Secure Sketches for Protecting Biometric Templates

As biometric technologies are becoming pervasive, it is imperative to protect the users of these technologies from misuse of their biometric data. However, unlike user credentials in traditional security systems, such as passwords or tokens, biometric features cannot be consistently sampled, and the matching process can be complex. Furthermore, the consequences of losing biometric data can be far more severe than passwords or tokens. Secure sketches, a recently developed cryptographic primitive, allow noisy data to be restored using some helper-data, while providing bounds on how much sensitive information such helper-data would reveal when obtained by malicious parties. In this chapter, we discuss security threats on the use of biometric templates in security systems, and how secure sketches can be used to address these threats under various circumstances.

[1]  Nasir Memon,et al.  Design and analysis of fuzzy extractors for faces , 2009, Defense + Commercial Sensing.

[2]  Julien Bringer,et al.  The best of both worlds: Applying secure sketches to cancelable biometrics , 2008, Sci. Comput. Program..

[3]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.

[4]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[5]  J. Ortega-Garcia,et al.  Cancelable Biometrics for HMM-based Signature Recognition , 2008, 2008 IEEE Second International Conference on Biometrics: Theory, Applications and Systems.

[6]  Bhagavatula Vijaya Kumar,et al.  Biometric Encryption using image processing , 1998, Electronic Imaging.

[7]  Ueli Maurer,et al.  Information-Theoretic Key Agreement: From Weak to Strong Secrecy for Free , 2000, EUROCRYPT.

[8]  Haiping Lu,et al.  Fuzzy Key Binding Strategies Based on Quantization Index Modulation (QIM) for Biometric Encryption (BE) Applications , 2010, IEEE Transactions on Information Forensics and Security.

[9]  Terrance E. Boult,et al.  Revocable fingerprint biotokens: accuracy and security analysis , 2007, 2007 IEEE Conference on Computer Vision and Pattern Recognition.

[10]  Anton H. M. Akkermans,et al.  Face recognition with renewable and privacy preserving binary templates , 2005, Fourth IEEE Workshop on Automatic Identification Advanced Technologies (AutoID'05).

[11]  Pieter H. Hartel,et al.  Fuzzy extractors for continuous distributions , 2006, ASIACCS '07.

[12]  Ee-Chien Chang,et al.  Secure Sketch for Multi-Sets , 2006, IACR Cryptol. ePrint Arch..

[13]  T. Charles Clancy,et al.  Secure smartcardbased fingerprint authentication , 2003, WBMA '03.

[14]  Alessandra Lumini,et al.  An evaluation of direct attacks using fake fingers generated from ISO templates , 2010, Pattern Recognit. Lett..

[15]  Stark C. Draper,et al.  Using Distributed Source Coding to Secure Fingerprint Biometrics , 2007, 2007 IEEE International Conference on Acoustics, Speech and Signal Processing - ICASSP '07.

[16]  Andy Adler,et al.  Biometric System Security , 2008 .

[17]  L. O'Gorman,et al.  Comparing passwords, tokens, and biometrics for user authentication , 2003, Proceedings of the IEEE.

[18]  Ee-Chien Chang,et al.  Fuzzy extractors for asymmetric biometric representations , 2008, 2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops.

[19]  Raymond N. J. Veldhuis,et al.  Practical Biometric Authentication with Template Protection , 2005, AVBPA.

[20]  Stark C. Draper,et al.  Feature extraction for a Slepian-Wolf biometric system using LDPC codes , 2008, 2008 IEEE International Symposium on Information Theory.

[21]  Sergey Yekhanin,et al.  Secure Biometrics Via Syndromes , 2005 .

[22]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[23]  Ingrid Verbauwhede,et al.  Automatic secure fingerprint verification system based on fuzzy vault scheme , 2005, Proceedings. (ICASSP '05). IEEE International Conference on Acoustics, Speech, and Signal Processing, 2005..

[24]  Anil K. Jain,et al.  Statistical Models for Assessing the Individuality of Fingerprints , 2007, IEEE Trans. Inf. Forensics Secur..

[25]  Stark C. Draper,et al.  Feature transformation of biometric templates for secure biometric systems based on error correcting codes , 2008, 2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops.

[26]  Ee-Chien Chang,et al.  Hiding Secret Points Amidst Chaff , 2006, EUROCRYPT.

[27]  Chun Chen,et al.  Biometric binary string generation with detection rate optimized bit allocation , 2008, 2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops.

[28]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[29]  Frans M. J. Willems,et al.  Information Leakage in Fuzzy Commitment Schemes , 2010, IEEE Transactions on Information Forensics and Security.

[30]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[31]  Andrew Beng Jin Teoh,et al.  Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[32]  Arun Ross,et al.  From Template to Image: Reconstructing Fingerprints from Minutiae Points , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[33]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[34]  Sharath Pankanti,et al.  Biometric Recognition: Security and Privacy Concerns , 2003, IEEE Secur. Priv..

[35]  Boris Skoric,et al.  Key Extraction From General Nondiscrete Signals , 2010, IEEE Transactions on Information Forensics and Security.

[36]  Nalini K. Ratha,et al.  Generating Cancelable Fingerprint Templates , 2007, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[37]  Anil K. Jain,et al.  Statistical Models for Assessing the Individuality of Fingerprints , 2005, IEEE Transactions on Information Forensics and Security.

[38]  Chengfang Fang,et al.  Secure Sketch for Multiple Secrets , 2010, ACNS.

[39]  B. V. K. Vijaya Kumar,et al.  Cancelable biometric filters for face recognition , 2004, Proceedings of the 17th International Conference on Pattern Recognition, 2004. ICPR 2004..

[40]  Pim Tuyls,et al.  Capacity and Examples of Template-Protecting Biometric Authentication Systems , 2004, ECCV Workshop BioAW.

[41]  Nasir D. Memon,et al.  Secure Sketch for Biometric Templates , 2006, ASIACRYPT.

[42]  John Daugman,et al.  The importance of being random: statistical principles of iris recognition , 2003, Pattern Recognit..

[43]  Maria Petrou,et al.  Proceedings of the 17th International Conference on Pattern Recognition (ICPR 2004) , 2004 .

[44]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[45]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[46]  Nasir D. Memon,et al.  Protecting Biometric Templates With Sketch: Theory and Practice , 2007, IEEE Transactions on Information Forensics and Security.

[47]  Sharath Pankanti,et al.  On the Individuality of Fingerprints , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[48]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[49]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..

[50]  Reihaneh Safavi-Naini,et al.  Cancelable Key-Based Fingerprint Templates , 2005, ACISP.

[51]  Sharath Pankanti,et al.  Fingerprint-Based Fuzzy Vault: Implementation and Performance , 2007, IEEE Transactions on Information Forensics and Security.

[52]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[53]  Stark C. Draper,et al.  Secure Storage of Fingerprint Biometrics Using Slepian-Wolf Codes , 2007 .

[54]  Marc Pollefeys,et al.  IEEE Computer Society Conference on Computer Vision and Pattern Recognition workshops, 2008 , 2008, CVPR 2008.