹图像实部和虚部分布特性.在统计学基础上建立的理论分析和实验结果均表明:即使在用户口令被盗的情况下,多方向分数级融合增强的PalmPhasor算法也可以同时有效地满足可撤销生物特征的4项指标.     

An effective biometric cryptosystem combining fingerprints with error correction codes

With the emergence and popularity of identity verification means by biometrics, the biometric system which can assure security and privacy has received more and more concentration from both the research and industry communities. In the field of secure biometric authentication, one branch is to combine the biometrics and cryptography. Among all the solutions in this branch, fuzzy commitment scheme is a pioneer and effective security primitive. In this paper, we propose a novel binary length-fixed feature generation method of fingerprint. The alignment procedure, which is thought as a difficult task in the encrypted domain, is avoided in the proposed method due to the employment of minutiae triplets. Using the generated binary feature as input and based on fuzzy commitment scheme, we construct the biometric cryptosystems by combining various of error correction codes, including BCH code, a concatenated code of BCH code and Reed-Solomon code, and LDPC code. Experiments conducted on three fingerprint databases, including one in-house and two public domain, demonstrate that the proposed binary feature generation method is effective and promising, and the biometric cryptosystem constructed by the feature outperforms most of the existing biometric cryptosystems in terms of ZeroFAR and security strength. For instance, in the whole FVC2002 DB2, a 4.58% ZeroFAR is achieved by the proposed biometric cryptosystem with the security strength 48 bits.     

Cancelable biometrics realization with multispace random projections.

Biometric characteristics cannot be changed; therefore, the loss of privacy is permanent if they are ever compromised. This paper presents a two-factor cancelable formulation, where the biometric data are distorted in a revocable but non-reversible manner by first transforming the raw biometric data into a fixed-length feature vector and then projecting the feature vector onto a sequence of random subspaces that were derived from a user-specific pseudorandom number (PRN). This process is revocable and makes replacing biometrics as easy as replacing PRNs. The formulation has been verified under a number of scenarios (normal, stolen PRN, and compromised biometrics scenarios) using 2400 Facial Recognition Technology face images. The diversity property is also examined.     

生物特征数据安全保护技术的发展

生物特征识别相对于传统的身份识别更安全和便捷.随着生物特征识别系统的广泛应用,生物特征数据的安全性和隐私性日益得到重视.生物特征数据的安全保护技术,主要包括生物特征加密(Biometric Salting)、生物特征密钥生成(Biometric Key Generation)、Fuzzy Schemes等几大类.通过重点分析这几类方法中的具有代表性的算法,来讨论生物特征数据的安全保护技术的研究及其发展,并进一步指出进行生物特征安全保护技术理论与应用研究的发展方向.     

Secure-OSCAR中基于PKI的生物身份认证的设计

个体的生物特征的唯一性和“不可伪造性”使得它很适合于身份认证。生物信息本来是不保密的,所以不能象使用口令一样来使用它,否则将不能提高反而会降低系统的安全性。公钥机制(PKI)也被广泛应用于用户身份认证中,但它是基于私钥的安全性的,不可避免地存在冒用私钥的威胁。论文提出一个结合生物技术与PKI技术的认证方式的设计,具体描述了它在Secure-OSCAR中的实现。     

Privacy Preserving Biometric Authentication on the blockchain for smart healthcare

Privacy Preserving Biometric Authentication (PPBA) schemes are designed for anonymous authentication of patients to protect patient’s privacy in accessing healthcare services. Recently, blockchain technology in healthcare has emerged as a new research area to provide tamper-resistance and non-repudiation in e-health systems. One aspect of this research could lead to blockchain-based secure biometric identification for smart healthcare, which may face the paradox of anonymous biometric authentication on public blockchains. In this paper, we describe an efficient, fully anonymous and GDPR-compliant PPBA protocol built into the blockchain of any privacy coin such as Monero. The new protocol provides encrypted offline storage and processing in the encrypted domain. The infrastructure necessary for the online authentication is outsourced to the public blockchain that provides integrity of its data. In addition to auditing capabilities for misbehaving entities, the new system reduces the number of transactions necessary for authentication and enables revocation of biometric identities. We provide new PPBA schemes both for set difference/overlap and Euclidean distance metrics without using bilinear pairings, where the former leads to an efficient solution to the compatibility for organ transplant. We limit the generation of encrypted templates for public testing even if biometric/health data is of low min-entropy. Due to the anonymity of the cryptocurrency, we break the link between the stealth address of an authenticating user and its biometrics. We describe the user and identity privacy notions independent of the underlying privacy coin and guarantee the security of our proposal in the framework of those generic notions. Finally, we simulate the new proposal on Monero blockchain and analyze the transaction fees required for hill climbing attacks. The results show that our design leads to a natural hindrance against these attacks that could be successful even if the templates are stored as encrypted. To the best of our knowledge, this is the first efficient blockchain-based PPBA scheme that exhibits a punishment against hill climbing attacks through transaction fees.     

