Cryptanalysis of the Fuzzy Vault for Fingerprints: Vulnerabilities and Countermeasures

The fuzzy fingerprint vault is a popular approach to protect a fingerprint's minutiae as a building block of a security application. In this thesis simulations of several attack scenarios are conducted against implementations of the fuzzy fingerprint vault from the literature. Our investigations clearly confirm that the weakest link in the fuzzy fingerprint vault is its high vulnerability to false-accept attacks. Therefore, multi-finger or even multi-biometric cryptosystems should be conceived. But there remains a risk that cannot be resolved by using more biometric information of an individual if features are protected using a traditional fuzzy vault construction: The correlation attack remains a weakness of such constructions. It is known that quantizing minutiae to a rigid system while filling the whole space with chaff makes correlation obsolete. Based on this approach, we propose an implementation. If parameters were adopted from a traditional fuzzy fingerprint vault implementation, we would experience a significant loss in authentication performance. Therefore, we perform a training to determine reasonable parameters for our implementation. Furthermore, to make authentication practical, the decoding procedure is proposed to be randomized. By running a performance evaluation on a dataset generally used, we find that achieving resistance against the correlation attack does not have to be at the cost of authentication performance. Finally, we conclude that fuzzy vault remains a possible construction for helping in solving the challenging task of implementing a cryptographically secure multi-biometric cryptosystem in future.

[1]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[2]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[3]  H. Feistel Cryptography and Computer Privacy , 1973 .

[4]  Venkatesan Guruswami,et al.  Improved decoding of Reed-Solomon and algebraic-geometric codes , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[5]  Madhu Sudan,et al.  Maximum-likelihood decoding of Reed-Solomon codes is NP-hard , 1996, IEEE Transactions on Information Theory.

[6]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[7]  Joachim von zur Gathen,et al.  Modern Computer Algebra , 1998 .

[8]  Bhagavatula Vijaya Kumar,et al.  Biometric Encryption using image processing , 1998, Electronic Imaging.

[9]  Neal Zierler,et al.  Two-Error Correcting Bose-Chaudhuri Codes are Quasi-Perfect , 1960, Inf. Control..

[10]  Thomas Hotz,et al.  Modelling and analysing orientation fields of fingerprints , 2007 .

[11]  Donald Ervin Knuth,et al.  The Art of Computer Programming, Volume II: Seminumerical Algorithms , 1970 .

[12]  Amos Gilat,et al.  Matlab, An Introduction With Applications , 2003 .

[13]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[14]  Ee-Chien Chang,et al.  Finding the original point set hidden among chaff , 2006, ASIACCS '06.

[15]  Xudong Jiang,et al.  Fingerprint minutiae matching based on the local and global structures , 2000, Proceedings 15th International Conference on Pattern Recognition. ICPR-2000.

[16]  Pavel Krsek,et al.  The Trimmed Iterative Closest Point algorithm , 2002, Object recognition supported by user interaction for service robots.

[17]  Peng Li,et al.  An alignment-free fingerprint cryptosystem based on fuzzy vault scheme , 2010, J. Netw. Comput. Appl..

[18]  R. Roth,et al.  Efficient decoding of Reed-Solomon codes beyond half the minimum distance , 1998, Proceedings. 1998 IEEE International Symposium on Information Theory (Cat. No.98CH36252).

[19]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[20]  Akio Tojo,et al.  Fingerprint pattern classification , 1984, Pattern Recognit..

[21]  Dwijendra K. Ray-Chaudhuri,et al.  Binary mixture flow with free energy lattice Boltzmann methods , 2022, arXiv.org.

[22]  R. McEliece The Guruswami-Sudan Decoding Algorithm for Reed-Solomon Codes , 2003 .

[23]  Ann Cavoukian,et al.  Encryption, Biometric , 2009, Encyclopedia of Biometrics.

[24]  Sabih H. Gerez,et al.  Segmentation of Fingerprint Images , 2001 .

[25]  Juan J. Igarza,et al.  MCYT baseline corpus: a bimodal biometric database , 2003 .

[26]  Alexander Vardy,et al.  Algebraic soft-decision decoding of Reed-Solomon codes , 2003, IEEE Trans. Inf. Theory.

[27]  T.E. Boult,et al.  Cracking Fuzzy Vaults and Biometric Encryption , 2007, 2007 Biometrics Symposium.

[28]  Sang Wook Lee,et al.  ICP Registration Using Invariant Features , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[29]  E. S. Pearson,et al.  THE USE OF CONFIDENCE OR FIDUCIAL LIMITS ILLUSTRATED IN THE CASE OF THE BINOMIAL , 1934 .

[30]  Shuhong Gao,et al.  Computing Roots of Polynomials over Function Fields of Curves , 1999 .

[31]  R. K. Shyamasundar,et al.  Introduction to algorithms , 1996 .

[32]  Carsten Gottschlich,et al.  Fingerprint Growth Prediction, Image Preprocessing and Multi-level Judgment Aggregation , 2011 .

