Hybrid biometric template protection:Resolving the agony of choice between bloom filters and homomorphic encryption

Abstract Bloom filters (BFs) and homomorphic encryption (HE) are prominent techniques used to design biometric template protection (BTP) schemes that aim to protect sensitive biometric information during storage and biometric comparison. However, the pros and cons of BF‐ and HE‐based BTPs are not well studied in literature. We investigate the strengths and weaknesses of these two approaches since both seem promising from a theoretical viewpoint. Our key insight is to extend our theoretical investigation to cover the practical case of iris recognition on the ground that iris (1) benefits from the alignment‐free property of BFs and (2) induces huge computational burdens when implemented in the HE‐encrypted domain. BF‐based BTPs can be implemented to be either fast with high recognition accuracy while missing the important privacy property of ‘unlinkability’, or to be fast with unlinkability‐property while missing the high accuracy. HE‐based BTPs, on the other hand, are highly secure, achieve good accuracy, and meet the unlinkability‐property, but they are much slower than BF‐based approaches. As a synthesis, we propose a hybrid BTP scheme that combines the good properties of BFs and HE, ensuring unlinkability and high recognition accuracy, while being about seven times faster than the traditional HE‐based approach

A cancelable iris- and steganography-based user authentication system for the Internet of Things

Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique-steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques

Handbook of Vascular Biometrics

This open access handbook provides the first comprehensive overview of biometrics exploiting the shape of human blood vessels for biometric recognition, i.e. vascular biometrics, including finger vein recognition, hand/palm vein recognition, retina recognition, and sclera recognition. After an introductory chapter summarizing the state of the art in and availability of commercial systems and open datasets/open source software, individual chapters focus on specific aspects of one of the biometric modalities, including questions of usability, security, and privacy. The book features contributions from both academia and major industrial manufacturers

Bytewise Approximate Matching: The Good, The Bad, and The Unknown

Hash functions are established and well-known in digital forensics, where they are commonly used for proving integrity and file identification (i.e., hash all files on a seized device and compare the fingerprints against a reference database). However, with respect to the latter operation, an active adversary can easily overcome this approach because traditional hashes are designed to be sensitive to altering an input; output will significantly change if a single bit is flipped. Therefore, researchers developed approximate matching, which is a rather new, less prominent area but was conceived as a more robust counterpart to traditional hashing. Since the conception of approximate matching, the community has constructed numerous algorithms, extensions, and additional applications for this technology, and are still working on novel concepts to improve the status quo. In this survey article, we conduct a high-level review of the existing literature from a non-technical perspective and summarize the existing body of knowledge in approximate matching, with special focus on bytewise algorithms. Our contribution allows researchers and practitioners to receive an overview of the state of the art of approximate matching so that they may understand the capabilities and challenges of the field. Simply, we present the terminology, use cases, classification, requirements, testing methods, algorithms, applications, and a list of primary and secondary literature