An introduction evaluating biometric systems

On the basis of media hype alone, you might conclude that biometric passwords will soon replace their alphanumeric counterparts with versions that cannot be stolen, forgotten, lost, or given to another person. But what if the actual performance of these systems falls short of the estimates? The authors designed this article to provide sufficient information to know what questions to ask when evaluating a biometric system, and to assist in determining whether performance levels meet the requirements of an application. For example, a low-performance biometric is probably sufficient for reducing-as opposed to eliminating-fraud. Likewise, completely replacing an existing security system with a biometric-based one may require a high-performance biometric system, or the required performance may be beyond what current technology can provide. Of the biometrics that give the user some control over data acquisition, voice, face, and fingerprint systems have undergone the most study and testing-and therefore occupy the bulk of this discussion. This article also covers the tools and techniques of biometric testing     

Overview of the combination of biometric matchers

Biometric identity verification refers to technologies used to measure human physical or behavioral characteristics, which offer a radical alternative to passports, ID cards, driving licenses or PIN numbers in authentication. Since biometric systems present several limitations in terms of accuracy, universality, distinctiveness, acceptability, methods for combining biometric matchers have attracted increasing attention of researchers with the aim of improving the ability of systems to handle poor quality and incomplete data, achieving scalability to manage huge databases of users, ensuring interoperability, and protecting user privacy against attacks. The combination of biometric systems, also known as “biometric fusion”, can be classified into unimodal biometric if it is based on a single biometric trait and multimodal biometric if it uses several biometric traits for person authentication.The main goal of this study is to analyze different techniques of information fusion applied in the biometric field. This paper overviews several systems and architectures related to the combination of biometric systems, both unimodal and multimodal, classifying them according to a given taxonomy. Moreover, we deal with the problem of biometric system evaluation, discussing both performance indicators and existing benchmarks.As a case study about the combination of biometric matchers, we present an experimental comparison of many different approaches of fusion of matchers at score level, carried out on three very different benchmark databases of scores. Our experiments show that the most valuable performance is obtained by mixed approaches, based on the fusion of scores. The source code of all the method implemented for this research is freely available for future comparisons¹.After a detailed analysis of pros and cons of several existing approaches for the combination of biometric matchers and after an experimental evaluation of some of them, we draw our conclusion and suggest some future directions of research, hoping that this work could be a useful start point for newer research.     

Evaluation of a template protection approach to integrate fingerprint biometrics in a PIN-based payment infrastructure

Biometric authentication has a great potential to improve the security, reduce cost, and enhance the customer convenience of payment systems. Despite these benefits, biometric authentication has not yet been adopted by large-scale point-of-sale and automated teller machine systems. This paper aims at providing a better understanding of the benefits and limitations associated with the integration of biometrics in a PIN-based payment authentication system. Based on a review of the market drivers and deployment hurdles, a method is proposed in which biometrics can be seamlessly integrated in a PIN-based authentication infrastructure. By binding a fixed binary, renewable string to a noisy biometric sample, the data privacy and interoperability between issuing and acquiring banks can improve considerably compared to conventional biometric approaches. The biometric system security, cost aspects, and customer convenience are subsequently compared to PIN by means of simulations using fingerprints. The results indicate that the biometric authentication performance is not negatively influenced by the incorporation of key binding and release processes, and that the security expressed as guessing entropy of the biometric key is virtually identical to the current PIN. The data also suggest that for the fingerprint database under test, the claimed benefits for cost reduction, improved security and customer convenience do not convincingly materialize when compared to PIN. This result can in part explain why large-scale biometric payment systems are virtually non-existent in Europe and the United States, and suggests that other biometric modalities than fingerprints may be more appropriate for payment systems.     

Model for adaptable context-based biometric authentication for mobile devices

It becomes possible to take advantage of seamless biometric authentication on mobile devices due to increasing quality and quantity of built-in sensors, increasing processing power of the devices, and wireless connectivity. However, practical effectiveness of the biometric authentication application depends on user’s environment conditions that can decrease the accuracy of biometrics recognition or make the acquisition process undesirable for mobile user in a given moment, i.e., effectiveness depends on usage context. In this paper, context-based biometric authentication model for mobile devices is proposed. It enables determining the most accurate authentication method at the moment along with the most accurate form of interacting with a user w.r.t. authentication process. The generic model designed and verified with proof-of-concept implementation constitutes a foundation for building further adaptable and extensible multi-factor context-dependent systems for mobile authentication.