Bio-PUF-MAC authenticated encryption for iris biometrics

Biometrics is one of the ways for human authentication. Fabrication of biometrics by intruders, limits the accuracy of authentication. The user-specific keys (ie,) pseudo-random numbers give more security for biometric template protection and increase the accuracy of authentication also. The user-specific token or keys can also be fabricated by intruders by any of the prediction methods. To avoid the creation of fake biometric and fake user-specific keys, a device-specific Physical Unclonable Function (PUF) is proposed. In this article, iris authentication is provided by unclonable PUF-based true random numbers to enhance the unique authentication. Nonreversible Message Authentication Codes (MAC) are developed using PUF and Discrete Wavelet Transform features of iris biometrics. Systematically, MAC codes also created with, encryption algorithm. Encryption is additionally providing confidentiality in the individual iris. Experiments are done with CUHK Iris Image Dataset. Proposed Bio-PUF system has significant functional advantages in point of view of the unclonable pseudo-random number from PUF. Experimentally, Avalanche effect, entropy, NCPR, and UACI parameters are analyzed with PUF-based crypt functions. For 75% of matching with the Bio-PUF-MAC codes with enrolment, the accuracy for correct identification is 77.73%.     

On estimating performance indices for biometric identification

This paper investigates an information theoretic approach for formulating performance indices for the biometric authentication. Firstly, we formulate the constrained capacity, as a performance index for biometric authentication system for the finite number of users. Like Shannon capacity, constrained capacity is formulated using signal to noise ratio which is estimated from known statistics of users’ biometric information in the database. Constrained capacity of a user and of biometric system is fixed, given the database and the matching function. Experimental analysis using real palmprint and hand geometry images illustrates use of constrained capacity to estimate: (i) performance gains from the cohort information, (ii) the effective number of user-specific cohorts for a user and for the biometric system, (iii) information content of biometric features, and (iv) the performance of score level fusion rules for multimodal biometric system. Secondly, this paper investigates a rate-distortion framework for formulating false random correspondence probability as performance of a generic biometric. Our analysis concludes that constrained capacity can be a promising addition to performance of a biometric system. Similarly, individuality expressed as false random correspondence probability can be the performance index of a biometric trait.     

Online palmprint identification

Biometrics-based personal identification is regarded as an effective method for automatically recognizing, with a high confidence, a person's identity. This paper presents a new biometric approach to online personal identification using palmprint technology. In contrast to the existing methods, our online palmprint identification system employs low-resolution palmprint images to achieve effective personal identification. The system consists of two parts: a novel device for online palmprint image acquisition and an efficient algorithm for fast palmprint recognition. A robust image coordinate system is defined to facilitate image alignment for feature extraction. In addition, a 2D Gabor phase encoding scheme is proposed for palmprint feature extraction and representation. The experimental results demonstrate the feasibility of the proposed system.     

Palmprint feature extraction using 2-D Gabor filters

Biometric identification is an emerging technology that can solve security problems in our networked society. A few years ago, a new branch of biometric technology, palmprint authentication, was proposed (Pattern Recognition 32(4) (1999) 691) whereby lines and points are extracted from palms for personal identification. In this paper, we consider the palmprint as a piece of texture and apply texture-based feature extraction techniques to palmprint authentication. A 2-D Gabor filter is used to obtain texture information and two palmprint images are compared in terms of their hamming distance. The experimental results illustrate the effectiveness of our method.     

Implementation and evaluation of a remote authentication system using touchless palmprint recognition

When a cellular phone is lost or stolen, it may be used improperly or the personal information may be stolen from it by a malicious user. Biometric authentication such as palmprint recognition is the strongest of the personal authentication technologies designed to prevent such misuse. In biometric authentication, when compared with a local authentication model, a remote authentication model has several advantages such as direct authentication and authentication levels. Ito et al. proposed several palmprint recognition schemes using correspondence matching based on the phase-only correlation. However, these schemes require a palmprint image to be captured with the hand touching the dedicated device, while palmprint images must be captured without such physical contact when using cellular phones. Thus, these schemes cannot be applied to cellular phones since there are large positioning gaps and large differences in brightness and distortion between the images. Furthermore, they have not been implemented in cellular phones and their performances have not been evaluated either. In this paper, we adopt a remote authentication model from the two types of biometric authentication incorporating the above advantages and propose a remote system between a cellular phone and an authentication server. We implement the proposed system using two different types of Android terminal as the terminal on the user side. We also show the validity of the proposed system by examining and confirming the accuracy and processing time. We furthermore discuss the problem of an impersonation attack on the proposed system and consider solutions to this problem from the viewpoints of security and usability. Then, we adopt a palmprint recognition scheme as a biometric authentication scheme and, in particular, use a palmprint recognition algorithm that incorporates Yörük et al.’s preprocessing technique to Ito et al.’s and Iitsuka et al.’s schemes.     

