Marta Gomez-Barrero,Javier Galbally,Christian Rathgeb,Christoph Busch

DOI: https://doi.org/10.1109/TIFS.2017.2788000

2023-11-08

Abstract:The wide deployment of biometric recognition systems in the last two decades has raised privacy concerns regarding the storage and use of biometric data. As a consequence, the ISO/IEC 24745 international standard on biometric information protection has established two main requirements for protecting biometric templates: irreversibility and unlinkability. Numerous efforts have been directed to the development and analysis of irreversible templates. However, there is still no systematic quantitative manner to analyse the unlinkability of such templates. In this paper we address this shortcoming by proposing a new general framework for the evaluation of biometric templates' unlinkability. To illustrate the potential of the approach, it is applied to assess the unlinkability of four state-of-the-art techniques for biometric template protection: biometric salting, Bloom filters, Homomorphic Encryption and block re-mapping. For the last technique, the proposed framework is compared with other existing metrics to show its advantages.

Computer Vision and Pattern Recognition

Wencheng Yang,Jiankun Hu,Song Wang,Qianhong Wu

DOI: https://doi.org/10.1155/2018/7107295

2018-01-01

Abstract:Smart mobile devices are playing a more and more important role in our daily life. Cancelable biometrics is a promising mechanism to provide authentication to mobile devices and protect biometric templates by applying a noninvertible transformation to raw biometric data. However, the negative effect of nonlinear distortion will usually degrade the matching performance significantly, which is a nontrivial factor when designing a cancelable template. Moreover, the attacks via record multiplicity (ARM) present a threat to the existing cancelable biometrics, which is still a challenging open issue. To address these problems, in this paper, we propose a new cancelable fingerprint template which can not only mitigate the negative effect of nonlinear distortion by combining multiple feature sets, but also defeat the ARM attack through a proposed feature decorrelation algorithm. Our work is a new contribution to the design of cancelable biometrics with a concrete method against the ARM attack. Experimental results on public databases and security analysis show the validity of the proposed cancelable template.

Sani M. Abdullahi,Shuifa Sun,Hongxia Wang,Beng Wang

DOI: https://doi.org/10.1016/j.patrec.2023.06.014

IF: 4.757

2023-01-01

Pattern Recognition Letters

Abstract:Researchers have been proposing different matching frameworks for cancelable template design to improve the matching performance and security of biometric authentication systems. Despite the advantages provided by these systems, they are often vulnerable to different attacks due to their templates' invertible nature. This study utilized an iterative perturbation stochastic approximation procedure to analyze the irreversible order-based encoding approach used in cancelable biometric template transformation. The strategy begins by exploiting the scores corresponding to the encoded words, then a mixed variable-based iterative perturbation is used to generate independent random elements and consequently the corresponding template from the scores. The strategy exploits the vulnerability of three different cancelable systems it has tested, demonstrating that other techniques of similar nature fall short of the security standard for attack mitigation that cancelable biometric systems require. After analyzing the reasons that exploit the system's vulnerability, we use a parameterized thresholding non-uniform quantization as a countermeasure to boost the system's robustness while maintaining a balanced performance-security trade-off. As a result, the system can evade attacks without significantly hindering its matching performance. Finally, generality and computational complexity evaluations on different modalities and strategies validate the attack's efficacy and realism, respectively.

