Generating stable biometric keys for flexible cloud computing authentication using finger vein

Abstract Cloud computing is profoundly changing the way of data storage, transfer and process. User authentication is the first security barrier for cloud computing. However, the security of traditional biometric-template-based authentication technology has been challenged because of the information leakage of biometric templates and insufficient user-key strength, which is limited by the ability of the user to memorize keys. In this paper, we propose a new bio-key generation algorithm named FVHS, which combines the advantages of both biometrics authentication and user-key authentication. It directly generates stable and sufficiently strong bio-key sequences from finger vein biometrics. Based on FVHS, a new framework for cloud computing authentication is presented that provides a more flexible, convenient, and secure user authentication. The key idea of FVHS is that through combining machine learning, biometrics, and cryptography technologies, we can mine a special feature vector from the biometrics space that can be separated and stabilized into a fixed number sequence in a higher-dimensional space. Both a theoretical analysis and experimental verification show that FVHS can extract stable bio-keys from high quality finger vein images. FVHS can extract a finger vein bio-key with a Genuine Accept Rate of more than 99.9%, while the False Accept Rate is less than 0.8% and Equal Error Rate is less than 0.5%. Meanwhile, the security strength can reach 256 bits.

[1]  W. Gareth J. Howells,et al.  Key Generation in a Voice Based Template Free Biometric Security System , 2009, COST 2101/2102 Conference.

[2]  Yilong Yin,et al.  Finger vein recognition with manifold learning , 2010, J. Netw. Comput. Appl..

[3]  Xingming Sun,et al.  Enabling Personalized Search over Encrypted Outsourced Data with Efficiency Improvement , 2016, IEEE Transactions on Parallel and Distributed Systems.

[4]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[5]  Li Xu,et al.  Cost-Effective Authentic and Anonymous Data Sharing with Forward Security , 2015, IEEE Transactions on Computers.

[6]  Sharath Pankanti,et al.  Fingerprint-Based Fuzzy Vault: Implementation and Performance , 2007, IEEE Transactions on Information Forensics and Security.

[7]  Andreas Uhl,et al.  Iris-Biometric Fuzzy Commitment Schemes under Image Compression , 2013, CIARP.

[8]  Jin Li,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2015, IEEE Transactions on Computers.

[9]  Zhihua Xia,et al.  A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data , 2016, IEEE Transactions on Parallel and Distributed Systems.

[10]  Gérard D. Cohen,et al.  Theoretical and Practical Boundaries of Binary Secure Sketches , 2008, IEEE Transactions on Information Forensics and Security.

[11]  Bin Liang,et al.  High-dimension space projection-based biometric encryption for fingerprint with fuzzy minutia , 2016, Soft Comput..

[12]  Jie Yuan,et al.  A hierarchical face recognition algorithm based on humanoid nonlinear least-squares computation , 2015, Journal of Ambient Intelligence and Humanized Computing.

[13]  Peng Li,et al.  An effective biometric cryptosystem combining fingerprints with error correction codes , 2012, Expert Syst. Appl..

[14]  Shouling Ji,et al.  Zero-Sum Password Cracking Game: A Large-Scale Empirical Study on the Crackability, Correlation, and Security of Passwords , 2017, IEEE Transactions on Dependable and Secure Computing.

[15]  S. Sree Vivek,et al.  Biometrie key generator with applications in on-device encryption , 2015, 2015 11th International Conference on Innovations in Information Technology (IIT).

[16]  Weiguo Sheng,et al.  A Biometric Key Generation Method Based on Semisupervised Data Clustering , 2015, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[17]  Jin Wang,et al.  Mutual Verifiable Provable Data Auditing in Public Cloud Storage , 2015 .

[18]  Robert Sabourin,et al.  A bio-cryptographic system based on offline signature images , 2014, Inf. Sci..

[19]  Pang Liaojun Improved cancelable fingerprint fuzzy vault system , 2011 .

[20]  Gongping Yang,et al.  Singular value decomposition based minutiae matching method for finger vein recognition , 2014, Neurocomputing.