主成分分析法在掌纹图像识别中的应用

掌纹识别技术是生物特征识别领域的又一新兴技术,在网络安全、身份鉴别等方面有广阔的应用前景。将主成分分析法应用于掌纹图像的特征提取,阐释了传统主成分分析与加权主成分分析在处理掌纹图像时的差异,并在不同数据库上对两种方法进行了实验,结果表明传统主成分分析比加权主成分分析有更高的识别率以及加权主成分分析能够削弱光照对识别结果的影响。     

Cancellable biometrics and annotations on BioHash

Lately, the once powerful one-factor authentication which is based solely on either password, token or biometric approach, appears to be insufficient in addressing the challenges of identity frauds. For example, the sole biometric approach suffers from the privacy invasion and non-revocable issues. Passwords and tokens are easily forgotten and lost. To address these issues, the notion of cancellable biometrics was introduced to denote biometric templates that can be cancelled and replaced with the inclusion of another independent authentication factor. BioHash is a form of cancellable biometrics which mixes a set of user-specific random vectors with biometric features. In verification setting, BioHash is able to deliver extremely low error rates as compared to the sole biometric approach when a genuine token is used. However, this raises the possibility of two identity theft scenarios: (i) stolen-biometrics, in which an impostor possesses intercepted biometric data of sufficient high quality to be considered genuine and (ii) stolen-token, in which an impostor has access to the genuine token and used by the impostor to claim as the genuine user. We found that the recognition rate for the latter case is poorer. In this paper, the quantised random projection ensemble based on the Johnson–Lindenstrauss Lemma is used to establish the mathematical foundation of BioHash. Based on this model, we elucidate the characteristics of BioHash in pattern recognition as well as security view points and propose new methods to rectify the stolen-token problem.     

生物特征识别综述*

对传统的身份鉴别手段和现代生物特征识别技术产生背景进行了综述,介绍目前典型的生物特征识别技术的原理和发展趋势,分析了实际应用中存在的优缺点,并探讨了基于个人生物特征融合的多生物特征识别技术和生物特征信息保护问题,强调了生物识别技术在身份认证领域的重要性。     

Active authentication for mobile devices utilising behaviour profiling

With nearly 6 billion subscribers around the world, mobile devices have become an indispensable component in modern society. The majority of these devices rely upon passwords and personal identification numbers as a form of user authentication, and the weakness of these point-of-entry techniques is widely documented. Active authentication is designed to overcome this problem by utilising biometric techniques to continuously assess user identity. This paper describes a feasibility study into a behaviour profiling technique that utilises historical application usage to verify mobile users in a continuous manner. By utilising a combination of a rule-based classifier, a dynamic profiling technique and a smoothing function, the best experimental result for a users overall application usage was an equal error rate of 9.8 %. Based upon this result, the paper proceeds to propose a novel behaviour profiling framework that enables a user’s identity to be verified through their application usage in a continuous and transparent manner. In order to balance the trade-off between security and usability, the framework is designed in a modular way that will not reject user access based upon a single application activity but a number of consecutive abnormal application usages. The proposed framework is then evaluated through simulation with results of 11.45 and 4.17 % for the false rejection rate and false acceptance rate, respectively. In comparison with point-of-entry-based approaches, behaviour profiling provides a significant improvement in both the security afforded to the device and user convenience.     

Online Palmprint Identification System for Civil Applications

In this paper, a novel biometric identification system is presented to identity a person's identity by his/her palmprint. In contrast to existing palmprint systems for criminal applications, the proposed system targets at the civil applications, which require identifying a person in a large database with high accuracy in real-time. The system is constituted by four major components: User Interface Module, Acquisition Module, Recognition Module and External Module. More than 7,000 palmprint images have been collected to test the performance of the system. The system can identify 400 palms with a low false acceptance rate, 0.02%, and a high genuine acceptance rate, 98.83%. For verification, the system can operate at a false acceptance rate, 0.017% and a false rejection rate, 0.86%. The execution time for the whole process including image collection, preprocessing, feature extraction and matching is less than 1 second.     

Selection of discriminative sub-regions for palmprint recognition

Palmprint recognition, as a reliable personal identification method, has received an increasing attention and became an area of intense research during recent years. In this paper, we propose a generic biometric system that can be adopted with or without contact depending on the capturing system to ensure public security based on palmprint identification. This system is based on a new global approach that focuses only on areas of the image having the most discriminating features for recognition. The presented new approach was evaluated experimentally on two large databases, namely,“CASIA-Palmprint” and “PolyU-Palmprint”; the results of this evaluation show promising results and demonstrate the effectiveness of the proposed approach.     