Zhiyong Zhou,Yuanning Liu,Xiaodong Zhu,Shaoqiang Zhang,Zhen Liu

DOI: https://doi.org/10.1016/j.ipm.2024.103869

2025-01-01

Abstract:Biometrics have copious merits over traditional authentication schemes and promote information management. The demand for large-scale biometric identification and certification booms. In spite of enhanced efficiency and scalability in cloud-based biometrics, they suffer from compromised privacy during the transmission and storage of irrevocable biometric information. Existing biometric protection strategies fatally degrade the recognition performance, due to two folds: inherent drawbacks of uni-biometrics and inevitable information loss caused by over-protection. Hence, how to make a trade-off between performance and protection is an alluring challenge. To settle these issues, we are the first to present a cancelable multi-biometric system combining iris and periocular traits with recognition performance improved and privacy protection emphasized. Our proposed binary mask-based cross-folding integrates multi-instance and multi-modal fusion tactics. Further, the steganography based on a low-bit strategy conceals sensitive biometric fusion into QR code with transmission imperceptible. Subsequently, a fine-grained hybrid attention dual-path network through stage-wise training models inter-class separability and intra-class compactness to extract more discriminative templates for biometric fusion. Afterward, the random graph neural network transforms the template into the protection domain to generate the cancelable template versus the malicious. Experimental results on two benchmark datasets, namely IITDv1 and MMUv1, show the proposed algorithm attains promising performance against state-of-the-art approaches in terms of equal error rate. What is more, extensive privacy analysis demonstrates prospective irreversibility, unlinkability, and revocability, respectively.

Ning Wang,Qiong Li,Ahmed A. Abd El-Latif,Jialiang Peng,Xuehu Yan,Xiamu Niu

DOI: https://doi.org/10.1007/s11760-014-0663-2

2014-01-01

Abstract:In recent years, biometrics template protection has been extensively studied and lots of schemes have been proposed. However, most of them have not considered the forgery, large difference of intra-class and the security of unimodal biometrics leakage. And there is no multibiometrics template scheme based on the fusion of dual iris, thermal and visible face images. In this paper, a novel multibiometrics template protection scheme based on fuzzy commitment and chaotic system, and the security analysis approach for unimodal biometrics leakage are proposed. Firstly, the thermal face images are captured to overcome the forgery. Then, the fuzzy commitment is generated from the corporation of error correcting code (ECC) and the fusion binary features. Additionally, the dual iris feature vectors are encrypted via the chaotic system, and the score level fusion based on Aczél-Alsina triangular-norm (AA T-norm) is implemented to acquire the final verification performance. Finally, the entropy of both mutlibiometrics and unimodal information leakage is analyzed to show the security of the proposed approach. The experimental tests are conducted on a virtual multibiometrics database, which merges the challenging CASIA-Iris-Thousand and the NVIE face database. The verification performance decreases from EER of 3 × 10^-2 to 1.163 × 10^-1

Wu Lifang,Ma Yukun,Zhou Peng,Zheng Weishi

DOI: https://doi.org/10.3969/j.issn.0254-3087.2016.11.001

2016-01-01

Abstract:Recently,the network security has been becoming part of the national strategy due to the frequent attack events.Reliable online identify authentication is one of key issues for the Internet application and the biometric authentication has drawn wide attentions due to its consistency between the physical identities and digital identities.The biometric template protection has been conducted in these years to enhance its security and privacy.Firstly,the security problems in a biometric authentication system are analyzed,and the scope and content of biometric template protection in biometric system are presented.Then,the features,effectivenesses and applications of different biometric template protection technologies are summarized based on recent works,including BioHashing,noninvertible transformation,key binding and key generation.The main idea,the representative work and the specialties of each method are explained.Additionally,the privacy,practicability,sensitiveness,security and authentication performance of the typical approaches are summarized and compared.In further,the multi-biometric combination is introduced,which includes multi-modal biometrics and different features from the same biometric.Finally,the limitation and weakness of the current technologies are analyzed,and the future research is discussed.

Tanguy Gernot,Christophe Rosenberger

DOI: https://doi.org/10.1016/j.cose.2023.103586

IF: 5.105

2024-02-01

Computers & Security

Abstract:User authentication is an important issue on the Internet and usually solved through static and often unique passwords. Another method is to use biometrics, but biometric data are sensitive and need to be protected. Protection schemes such as cancelable biometric template generation have appeared, but they are sensitive to replay attacks. In this paper, we propose an original method to generate one-time biometric templates for user authentication applications. This proposed scheme limits replay attacks, consisting of an attacker maliciously retransmitting an intercepted user's identity proof. Our method is generic: any biometric modality could be used, the identity verification is realized by the service/identity provider to be realistic. Biometric features are extracted from captures using deep learning and then protected with biohashing, a cancelable biometric scheme. Finally, a step consisting of cryptographic hashing and symmetric encryption guarantees the generation of a one-time, non-replayable template. We have tested our scheme on two common biometric databases, from faces and fingerprints, and the results confirm its efficiency and robustness to attacks given a rigorous threat model.

