Abhilasha Bhargav-Spantzel,Anna Squicciarini,Elisa Bertino,Xiangwei Kong,Weike Zhang

DOI: https://doi.org/10.1145/1750389.1750401

2010-01-01

Abstract:We present algorithms to reliably generate biometric identifiers from a user's biometric image which in turn is used for identity verification possibly in conjunction with cryptographic keys. The biometric identifier generation algorithms employ image hashing functions using singular value decomposition and support vector classification techniques. Our algorithms capture generic biometric features that ensure unique and repeatable biometric identifiers. We provide an empirical evaluation of our techniques using 2569 images of 488 different individuals for three types of biometric images; namely fingerprint, iris and face. Based on the biometric type and the classification models, as a result of the empirical evaluation we can generate biometric identifiers ranging from 64 bits up to 214 bits. We provide an example use of the biometric identifiers in privacy preserving multi-factor identity verification based on zero knowledge proofs. Therefore several identity verification factors, including various traditional identity attributes, can be used in conjunction with one or more biometrics of the individual to provide strong identity verification. We also ensure security and privacy of the biometric data. More specifically, we analyze several attack scenarios. We assure privacy of the biometric using the one-way hashing property, in that no information about the original biometric image is revealed from the biometric identifier.

Zhendong Wu,Longwei Tian,Ping Li,Ting Wu,Ming Jiang,Chunming Wu

DOI: https://doi.org/10.1016/j.ins.2016.12.048

IF: 8.1

2018-01-01

Information Sciences

Abstract:Cloud computing is profoundly changing the way of data storage, transfer and process. User authentication is the first security barrier for cloud computing. However, the security of traditional biometric-template-based authentication technology has been challenged because of the information leakage of biometric templates and insufficient user-key strength, which is limited by the ability of the user to memorize keys. In this paper, we propose a new bio-key generation algorithm named FVHS, which combines the advantages of both biometrics authentication and user-key authentication. It directly generates stable and sufficiently strong bio-key sequences from finger vein biometrics. Based on FVHS, a new framework for cloud computing authentication is presented that provides a more flexible, convenient, and secure user authentication. The key idea of FVHS is that through combining machine learning, biometrics, and cryptography technologies, we can mine a special feature vector from the biometrics space that can be separated and stabilized into a fixed number sequence in a higher-dimensional space. Both a theoretical analysis and experimental verification show that FVHS can extract stable bio-keys from high quality finger vein images. FVHS can extract a finger vein bio-key with a Genuine Accept Rate of more than 99.9%, while the False Accept Rate is less than 0.8% and Equal Error Rate is less than 0.5%. Meanwhile, the security strength can reach 256 bits.

Bo Fu,Jun-Lin Zhou,Gui-Duo Duan,Si-Yu Zhuan,Jian-Ping Li

DOI: https://doi.org/10.1142/9789812772763_0156

2006-01-01

Abstract:Cryptographic key is the central problem in cryptographic techniques. The key based on password protection is not enough secure because of the low entropy in user chosen passwords that can be exploited to launch password-guessing attacks. And the length of cryptographic key generated from user's biometric features directly is limited. Differ from prior methods, a novel scheme of cryptographic key generation based on biometric features and secret sharing is proposed. Biometric feature vectors is transformed through orthogonal matrix, and mapped to integer spaces. Then, a steady integer vector is obtained, and can be utilized to bind with cryptographic key by Shanties secret sharing scheme. This method may realize the security of key storing, and can produce the key of the arbitrary length.

Lin You,Guowei Zhang,Fan Zhang

DOI: https://doi.org/10.1109/ICCIT.2010.5711128

2010-01-01

Abstract:The biometric cryptographic system can provide the organic integration of biometric features and the traditional cryptology. The application of biometric keys can not only hide the information of users' biometric features, but also securely realize secret key production, recovery and certification. This paper proposes a new scheme of cryptographic key generation method based on fingerprint features and the (t,n)- threshold scheme. Our method can not only protect the user's key but can also effectively prevent the legitimate user's biometric features revealed. Our experiment results show that the key generation and recovery are efficient, and our proposed algorithm can achieve the anticipated results.

