A cancelable iris- and steganography-based user authentication system for the Internet of Things

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique-steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques

A Secure Online Fingerprint Authentication System for Industrial IoT Devices over 5G Networks

The development of 5G networks has rapidly increased the use of Industrial Internet of Things (IIoT) devices for control, monitoring, and processing purposes. Biometric-based user authentication can prevent unauthorized access to IIoT devices, thereby safeguarding data security during production. However, most biometric authentication systems in the IIoT have no template protection, thus risking raw biometric data stored as templates in central databases or IIoT devices. Moreover, traditional biometric authentication faces slow, limited database holding capacity and data transmission problems. To address these issues, in this paper we propose a secure online fingerprint authentication system for IIoT devices over 5G networks. The core of the proposed system is the design of a cancelable fingerprint template, which protects original minutia features and provides privacy and security guarantee for both entity users and the message content transmitted between IIoT devices and the cloud server via 5G networks. Compared with state-of-the-art methods, the proposed authentication system shows competitive performance on six public fingerprint databases, while saving computational costs and achieving fast online matching

THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

On the Security Risk of Cancelable Biometrics

Over the years, a number of biometric template protection schemes, primarily based on the notion of "cancelable biometrics" (CB) have been proposed. An ideal cancelable biometric algorithm possesses four criteria, i.e., irreversibility, revocability, unlinkability, and performance preservation. Cancelable biometrics employed an irreversible but distance preserving transform to convert the original biometric templates to the protected templates. Matching in the transformed domain can be accomplished due to the property of distance preservation. However, the distance preservation property invites security issues, which are often neglected. In this paper, we analyzed the property of distance preservation in cancelable biometrics, and subsequently, a pre-image attack is launched to break the security of cancelable biometrics under the Kerckhoffs's assumption, where the cancelable biometrics algorithm and parameters are known to the attackers. Furthermore, we proposed a framework based on mutual information to measure the information leakage incurred by the distance preserving transform, and demonstrated that information leakage is theoretically inevitable. The results examined on face, iris, and fingerprint revealed that the risks origin from the matching score computed from the distance/similarity of two cancelable templates jeopardize the security of cancelable biometrics schemes greatly. At the end, we discussed the security and accuracy trade-off and made recommendations against pre-image attacks in order to design a secure biometric system.Comment: Submit to P

Hybrid biometric template protection:Resolving the agony of choice between bloom filters and homomorphic encryption

Abstract Bloom filters (BFs) and homomorphic encryption (HE) are prominent techniques used to design biometric template protection (BTP) schemes that aim to protect sensitive biometric information during storage and biometric comparison. However, the pros and cons of BF‐ and HE‐based BTPs are not well studied in literature. We investigate the strengths and weaknesses of these two approaches since both seem promising from a theoretical viewpoint. Our key insight is to extend our theoretical investigation to cover the practical case of iris recognition on the ground that iris (1) benefits from the alignment‐free property of BFs and (2) induces huge computational burdens when implemented in the HE‐encrypted domain. BF‐based BTPs can be implemented to be either fast with high recognition accuracy while missing the important privacy property of ‘unlinkability’, or to be fast with unlinkability‐property while missing the high accuracy. HE‐based BTPs, on the other hand, are highly secure, achieve good accuracy, and meet the unlinkability‐property, but they are much slower than BF‐based approaches. As a synthesis, we propose a hybrid BTP scheme that combines the good properties of BFs and HE, ensuring unlinkability and high recognition accuracy, while being about seven times faster than the traditional HE‐based approach