computer science, information systems

WANG Ning,LI Qiong,NIU Xiamu

DOI: https://doi.org/10.3969/j.issn.2095-2163.2013.03.017

2013-01-01

Abstract:Some problems of unimodal biometrics can be solved by multibiometrics,and it is valuable to implement the multibiometric system based on the lower quality dual iris,thermal face images.However,the threat is higher if leakage of the template of multibiometrcs.This paper converts the real thermal face image feature to binary initially,and then generates the secure sketch and biometric via binary thermal face image feature based on the fuzzy commitment scheme.The biometric key is used to encrypt the lower quality iris binary feature for securing the multibiometric template.The experimental results show that this approach can solve the problem of larger distance of intra-class of biometric feature template.And the system not only keeps higher verification performance,but also has the higher security.Furthermore,the paper also analyzes the security based on cross matching after the leakage of the part biometric thermal face feature.Meanwhile the paper obtains the conclusion of decreasing the error tolerance capability and sacrificing verification performance to enhance the system security.

Axel Durbet,Pascal Lafourcade,Denis Migdal,Kevin Thiry-Atighehchi,Paul-Marie Grollemund

DOI: https://doi.org/10.48550/arXiv.2110.15163

2022-07-18

Abstract:Cancelable biometric schemes aim at generating secure biometric templates by combining user specific tokens, such as password, stored secret or salt, along with biometric data. This type of transformation is constructed as a composition of a biometric transformation with a feature extraction algorithm. The security requirements of cancelable biometric schemes concern the irreversibility, unlinkability and revocability of templates, without losing in accuracy of comparison. While several schemes were recently attacked regarding these requirements, full reversibility of such a composition in order to produce colliding biometric characteristics, and specifically presentation attacks, were never demonstrated to the best of our knowledge. In this paper, we formalize these attacks for a traditional cancelable scheme with the help of integer linear programming (ILP) and quadratically constrained quadratic programming (QCQP). Solving these optimization problems allows an adversary to slightly alter its fingerprint image in order to impersonate any individual. Moreover, in an even more severe scenario, it is possible to simultaneously impersonate several individuals.

Cryptography and Security,Computer Vision and Pattern Recognition

Chunlei Li,Yunhong Wang,Bin Ma

DOI: https://doi.org/10.1109/CCPR.2009.5344012

2009-01-01

Abstract:In this paper, a novel scheme to protect biometric templates using LBP-based authentication watermarking is proposed. Firstly, the m-LSB (a generalization of LSB) of biometric templates is set to zeros. Then, the modified biometric templates are partitioned into non-overlapping n x n image blocks. The LBP feature of these image blocks can be obtained, and the authentication watermark bits are generated from these features. A series of message patterns are generated according to authentication watermark bits. In order to resist vector quantization (VQ) attack and collage attack, each message pattern is embedded into the m-LSB of another image block which is selected by a position sequence. Theoretic analysis and experimental results have proved that the proposed algorithm maintains recognition rate in the template-based authentication system. And it not only has superior localization and security, but also tolerate low-noise pollution while keep sensitive to malicious manipulations.

Xingbo Dong,Jaewoo Park,Zhe Jin,Andrew Beng Jin Teoh,Massimo Tistarelli,KokSheik Wong

DOI: https://doi.org/10.48550/arXiv.1910.07770

2022-09-29

Abstract:Cancelable biometrics (CB) employs an irreversible transformation to convert the biometric features into transformed templates while preserving the relative distance between two templates for security and privacy protection. However, distance preservation invites unexpected security issues such as pre-image attacks, which are often <a class="link-external link-http" href="http://neglected.This" rel="external noopener nofollow">this http URL</a> paper presents a generalized pre-image attack method and its extension version that operates on practical CB systems. We theoretically reveal that distance preservation property is a vulnerability source in the CB schemes. We then propose an empirical information leakage estimation algorithm to access the pre-image attack risk of the CB schemes. The experiments conducted with six CB schemes designed for the face, iris and fingerprint, demonstrate that the risks originating from the distance computed from two transformed templates significantly compromise the security of CB schemes. Our work reveals the potential risk of existing CB systems theoretically and experimentally.

