Protected Honey Face Templates

Most existing biometric template protection schemes (BTPS) do not provide as strong security as cryptographic tools; and furthermore, they are rarely able to detect during a verification process whether a probe template has been leaked from the database or not (i.e., being used by an imposter or a genuine user). By using the "honeywords" idea, which was proposed to detect the cracking of hashed password database, we show in this paper how to enable the detectability of biometric template database leakage. We add an extra layer of protection since biometric features cannot be renewed. The biometric system design implies that protection mechanisms must satisfy the irreversibility property and to this respect we apply different correlation tests to show the non-distinguishability between genuine and honey templates. In this paper we implement the idea of a honey template protection scheme on faces and evaluate the security and accuracy performance.

[1]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[2]  J. Fierrez-Aguilar,et al.  Hill-Climbing and Brute-Force Attacks on Biometric Systems: A Case Study in Match-on-Card Fingerprint Verification , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[3]  Bian Yang,et al.  Using Honey Templates to Augment Hash Based Biometric Template Protection , 2015, 2015 IEEE 39th Annual Computer Software and Applications Conference.

[4]  Bart Preneel,et al.  Criteria towards metrics for benchmarking template protection algorithms , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[5]  Christoph Busch,et al.  Dynamic random projection for biometric template protection , 2010, 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[6]  Arjan Kuijper,et al.  Feature Correlation Attack on Biometric Privacy Protection Schemes , 2009, 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[7]  Salvatore J. Stolfo,et al.  Baiting Inside Attackers Using Decoy Documents , 2009, SecureComm.

[8]  Ari Juels A bodyguard of lies: the use of honey objects in information security , 2014, SACMAT '14.

[9]  Manabu Inuma,et al.  A relation between irreversibility and unlinkability for biometric template protection algorithms , 2014 .

[10]  Andrew Beng Jin Teoh,et al.  Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[11]  Nasir D. Memon,et al.  Protecting Biometric Templates With Sketch: Theory and Practice , 2007, IEEE Transactions on Information Forensics and Security.

[12]  Jose Nazario,et al.  PhoneyC: A Virtual Client Honeypot , 2009, LEET.

[13]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[14]  Ronald L. Rivest,et al.  Honeywords: making password-cracking detectable , 2013, CCS.