State of the Art in Biometric Key Binding and Key Generation Schemes

Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents a review of previous works in biometric key binding and key generation schemes. The review focuses on key binding techniques such as biometric encryption, fuzzy commitment scheme, fuzzy vault and shielding function. Two categories of key generation schemes considered are private template and quantization schemes. The paper also discusses the modes of operations, strengths and weaknesses of various kinds of key-based template protection schemes. The goal is to provide the reader with a clear understanding of the current and emerging trends in key-based biometric cryptosystems.

[1]  Vir V. Phoha,et al.  Privacy-preserving population-enhanced biometric key generation from free-text keystroke dynamics , 2014, IEEE International Joint Conference on Biometrics.

[2]  Ali Miri,et al.  A collusion attack on the fuzzy vault scheme , 2009, ISC Int. J. Inf. Secur..

[3]  Jiying Zhao,et al.  A fuzzy vault implementation for securing revocable iris templates , 2011, 2011 IEEE International Systems Conference.

[4]  Wang Yao,et al.  A new fuzzy fingerprint vault using multivariable linear function based on Lorenz Chaotic System , 2012, 2012 IEEE International Conference on Computer Science and Automation Engineering (CSAE).

[5]  Kyung-Hyune Rhee,et al.  Fast non-random chaff point generator for fuzzy vault biometric cryptosystems , 2016, 2016 6th International Conference on System Engineering and Technology (ICSET).

[6]  Marek R. Ogiela,et al.  Usability of the Fuzzy Vault Scheme Applied to Predetermined Palm-Based Gestures as a Secure Behavioral Lock , 2015, 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC).

[7]  Jiankun Hu,et al.  A Delaunay Triangle-Based Fuzzy Extractor for Fingerprint Authentication , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[8]  N. Radha,et al.  Securing iris and fingerprint templates using fuzzy vault and symmetric algorithm , 2013, 2013 7th International Conference on Intelligent Systems and Control (ISCO).

[9]  Raymond N. J. Veldhuis,et al.  Preventing the Decodability Attack Based Cross-Matching in a Fuzzy Commitment Scheme , 2011, IEEE Transactions on Information Forensics and Security.

[10]  P. Karthigaikumar,et al.  Mixed random 128 bit key using finger print features and binding key for AES algorithm , 2014, 2014 International Conference on Contemporary Computing and Informatics (IC3I).

[11]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.

[12]  Ke Xiong,et al.  Is Fuzzy Vault Scheme Very Effective for Key Binding in Biometric Cryptosystems? , 2011, 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[13]  Anton H. M. Akkermans,et al.  Face biometrics with renewable templates , 2006, Electronic Imaging.

[14]  Mahmood Fathy,et al.  Alignment-free fingerprint cryptosystem based on multiple fuzzy vaults , 2015, 2015 The International Symposium on Artificial Intelligence and Signal Processing (AISP).

[15]  Manvjeet Kaur,et al.  Methods of automatic alignment of fingerprint in fuzzy vault: A review , 2014, 2014 Recent Advances in Engineering and Computational Sciences (RAECS).

[16]  Guanrong Chen Constructing a Simple Chaotic System with an Arbitrary Number of Equilibrium Points or an Arbitrary Number of Scrolls , 2013, NOSTRADAMUS.

[17]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[18]  Xiaoming Liu,et al.  On Continuous User Authentication via Typing Behavior , 2014, IEEE Transactions on Image Processing.

[19]  Claus Vielhauer,et al.  Reverse-engineer methods on a biometric hash algorithm for dynamic handwriting , 2010, MM&Sec '10.

[20]  Marina Blanton,et al.  Analysis of Reusability of Secure Sketches and Fuzzy Extractors , 2013, IEEE Transactions on Information Forensics and Security.

[21]  Christoph Busch,et al.  Measuring privacy and security of iris fuzzy commitment , 2012, 2012 IEEE International Carnahan Conference on Security Technology (ICCST).

[22]  D. B. Ojha,et al.  A FUZZY COMMITMENT SCHEME WITH MCELIECE'S CIPHER , 2010 .

