Cancelable biometric template generation and protection schemes: A review

The emerging need of the electronic cum computerized world is the security of the sensitive and personal data. The security of modern information systems is composed of three primary components — authentication, authorization, and accountability. The need for discriminating information security has expanded the research focus from securing the network to authenticating individual users. In real applications, privacy is a major concern in using biometric authentication systems. Biometrics is a stirring, rapidly developing and yet emerging field of technology, with immense potential, which helps to make our lives easier and safer. Biometrics is widely used in many areas such as security monitoring, database access, border control and immigration, and for verification, identification or recognition. The aim of this paper is to review attacks on biometric data, cancelable biometric generation and protection schemes. We made an attempt to survey the existing biometric template generation and protection schemes such as Bio-hashing (Salting), Non-invertible Transformations, Key-binding Biometric systems, Key-generating Biometric Systems and Hybrid approaches. In our review, we observed the suitable and robust scheme.

[1]  Nasir D. Memon,et al.  A secure biometric authentication scheme based on robust hashing , 2005, MM&Sec '05.

[2]  Ingrid Verbauwhede,et al.  Automatic secure fingerprint verification system based on fuzzy vault scheme , 2005, Proceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005..

[3]  Andrew Beng Jin Teoh,et al.  Application-Specific Key Release Scheme from Biometrics , 2008, Int. J. Netw. Secur..

[4]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[5]  Arjan Kuijper,et al.  A Security Analysis of Biometric Template Protection Schemes , 2009, ICIAR.

[6]  Jiashu Zhang,et al.  Enhancing the Security of Intelligent Transportation Systems (ITS) using Iris/Finger-based Multimodal Biometrics , 2006, 2006 IEEE International Conference on Engineering of Intelligent Systems.

[7]  Albert Ali Salah,et al.  Benchmarking Quality-Dependent and Cost-Sensitive Score-Level Multimodal Biometric Fusion Algorithms , 2009, IEEE Transactions on Information Forensics and Security.

[8]  Sharath Pankanti,et al.  Fuzzy Vault for Fingerprints , 2005, AVBPA.

[9]  Arun Ross,et al.  Multimodal biometrics: An overview , 2004, 2004 12th European Signal Processing Conference.

[10]  Bruce Schneier,et al.  Inside risks: the uses and abuses of biometrics , 1999, CACM.

[11]  Anil K. Jain,et al.  Securing Fingerprint Template: Fuzzy Vault with Helper Data , 2006, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06).

[12]  R. Greenberg Biometry , 1969, The Yale Journal of Biology and Medicine.

[13]  Terrance E. Boult,et al.  Revocable fingerprint biotokens: accuracy and security analysis , 2007, 2007 IEEE Conference on Computer Vision and Pattern Recognition.

[14]  Václav Matyás,et al.  Toward Reliable User Authentication through Biometrics , 2003, IEEE Secur. Priv..

[15]  Andrew Beng Jin Teoh,et al.  Secure Hashing of Dynamic Hand Signatures Using Wavelet-Fourier Compression with BioPhasor Mixing and Discretization , 2006, EURASIP J. Adv. Signal Process..

[16]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[17]  Peng Li,et al.  Security-Enhanced Fuzzy Fingerprint Vault Based on Minutiae's Local Ridge Information , 2009, ICB.

[18]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[19]  Anil K. Jain,et al.  Hiding Biometric Data , 2003, IEEE Trans. Pattern Anal. Mach. Intell..

[20]  Anil K. Jain,et al.  A hybrid biometric cryptosystem for securing fingerprint minutiae templates , 2010, Pattern Recognit. Lett..

[21]  Andrew Beng Jin Teoh,et al.  PalmHashing: a novel approach for cancelable biometrics , 2005, Inf. Process. Lett..

[22]  Stark C. Draper,et al.  Using Distributed Source Coding to Secure Fingerprint Biometrics , 2007, 2007 IEEE International Conference on Acoustics, Speech and Signal Processing - ICASSP '07.

[23]  Andrew Teoh Beng Jin,et al.  High security Iris verification system based on random secret integration , 2006 .

[24]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 1999, CCS '99.

[25]  Arun Ross,et al.  Multibiometric systems , 2004, CACM.

[26]  B. V. K. Vijaya Kumar,et al.  Cancelable biometric filters for face recognition , 2004, Proceedings of the 17th International Conference on Pattern Recognition, 2004. ICPR 2004..

[27]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[28]  Andrew Beng Jin Teoh,et al.  High security Iris verification system based on random secret integration , 2006, Comput. Vis. Image Underst..

[29]  Bian Yang,et al.  Parameterized geometric alignment for minutiae-based fingerprint template protection , 2009, 2009 IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems.

[30]  Sumin Hong,et al.  The Advanced of Fuzzy Vault Using Password , 2008 .

[31]  Pieter H. Hartel,et al.  Fuzzy extractors for continuous distributions , 2006, ASIACCS '07.

