Biohashing: two factor authentication featuring fingerprint data and tokenised random number

Abstract Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier–Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

[1]  Yoshiaki Isobe,et al.  Development of personal authentication system using fingerprint with digital signature technologies , 2001, Proceedings of the 34th Annual Hawaii International Conference on System Sciences.

[2]  Luciano Rila Denial of Access in Biometrics-Based Authentication Systems , 2002, InfraSec.

[3]  Sharath Pankanti,et al.  Evaluation techniques for biometrics-based authentication systems (FRR) , 2000, Proceedings 15th International Conference on Pattern Recognition. ICPR-2000.

[4]  JEFFREY WOOD,et al.  Invariant pattern recognition: A review , 1996, Pattern Recognit..

[5]  Andrew Beng Jin Teoh,et al.  An efficient fingerprint verification system using integrated wavelet and Fourier-Mellin invariant transform , 2004, Image Vis. Comput..

[6]  Arun Ross,et al.  Information fusion in biometrics , 2003, Pattern Recognit. Lett..

[7]  Purdy Ho,et al.  A Dual-Factor Authentication System Featuring Speaker Verification and Token Technology , 2003, AVBPA.

[8]  Raul Sánchez-Reillo Including Biometric Authentication in a Smart Card Operating System , 2001, AVBPA.

[9]  Tieniu Tan,et al.  Combining Face and Iris Biometrics for Identity Verification , 2003, AVBPA.

[10]  John Daugman,et al.  Biometric decision landscapes , 2000 .

[11]  Ong Thian Song,et al.  An efficient fingerprint verification system using integrated wavelet and Fourier–Mellin invariant transform , 2004 .

[12]  Nalini K. Ratha,et al.  Biometric perils and patches , 2002, Pattern Recognit..

[13]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[14]  Jane Adams Biometrics and smart cards , 2000 .

[15]  Gian Luca Marcialis,et al.  Experimental Results on Fusion of Multiple Fingerprint Matchers , 2003, AVBPA.

[16]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[17]  Purdy Ho,et al.  Biometric Authentication in Infrastructure Security , 2002, InfraSec.

[18]  B. N. Chatterji,et al.  An FFT-based technique for translation, rotation, and scale-invariant image registration , 1996, IEEE Trans. Image Process..

[19]  S. Mallat A wavelet tour of signal processing , 1998 .

[20]  Michael Spann,et al.  A comparison between Fourier-Mellin descriptors and moment based features for invariant object recognition using neural networks , 1991, Pattern Recognit. Lett..