Automated flexion crease identification using internal image seams

Palmar flexion crease recognition is a palmprint identification method for verifying biometric identity. This paper proposes a method of automated flexion crease recognition that can be used to identify palmar flexion creases in online palmprint images. A modified image seams algorithm is used to extract the flexion creases, and a matching algorithm, based on kd-tree nearest neighbour searching, is used to calculate the similarity between them. Experimental results show that in 1000 images from 100 palms, when compared to manually identified flexion creases, a genuine acceptance rate of 100% can be achieved, with a false acceptance rate of 0.0045%.     

Three measures for secure palmprint identification

Most previous research in the area of personal authentication using the palmprint as a biometric trait has concentrated on enhancing accuracy yet resistance to attacks is also a centrally important feature of any biometric security system. In this paper, we address three relevant security issues: template re-issuances, also called cancellable biometrics,¹ replay attacks, and database attacks. We propose to use a random orientation filter bank (ROFB) as a feature extractor to generate noise-like feature codes, called Competitive Codes for templates re-issuances. Secret messages are hidden in templates to prevent replay and database attacks. This technique can be regarded as template watermarking. A series of analyses is provided to evaluate the security levels of the measures.     

生物认证系统设计研究

可靠的身份认证是保证信息系统安全的第一道防线,生物认证技术的出现为保护信息系统的安全提供了一种更可靠安全的方法。该文先分析一个通用生物认证系统结构参考模型,然后详细分析要设计一个完整的生物认证系统必须考虑的主要因素,并给出一个已经实现的生物认证系统设计实例。     

A review on performance,security and various biometric template protection schemes for biometric authentication systems

Identifying a person based on their behavioral and biological qualities in an automated manner is called biometrics. The authentication system substituting traditional password and token for authentication and relies gradually on biometric authentication methods for verification of the identity of an individual. This proves the fact that society has started depending on biometric-based authentication systems. Security of biometric authentication needs to be reviewed and discussed as there are multiple points related to integrity and public reception of biometric-based authentication systems. Security and recognition accuracy are the two most important aspects which must be considered while designing biometric authentication systems. During enrollment phase scanning of biometric data is done to determine a set of distinct biometric feature set known as biometric template. Protection of biometric templates from various hacking efforts is a topic of vital importance as unlike passwords or tokens, compromised biometric templates cannot be reissued. Therefore, giving powerful protection techniques for biometric templates and still at that very moment preparing great identification accuracy is a good research problem nowadays, as well as in the future. Furthermore, efficiency under non-ideal conditions is also supposed to be inadequate and thus needs special attention in the design of a biometric authentication system. Disclosure of various biometric traits in miscellaneous applications creates a severe compromise on the privacy of the user. Biometric authentication can be utilized for remote user authentication. In this case, the biometric data of users typically called templates are stored in a server. The uniqueness and stability of biometrics ended it useful over traditional authentication systems. But, a similar thing made the enduring harm of a user’s identity in biometric systems. The architecture of the biometric system leads to several hazards that lead to numerous security concerns and privacy threats. To address this issue, biometric templates are secured using several schemes that are categorized as biometric cryptosystems, cancelable biometrics, hybrid methods, Homomorphic Encryption, visual cryptography based methods. Biometric cryptosystems and cancelable biometrics techniques provide reliable biometric security at a great level. However, there persist numerous concerns and encounters that are being faced during the deployment of these protection technologies. This paper reviews and analyses various biometric template protection methods. This review paper also reflects the limitations of various biometric template protection methods being used in present times and highlights the scope of future work.

     

Robust palmprint verification using 2D and 3D features

This paper presents a new personal authentication system that simultaneously exploits 2D and 3D palmprint features. The objective of our work is to improve accuracy and robustness of existing palmprint authentication systems using 3D palmprint features. The proposed multilevel framework for personal authentication efficiently utilizes the robustness (against spoof attacks) of the 3D features and the high discriminating power of the 2D features. The developed system uses an active stereo technique, structured light, to simultaneously capture 3D image or range data and a registered intensity image of the palm. The surface curvature feature based method is investigated for 3D palmprint feature extraction while Gabor feature based competitive coding scheme is used for 2D representation. We comparatively analyze these representations for their individual performance and attempt to achieve performance improvement using the proposed multilevel matcher that utilizes fixed score level combination scheme to integrate information. Our experiments on a database of 108 subjects achieved significant improvement in performance with the integration of 3D features as compared to the case when 2D palmprint features alone are employed. We also present experimental results to demonstrate that the proposed biometric system is extremely difficult to circumvent, as compared to the currently proposed palmprint authentication approaches in the literature.     

