A remote cancelable palmprint authentication protocol based on multi-directional two-dimensional PalmPhasor-fusion

Biometric template security and privacy issues are critical in biometric authentication systems and require special attention. However, remote biometric authentication systems demand wider array of measures for maximum protection. This paper proposes a remote cancelable palmprint authentication protocol based on multi-directional two-dimensional PalmPhasor-fusion. The main contribution is three-fold. First, with a transposition direction selection mechanism, multi-directional two-dimensional PalmPhasor MTDPP improves the accuracy performance of two-dimensional PalmPhasor. Second, we provide the theoretical analysis of the effect of transposition on the accuracy performance of two-dimensional PalmPhasor, and hence establish an effective transposition direction range for the proposed MTDPP. Third, according to our analysis, the existing remote palmprint authentication system does not satisfy non-invertibility criterion of secure template protection and is vulnerable to interception. Besides, secret message embedding as a countermeasure for database attacks deteriorates accuracy performance and causes inconvenience in updating authenticator. The proposed protocol uses multi-directional two-dimensional PalmPhasor-fusion, one-time random number encrypted with asymmetric cryptography and encrypted hash codes of MTDPP to address the problems. Copyright © 2013 John Wiley & Sons, Ltd.

[1]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[2]  Julien Bringer,et al.  Identification with encrypted biometric data , 2009, Secur. Commun. Networks.

[3]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[4]  Yevgeniy Dodis,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, EUROCRYPT.

[5]  Dimitrios Hatzinakos,et al.  On Random Transformations for Changeable Face Verification , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[6]  Kenta Takahashi,et al.  Parameter management schemes for cancelable biometrics , 2011, 2011 IEEE Workshop on Computational Intelligence in Biometrics and Identity Management (CIBIM).

[7]  Lu Leng,et al.  Dual-key-binding cancelable palmprint cryptosystem for palmprint protection and information security , 2011, J. Netw. Comput. Appl..

[8]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[9]  Konstantinos N. Plataniotis,et al.  An Analysis of Random Projection for Changeable and Privacy-Preserving Biometric Verification , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[10]  Jiankun Hu,et al.  A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment , 2011, Secur. Commun. Networks.

[11]  Julien Bringer,et al.  An Authentication Protocol with Encrypted Biometric Data , 2008, AFRICACRYPT.

[12]  Jiankun Hu,et al.  Alignment-free cancelable fingerprint template design: A densely infinite-to-one mapping (DITOM) approach , 2012, Pattern Recognit..

[13]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[14]  Andrew Beng Jin Teoh,et al.  Cancellable biometerics featuring with tokenised random number , 2005, Pattern Recognit. Lett..

[15]  David Zhang,et al.  An analysis of BioHashing and its variants , 2006, Pattern Recognit..

[16]  Xiaomin Wang,et al.  Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices , 2008 .

[17]  Muhammad Khurram Khan,et al.  Improving the security of 'a flexible biometrics remote user authentication scheme' , 2007, Comput. Stand. Interfaces.

[18]  K. Srinathan,et al.  Blind Authentication: A Secure Crypto-Biometric Verification Protocol , 2010, IEEE Transactions on Information Forensics and Security.

[19]  Andrew Beng Jin Teoh,et al.  Biohashing: two factor authentication featuring fingerprint data and tokenised random number , 2004, Pattern Recognit..

[20]  Hengjian Li,et al.  Chaos-Based Cancelable Palmprint Authentication System , 2012 .

[21]  Zhe Jin,et al.  Argument on biometrics identity-based encryption schemes , 2013, Secur. Commun. Networks.

[22]  Bernadette Dorizzi,et al.  Generating and sharing biometrics based session keys for secure cryptographic applications , 2010, 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[23]  Lu Leng,et al.  PalmHash Code vs. PalmPhasor Code , 2013, Neurocomputing.

[24]  David Zhang,et al.  Three measures for secure palmprint identification , 2008, Pattern Recognit..

[25]  Hengjian Li,et al.  Generating cancelable palmprint templates via coupled nonlinear dynamic filters and multiple orientation palmcodes , 2010, Inf. Sci..

[26]  Muhammad Khurram Khan,et al.  Two Dimensional PalmPhasor Enhanced by Multi-orientation Score Level Fusion , 2011, STA.

[27]  Jiankun Hu,et al.  Pair-polar coordinate-based cancelable fingerprint templates , 2011, Pattern Recognit..

[28]  David Zhang,et al.  A survey of palmprint recognition , 2009, Pattern Recognit..

[29]  David Zhang,et al.  Competitive coding scheme for palmprint verification , 2004, ICPR 2004.

[30]  Muhammad Khurram Khan,et al.  Challenge-response-based biometric image scrambling for secure personal identification , 2011, Future Gener. Comput. Syst..

[31]  V. K. Govindan,et al.  Palmprint authentication using fusion of wavelet and contourlet features , 2011, Secur. Commun. Networks.