Evaluation of security for biometric guessing attacks in biometric cryptosystem using fuzzy commitment scheme

Biometric authentication based on template protection has attracted attention in the past decade. In the discussion on the security of these systems, however, the content of biometric information is assumed to be sufficiently large, and real conditions of biometric features have not yet been reflected. This paper focuses on a biometric cryptosystem using a fuzzy commitment scheme and demonstrates correlation between fingerprint bit strings by using our method for evaluating the content of biometric information. Additionally, attacks to guess biometric bit strings, which take advantage of correlation between them, are explained, and the security against these attacks is theoretically and experimentally discussed.

[1]  John Daugman,et al.  The importance of being random: statistical principles of iris recognition , 2003, Pattern Recognit..

[2]  J. L. Wayman,et al.  Best practices in testing and reporting performance of biometric devices. , 2002 .

[3]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[4]  Arjan Kuijper,et al.  Retrieving secrets from iris fuzzy commitment , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[5]  Bart Preneel,et al.  Privacy Weaknesses in Biometric Sketches , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[6]  Chun Chen,et al.  Binary Biometric Representation through Pairwise Polar Quantization , 2009, ICB.

[7]  Naohisa Komatsu,et al.  A metric of identification performance of biometrics based on information content , 2010, 2010 11th International Conference on Control Automation Robotics & Vision.

[8]  Raymond N. J. Veldhuis,et al.  Preventing the Decodability Attack Based Cross-Matching in a Fuzzy Commitment Scheme , 2011, IEEE Transactions on Information Forensics and Security.

[9]  Stark C. Draper,et al.  An information-theoretic analysis of revocability and reusability in secure biometrics , 2011, 2011 Information Theory and Applications Workshop.

[10]  Raymond N. J. Veldhuis,et al.  Practical Biometric Authentication with Template Protection , 2005, AVBPA.