[33]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[34]  Vutipong Areekul,et al.  A new reference point for fingerprint recognition , 2000, Proceedings 2000 International Conference on Image Processing (Cat. No.00CH37101).

[35]  John Daugman,et al.  How iris recognition works , 2002, IEEE Transactions on Circuits and Systems for Video Technology.

[36]  Heinrich Ihmor,et al.  Performance of the Fuzzy Vault for Multiple Fingerprints , 2010, BIOSIG.

[37]  Anil K. Jain,et al.  Securing fingerprint template: Fuzzy vault with minutiae descriptors , 2008, 2008 19th International Conference on Pattern Recognition.

[38]  Qiang Tang,et al.  Extended Private Information Retrieval and Its Application in Biometrics Authentications , 2007, CANS.

[39]  Anil K. Jain,et al.  Fingerprint Quality Indices for Predicting Authentication Performance , 2005, AVBPA.

[40]  Sharath Pankanti,et al.  Fuzzy Vault for Fingerprints , 2005, AVBPA.

[41]  T. Kamei,et al.  Image filter design for fingerprint enhancement , 1995, Proceedings of International Symposium on Computer Vision - ISCV.

[42]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[43]  Anil K. Jain,et al.  Fingerprint Image Enhancement: Algorithm and Performance Evaluation , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[44]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[45]  Peter Trifonov Efficient Interpolation in the Guruswami–Sudan Algorithm , 2010, IEEE Transactions on Information Theory.

[46]  Szu-Lin Su,et al.  Decoding the (23, 12, 7) Golay Code Using a Low-Complexity Scheme , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[47]  Elwyn R. Berlekamp,et al.  On the inherent intractability of certain coding problems (Corresp.) , 1978, IEEE Trans. Inf. Theory.

[48]  Peng Li,et al.  Security-Enhanced Fuzzy Fingerprint Vault Based on Minutiae's Local Ridge Information , 2009, ICB.

[49]  R. Blahut Algebraic Codes for Data Transmission , 2002 .

[50]  Anil K. Jain,et al.  Fingerprint Classification Using Orientation Field Flow Curves , 2004, ICVGIP.

[51]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[52]  Barry G. Sherlock,et al.  A model for interpreting fingerprint topology , 1993, Pattern Recognit..

[53]  Sharath Pankanti,et al.  Fingerprint-Based Fuzzy Vault: Implementation and Performance , 2007, IEEE Transactions on Information Forensics and Security.

[54]  Robert B. Fisher,et al.  Estimating 3-D rigid body transformations: a comparison of four major algorithms , 1997, Machine Vision and Applications.

[55]  Pauli Kuosmanen,et al.  Fingerprint Matching Using an Orientation-Based Minutia Descriptor , 2003, IEEE Trans. Pattern Anal. Mach. Intell..

[56]  J. Jeffers,et al.  Fingerprint Alignment for A Minutiae-Based Fuzzy Vault , 2007, 2007 Biometrics Symposium.

[57]  Ingrid Verbauwhede,et al.  Automatic secure fingerprint verification system based on fuzzy vault scheme , 2005, Proceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005..

[58]  Nadia Heninger,et al.  Ideal forms of Coppersmith's theorem and Guruswami-Sudan list decoding , 2010, Adv. Math. Commun..

[59]  Phong Q. Nguyen,et al.  Noisy Polynomial Interpolation and Noisy Chinese Remaindering , 2000, EUROCRYPT.

[60]  J A Hanley,et al.  If nothing goes wrong, is everything all right? Interpreting zero numerators. , 1983, JAMA.

[61]  Qiang Tang,et al.  An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication , 2007, ACISP.

[62]  Madhu Sudan,et al.  Decoding of Reed Solomon Codes beyond the Error-Correction Bound , 1997, J. Complex..

[63]  Elwyn R. Berlekamp,et al.  Non-binary BCH decoding , 1966 .

[64]  Andrew P. Witkin,et al.  Analyzing Oriented Patterns , 1985, IJCAI.

[65]  Axel Munk,et al.  Robust Orientation Field Estimation and Extrapolation Using Semilocal Line Sensors , 2009, IEEE Transactions on Information Forensics and Security.

[66]  Heinrich Ihmor,et al.  Provable Security for the Fuzzy Fingerprint Vault , 2010, 2010 Fifth International Conference on Internet Monitoring and Protection.

[67]  Nalini K. Ratha,et al.  Robust fingerprint authentication using local structural similarity , 2000, Proceedings Fifth IEEE Workshop on Applications of Computer Vision.

[68]  Kathy J. Horadam,et al.  Fuzzy Extractors for Minutiae-Based Fingerprint Authentication , 2007, ICB.

[69]  B. Jovanovic,et al.  A Look at the Rule of Three , 1997 .

[70]  Aggelos Kiayias,et al.  Cryptographic Hardness Based on the Decoding of Reed-Solomon Codes , 2008, IEEE Trans. Inf. Theory.