[23]  Layth Sliman,et al.  Fingerprint fuzzy vault chaff point generation by squares method , 2015, 2015 7th International Conference of Soft Computing and Pattern Recognition (SoCPaR).

[24]  Andreas Uhl,et al.  Iris Biometrics: From Segmentation to Template Security , 2012 .

[25]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[26]  Akshya Swain,et al.  A dissection of fingerprint fuzzy vault schemes , 2012, IVCNZ '12.

[27]  Marek R. Ogiela,et al.  Image Based Crypto-biometric Key Generation , 2011, 2011 Third International Conference on Intelligent Networking and Collaborative Systems.

[28]  Bart Preneel,et al.  Privacy Weaknesses in Biometric Sketches , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[29]  Lahouari Ghouti,et al.  Biometric Cryptosystem with Renewable Templates , 2012 .

[30]  Sanjeev Sofat,et al.  Fingerprint fuzzy vault using hadamard transformation , 2015, 2015 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[31]  Aqeel-ur Rehman,et al.  Security and Privacy Issues in IoT , 2016, Int. J. Commun. Networks Inf. Secur..

[32]  Oleg Starostenko,et al.  Bimodal Biometric System for Cryptographic Key Generation Using Wavelet Transforms , 2009, 2009 Mexican International Conference on Computer Science.

[33]  Gengfa Fang,et al.  A comparison of key distribution schemes using fuzzy commitment and fuzzy vault within wireless body area networks , 2015, 2015 IEEE 26th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC).

[34]  Rachid Latif,et al.  Relay based thermal aware and mobility support routing protocol for wireless body sensor networks , 2016, Int. J. Commun. Networks Inf. Secur..

[35]  Jiankun Hu,et al.  An Energy Efficient Key Management Scheme for Body Sensor Networks , 2013, IEEE Transactions on Parallel and Distributed Systems.

[36]  Julien Bringer,et al.  Balancing is the key: Performing finger vein template protection using fuzzy commitment , 2015, 2015 International Conference on Information Systems Security and Privacy (ICISSP).

[37]  Dong Liu,et al.  Using biometric key commitments to prevent unauthorized lending of cryptographic credentials , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[38]  Arjan Kuijper,et al.  Quantifying privacy and security of biometric fuzzy commitment , 2011, 2011 International Joint Conference on Biometrics (IJCB).

[39]  Markus Ullmann,et al.  Improvement of Fuzzy Vault for Multiple Fingerprints with Angles , 2016, 2016 International Conference of the Biometrics Special Interest Group (BIOSIG).

[40]  N. Premasathian,et al.  A multiple fuzzy commitment scheme , 2013, 2013 International Conference on Computer Applications Technology (ICCAT).

[41]  Bojan Cukic,et al.  Leveraging Variations in Event Sequences in Keystroke-Dynamics Authentication Systems , 2014, 2014 IEEE 15th International Symposium on High-Assurance Systems Engineering.

[42]  Frans M. J. Willems,et al.  Information Leakage in Fuzzy Commitment Schemes , 2010, IEEE Transactions on Information Forensics and Security.

[43]  Ke Xiong,et al.  3D Fuzzy Vault Based on Palmprint , 2010, 2010 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery.

[44]  Venu Govindaraju,et al.  A multiple server scheme for fingerprint fuzzy vaults , 2015, 2015 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[45]  Renfa Li,et al.  A fingerprint fuzzy vault scheme using a fast chaff point generation algorithm , 2013, 2013 IEEE International Conference on Signal Processing, Communication and Computing (ICSPCC 2013).

[46]  Ahmed Shayer Andalib,et al.  A novel key generation scheme for biometric cryptosystems using fingerprint minutiae , 2013, 2013 International Conference on Informatics, Electronics and Vision (ICIEV).

[47]  A. Stoianov,et al.  Security issues of Biometric Encryption , 2009, 2009 IEEE Toronto International Conference Science and Technology for Humanity (TIC-STH).

[48]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[49]  Juan Liu,et al.  Probability of a unique crypto key generation based on finger's different images with two scanners , 2011, The First Asian Conference on Pattern Recognition.

[50]  Zhang Weidong,et al.  Key Binding Based on Biometric Shielding Functions , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[51]  Fang Enbo,et al.  Auto-aligned sharing fuzzy fingerprint vault , 2013, China Communications.