Lifang Wu,Xingsheng Liu,Songlong Yuan,Peng Xiao

DOI: https://doi.org/10.1109/icosp.2010.5656719

IF: 4.729

2010-01-01

Signal Processing

Abstract:With the development of Internet, Information security is becoming more and more important. Traditional cryptographic methods require the user to remember keys, it is not convenient. Biometrics based cryptographic key generation techniques generate cryptographic keys from biometrics directly. In this paper, we propose a biometric cryptosystem based on face biometrics. At encryption stage, a 128-dimensional principal component analysis (PCA) feature vector is firstly extracted from the face image. And a 128 bit binary vector is obtained by thresholding. Then we select the distinguishable bits to form bio-key and the optimal bit order number is saved in a look-up table. Furthermore, an error-correct-code (ECC) is generated using Reed-Solomon algorithm. The message is encrypted using symmetric DES with bio-key. In decryption phase, a 128-dimensional PCA features vector extracted from the query face image. Then a bio-key is generated using the look-up table generated at encryption stage. The final key is obtained using both bio-key and Error correct code (ECC). Finally, the symmetric DES decryption algorithm implemented to obtain message using final key. The proposed scheme is tested using ORL face database, the experimental results shows that our algorithm is effective.

Zhou Qing,Hu Yue,Liao Xiao-Feng

DOI: https://doi.org/10.7498/aps.58.4477

2009-01-01

Abstract:Biometric cryptosystems are widely studied recently, which bind a cryptographic key with the biometric characteristic of a user in such a way that the key cannot be recovered without a successful biometric authentication. By now, the key is generated from extra random number generators, which makes the system more complex. A novel method is proposed, which generates the key from biometric characteristics directly, and makes the biometric cryptosystems much cheaper, simpler and more convenient. To make the keys secure enough, the TD-ERCS is adopted and revised in the proposed algorithm. Experiments show that the algorithm is sensitive to biometric characteristics, free of collision, and the generated keys seem also random. It is believed that such a algorithm can be practically used for various biometric cryptosystems.

Peiyi Wang,Lin You,Gengran Hu,Liqin Hu,Zhihua Jian,Chaoping Xing

DOI: https://doi.org/10.1016/j.patcog.2020.107733

IF: 8

2020-01-01

Pattern Recognition

Abstract:•The bio-key is generated based on the feature distances between the minutiae and it will ensure a better security of the fingerprint data or template.•The generated intervals can decrease the influence of the fingerprint intra-variation and improve the bio-key regeneration rate.•The codewords obtained from the encoding of the generated intervals can implement the cancellability of the bio-key.•The generated bio-key by our approach can be updated by changing the interval codewords.•The two-layer error correction technique can detect and correct the random or unexpected errors and it will improve the reliability of the bio-key.•Our bio-key generation approach has been practically experimented.

Wu Lifang,Zhou Peng,Liu Xingsheng

DOI: https://doi.org/10.3969/j.issn.2095-2783.2011.10.010

2011-01-01

Abstract:With biometric technology widely used,a key generation scheme based on face biometrics emerges.We propose a key generation scheme based on face biometrics and apply it in authentication.In order to decrease false accept rate(FAR) and false rejection rate(FRR),biohashing and statistically optimal algorithm are chosen to generate the key.In enrollment stage,a 128-dimensional principal component analysis(PCA) feature vector is firstly extracted from the face image.And a biohashing process is utilized to improve the security and control the intra-class variations of biometric data to the minimal level.From the binary vector of 128 bits we select the statistically distinguishable 64 bits to form bio-key.Furthermore,an error-correct-code(ECC) is generated using Reed-Solomon algorithm.In authentication stage,the same procedure is implemented to extract PCA features and randomize the feature vectors.Then a bio-key is generated using the look-up table and auxiliary code.The authentication mainly relies on checking the validity of the bio-key.The experimental results using ORL face database shows that our algorithm is more effective.And when FAR is 0,the corresponding FRR of our approach is 6.5%.