Computer Vision and Pattern Recognition

Alamgir Sardar,Saiyed Umer,Ranjeet Kumar Rout,Kshira Sagar Sahoo,Amir H. Gandomi

DOI: https://doi.org/10.1109/jiot.2024.3374229

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:With the increasing use of biometrics in Internet of Things (IoT) based applications, it is essential to ensure that biometric-based authentication systems are secure. Biometric characteristics can be accessed by anyone, which poses a risk of unauthorized access to the system through spoofed biometric traits. Therefore, it is important to implement secure and efficient security schemes suitable for real-life applications, less computationally intensive, and invulnerable. This work presents a hybrid template protection scheme for secure face recognition in IoT-based environments, which integrates Cancelable Biometrics and Bio-Cryptography. Mainly, the proposed system involves two steps: face recognition and face biometric template protection. The face recognition includes face image preprocessing by the Tree Structure Part Model (TSPM), feature extraction by Ensemble Patch Statistics (EPS) technique, and user classification by multi-class linear support vector machine (SVM). The template protection scheme includes cancelable biometric generation by modified FaceHashing and a Sliding-XOR (called S-XOR) based novel Bio-Cryptographic technique. A user biometric-based key generation technique has been introduced for the employed Bio-Cryptography. Three benchmark facial databases, CVL, FEI, and FERET, have been used for the performance evaluation and security analysis. The proposed system achieves better accuracy for all the databases of 200-dimensional cancelable feature vectors computed from the 500-dimensional original feature vector. The modified FaceHashing and S-XOR method shows superiority over existing face recognition systems and template protection.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jinyang Shi,Zhiyang You,Ming Gu,Kwok-yan Lam

DOI: https://doi.org/10.1109/icpr.2008.4761874

2008-01-01

Abstract:Biometric authentication and privacy protection are conflicting issues in a practical system. Since biometrics cannot be revoked or canceled if compromised duo to the permanent association with the user, privacy-preserving biometric recognition is desired. However, the recently proposed template protection schemes are not yet sufficiently mature. Specially, the popular noninvertible transform approach will result in an obvious decrease of GAR for a fixed FAR. In this paper, we put forward a novel anonymous fingerprint recognition scheme, Biomapping, as the first approach to integrate the feature extraction, noninvertible transform, and anonymous query as a whole. Biomapping extracts the fingerprint feature utilizing a minutiae-centered region encoding, then performs anonymous enrollment and verification using the noninvertible and discriminable constructions. Experiments on the public domain database show Biomapping can provide better recognition accuracy along with the ability to protect the biometric template, thus becomes a promising solution for privacy trustworthy biometric applications.

Yue Sun,Lu Leng,Zhe Jin,Byung-Gyu Kim

DOI: https://doi.org/10.3390/s22020591

2022-01-13

Abstract:Biometric signals can be acquired with different sensors and recognized in secure identity management systems. However, it is vulnerable to various attacks that compromise the security management in many applications, such as industrial IoT. In a real-world scenario, the target template stored in the database of a biometric system can possibly be leaked, and then used to reconstruct a fake image to fool the biometric system. As such, many reconstruction attacks have been proposed, yet unsatisfactory naturalness, poor visual quality or incompleteness remains as major limitations. Thus, two reinforced palmprint reconstruction attacks are proposed. Any palmprint image, which can be easily obtained, is used as the initial image, and the region of interest is iteratively modified with deep reinforcement strategies to reduce the matching distance. In the first attack, Modification Constraint within Neighborhood (MCwN) limits the modification extent and suppresses the reckless modification. In the second attack, Batch Member Selection (BMS) selects the significant pixels (SPs) to compose the batch, which are simultaneously modified to a slighter extent to reduce the matching number and the visual-quality degradation. The two reinforced attacks can satisfy all the requirements, which cannot be simultaneously satisfied by the existing attacks. The thorough experiments demonstrate that the two attacks have a highly successful attack rate for palmprint systems based on the most state-of-the-art coding-based methods.