[52]  Andreas Uhl,et al.  Iris-Biometric Fuzzy Commitment Schemes under Image Compression , 2013, CIARP.

[53]  Marek R. Ogiela,et al.  Fuzzy Vault Schemes in Multi-secret Digital Steganography , 2015, 2015 10th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA).

[54]  Axel Munk,et al.  The Fuzzy Vault for Fingerprints is Vulnerable to Brute Force Attack , 2007, BIOSIG.

[55]  C. A. Murthy,et al.  Generation of new points for training set and feature-level fusion in multimodal biometric identification , 2013, Machine Vision and Applications.

[56]  Yongqiang Yang,et al.  Survey on Biometric Data Security and Chaotic Encryption Strategy with Bernoulli Mapping , 2014, 2014 International Conference on Medical Biometrics.

[57]  Daesung Moon,et al.  A practical implementation of fuzzy fingerprint vault for smart cards , 2014, J. Intell. Manuf..

[58]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[59]  Christoph Busch,et al.  Unlinkable improved multi-biometric iris fuzzy vault , 2016, EURASIP J. Inf. Secur..

[60]  Benjamin Tams,et al.  Unlinkable minutiae-based fuzzy vault for multiple fingerprints , 2016, IET Biom..

[61]  Raymond N. J. Veldhuis,et al.  Maximum Key Size and Classification Performance of Fuzzy Commitment for Gaussian Modeled Biometric Sources , 2012, IEEE Transactions on Information Forensics and Security.

[62]  Pei-wei Tsai,et al.  Interactive Artificial Bee Colony Supported Passive Continuous Authentication System , 2014, IEEE Systems Journal.

[63]  N. Radha,et al.  Cancellable multimodal biometric user authentication system with fuzzy vault , 2016, 2016 International Conference on Computer Communication and Informatics (ICCCI).

[64]  Pong C. Yuen,et al.  Binary Discriminant Analysis for Generating Binary Face Template , 2012, IEEE Transactions on Information Forensics and Security.

[65]  Sébastien Marcel,et al.  Image Quality Assessment for Fake Biometric Detection: Application to Iris, Fingerprint, and Face Recognition , 2014, IEEE Transactions on Image Processing.

[66]  Raymond N. J. Veldhuis,et al.  Practical Biometric Authentication with Template Protection , 2005, AVBPA.

[67]  Maya V. Karki,et al.  Fuzzy vault for fingerprint template security with error correcting codes , 2016, 2016 IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT).

[68]  V. Evelyn Brindha,et al.  Biometric template security using fuzzy vault , 2011, 2011 IEEE 15th International Symposium on Consumer Electronics (ISCE).

[69]  Siong Hoe Lau,et al.  Face Spoofing Detection Based on Improved Local Graph Structure , 2014, 2014 International Conference on Information Science & Applications (ICISA).

[70]  Karthik Nandakumar,et al.  A fingerprint cryptosystem based on minutiae phase spectrum , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[71]  Daesung Moon,et al.  Biometrics Information Protection Using Fuzzy Vault Scheme , 2012, 2012 Eighth International Conference on Signal Image Technology and Internet Based Systems.

[72]  Andreas Uhl,et al.  Iris-Biometric Fuzzy Commitment Schemes under Signal Degradation , 2012, ICISP.

[73]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[74]  Tom A. M. Kevenaar,et al.  Multi-modal and multi-instance fusion for biometric cryptosystems , 2012, 2012 BIOSIG - Proceedings of the International Conference of Biometrics Special Interest Group (BIOSIG).

[75]  Tran Khanh Dang,et al.  Cancellable fuzzy vault with periodic transformation for biometric template protection , 2016, IET Biom..

[76]  G. Padmavathi,et al.  Security Analysis of Hardened Retina Based Fuzzy Vault , 2009, 2009 International Conference on Advances in Recent Technologies in Communication and Computing.

[77]  S. K. Singh,et al.  Improved and innovative key generation algorithms for biometric cryptosystems , 2013, 2013 3rd IEEE International Advance Computing Conference (IACC).