张国伟,游林

DOI: https://doi.org/10.3969/j.issn.1674-4942.2010.02.008

2010-01-01

Abstract:The biometric cryptographic system can provide the integration of biological features and the traditional cryptology. The use of biological keys can not only hide the user's biological feature information but also realize safe key generation, recovery and authentication. This paper proposes a scheme for secure key keeping and generation based on fingerprint features. The experimental results indicate that the success rate of the key recovery is about 91%, and it shows our algorithm is highly efficient and is of practical significance.

A. Jagadeesan,K. Duraiswamy

DOI: https://doi.org/10.48550/arXiv.1002.2527

2010-02-12

Abstract:Human users have a tough time remembering long cryptographic keys. Hence, researchers, for so long, have been examining ways to utilize biometric features of the user instead of a memorable password or passphrase, in an effort to generate strong and repeatable cryptographic keys. Our objective is to incorporate the volatility of the users biometric features into the generated key, so as to make the key unguessable to an attacker lacking significant knowledge of the users biometrics. We go one step further trying to incorporate multiple biometric modalities into cryptographic key generation so as to provide better security. In this article, we propose an efficient approach based on multimodal biometrics (Iris and fingerprint) for generation of secure cryptographic key. The proposed approach is composed of three modules namely, 1) Feature extraction, 2) Multimodal biometric template generation and 3) Cryptographic key generation. Initially, the features, minutiae points and texture properties are extracted from the fingerprint and iris images respectively. Subsequently, the extracted features are fused together at the feature level to construct the multibiometric template. Finally, a 256bit secure cryptographic key is generated from the multibiometric template. For experimentation, we have employed the fingerprint images obtained from publicly available sources and the iris images from CASIA Iris Database. The experimental results demonstrate the effectiveness of the proposed approach.

Cryptography and Security

周庆,胡月,廖晓峰

DOI: https://doi.org/10.3778/j.issn.1002-8331.2009.15.024

2009-01-01

Abstract:Biometric characteristics such as face,fingerprint,iris and signature,etc.are applied successfully for personal verification and identification.A cryptographic key generator based on biometric characteristics is proposed,which is convenient,cheap and secure.The similarities between characteristics are eliminated by some signal processing methods.Experiments on Windows mobile phone demonstrate the effectiveness and security of the proposed algorithm.

Bin Yan,Lin You

DOI: https://doi.org/10.1109/desec.2017.8073861

2017-01-01

Abstract:In the fuzzy identity-based encryption scheme, a trusted KGC (key generation center) is needed to generate the corresponding private key corresponding to the user's biometric public key. In order to deal with the decentralization problem and the verification problem of the users identity, we propose a public key encryption model based on transformed biometrics. In this model, the user uses the transformed biometrics as his public key and his inherent real biometrics as his private key. In order to protect the user's biometrics information from being leaked, we take some appropriate security measures such as biometric template protection technology and irreversible random conversion technology. These operations are performed locally by the user, and once the public key is generated, the random transformation matrix is deleted or destroyed. The user connects the device serial number in parallel with the modulus N as the input value of the SHA-256 function and uses the output message digest as the public information. The user uses the inner product encryption to complete the encryption process. In this model, the security parameter and the private keys do not require any trusted organization for their generation, and these sensitive information does not need to be transmitted over a public network. The communication parties do not need to know the public key information of the other party in advance. When the user needs to transmit the secret message, the user can query the corresponding public key and related information. We have effectively linked the biological identities with the digital identities. Our thorough analysis shows that the proposed encryption model is both secure and efficient for an encryption algorithm.