Developing an Algorithm for Securing the Biometric Data Template in the Database

This research article published by the International Journal of Advanced Computer Science and Applications, Vol. 10, No. 10, 2019In the current technology advancement, biometric template provides a dependable solution to the problem of user verification in an identity control system. The template is saved in the database during the enrollment and compared with query information in the verification stage. Serious security and privacy concerns can arise, if raw, unprotected data template is saved in the database. An attacker can hack the template information in the database to gain illicit access. A novel approach of encryption-decryption algorithm utilizing a design pattern of Model View Template (MVT) is developed to secure the biometric data template. The model manages information logically, the view shows the visualization of the data, and the template addresses the data migration into pattern object. The established algorithm is based on the cryptographic module of the Fernet key instance. The Fernet keys are combined to generate a multiFernet key to produce two encrypted files (byte and text file). These files are incorporated with Twilio message and securely preserved in the database. In the event where an attacker tries to access the biometric data template in the database, the system alerts the user and stops the attacker from unauthorized access, and cross-verify the impersonator based on the validation of the ownership. Thus, helps inform the users and the authority of, how secure the individual biometric data template is, and provided a high level of the security pertaining the individual data privac

Global and local feature-based transformations for fingerprint data protection

Due to its non-shareable characteristic, biometrics has been widely implemented for authenticating users. This characteristic asserts that biometrics meets the non-repudiation requirement which is one of the key factors in the authentication system. Among biometric modalities, fingerprints have the best capability for satisfying both technical and social aspects of an authentication system. Nevertheless, similar to other modalities, once the stored fingerprint template has been compromised, the effect will be forever since the fingerprint pattern is permanent. So, a mechanism which can protect this fingerprint pattern is desired. Common cryptographic approaches, however, do not work due to uncertainty in the captured fingerprint image caused by disturbing factors either in the scanner or in the finger itself. While authenticating fingerprints in a plain format is not secure, in a cipher format it is impractical because slightly different inputs result in completely different outputs. Therefore, a specific transformation mechanism is needed: one which is able to accept similar fingerprints and reject dissimilar fingerprints, while at the same time generating a relatively non-invertible fingerprint template. Most of the existing protection approaches, however, have high error rates which make them inappropriate to implement. The approaches proposed in this thesis are for addressing this problem, in particular. The proposed approaches comprise three modules: feature transformation, feature representation and feature comparison. The evaluation is to measure the accuracy, the capability for revoking the template and generating another template, and the capability for scrambling the fingerprint pattern. The first approach, which is a global feature-based transformation, is developed by exploring both the fingerprint singular point and minutiae points. The experimental results show that this approach is able to improve the existing performance, despite possible limitations (e.g., relying on the core point). In order to eliminate possible drawbacks of that global feature-based transformation, a local-based transformation is implemented by extracting only minutiae points. This has been able to eliminate the core-point dependency and at the same time produce only a slightly higher error rate than the previous proposed approach. To make further improvements, the third approach is designed in both Cartesian and polar coordinate spaces. This approach has been able to take advantages of being core point independent and at the same time generates higher performance than most of the existing approaches

Iris Template Protection Based on Local Ranking

Biometrics have been widely studied in recent years, and they are increasingly employed in real-world applications. Meanwhile, a number of potential threats to the privacy of biometric data arise. Iris template protection demands that the privacy of iris data should be protected when performing iris recognition. According to the international standard ISO/IEC 24745, iris template protection should satisfy the irreversibility, revocability, and unlinkability. However, existing works about iris template protection demonstrate that it is difficult to satisfy the three privacy requirements simultaneously while supporting effective iris recognition. In this paper, we propose an iris template protection method based on local ranking. Specifically, the iris data are first XORed (Exclusive OR operation) with an application-specific string; next, we divide the results into blocks and then partition the blocks into groups. The blocks in each group are ranked according to their decimal values, and original blocks are transformed to their rank values for storage. We also extend the basic method to support the shifting strategy and masking strategy, which are two important strategies for iris recognition. We demonstrate that the proposed method satisfies the irreversibility, revocability, and unlinkability. Experimental results on typical iris datasets (i.e., CASIA-IrisV3-Interval, CASIA-IrisV4-Lamp, UBIRIS-V1-S1, and MMU-V1) show that the proposed method could maintain the recognition performance while protecting the privacy of iris data