Académique Documents
Professionnel Documents
Culture Documents
Ruifang Wang1, 2, Xin Yang2, Xia Liu1 Sujing Zhou2, Peng Li2, Kai Cao2, and Jie Tian*2
School of Automation Center for Biometrics and Security Research
1 2
Harbin University of Science and Technology Institute of Automation, Chinese Academy of Sciences
Beijing, P.R. China Beijing, P.R. China
wangruifang@fingerpass.net.cn tian@fingerpass.net.cn
Abstract—The biometric template, which is stored in the form In this paper, we design a codebook named distance
of raw data, has become the greatest potential threat to the projection for biometric coding to generate secured biometric
security of biometric authentication system. As the template and propose a novel fingerprint template protection
compromise of the biometric data is permanent, the protection scheme. The proposed scheme based on our coding method
of biometric data is particularly important. Consequently, can remove Gaussian errors effectively and obtain promising
biometric template protection technologies have aroused authentication performance with a certain degree of security.
research highlights recently. One of the most popular template Experimental results illustrate that the proposed fingerprint
protection methods is biometric cryptosystem method. In this template protection scheme possesses practical value and
paper, we design a codebook named distance projection for
also can be combined with methods for removing burst
biometric coding to generate secured biometric template, and
errors to construct a minutia-based key binding system.
propose a novel fingerprint biometric cryptosystem scheme
based on the codebook. Experimental results on FVC2002 DB2 The rest of the paper is organized as follows. In Section 2,
show that the proposed scheme can obtain positive results on we propose the construction details of our codebook for
both security and authentication accuracy. biometric coding. The fingerprint template protection
scheme based on our coding method is given in Section 3. In
Keywords- biometrics; template protection; codebook Section 4, experimental results are presented. We do security
analysis of the proposed scheme in Section 5. Finally, we
I. INTRODUCTION finish with conclusion in Section 6.
Recently, biometric template protection technologies II. CODEBOOK DESIGN FOR BIOMETRIC CODING
have aroused research highlights. The main difficulty of We design a codebook named distance projection for
biometric template protection lies on the fuzziness of biometric encoding and decoding for Euclidean metric space.
biometrics. Unlike familiar cryptographic techniques, Given a real valued biometric feature vector
biometric data is inexact and can only be approximately
matched, and therefore cannot be protected by direct x ( x1, x2 ,, xl ) , where l is the biometric feature length.
cryptographic operations. Particularly, for minutia feature of Choose two vectors K (K1, K2 ,, Kl ) and (1 , 2 ,, l ) ,
fingerprints, the fuzziness is more complicated because the we can obtain the following codeword space
distance of two feature vector cannot be represented by C {(k11, k22 ,, kl l ) | ki Z ,0 ki Ki 1,1 i l} . (1)
single Euclidean metric or set difference metric, but The vector K is an integer vector to decide the size of
combining of the two kinds of metrics. Therefore, existing
codeword space, and its elements are decided by
algorithms dealing with the fingerprint fuzziness mainly
focus on removing Gaussian errors generated by Euclidean K i ( xi max xi min ) / i ,1 i l ,
(2)
distance for the first step and burst errors generated by set where i is the quantization step.
difference distance for the second step [9][10].
The distance projection encoding procedure projects
There are some state-of-art algorithms adopted for
each element of the biometric feature vector onto the nearest
removing burst errors [1][2]. However, algorithms to remove
Gaussian errors are mainly based on fuzzy vault method codeword zi Ci , which is decided by
[3][6], which mixed minutiae and randomly selected chaff z i arg min | x i c i |,1 i l . (3)
ci C i
points to generate secured fingerprint template. While the
fuzzy vault-based template suffers biometric information Then we compute the difference between the element value
leakage and cannot provide adequate security, Scheirer et al. and its corresponding codeword, i.e., di xi zi . And the
[4] introduced three classes of attacks against biometric codeword vector z ( z1, z2 ,, zl ) is used as a secret, while
fuzzy vaults: attack via record multiplicity (ARM),
surreptitious key-inversion (SKI) attack, and blended the difference vector d (d1 , d 2 , , d l ) is stored in the
substitution attacks. Then Kholmatov et al. [5] made the secured biometric template.
realization of correlation attack against the fuzzy vault In the decoding procedure, given a query feature vector
scheme successfully. x' ( x1 ' , x2 ' ,, xl ' ) and the difference vector d, we first
project each element of the query vector x' onto a codeword
887
891
IV. EXPERIMENTAL RESULTS where (u, v, ) is the translation and rotation parameter
The proposed fingerprint template protection scheme is vector, and (u (1)' , v (1)' , (1)' ) is the aligned coordinate feature
evaluated on database FVC2002 DB2 [8], which contains vector of a minutia in impression 1.
800 fingerprint images (100×8, 8 images per finger). All the Our experimental results under different quantization
images of DB2 are captured by the optical sensor step vector (u , v , ) are shown in Table I. And the
“FX2000” by Biometrika, with resolution of 569 dpi and results of performance comparison between the proposed
image size of 296×560. algorithm and fuzzy vault based method [6] are shown in
Table 2. When = (22, 22, 28) and num =13, the proposed
A. Quantization step
scheme gains good authentication accuracy (GAR=92% vs.
The quantization step vector (u , v , ) has key 86%, when FAR=0), and also high security ( num = 13 vs.
effects on authentication performance and security of the 11).
system. Large quantization steps ensure high error tolerance TABLE I. THE PROPOSED SYSTEM PERFORMANCE WITH VARIABLE
ability, but result in false matches from different fingers as a PARAMETERS (u , v , ) ON FVC2002 DB2
side effect. Moreover, we will see that large quantization
steps result in high entropy loss in section 5. A trade-off ( u , v , ) GAR(%) FAR(%)
between system security and authentication accuracy should
(22, 22, 30) 89% 0 14
be carefully considered.
