159 research outputs found
Privacy in Biometric Systems
Biometrics are physiological and/or behavioral characteristics of a person that have been used to provide an automatic proof of identity in a growing list of applications including crime/terrorism fighting, forensics, access and border control, securing e-/m-commerce transactions and service entitlements. In recent years, a great deal of research into a variety of new and traditional biometrics has widened the scope of investigations beyond improving accuracy into mechanisms that deal with serious concerns raised about the potential misuse of collected biometric data. Despite the long list of biometrics’ benefits, privacy concerns have become widely shared due to the fact that every time the biometric of a person is checked, a trace is left that could reveal personal and confidential information. In fact, biometric-based recognition has an inherent privacy problem as it relies on capturing, analyzing, and storing personal data about us as individuals. For example, biometric systems deal with data related to the way we look (face, iris), the way we walk (gait), the way we talk (speaker recognition), the way we write (handwriting), the way we type on a keyboard (keystroke), the way we read (eye movement), and many more. Privacy has become a serious concern for the public as biometric systems are increasingly deployed in many applications ranging from accessing our account on a Smartphone or computer to border control and national biometric cards on a very large scale. For example, the Unique Identification Authority of India (UIDAI) has issued 56 million biometric cards as of January 2014 [1], where each biometric card holds templates of the 10 fingers, the two irises and the face. An essential factor behind the growing popularity of biometrics in recent years is the fact that biometric sensors have become a lot cheaper as well as easier to install and handle. CCTV cameras are installed nearly everywhere and almost all Smartphones are equipped with a camera, microphone, fingerprint scanner, and probably very soon, an iris scanner
A fingerprint based crypto-biometric system for secure communication
To ensure the secure transmission of data, cryptography is treated as the
most effective solution. Cryptographic key is an important entity in this
procedure. In general, randomly generated cryptographic key (of 256 bits) is
difficult to remember. However, such a key needs to be stored in a protected
place or transported through a shared communication line which, in fact, poses
another threat to security. As an alternative, researchers advocate the
generation of cryptographic key using the biometric traits of both sender and
receiver during the sessions of communication, thus avoiding key storing and at
the same time without compromising the strength in security. Nevertheless, the
biometric-based cryptographic key generation possesses few concerns such as
privacy of biometrics, sharing of biometric data between both communicating
users (i.e., sender and receiver), and generating revocable key from
irrevocable biometric. This work addresses the above-mentioned concerns.
In this work, a framework for secure communication between two users using
fingerprint based crypto-biometric system has been proposed. For this,
Diffie-Hellman (DH) algorithm is used to generate public keys from private keys
of both sender and receiver which are shared and further used to produce a
symmetric cryptographic key at both ends. In this approach, revocable key for
symmetric cryptography is generated from irrevocable fingerprint. The biometric
data is neither stored nor shared which ensures the security of biometric data,
and perfect forward secrecy is achieved using session keys. This work also
ensures the long-term security of messages communicated between two users.
Based on the experimental evaluation over four datasets of FVC2002 and NIST
special database, the proposed framework is privacy-preserving and could be
utilized onto real access control systems.Comment: 29 single column pages, 8 figure
State of the Art in Biometric Key Binding and Key Generation Schemes
Direct storage of biometric templates in databases exposes the authentication system and legitimate users to numerous security and privacy challenges. Biometric cryptosystems or template protection schemes are used to overcome the security and privacy challenges associated with the use of biometrics as a means of authentication. This paper presents a review of previous works in biometric key binding and key generation schemes. The review focuses on key binding techniques such as biometric encryption, fuzzy commitment scheme, fuzzy vault and shielding function. Two categories of key generation schemes considered are private template and quantization schemes. The paper also discusses the modes of operations, strengths and weaknesses of various kinds of key-based template protection schemes. The goal is to provide the reader with a clear understanding of the current and emerging trends in key-based biometric cryptosystems
A New Biometric Template Protection using Random Orthonormal Projection and Fuzzy Commitment
Biometric template protection is one of most essential parts in putting a
biometric-based authentication system into practice. There have been many
researches proposing different solutions to secure biometric templates of
users. They can be categorized into two approaches: feature transformation and
biometric cryptosystem. However, no one single template protection approach can
satisfy all the requirements of a secure biometric-based authentication system.
In this work, we will propose a novel hybrid biometric template protection
which takes benefits of both approaches while preventing their limitations. The
experiments demonstrate that the performance of the system can be maintained
with the support of a new random orthonormal project technique, which reduces
the computational complexity while preserving the accuracy. Meanwhile, the
security of biometric templates is guaranteed by employing fuzzy commitment
protocol.Comment: 11 pages, 6 figures, accepted for IMCOM 201
Composite Fixed-Length Ordered Features for Palmprint Template Protection with Diminished Performance Loss
Palmprint recognition has become more and more popular due to its advantages
over other biometric modalities such as fingerprint, in that it is larger in
area, richer in information and able to work at a distance. However, the issue
of palmprint privacy and security (especially palmprint template protection)
remains under-studied. Among the very few research works, most of them only use
the directional and orientation features of the palmprint with transformation
processing, yielding unsatisfactory protection and identification performance.
Thus, this paper proposes a palmprint template protection-oriented operator
that has a fixed length and is ordered in nature, by fusing point features and
orientation features. Firstly, double orientations are extracted with more
accuracy based on MFRAT. Then key points of SURF are extracted and converted to
be fixed-length and ordered features. Finally, composite features that fuse up
the double orientations and SURF points are transformed using the irreversible
transformation of IOM to generate the revocable palmprint template. Experiments
show that the EER after irreversible transformation on the PolyU and CASIA
databases are 0.17% and 0.19% respectively, and the absolute precision loss is
0.08% and 0.07%, respectively, which proves the advantage of our method
Improved fuzzy hashing technique for biometric template protection
Biometrics provides a new dimension of security to modern automated applications since each user will need to prove his identity when attempting an access. However, if a stored biometric template is compromised, then the conventional biometric recognition system becomes vulnerable to privacy invasion. This invasion is a permanent one because the biometric template is not replaceable. In this paper, we introduce an improved FuzzyHashing technique for biometric template protection purpose. We demonstrate our implementation in the context of fingerprint biometrics. The experimental results and the security analysis on FVC 2004 DB1 and DB2 fingerprint datasets suggest that the technique is highly feasible in practice
- …