Password hardened fuzzy vault for fingerprint authentication system

The present work attempts to build a bio-cryptographic system that combines transformed minutiae pairwise feature and user-generated password fuzzy vault. The fingerprint fuzzy vault is based on a new minutiae pairwise structure, which overcomes the fingerprint feature publication while the secret binary vault code is generated according to the fingerprint fuzzy vault result. The authentication process involves two stages: fuzzy vault matching and secret vault code validation. Our minutiae pairwise transformation produces different templates thus resolving the problem of cross matching attacks in fingerprint fuzzy vault. So, the original fingerprint template cannot be recreated because it is protected by the key generated from the user password. In addition, the proposed bio-cryptographic system ensures an acceptable security level for user authentication.

[1]  Sharath Pankanti,et al.  Fingerprint-Based Fuzzy Vault: Implementation and Performance , 2007, IEEE Transactions on Information Forensics and Security.

[2]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[3]  Qi Li,et al.  Cryptographic key generation from voice , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[4]  Yair Frankel,et al.  On the Relation of Error Correction and Cryptography to an Off Line Biometric Based Identification S , 1999 .

[5]  Sharath Pankanti,et al.  Fuzzy Vault for Fingerprints , 2005, AVBPA.

[6]  Anil K. Jain,et al.  On-line fingerprint verification , 1996, Proceedings of 13th International Conference on Pattern Recognition.

[7]  Huaijiang Sun,et al.  A gradient-based combined method for the computation of fingerprints' orientation field , 2009, Image Vis. Comput..

[8]  Axel Munk,et al.  The Fuzzy Vault for Fingerprints is Vulnerable to Brute Force Attack , 2007, BIOSIG.

[9]  Anil K. Jain,et al.  FVC2002: Second Fingerprint Verification Competition , 2002, Object recognition supported by user interaction for service robots.

[10]  Anil K. Jain,et al.  Securing Fingerprint Template: Fuzzy Vault with Helper Data , 2006, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06).

[11]  S. Kanade,et al.  Three factor scheme for biometric-based cryptographic key regeneration using iris , 2008, 2008 Biometrics Symposium.

[12]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[13]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 1999, CCS '99.

[14]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[15]  Jiankun Hu,et al.  Alignment-free cancelable fingerprint template design: A densely infinite-to-one mapping (DITOM) approach , 2012, Pattern Recognit..

[16]  Andrew Beng Jin Teoh,et al.  Biohashing: two factor authentication featuring fingerprint data and tokenised random number , 2004, Pattern Recognit..

[17]  Nalini K. Ratha,et al.  Biometric perils and patches , 2002, Pattern Recognit..

[18]  Anil K. Jain,et al.  Fingerprint Image Enhancement: Algorithm and Performance Evaluation , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[19]  Andrew Beng Jin Teoh,et al.  Cancellable biometrics and annotations on BioHash , 2008, Pattern Recognit..

[20]  T. Charles Clancy,et al.  Secure smartcardbased fingerprint authentication , 2003, WBMA '03.

[21]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[22]  Daesung Moon,et al.  Fuzzy fingerprint vault using multiple polynomials , 2009, 2009 IEEE 13th International Symposium on Consumer Electronics.

[23]  Jiankun Hu,et al.  Pair-polar coordinate-based cancelable fingerprint templates , 2011, Pattern Recognit..

[24]  Jiankun Hu,et al.  Design of alignment-free cancelable fingerprint templates via curtailed circular convolution , 2014, Pattern Recognit..

[25]  Dario Maio,et al.  Direct Gray-Scale Minutiae Detection In Fingerprints , 1997, IEEE Trans. Pattern Anal. Mach. Intell..

[26]  Heinrich Ihmor,et al.  Performance of the Fuzzy Vault for Multiple Fingerprints , 2010, BIOSIG.

[27]  Terrance E. Boult,et al.  Revocable fingerprint biotokens: accuracy and security analysis , 2007, 2007 IEEE Conference on Computer Vision and Pattern Recognition.

[28]  Shigeo Tsujii,et al.  Proposal on a multifactor biometric authentication method based on cryptosystem keys containing biometric signatures , 2004, International Journal of Information Security.

[29]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[30]  Hailiang Chen,et al.  A novel algorithm of fingerprint encryption using minutiae-based transformation , 2011, Pattern Recognit. Lett..

[31]  Peng Li,et al.  An alignment-free fingerprint cryptosystem based on fuzzy vault scheme , 2010, J. Netw. Comput. Appl..

[32]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[33]  Mohamed Aissani,et al.  Fingerprint matching from minutiae texture maps , 2007, Pattern Recognit..

[34]  Kannan Karthik,et al.  A robust alignment-free fingerprint hashing algorithm based on minimum distance graphs , 2012, Pattern Recognit..

[35]  Anil K. Jain,et al.  Hardening Fingerprint Fuzzy Vault Using Password , 2007, ICB.

[36]  T.E. Boult,et al.  Cracking Fuzzy Vaults and Biometric Encryption , 2007, 2007 Biometrics Symposium.

[37]  Peng Li,et al.  An effective biometric cryptosystem combining fingerprints with error correction codes , 2012, Expert Syst. Appl..

[38]  Bart Jacobs,et al.  Biometrics and their use in e-passports , 2009, Image Vis. Comput..