[71]  Ching Y. Suen,et al.  A fast parallel algorithm for thinning digital patterns , 1984, CACM.

[72]  Victor Shoup,et al.  A computational introduction to number theory and algebra , 2005 .

[73]  Bhagavatula Vijaya Kumar,et al.  Biometric Encryption: enrollment and verification procedures , 1998, Defense + Commercial Sensing.

[74]  Irina Adjudeanu,et al.  Codes correcteurs d'erreurs LDPC structurés , 2010 .

[75]  Anil K. Jain,et al.  Securing Fingerprint Template: Fuzzy Vault with Helper Data , 2006, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06).

[76]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[77]  Shuhong Gao,et al.  A New Algorithm for Decoding Reed-Solomon Codes , 2003 .

[78]  Anil K. Jain,et al.  On-line fingerprint verification , 1996, Proceedings of 13th International Conference on Pattern Recognition.

[79]  Raymond N. J. Veldhuis,et al.  Preventing the Decodability Attack Based Cross-Matching in a Fuzzy Commitment Scheme , 2011, IEEE Transactions on Information Forensics and Security.

[80]  Christos H. Papadimitriou,et al.  Computational complexity , 1993 .

[81]  Ron M. Roth,et al.  Introduction to Coding Theory , 2019, Discrete Mathematics.

[82]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[83]  J. Buchmann Einführung in die Kryptographie , 1999 .

[84]  Axel Munk,et al.  Global Models for the Orientation Field of Fingerprints: An Approach Based on Quadratic Differentials , 2008, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[85]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[86]  R. C. Bose,et al.  A Note on a Result in the Theory of Code Construction , 1959, Inf. Control..

[87]  T. Charles Clancy,et al.  Secure smartcardbased fingerprint authentication , 2003, WBMA '03.

[88]  Alexander Vardy,et al.  A complexity reducing transformation in algebraic list decoding of Reed-Solomon codes , 2003, Proceedings 2003 IEEE Information Theory Workshop (Cat. No.03EX674).

[89]  Arun Ross,et al.  Handbook of Biometrics , 2007 .

[90]  Helmut Hasse Theorie der höheren Differentiale in einem algebraischen Funktionenkörper mit vollkommenem Konstantenkörper bei beliebiger Charakteristik. , 1936 .

[91]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[92]  Anil K. Jain,et al.  FVC2002: Second Fingerprint Verification Competition , 2002, Object recognition supported by user interaction for service robots.

[93]  Neyire Deniz Sarier Biometric cryptosystems: authentication, encryption and signature for biometric identities , 2011 .

[94]  Krzysztof Mieloch Hierarchically linked extended features for fingerprint processing , 2009 .

[95]  Bjarne Stroustrup,et al.  The C++ Programming Language: Special Edition , 2000 .

[96]  M. Alekhnovich Linear Diophantine equations over polynomials and soft decoding of Reed-Solomon codes , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[97]  Anil K. Jain,et al.  Hardening Fingerprint Fuzzy Vault Using Password , 2007, ICB.

[98]  Axel Munk,et al.  The Fuzzy Vault for Fingerprints is Vulnerable to Brute Force Attack , 2007, BIOSIG.

[99]  Anil K. Jain,et al.  Adaptive flow orientation-based feature extraction in fingerprint images , 1995, Pattern Recognit..

[100]  Berrin A. Yanikoglu,et al.  Realization of correlation attack against the fuzzy vault scheme , 2008, Electronic Imaging.

[101]  Paul J. Besl,et al.  A Method for Registration of 3-D Shapes , 1992, IEEE Trans. Pattern Anal. Mach. Intell..

[102]  Peng Li,et al.  Topological structure-based alignment for fingerprint Fuzzy Vault , 2008, 2008 19th International Conference on Pattern Recognition.

[103]  Jianjiang Feng,et al.  Combining minutiae descriptors for fingerprint matching , 2008, Pattern Recognit..

[104]  Sabih H. Gerez,et al.  An Intrinsic Coordinate System for Fingerprint Matching , 2001, AVBPA.

[105]  Elwyn R. Berlekamp,et al.  Algebraic coding theory , 1984, McGraw-Hill series in systems science.

[106]  James L. Massey,et al.  Shift-register synthesis and BCH decoding , 1969, IEEE Trans. Inf. Theory.

[107]  Anil K. Jain,et al.  A hybrid biometric cryptosystem for securing fingerprint minutiae templates , 2010, Pattern Recognit. Lett..

[108]  Robert T. Chien,et al.  Cyclic decoding procedures for Bose- Chaudhuri-Hocquenghem codes , 1964, IEEE Trans. Inf. Theory.

[109]  Anil K. Jain,et al.  Multibiometric systems: fusion strategies and template security , 2008 .

[110]  Albert Levi,et al.  Secret sharing using biometric traits , 2006, SPIE Defense + Commercial Sensing.