Secure Biometric Authentication System Architecture using Error Correcting Codes and Distributed Cryptography

The most emerging technology for people identification and authentication is biometrics. In contrast with traditional recognition approaches, biometric authentication relies on who a person is or what a person does, being based on strictly personal traits, much more difficult to be forgotten, lost, stolen, copied or forged than traditional data. In this paper, we focus on two vulnerable points of biometric systems: the database where the templates are stored and the communication channel between the stored templates and the matcher. Specifically, we propose a method, based on user adaptive error correction codes, to secure the stored templates and achieve the requisite of cancelability of the templates. The proposed architecture is applied either to signature and iris recognition. Moreover, in order to avoid corruption or interception of the stored templates in the transmission channels, we propose a scheme based on threshold cryptography: the distribution of the certificate authority functionality among a number of nodes provides distributed, fault-tolerant, and hierarchical key management services. Experimental results show the effectiveness of our approach, when compared to traditional non-secure correlation-based classifiers.

[1]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[2]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[3]  Masao Kasahara,et al.  Safety of templates in biometric person authentication using error-correcting code , 2006, Electronic Imaging.

[4]  Michael Purser Introduction to error-correcting codes , 1994 .

[5]  M. Faundez-Zanuy Signature recognition state-of-the-art , 2005, IEEE Aerospace and Electronic Systems Magazine.

[6]  Pong C. Yuen,et al.  Protecting Face Biometric Data on Smartcard with Reed-Solomon Code , 2006, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06).

[7]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[8]  Yvo Desmedt,et al.  Some Recent Research Aspects of Threshold Cryptography , 1997, ISW.

[9]  T. Tan,et al.  Iris Recognition Based on Multichannel Gabor Filtering , 2002 .

[10]  Ashok A. Ghatol,et al.  Iris recognition: an emerging biometric technology , 2007 .

[11]  Jinho Kim,et al.  On-line signature verification using model-guided segmentation and discriminative feature selection for skilled forgeries , 2001, Proceedings of Sixth International Conference on Document Analysis and Recognition.

[12]  Richard M. Guest The repeatability of signatures , 2004, Ninth International Workshop on Frontiers in Handwriting Recognition.

[13]  Ralf Steinmetz,et al.  Biometric hash based on statistical features of online signatures , 2002, Object recognition supported by user interaction for service robots.

[14]  Andrew Beng Jin Teoh,et al.  Cryptographic keys from dynamic hand-signatures with biometric secrecy preservation and replaceability , 2005, Fourth IEEE Workshop on Automatic Identification Advanced Technologies (AutoID'05).

[15]  John Daugman,et al.  How iris recognition works , 2002, IEEE Transactions on Circuits and Systems for Video Technology.

[16]  Fred B. Schneider,et al.  Towards Fault-Tolerant and Secure On-Line Services , 2001 .

[17]  J. Fierrez-Aguilar,et al.  Cryptographic key generation using handwritten signature , 2006, SPIE Defense + Commercial Sensing.

[18]  John Daugman,et al.  High Confidence Visual Recognition of Persons by a Test of Statistical Independence , 1993, IEEE Trans. Pattern Anal. Mach. Intell..

[19]  Anil K. Jain,et al.  Hiding Biometric Data , 2003, IEEE Trans. Pattern Anal. Mach. Intell..

[20]  Anil K. Jain,et al.  Attacks on biometric systems: a case study in fingerprints , 2004, IS&T/SPIE Electronic Imaging.

[21]  Anton H. M. Akkermans,et al.  Face biometrics with renewable templates , 2006, Electronic Imaging.

[22]  Sharath Pankanti,et al.  Verification watermarks on fingerprint recognition and retrieval , 1999, Electronic Imaging.

[23]  Daniel Willem Elisabeth Schobben,et al.  Privacy-protected biometric templates: acoustic ear identification , 2004, SPIE Defense + Commercial Sensing.

[24]  Dexin Zhang,et al.  Efficient iris recognition by characterizing key local variations , 2004, IEEE Transactions on Image Processing.

[25]  Sergey Yekhanin,et al.  Secure Biometrics Via Syndromes , 2005 .

[26]  Nalini K. Ratha,et al.  An Analysis of Minutiae Matching Strength , 2001, AVBPA.

[27]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[28]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[29]  Sharath Pankanti,et al.  Guide to Biometrics , 2003, Springer Professional Computing.

[30]  Nalini K. Ratha,et al.  Secure data hiding in wavelet compressed fingerprint images , 2000, MULTIMEDIA '00.

[31]  Sharath Pankanti,et al.  Biometric Recognition: Security and Privacy Concerns , 2003, IEEE Secur. Priv..

[32]  Arun Ross,et al.  An introduction to biometric recognition , 2004, IEEE Transactions on Circuits and Systems for Video Technology.