In our experiments, we select quantization parameters (22, 22, 28) 92% 0 13
which satisfy the following condition [6] (22, 22, 26) 86% 0 14
DM (mi , m j ) (ui u j ) 2 (vi v j )2 M (i j ) , (5) (22, 22, 24) 91% 0 12
where D M ( m i , m j ) denotes the distance between two (22, 22, 22) 86% 0 14
minutia mi and m j , and M is the weight assigned to the TABLE II. PERFORMANCE COMPARISON BETWEEN THE PROPOSED
orientation contribute (set to 0.2). And we set u 2 | ui u j | , METHOD ( = (22, 22, 28)) AND THE FUZZY VAULT METHOD ON FVC2002
DB2
v 2 | vi v j | , 2 | i j | . Selection of well-separated
num 11 12 13
minutiae ensures that they are assigned unique codewords
when they are encoded into the codeword space C. In our Nandakumar GAR(%) 86%
experiments, DM (mi , mj ) is set to no more than 25 as the et al. [6] FAR(%) 0
maximum distance between a matched pair of minutiae. For GAR(%) 95% 94% 92%
instance, = (30, 32, 30) satisfies all the above conditions. Proposed
FAR(%) 0.08% 0.02% 0
B. Numerical results
The criteria that are used for evaluating the performance V. SECURITY ANALYSIS
are genuine accept rate (GAR) and false accept rate (FAR). The security of the proposed scheme is mainly based on
The genuine accept rate is the percentage of attempts made the data stored in the secured template: the difference vector
by genuine users that resulted in successful authentication. d and the feature hash value h Hash(r || u || v || ) . For a
The false accept rate is the percentage of attempts made by given codeword space C with parameters K and , the
imposters that resulted in successful template recovery.
entropy of m after observing d [9] is
Only impressions 1 and 2 of each finger in DB2 are used, so
H ( m | d ) H ( m) H ( m off ) , (8)
the number of genuine attempts is 100. The imposter
attempts are simulated by trying to decode a user’s protected where moff m z . An upper bound of the mutual
template using images from all the other users. Hence, the information H(moff ) can be decided by
number of imposter attempts is 9900. l
888
892
Then the entropy of a template minutia under brute force Foundation under Grant No. 4091004, Scientific Databases
attack is Program of the Chinese Academy of Sciences during the
H ( m | h ) log 2 p m . (11) 11th Five-Year Plan Period under Grant No. INFO-115-C01-
SDB4-30.
When = (22, 22, 28) and num = 13, the system
entropy is about 71 bits. REFERENCES
VI. CONCLUSION [1] A. Juels and M. Sudan, “A fuzzy vault scheme,” Proceedings of IEEE
International Symposium on Information Theory, Lausanne,
Biometric template protection is essential for security of Switzerland, 2002, p. 408.
biometric authentication system and has aroused research [2] A. Juels and M. Sudan, “A fuzzy vault scheme,” IJDCC: Designs,
highlights recently. A representative method is fingerprint Codes and Cryptography, 38, 237–257, 2006.
template protection using the idea of the fuzzy vault, which [3] U. Uludag, S. Pankanti, and A. Jain, “Fuzzy vault for fingerprints,”
AVBPA2005, 3546, pp. 310-319, 2005.
still suffers security vulnerabilities and information leakage.
[4] W. J. Scheirer and T. E. Boult, “Cracking fuzzy vaults and biometric
In this paper, we design a codebook named distance encryption,” Proceedings of the Biometrics Symposium, Baltimore,
projection for biometric coding to generate secured Md, USA, pp.1-6, 11-13, 2007.
biometric template and propose a novel fingerprint template [5] A. Kholmatov and B. Yanikoglu, “Realization of Correla-tion Attack
protection scheme to solve security limitation problems of Against the Fuzzy Vault Scheme,” Proc. of SPIE Symposium on
the fuzzy vault-based method. Experimental results on Security, Forensics, Steganography, and Watermarking of
Multimedia Contents X, vol. 6819, San Jose, USA, January 2008.
FVC2002 DB2 show that the proposed scheme can obtain
[6] K. Nandakumar, A. K. Jain, S. Pankanti, ”Fingerprint-based fuzzy
positive results on both security and authentication accuracy. vault: Implementation and performance,” IEEE Transactions on
Finally, our future work will concentrate on combining Information Forensics and Security, 2 (4) (2007) 744–757.
the proposed fingerprint template protection scheme with [7] http://www.neurotechnology.com/verifinger.html
methods for removing burst errors to construct a minutia- [8] D. Maio, D. Maltoni, R. Cappelli, J. Wayman, A. Jain, “FVC2002:
based key binding system. Second fingerprint verification competition,” International
Conference on Pattern Recognition, Vol. 16, 2002, pp. 811–814.
ACKNOWLEDGMENT [9] J. Golić, M. Baltatu, “Soft Generation of Secure Biometric Keys,”
Information Security and Privacy 12th Australasian Conference,
This paper is supported by the Project of National ACISP2007, Townsville, Australia, July 2-4, 2007: Proceedings,
Natural Science Foundation of China under Grant No. Springer, p. 107.
60875018 and 60621001, National High Technology [10] A. Nagar, K. Nandakumar, A. Jain, “A hybrid biometric cryptosystem
Research and Development Program of China under Grant for securing fingerprint minutiae templates,” Pattern Recognition
No. 2008AA01Z411, Chinese Academy of Sciences Letters, Vol.31, 1 June 2010, pp. 733-741.
Hundred Talents Program, Beijing Natural Science
889
893