A study on vulnerability and presentation attack detection in palmprint verification system

As biometric systems become ubiquitous in the domain of personal authentication, it is of utmost importance that these systems are secured against attacks. Among various types of attacks on biometric systems, the presentation attack, which involves presenting a fake copy (artefact) of the real biometric to the biometric sensor to gain illegitimate access, is the most common one. Despite the serious threat posed by these attacks, not much work has been done to address this vulnerability in palmprint-based biometric systems. This paper demonstrates the vulnerability of a palmprint verification system to presentation attacks and proposes a novel presentation attack detection (PAD) approach to discriminating between real biometric samples and artefacts. The proposed PAD approach is inspired by a work that established relationship between the surface reflectance and a set of statistical features extracted from the image. Specifically, statistical features computed from the distributions of pixel intensities, sub-band wavelet coefficients and the grey-level co-occurrence matrix form the original feature set, and CFS-based feature selection approach selects the most discriminating feature subset. A trained binary classifier utilizes the selected feature subset to determine whether the acquired image is of real hand or an artefact. For performance evaluation, an antispoofing database—PALMspoof has been developed. This database comprises left- and right-hand images of 104 subjects, and three kinds of artefacts generated from these images. In addition to PALMspoof database, the biometric system’s vulnerability has been assessed on display and print artefacts generated from two publicly available palmprint datasets. Our experimental results show that 1) the palmprint verification system is highly vulnerable with spoof acceptance of 84.56%; 2) the proposed PAD approach is effective against both print and display attacks, in both same-device and cross-device scenarios; and 3) the proposed approach for PAD provides an average improvement of 12.73 percentage points in classification error rate over local binary pattern (LBP)-based PAD approach.     

一种用于掌纹识别的线特征表示和匹配方法

作为一种较新的生物特征,掌纹可用来进行人的身份识别.在用于身份识别的诸多特征中,掌纹线,包括主线和皱褶,是最重要的特征之一.本文为掌纹识别提出一种有效的掌纹线特征的表示和匹配方法,该方法定义了一个矢量来表示一个掌纹上的线特征,该矢量称为线特征矢量(1ine feature vector,简称LFV).线特征矢量是用掌纹线上各点的梯度大小和方向来构造的.该矢量不但含有掌纹线的结构信息,而且还含有这些线的强度信息,因而,线特征矢量不但能区分具有不同线结构的掌纹,同时也能区分那些具有相似的线结构但各线强度分布不同的掌纹.在掌纹匹配阶段,用互相关系数来衡量不同线特征矢量的相似性.实验表明,LFV方法无论是在速度、精度,还是在存储量方面都能满足联机生物识别的要求.     

A Proposed Biometric Authentication Model to Improve Cloud Systems Security

Most user authentication mechanisms of cloud systems depend on the credentials approach in which a user submits his/her identity through a username and password. Unfortunately, this approach has many security problems because personal data can be stolen or recognized by hackers. This paper aims to present a cloud-based biometric authentication model (CBioAM) for improving and securing cloud services. The research study presents the verification and identification processes of the proposed cloud-based biometric authentication system (CBioAS), where the biometric samples of users are saved in database servers and the authentication process is implemented without loss of the users’ information. The paper presents the performance evaluation of the proposed model in terms of three main characteristics including accuracy, sensitivity, and specificity. The research study introduces a novel algorithm called “Bio_Authen_as_a_Service” for implementing and evaluating the proposed model. The proposed system performs the biometric authentication process securely and preserves the privacy of user information. The experimental result was highly promising for securing cloud services using the proposed model. The experiments showed encouraging results with a performance average of 93.94%, an accuracy average of 96.15%, a sensitivity average of 87.69%, and a specificity average of 97.99%.     

Dual-key-binding cancelable palmprint cryptosystem for palmprint protection and information security

Biometric cryptosystems and cancelable biometrics are both practical and promising schemes to enhance the security and privacy of biometric systems. Though a number of bio-crypto algorithms have been proposed, they have limited practical applicability because they lack of cancelability. Since biometrics are immutable, the users whose biometrics are stolen cannot use bio-crypto systems anymore. Cancelable biometric schemes are of cancelability; however, they are difficult to compromise the conflicts between the security and performance. By embedded a novel cancelable palmprint template, namely “two dimensional (2D) Palmprint Phasor”, the proposed palmprint cryptosystem overcomes the lack of cancelability in existing biometric cryptosystems. Besides, the authentication performance is enhanced when users have different tokens/keys. Furthermore, we develop a novel dual-key-binding cancelable palmprint cryptosystem to enhance the security and privacy of palmprint biometric. 2D Palmprint Phasor template is scrambled by the scrambling transformation based on the chaotic sequence that is generated by both the user's token/key and strong key extracted from palmprint. Dual-key-binding scrambling not only has more robustness to resist against chosen plain text attack, but also enhances the secure requirement of non-invertibility. 2D Palmprint Phasor algorithm and dual-key-binding scrambling both increase the difficulty of adversary's statistical analysis. The experimental results and security analysis confirm the efficiency of the proposed scheme.