[21]  Arjan Kuijper,et al.  Retrieving secrets from iris fuzzy commitment , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[22]  Andrew Beng Jin Teoh,et al.  An efficient dynamic reliability-dependent bit allocation for biometric discretization , 2012, Pattern Recognit..

[23]  Jiankun Hu,et al.  A Security-Enhanced Alignment-Free Fuzzy Vault-Based Fingerprint Cryptosystem Using Pair-Polar Minutiae Structures , 2016, IEEE Transactions on Information Forensics and Security.

[24]  Joseph K. Liu,et al.  Fine-Grained Two-Factor Access Control for Web-Based Cloud Computing Services , 2016, IEEE Transactions on Information Forensics and Security.

[25]  Jun Zhou,et al.  PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System , 2015, IEEE Transactions on Parallel and Distributed Systems.

[26]  Muhammad Ali Akbar,et al.  Secure biometric template generation for multi-factor authentication , 2015, Pattern Recognit..

[27]  Todd Mozer,et al.  Assessing biometric authentication: a holistic approach to accuracy , 2015 .

[28]  Vanga Odelu,et al.  A Secure Biometrics-Based Multi-Server Authentication Protocol Using Smart Cards , 2015, IEEE Transactions on Information Forensics and Security.

[29]  Cheng Chen,et al.  A Finger Vein Recognition Algorithm Using Feature Block Fusion and Depth Neural Network , 2015, ISICA.

[30]  Fatos Xhafa,et al.  An efficient PHR service system supporting fuzzy keyword search and fine-grained access control , 2013, Soft Computing.

[31]  Ajay Kumar,et al.  Personal Authentication Using Hand Vein Triangulation and Knuckle Shape , 2009, IEEE Transactions on Image Processing.

[32]  Jin Li,et al.  Secure Deduplication with Efficient and Reliable Convergent Key Management , 2014, IEEE Transactions on Parallel and Distributed Systems.

[33]  Rajkumar Buyya,et al.  Dynamic remote data auditing for securing big data storage in cloud computing , 2017, Inf. Sci..

[34]  Alessandro Armando,et al.  An authentication flaw in browser-based Single Sign-On protocols: Impact and remediations , 2013, Comput. Secur..

[35]  Jia-Lun Tsai,et al.  A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services , 2015, IEEE Systems Journal.

[36]  Jinfeng Yang,et al.  Image restoration and enhancement for finger-vein recognition , 2012, 2012 IEEE 11th International Conference on Signal Processing.

[37]  Sharath Pankanti,et al.  Fuzzy Vault for Fingerprints , 2005, AVBPA.

[38]  Raymond N. J. Veldhuis,et al.  Preventing the Decodability Attack Based Cross-Matching in a Fuzzy Commitment Scheme , 2011, IEEE Transactions on Information Forensics and Security.

[39]  Jian Shen,et al.  Enhanced secure sensor association and key management in wireless body area networks , 2015, Journal of Communications and Networks.

[40]  Laurence T. Yang,et al.  Shared Authority Based Privacy-Preserving Authentication Protocol in Cloud Computing , 2015, IEEE Transactions on Parallel and Distributed Systems.

[41]  Christoph Busch,et al.  Unlinkable and irreversible biometric template protection based on bloom filters , 2016, Inf. Sci..

[42]  Joseph K. Liu,et al.  Privacy-Preserving Ciphertext Multi-Sharing Control for Big Data Storage , 2015, IEEE Transactions on Information Forensics and Security.

[43]  Geoffrey E. Hinton Where Do Features Come From? , 2014, Cogn. Sci..

[44]  Joonsang Baek,et al.  A Secure Cloud Computing Based Framework for Big Data Information Management of Smart Grid , 2015, IEEE Transactions on Cloud Computing.

[45]  Anthony Vetro,et al.  Alignment and bit extraction for secure fingerprint biometrics , 2010, Electronic Imaging.

[46]  T.E. Boult,et al.  Cracking Fuzzy Vaults and Biometric Encryption , 2007, 2007 Biometrics Symposium.

[47]  Ling Shao,et al.  A rapid learning algorithm for vehicle classification , 2015, Inf. Sci..