A. Jagadeesan,K.Duraiswamy

DOI: https://doi.org/10.48550/arXiv.1003.1458

2010-03-07

Abstract:Human users have a tough time remembering long cryptographic keys. Hence, researchers, for so long, have been examining ways to utilize biometric features of the user instead of a memorable password or passphrase, in an effort to generate strong and repeatable cryptographic keys. Our objective is to incorporate the volatility of the user's biometric features into the generated key, so as to make the key unguessable to an attacker lacking significant knowledge of the user's biometrics. We go one step further trying to incorporate multiple biometric modalities into cryptographic key generation so as to provide better security. In this article, we propose an efficient approach based on multimodal biometrics (Iris and fingerprint) for generation of secure cryptographic key. The proposed approach is composed of three modules namely, 1) Feature extraction, 2) Multimodal biometric template generation and 3) Cryptographic key generation. Initially, the features, minutiae points and texture properties are extracted from the fingerprint and iris images respectively. Subsequently, the extracted features are fused together at the feature level to construct the multi-biometric template. Finally, a 256-bit secure cryptographic key is generated from the multi-biometric template. For experimentation, we have employed the fingerprint images obtained from publicly available sources and the iris images from CASIA Iris Database. The experimental results demonstrate the effectiveness of the proposed approach.

Cryptography and Security,Computer Vision and Pattern Recognition

Kai Xi,Jiankun Hu,Fengling Han

DOI: https://doi.org/10.1109/ICIEA.2011.5975736

2011-01-01

Abstract:Bio-cryptographic systems, such as Fuzzy Vault and Fuzzy Extractor, can not only verify a person but also protect a pre-stored user feature template. Nearly all of the existing bio-cryptographic systems work in encrypted domain, and hence all biometric features should be transformed from biometric domain to encrypted domain, usually referred to the encoding and decoding process. The selection of biometric features play a vitally important role for the system. Minutia local structure features are considered as one of the most promising biometric features since they are stable, discriminating, alignment free, easy to be encoded and with large feature space. Unfortunately, although this category of features have been proposed for years, very few deep investigations, such as mathematical proof, appear in exisiting literature. In this paper, a comprehensive and detailed analysis of the minutia local structure is provided, covering the following topics: statistical test and analysis, theoretical matching performance estimation and security strength analysis.

Zhe Jin,Andrew Beng Jin Teoh,Bok-Min Gor,Yong-Haur Tay

DOI: https://doi.org/10.1016/j.patcog.2016.02.024

IF: 8

2016-01-01

Pattern Recognition

Abstract:Despite fuzzy commitment (FC) is a theoretically sound biometric-key binding scheme, it relies on error correction code (ECC) completely to mitigate biometric intra-user variations. Accordingly, FC suffers from the security–performance tradeoff. That is, the larger key size/higher security always trades with poor key release success rate and vice versa. Additionally, the FC is highly susceptible to a number of security and privacy attacks. Furthermore, the best achievable accuracy performance of FC is constrained by the simple distance metrics such as Hamming distance to measure the dissimilarity of binary biometric features. This implies many efficient matching algorithms are to be abandoned. In this paper, we propose an ECC-free key binding scheme along with cancellable transforms for minutiae-based fingerprint biometrics. Apart from that, the minutiae information is favorably protected by a strong non-invertible cancellable transform, which is crucial to prevent a number of security and privacy attacks. The scheme is not limited to binary biometrics as demanded in FC but instead can be applied to various types of biometric features and hence a more effective matcher can be chosen. Experiments conducted on FVC2002 and FVC2004 show that the accuracy performance is comparable to state-of-the-arts. We further demonstrate that the proposed scheme is robust against several major security and privacy attacks.