[32]  Arun Ross,et al.  From Template to Image: Reconstructing Fingerprints from Minutiae Points , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[33]  David J. Kriegman,et al.  Eigenfaces vs. Fisherfaces: Recognition Using Class Specific Linear Projection , 1996, ECCV.

[34]  Raymond N. J. Veldhuis,et al.  Practical Biometric Authentication with Template Protection , 2005, AVBPA.

[35]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[36]  C. Chellappan,et al.  Authentication of e-learners using multimodal biometric technology , 2008, 2008 International Symposium on Biometrics and Security Technologies.

[37]  Berk Gökberk,et al.  "3D Face": Biometric Template Protection for 3D Face Recognition , 2007, ICB.

[38]  Pong C. Yuen,et al.  Protecting Face Biometric Data on Smartcard with Reed-Solomon Code , 2006, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06).

[39]  Ee-Chien Chang,et al.  Robust, short and sensitive authentication tags using secure sketch , 2006, MM&Sec '06.

[40]  Richard A. Wasniowski,et al.  Using Data Fusion for Biometric Verification , 2007, WEC.

[41]  Roberto Sassi,et al.  A fuzzy approach to multimodal biometric continuous authentication , 2008, Fuzzy Optim. Decis. Mak..

[42]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[43]  Anil K. Jain,et al.  Biometric template transformation: a security analysis , 2010, Electronic Imaging.

[44]  Kathy J. Horadam,et al.  Fuzzy Extractors for Minutiae-Based Fingerprint Authentication , 2007, ICB.

[45]  Claudia Eckert,et al.  Protected transmission of biometric user authentication data for oncard-matching , 2004, SAC '04.

[46]  J. Fierrez-Aguilar,et al.  Cryptographic key generation using handwritten signature , 2006, SPIE Defense + Commercial Sensing.

[47]  N. Kiyavash,et al.  Secure Smartcard-Based Fingerprint Authentication ∗ , 2003 .

[48]  Tsuhan Chen,et al.  Biometrics-based cryptographic key generation , 2004, 2004 IEEE International Conference on Multimedia and Expo (ICME) (IEEE Cat. No.04TH8763).

[49]  Nasir D. Memon,et al.  Protecting Biometric Templates With Sketch: Theory and Practice , 2007, IEEE Transactions on Information Forensics and Security.

[50]  Andrew Beng Jin Teoh,et al.  Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[51]  Krzysztof Kryszczuk,et al.  Reliability-Based Decision Fusion in Multimodal Biometric Verification Systems , 2007, EURASIP J. Adv. Signal Process..

[52]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[53]  Chun-I Fan,et al.  Provably Secure Remote Truly Three-Factor Authentication Scheme With Privacy Protection on Biometrics , 2009, IEEE Transactions on Information Forensics and Security.

[54]  Alessandra Lumini,et al.  Fingerprint Image Reconstruction from Standard Templates , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[55]  Qinghan Xiao Biometric User Authentication for Heightened Information Security , 2004, ICBA.

[56]  Aaron Adler,et al.  Can images be regenerated from biometric templates , 2003 .

[57]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[58]  Qi Li,et al.  Cryptographic key generation from voice , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[59]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[60]  Daesung Moon,et al.  Automatic Alignment of Fingerprint Features for Fuzzy Fingerprint Vault , 2005, CISC.

[61]  Venu Govindaraju,et al.  Symmetric hash functions for secure fingerprint biometric systems , 2007, Pattern Recognit. Lett..

[62]  Anil K. Jain,et al.  Hardening Fingerprint Fuzzy Vault Using Password , 2007, ICB.

[63]  David J. Kriegman,et al.  Eigenfaces vs. Fisherfaces: Recognition Using Class Specific Linear Projection , 1996, ECCV.

[64]  Azriel Rosenfeld,et al.  Face recognition: A literature survey , 2003, CSUR.

[65]  Ann Cavoukian Biometric Encryption : A Positive-Sum Technology that Achieves Strong Authentication , Security AND Privacy , 2007 .

[66]  Ee-Chien Chang,et al.  Robust Extraction of Secret Bits from Minutiae , 2007, ICB.

[67]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[68]  Andy Adler,et al.  Biometric System Security , 2008 .

[69]  Santanu Chaudhury,et al.  Biometrics based Asymmetric Cryptosystem Design Using Modified Fuzzy Vault Scheme , 2006, 18th International Conference on Pattern Recognition (ICPR'06).

[70]  Ralf Steinmetz,et al.  Biometric hash based on statistical features of online signatures , 2002, Object recognition supported by user interaction for service robots.

[71]  Nalini K. Ratha,et al.  Generating Cancelable Fingerprint Templates , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[72]  Anil K. Jain,et al.  Can soft biometric traits assist user recognition? , 2004, SPIE Defense + Commercial Sensing.

[73]  Kang Ryoung Park,et al.  Biometric Key Binding: Fuzzy Vault Based on Iris Images , 2007, ICB.

[74]  Marie Sandström Liveness Detection in Fingerprint Recognition Systems , 2004 .

[75]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).