[78]  Somsak Choto,et al.  A dynamic fuzzy commitment scheme using ARRSES forecasting , 2012, 2012 International Conference for Internet Technology and Secured Transactions.

[79]  Berk Gökberk,et al.  "3D Face": Biometric Template Protection for 3D Face Recognition , 2007, ICB.

[80]  Qiong Li,et al.  Improve the security of image robust hash using fuzzy commitment scheme , 2012, Neural Computing and Applications.

[81]  Axel Munk,et al.  Security Considerations in Minutiae-Based Fuzzy Vaults , 2015, IEEE Transactions on Information Forensics and Security.

[82]  Brent Waters,et al.  Reconstructing a fragmented face from a cryptographic identification protocol , 2013, 2013 IEEE Workshop on Applications of Computer Vision (WACV).

[83]  A. J. Han Vinck,et al.  Gaussian fuzzy commitment , 2014, 2014 International Symposium on Information Theory and its Applications.

[84]  Lifang Wu,et al.  A Face Based Fuzzy Vault Scheme for Secure Online Authentication , 2010, 2010 Second International Symposium on Data, Privacy, and E-Commerce.

[85]  Weiguo Sheng,et al.  A Biometric Key Generation Method Based on Semisupervised Data Clustering , 2015, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[86]  Sasa Adamovic,et al.  Fuzzy commitment scheme for generation of cryptographic keys based on iris biometrics , 2017, IET Biom..

[87]  Geetika,et al.  Multimodal based fuzzy vault using iris retina and fingervein , 2013, 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT).

[88]  C. Rathgeb,et al.  Statistical attack against fuzzy commitment scheme , 2012, IET Biom..

[89]  Nasir D. Memon,et al.  Protecting Biometric Templates With Sketch: Theory and Practice , 2007, IEEE Transactions on Information Forensics and Security.

[90]  Jorge Guajardo,et al.  Efficient strategies to play the indistinguishability game for fuzzy sketches , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[91]  Alawi A. Al-Saggaf,et al.  Crisp commitment scheme based on noisy channels , 2011, 2011 Saudi International Electronics, Communications and Photonics Conference (SIECPC).

[92]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[93]  Ross J. Anderson,et al.  Combining cryptography with biometrics effectively , 2005 .

[94]  Andreas Uhl,et al.  Statistical attack against iris-biometric fuzzy commitment schemes , 2011, CVPR 2011 WORKSHOPS.

[95]  Abdul Razaque,et al.  Multi-biometric system using Fuzzy Vault , 2016, 2016 IEEE International Conference on Electro Information Technology (EIT).

[96]  Andy Adler,et al.  Vulnerabilities in Biometric Encryption Systems , 2005, AVBPA.

[97]  Yajun Ha,et al.  Performance and security-enhanced fuzzy vault scheme based on ridge features for distorted fingerprints , 2015, IET Biom..

[98]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[99]  Somsak Choto,et al.  A dynamic fuzzy commitment scheme using multiple commitments , 2012, 2012 International Symposium on Communications and Information Technologies (ISCIT).

[100]  Eun-Jun Yoon,et al.  A biometric-based authenticated key agreement scheme using ECC for wireless sensor networks , 2014, SAC.

[101]  Bhagavatula Vijaya Kumar,et al.  Biometric Encryption: enrollment and verification procedures , 1998, Defense + Commercial Sensing.

[102]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[103]  Andreas Uhl,et al.  Secure Iris Recognition Based on Local Intensity Variations , 2010, ICIAR.

[104]  Takeshi Koshiba,et al.  Packed Homomorphic Encryption Based on Ideal Lattices and Its Application to Biometrics , 2013, CD-ARES Workshops.

[105]  Andreas Uhl,et al.  Reliability-balanced feature level fusion for fuzzy commitment scheme , 2011, 2011 International Joint Conference on Biometrics (IJCB).

[106]  Sharath Pankanti,et al.  Fingerprint-Based Fuzzy Vault: Implementation and Performance , 2007, IEEE Transactions on Information Forensics and Security.

[107]  Haiping Lu,et al.  Face recognition with biometric encryption for privacy-enhancing self-exclusion , 2009, 2009 16th International Conference on Digital Signal Processing.