Biometric Security from an Information-Theoretical Perspective

The issue of biometric security has become a major research area recently. While systems based on iris-recognition, DNA analysis and fingerprinting are being deployed, there are instances where these alone cannot provide fool-proof security. Biometric Security from an Information-Theoretical Perspective provides an overview of the state-of-the-art of biometric security systems. Using information theoretic techniques it discusses some of the most promising methods to provide practical, but safe, systems. Biometric Security from an Information-Theoretical Perspective studies a number of problems related to the design of biometric secrecy systems for both authentication and identification. First, it reviews the problem of secret sharing in order to set theoretical grounds for the subsequent discussion of secret-key rates and privacy leakage in biometric secrecy systems. Biometric authentication systems are discussed in depth using discrete and Gaussian biometric sources, before describing biometric identification techniques in detail. Since biometric data are typically used for both identification and authentication purposes, the trade-off between identification, secret-key and privacy-leakage rates are determined. Finally, practical considerations are treated. The realization of binary biometric authentication systems with chosen secret keys, called fuzzy commitment, is analyzed. The monograph concludes by investigating how binary quantization of biometric sequences influences the performance of biometric secrecy systems with respect to secret-key rates and privacy leakage. Biometric Security from an Information-Theoretical Perspective is an in-depth review of the topic, which gives the reader an excellent starting point for further research.

[1]  Stark C. Draper,et al.  Feature extraction for a Slepian-Wolf biometric system using LDPC codes , 2008, 2008 IEEE International Symposium on Information Theory.

[2]  F. Willems,et al.  Quantization effects in biometric systems , 2009, 2009 Information Theory and Applications Workshop.

[3]  Tanya Ignatenko,et al.  Secret-Key Rates and Privacy Leakage in Biometric Systems , 2007 .

[4]  Patrick P. Bergmans,et al.  A simple converse for broadcast channels with additive white Gaussian noise (Corresp.) , 1974, IEEE Trans. Inf. Theory.

[5]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[6]  Shlomo Shamai,et al.  A binary analog to the entropy-power inequality , 1990, IEEE Trans. Inf. Theory.

[7]  Raymond N. J. Veldhuis,et al.  Practical Biometric Authentication with Template Protection , 2005, AVBPA.

[8]  Bernadette Dorizzi,et al.  Biometrics at the frontiers, assessing the impact on Society Technical impact of Biometrics , 2005 .

[9]  Imre Csiszár,et al.  Secrecy capacities for multiple terminals , 2004, IEEE Transactions on Information Theory.

[10]  Van Nostrand,et al.  Error Bounds for Convolutional Codes and an Asymptotically Optimum Decoding Algorithm , 1967 .

[11]  Natalia A. Schmid,et al.  Large deviations performance analysis for biomet-rics recognition , 2002 .

[12]  R.N.J. Veldhuis,et al.  Multi-Bits Biometric String Generation based on the Likelihood Ratio , 2007, 2007 First IEEE International Conference on Biometrics: Theory, Applications, and Systems.

[13]  Pim Tuyls,et al.  Capacity and Examples of Template-Protecting Biometric Authentication Systems , 2004, ECCV Workshop BioAW.

[14]  Thomas M. Cover,et al.  A Proof of the Data Compression Theorem of Slepian and Wolf for Ergodic Sources , 1971 .

[15]  Robert G. Gallager,et al.  Low-density parity-check codes , 1962, IRE Trans. Inf. Theory.

[16]  Aaron D. Wyner,et al.  A theorem on the entropy of certain binary sequences and applications-I , 1973, IEEE Trans. Inf. Theory.

[17]  Rolf Johannesson,et al.  Fundamentals of Convolutional Coding , 1999 .

[18]  I. Csiszár,et al.  Common randomness and secret key generation with a helper , 1997, Proceedings of the 1999 IEEE Information Theory and Communications Workshop (Cat. No. 99EX253).

[19]  A. Rényi On Measures of Entropy and Information , 1961 .

[20]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[21]  Anil K. Jain,et al.  Biometric Systems: Technology, Design and Performance Evaluation , 2004 .

[22]  Reihaneh Safavi-Naini,et al.  Cancelable Key-Based Fingerprint Templates , 2005, ACISP.

[23]  Nalini K. Ratha,et al.  Generating Cancelable Fingerprint Templates , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[24]  Natalia A. Schmid,et al.  Performance prediction methodology for biometric systems using a large deviations approach , 2004, IEEE Transactions on Signal Processing.

[25]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 2002, International Journal of Information Security.

[26]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[27]  Yair Frankel,et al.  On the Relation of Error Correction and Cryptography to an Off Line Biometric Based Identification S , 1999 .

[28]  Siu-Wai Ho On the interplay between Shannon's information measures and reliability criteria , 2009, 2009 IEEE International Symposium on Information Theory.

[29]  Bruce Schneier,et al.  Inside risks: the uses and abuses of biometrics , 1999, CACM.

[30]  Fmj Frans Willems,et al.  Secret-key and identification rates for biometric identification systems with protected templates , 2010 .

[31]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[32]  Jacob Wolfowitz Coding Theorems of Information Theory , 1962 .

[33]  Aaron D. Wyner,et al.  A theorem on the entropy of certain binary sequences and applications-II , 1973, IEEE Trans. Inf. Theory.

[34]  Nasir D. Memon,et al.  Secure Sketch for Biometric Templates , 2006, ASIACRYPT.

[35]  R. Gallager Information Theory and Reliable Communication , 1968 .

[36]  Qi Li,et al.  Cryptographic key generation from voice , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[37]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[38]  Pieter H. Hartel,et al.  Controlling leakage of biometric information using dithering , 2008, 2008 16th European Signal Processing Conference.

