337 research outputs found
A New Biometric Template Protection using Random Orthonormal Projection and Fuzzy Commitment
Biometric template protection is one of most essential parts in putting a
biometric-based authentication system into practice. There have been many
researches proposing different solutions to secure biometric templates of
users. They can be categorized into two approaches: feature transformation and
biometric cryptosystem. However, no one single template protection approach can
satisfy all the requirements of a secure biometric-based authentication system.
In this work, we will propose a novel hybrid biometric template protection
which takes benefits of both approaches while preventing their limitations. The
experiments demonstrate that the performance of the system can be maintained
with the support of a new random orthonormal project technique, which reduces
the computational complexity while preserving the accuracy. Meanwhile, the
security of biometric templates is guaranteed by employing fuzzy commitment
protocol.Comment: 11 pages, 6 figures, accepted for IMCOM 201
THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system
In this paper, we propose a new biometric verification and template
protection system which we call the THRIVE system. The system includes novel
enrollment and authentication protocols based on threshold homomorphic
cryptosystem where the private key is shared between a user and the verifier.
In the THRIVE system, only encrypted binary biometric templates are stored in
the database and verification is performed via homomorphically randomized
templates, thus, original templates are never revealed during the
authentication stage. The THRIVE system is designed for the malicious model
where the cheating party may arbitrarily deviate from the protocol
specification. Since threshold homomorphic encryption scheme is used, a
malicious database owner cannot perform decryption on encrypted templates of
the users in the database. Therefore, security of the THRIVE system is enhanced
using a two-factor authentication scheme involving the user's private key and
the biometric data. We prove security and privacy preservation capability of
the proposed system in the simulation-based model with no assumption. The
proposed system is suitable for applications where the user does not want to
reveal her biometrics to the verifier in plain form but she needs to proof her
physical presence by using biometrics. The system can be used with any
biometric modality and biometric feature extraction scheme whose output
templates can be binarized. The overall connection time for the proposed THRIVE
system is estimated to be 336 ms on average for 256-bit biohash vectors on a
desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link
connection speed. Consequently, the proposed system can be efficiently used in
real life applications
Security and accuracy of fingerprint-based biometrics: A review
Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two most critical attacks to biometric systems, namely, attacks to the user interface and template databases. How to design proper countermeasures to thwart these attacks, thereby providing strong security and yet at the same time maintaining high recognition accuracy, is a hot research topic currently, as well as in the foreseeable future. Moreover, recognition accuracy under non-ideal conditions is more likely to be unsatisfactory and thus needs particular attention in biometric system design. Related challenges and current research trends are also outlined in this paper
Security and accuracy of fingerprint-based biometrics: A review
Biometric systems are increasingly replacing traditional password- and token-based authentication systems. Security and recognition accuracy are the two most important aspects to consider in designing a biometric system. In this paper, a comprehensive review is presented to shed light on the latest developments in the study of fingerprint-based biometrics covering these two aspects with a view to improving system security and recognition accuracy. Based on a thorough analysis and discussion, limitations of existing research work are outlined and suggestions for future work are provided. It is shown in the paper that researchers continue to face challenges in tackling the two most critical attacks to biometric systems, namely, attacks to the user interface and template databases. How to design proper countermeasures to thwart these attacks, thereby providing strong security and yet at the same time maintaining high recognition accuracy, is a hot research topic currently, as well as in the foreseeable future. Moreover, recognition accuracy under non-ideal conditions is more likely to be unsatisfactory and thus needs particular attention in biometric system design. Related challenges and current research trends are also outlined in this paper
Privacy Protection in Distributed Fingerprint-based Authentication
Biometric authentication is getting increasingly popular due to the
convenience of using unique individual traits, such as fingerprints, palm
veins, irises. Especially fingerprints are widely used nowadays due to the
availability and low cost of fingerprint scanners. To avoid identity theft or
impersonation, fingerprint data is typically stored locally, e.g., in a trusted
hardware module, in a single device that is used for user enrollment and
authentication. Local storage, however, limits the ability to implement
distributed applications, in which users can enroll their fingerprint once and
use it to access multiple physical locations and mobile applications
afterwards.
In this paper, we present a distributed authentication system that stores
fingerprint data in a server or cloud infrastructure in a privacy-preserving
way. Multiple devices can be connected and perform user enrollment or
verification. To secure the privacy and integrity of sensitive data, we employ
a cryptographic construct called fuzzy vault. We highlight challenges in
implementing fuzzy vault-based authentication, for which we propose and compare
alternative solutions. We conduct a security analysis of our biometric
cryptosystem, and as a proof of concept, we build an authentication system for
access control using resource-constrained devices (Raspberry Pis) connected to
fingerprint scanners and the Microsoft Azure cloud environment. Furthermore, we
evaluate the fingerprint matching algorithm against the well-known FVC2006
database and show that it can achieve comparable accuracy to widely-used
matching techniques that are not designed for privacy, while remaining
efficient with an authentication time of few seconds.Comment: This is an extended version of the paper with the same title which
has been accepted for publication at the Workshop on Privacy in the
Electronic Society (WPES 2019
- …