Effective Combination of Iris-based Cancelable Biometrics and Biometric Cryptosystems

The fuzzy commitment scheme (FCS) is one of the most effective biometric cryptosystems (BCs) that provide secure management of cryptographic keys using biometric templates. In this scheme, error correcting codes (ECCs) are firstly employed to encode a cryptographic key into a codeword which is then secured via linking (committing) it with a biometric template of the same length. Unfortunately, the key length is constrained by the size of the adopted biometric template as well as the employed ECC(s). In this paper, we propose a secure iris template protection scheme that combines cancelable biometrics with the FCS in order to secure long cryptographic keys without sacrificing the recognition accuracy. First, we utilize cancelable biometrics to derive revocable templates of large sizes from the most reliable bits in iris codes. Then, the FCS is applied to the obtained cancelable iris templates to secure cryptographic keys of the desired length. The revocability of cryptographic keys as well as true iris templates is guaranteed due to the hybridization of both techniques. Experimental results show that the proposed hybrid system can achieve high recognition accuracy regardless of the key size.

[1]  Tran Khanh Dang,et al.  A Multi-factor Biometric Based Remote Authentication Using Fuzzy Commitment and Non-invertible Transformation , 2015, ICT-EurAsia/CONFENIS.

[2]  Tieniu Tan,et al.  Robust Biometric Key Extraction Based on Iris Cryptosystem , 2009, ICB.

[3]  Norimichi Tsumura,et al.  BioEncoding: A Reliable Tokenless Cancelable Biometrics Scheme for Protecting IrisCodes , 2010, IEICE Trans. Inf. Syst..

[4]  K.W. Bowyer,et al.  The Best Bits in an Iris Code , 2009, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[5]  Ke Xiong,et al.  A Hybrid Approach to Protect Palmprint Templates , 2014, TheScientificWorldJournal.

[6]  Teresa Oliveira,et al.  Hadamard matrices and links to information theory , 2018 .

[7]  Pritee Khanna,et al.  Non-invertible Biometric Encryption to Generate Cancelable Biometric Templates , 2017 .

[8]  Matthew N. Dailey,et al.  Robust iris verification for key management , 2010, Pattern Recognit. Lett..

[9]  Bernadette Dorizzi,et al.  Obtaining cryptographic keys using feature level fusion of iris and face biometrics for secure user authentication , 2010, 2010 IEEE Computer Society Conference on Computer Vision and Pattern Recognition - Workshops.

[10]  Libor Masek,et al.  MATLAB Source Code for a Biometric Identification System Based on Iris Patterns , 2003 .

[11]  Ravi Das Biometric Technology: Authentication, Biocryptography, and Cloud-Based Architecture , 2014 .

[12]  Munaga V. N. K. Prasad,et al.  Cancelable Fingerprint Cryptosystem Based on Convolution Coding , 2015, SIRS.

[13]  Zhe Jin,et al.  A New Design for Alignment-Free Chaffed Cancelable Iris Key Binding Scheme , 2019, Symmetry.

[14]  Manisha,et al.  Cancelable Biometrics: a comprehensive survey , 2019, Artificial Intelligence Review.

[15]  Albert Levi,et al.  Secure key agreement using pure biometrics , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[16]  John Daugman,et al.  Information Theory and the IrisCode , 2016, IEEE Transactions on Information Forensics and Security.

[17]  Bernadette Dorizzi,et al.  Application of Biometrics to Obtain High Entropy Cryptographic Keys , 2009 .

[18]  Cagatay Karabat,et al.  Practical security and privacy attacks against biometric hashing using sparse recovery , 2016, EURASIP J. Adv. Signal Process..

[19]  Anil K. Jain,et al.  Hardening Fingerprint Fuzzy Vault Using Password , 2007, ICB.

[20]  Takeshi Koshiba,et al.  Privacy-Preserving Fuzzy Commitment for Biometrics via Layered Error-Correcting Codes , 2015, FPS.

[21]  R. K. Bharathi,et al.  A Review on Biometric Template Security , 2019, Lecture Notes in Electrical Engineering.

[22]  Sasa Adamovic,et al.  Fuzzy commitment scheme for generation of cryptographic keys based on iris biometrics , 2017, IET Biom..

[23]  Gérard D. Cohen,et al.  Theoretical and Practical Boundaries of Binary Secure Sketches , 2008, IEEE Transactions on Information Forensics and Security.

[24]  Toshiya Nakaguchi,et al.  Security enhanced BioEncoding for protecting iris codes , 2011, Defense + Commercial Sensing.

[25]  Parveen Singla,et al.  Techniques for Enhancing the Security of Fuzzy Vault: A Review , 2018 .

[26]  Pong C. Yuen,et al.  A Hybrid Approach for Generating Secure and Discriminating Face Template , 2010, IEEE Transactions on Information Forensics and Security.

[27]  Stefania Loredana Nita,et al.  Security and Cryptographic Challenges for Authentication Based on Biometrics Data , 2018, Cryptogr..

[28]  Andrew Beng Jin Teoh,et al.  Personalised cryptographic key generation based on FaceHashing , 2004, Comput. Secur..

[29]  S. Kanade,et al.  Multi-biometrics based cryptographic key regeneration scheme , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[30]  Stefan Katzenbeisser,et al.  Eliminating Leakage in Reverse Fuzzy Extractors , 2018, IEEE Transactions on Information Forensics and Security.

[31]  Sonam Chauhan,et al.  Improved fuzzy commitment scheme , 2019, International Journal of Information Technology.

[32]  Ingrid Verbauwhede,et al.  Secure IRIS Verification , 2007, 2007 IEEE International Conference on Acoustics, Speech and Signal Processing - ICASSP '07.

[33]  Driss Aboutajdine,et al.  Vulnerabilities of fuzzy vault schemes using biometric data with traces , 2015, 2015 International Wireless Communications and Mobile Computing Conference (IWCMC).

[34]  Chip-Hong Chang,et al.  Facial biohashing based user-device physical unclonable function for bring your own device security , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[35]  S. Kanade,et al.  Three factor scheme for biometric-based cryptographic key regeneration using iris , 2008, 2008 Biometrics Symposium.

[36]  Andrew Beng Jin Teoh,et al.  Application-Specific Key Release Scheme from Biometrics , 2008, Int. J. Netw. Secur..

[37]  Sanjay Kumar Singh,et al.  Review of key-binding-based biometric data protection schemes , 2016, IET Biom..

[38]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[39]  Yongjin Wang,et al.  Fuzzy Vault for Face Based Cryptographic Key Generation , 2007, 2007 Biometrics Symposium.