[39]  Renato Renner,et al.  Smooth Renyi entropy and applications , 2004, International Symposium onInformation Theory, 2004. ISIT 2004. Proceedings..

[40]  Nasir D. Memon,et al.  How to protect biometric templates , 2007, Electronic Imaging.

[41]  Alessandro Neri,et al.  Adaptive and distributed cryptography for signature biometrics protection , 2007, Electronic Imaging.

[42]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[43]  Sharath Pankanti,et al.  Biometrics, Personal Identification in Networked Society: Personal Identification in Networked Society , 1998 .

[44]  John Daugman,et al.  High Confidence Visual Recognition of Persons by a Test of Statistical Independence , 1993, IEEE Trans. Pattern Anal. Mach. Intell..

[45]  Nasir D. Memon,et al.  Protecting Biometric Templates With Sketch: Theory and Practice , 2007, IEEE Transactions on Information Forensics and Security.

[46]  Ertem Tuncel Capacity/Storage Tradeoff in High-Dimensional Identification Systems , 2006, ISIT.

[47]  H. Vincent Poor,et al.  Privacy-security tradeoffs in reusable biometric security systems , 2010, 2010 IEEE International Conference on Acoustics, Speech and Signal Processing.

[48]  Rama Chellappa,et al.  Signal Processing for Biometric Systems [DSP Forum] , 2007 .

[49]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[50]  Giuseppe Longo,et al.  The information theory approach to communications , 1977 .

[51]  Alex Reznik,et al.  Extracting Secrecy from Jointly Gaussian Random Variables , 2006, 2006 IEEE International Symposium on Information Theory.

[52]  W. Cary Huffman,et al.  Fundamentals of Error-Correcting Codes , 1975 .

[53]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.

[54]  Ton Kalker,et al.  On the capacity of a biometrical identification system , 2003, IEEE International Symposium on Information Theory, 2003. Proceedings..

[55]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[56]  Sharath Pankanti,et al.  Biometric Recognition: Security and Privacy Concerns , 2003, IEEE Secur. Priv..

[57]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[58]  Alessandro Neri,et al.  Template protection for HMM-based on-line signature authentication , 2008, 2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops.

[59]  Frans M. J. Willems,et al.  Identification and secret-key generation in biometric systems with protected templates , 2010, MM&Sec '10.

[60]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[61]  W. Jonker,et al.  Binary Biometrics: An Analytic Framework to Estimate the Bit Error Probability under Gaussian Assumption , 2008, 2008 IEEE Second International Conference on Biometrics: Theory, Applications and Systems.

[62]  H. Vincent Poor,et al.  Secure lossless compression with side information , 2008, 2008 IEEE Information Theory Workshop.

[63]  Aaron D. Wyner,et al.  The rate-distortion function for source coding with side information at the decoder , 1976, IEEE Trans. Inf. Theory.

[64]  Anil K. Jain,et al.  Hardening Fingerprint Fuzzy Vault Using Password , 2007, ICB.

[65]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[66]  Stark C. Draper,et al.  Using Distributed Source Coding to Secure Fingerprint Biometrics , 2007, 2007 IEEE International Conference on Acoustics, Speech and Signal Processing - ICASSP '07.

[67]  Frans M. J. Willems,et al.  Achieving Secure Fuzzy Commitment Scheme for Optical PUFs , 2009, 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[68]  A. Glavieux,et al.  Near Shannon limit error-correcting coding and decoding: Turbo-codes. 1 , 1993, Proceedings of ICC '93 - IEEE International Conference on Communications.

[69]  Imre Csiszár,et al.  Information Theory - Coding Theorems for Discrete Memoryless Systems, Second Edition , 2011 .

[70]  Roger Clarke,et al.  Human Identification in Information Systems , 1994 .

[71]  Anton H. M. Akkermans,et al.  Face recognition with renewable and privacy preserving binary templates , 2005, Fourth IEEE Workshop on Automatic Identification Advanced Technologies (AutoID'05).

[72]  Sergio Verdú,et al.  A general formula for channel capacity , 1994, IEEE Trans. Inf. Theory.

[73]  V. Prabhakaran,et al.  On Secure Distributed Source Coding , 2007, 2007 IEEE Information Theory Workshop.

[74]  Frans M. J. Willems,et al.  Fundamental limits for biometric identification with a database containing protected templates , 2010, 2010 International Symposium On Information Theory & Its Applications.

[75]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[76]  Adam D. Smith,et al.  Maintaining secrecy when information leakage is unavoidable , 2004 .

[77]  Sergio Verdú,et al.  A simple proof of the entropy-power inequality , 2006, IEEE Transactions on Information Theory.

[78]  G. S. Vernam Cipher printing telegraph systems: For secret wire and radio telegraphic communications , 2022, Journal of the A.I.E.E..

[79]  Ingrid Verbauwhede,et al.  Secure IRIS Verification , 2007, 2007 IEEE International Conference on Acoustics, Speech and Signal Processing - ICASSP '07.

[80]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[81]  Rudolf Ahlswede,et al.  Common Randomness in Information Theory and Cryptography - Part II: CR Capacity , 1998, IEEE Trans. Inf. Theory.

[82]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[83]  Frans M. J. Willems,et al.  Biometric Systems: Privacy and Secrecy Aspects , 2009, IEEE Transactions on Information Forensics and Security.

[84]  Pieter H. Hartel,et al.  Embedding Renewable Cryptographic Keys into Continuous Noisy Data , 2008, ICICS.

[85]  Andrew Beng Jin Teoh,et al.  Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[86]  L. Goddard Information Theory , 1962, Nature.