Q Li,XM Niu,SH Sun

IF: 1.019

2006-01-01

Chinese Journal of Electronics

Abstract:Because most cryptosystems adopt standard encryption algorithms, the security of a cryptosystem depends on the security of the cryptographic key. As a pseudorandom number of fix-length, there is no connection between a key and its valid user. No matter how long the key is, the whole system falls apart completely if the key is stolen or shared with an illegitimate user by a conspirator, which is a serious security trouble that many cryptosystems are facing. Since current biometric recognition techniques cannot produce biometric information consistent enough to be used as a key directly, Biometric key scheme (BKS) can solve the problem by binding a biometric template and a cryptographic key monolithically. BKS is devised in such a way that the cryptographic key can be retrieved precisely if and only if a matching biometric template is available. A novel biometric key scheme based on modular secret sharing is proposed in this paper. The feasibility and high security have been proved by theoretical analysis and experiments. In the experiment of combining iris recognition with the scheme, the probability of an illegitimate user to retrieve a cryptographic key is zero; the probability of a legitimate user fail to retrieve a cryptographic key is 0.0571. It is 2(645) times more difficult for an attacker to retrieve the cryptographic key comparing to a legitimate user.

Eryun Liu,Jimin Liang,Liaojun Pang,Min Xie,Jie Tian

DOI: https://doi.org/10.1016/j.jnca.2009.12.002

IF: 7.574

2010-01-01

Journal of Network and Computer Applications

Abstract:Key generation from biometrics has been studied intensively in recent years, linking a key with certain biometric enhances the strength of identity authentication. But the state-of-the-art key generation systems are far away from practicality due to low accuracy. The special manner of biometric matching makes a single feature based key generation system difficult to obtain a high recognition accuracy. Integrating more features into key generation system may be a potential solution to improve the system performance. In this paper, we propose a fingerprint based key generation system under the framework of fuzzy extractor by fusing two kinds of features: minutia-based features and image-based features. Three types of sketch, including minutiae based sketch, modified Biocode based sketch, and combined feature based sketch, are constructed to deal with the feature differences. Our system is tested on FVC2002 DB1 and DB2, and the experimental results show that the fusion scheme effectively improves the system performance compared with the systems based only on minutiae or modified Biocode.

Xiangqian Wu,Ning Qi,Kuanquan Wang,David Zhang

DOI: https://doi.org/10.1109/icnc.2008.808

2008-01-01

Abstract:Biometric cryptography is a technique using biometric features to encrypt data, which can improve the security of the encrypted data and overcome the shortcomings of the traditional cryptography. This paper proposes a novel biometric cryptosystem based on the most accurate biometric feature - iris. In encryption phase, a quantified 256-dimension textural feature vector is firstly extracted from the preprocessed iris image using a set of 2-D Gabor filters. At the same time, an error-correct-code (ECC) is generated using Reed-Solomon algorithm. Then the feature vector is translated to a cipher key using Hash function. Some general encryption algorithms use this cipher key to encrypt the secret information. In decryption phase, a feature vector extracted from the input iris is firstly corrected using the ECC. Then it is translated to the cipher key using the same Hash function. Finally, the corresponding general decryption algorithms use the key to decrypt the information. Experimental results demonstrate the feasibility of the proposed system.

Yenlung Lai,Xingbo Dong,Zhe Jin,Massimo Tistarelli,Wun-She Yap,Bok-Min Goi

DOI: https://doi.org/10.1109/tifs.2023.3273919

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Biometric cryptosystems present a promising avenue for secure authentication; however, the efficiency and security of such systems can be hindered by errors in biometric data. To address this challenge, existing systems employ error-correction codes, but often fail to consider the distribution of biometric sources, potentially leading to an underestimation of the system’s security. In response to this issue, we propose a novel algorithm pair, designated as $\mathsf {ENCODE}$ and $\mathsf {DECODE}$ , which facilitates direct codeword generation from biometric samples. Our approach accounts for the distribution of biometric sources, thereby providing a more accurate estimation of system security compared to traditional methods. Our proposed algorithm pair generates codewords that maintain interpretability and are sensitive to the cosine distance between original biometric samples. This similarity metric is particularly well-suited for high-dimensional data analysis and enables a precise assessment of system performance. We have rigorously established the correctness of our algorithm pair, and empirical results illustrate its efficacy in tolerating distance between codewords while preserving accuracy in cosine distance-sensitive contexts. This approach has the potential to significantly improve the efficiency and security of biometric cryptosystems, rendering them more appropriate for daily cryptographic applications.