Qi Han,Zhifang Wang,Xiamu Niu

2008-01-01

Abstract:In recent literature, the issue of biometric template protection was raised. Some schemes were proposed to solve the contradiction between the fuzzy biometric information and accurate cryptography functions to achieve the protection of biometric template via cryptography method. In this paper, a novel methodology to achieve the security of the biometric templates in biometric systems is proposed. An adaptive non-uniform quantization (ANUQ) algorithm is introduced to eliminate the contradiction between the fuzziness of the biometric information and the sensitive of the Hash function. The ANUQ algorithm maps different biometric feature vectors from the same individual to a unique quantized feature vector. Then the quantized feature vector can be saved and identified by its hash and the biometric system can be free from the risk of the leakage of users’ privacy information. Based on the ANUQ algorithm, two biometric template protection scheme are designed to meet different applications. Scheme-I involved a single quantizing template while scheme-II use a quantizing template array. The comparison of the two schemes are raised. Further, the testing of these schemes are carried out on an iris recognition algorithm. The results show the feasibility of the ANUQ-based schemes.

Chunlei Li,Bin Ma,Yunhong Wang,Zhaoxiang Zhang

DOI: https://doi.org/10.1007/978-3-642-15702-8_65

2010-01-01

Abstract:In this paper, we propose a novel scheme for protecting biometric templates using salient region-based authentication watermarking. Firstly, a novel multi-level authentication watermarking scheme is proposed, which is used to verify the integrity of biometric image. Secondly, the PCA features of these biometric images is used as information watermarks to recover the tampered image. Authentication bits and information bits are adaptively embedded into the biometric images based on the result of salient region detection. Experimental results show that our proposed scheme can detect the tampered region, and recover the biometric features while keeping recognizing quality.

Marta Gomez-Barrero,Javier Galbally

DOI: https://doi.org/10.1016/j.cose.2019.101700

2024-01-05

Abstract:With the widespread use of biometric recognition, several issues related to the privacy and security provided by this technology have been recently raised and analysed. As a result, the early common belief among the biometrics community of templates irreversibility has been proven wrong. It is now an accepted fact that it is possible to reconstruct from an unprotected template a synthetic sample that matches the bona fide one. This reverse engineering process, commonly referred to as \textit{inverse biometrics}, constitutes a severe threat for biometric systems from two different angles: on the one hand, sensitive personal data (i.e., biometric data) can be derived from compromised unprotected templates; on the other hand, other powerful attacks can be launched building upon these reconstructed samples. Given its important implications, biometric stakeholders have produced over the last fifteen years numerous works analysing the different aspects related to inverse biometrics: development of reconstruction algorithms for different characteristics; proposal of methodologies to assess the vulnerabilities of biometric systems to the aforementioned algorithms; development of countermeasures to reduce the possible effects of attacks. The present article is an effort to condense all this information in one comprehensive review of: the problem itself, the evaluation of the problem, and the mitigation of the problem. The present article is an effort to condense all this information in one comprehensive review of: the problem itself, the evaluation of the problem, and the mitigation of the problem.

Computer Vision and Pattern Recognition

Axel Durbet,Paul-Marie Grollemund,Kevin Thiry-Atighehchi

2024-02-21

Abstract:A biometric recognition system can operate in two distinct modes: identification or verification. In the first mode, the system recognizes an individual by searching the enrolled templates of all the users for a match. In the second mode, the system validates a user's identity claim by comparing the fresh provided template with the enrolled template. The biometric transformation schemes usually produce binary templates that are better handled by cryptographic schemes, and the comparison is based on a distance that leaks information about the similarities between two biometric templates. Both the experimentally determined false match rate and false non-match rate through recognition threshold adjustment define the recognition accuracy, and hence the security of the system. To our knowledge, few works provide a formal treatment of security in case of minimal information leakage, i.e., the binary outcome of a comparison with a threshold. In this paper, we focus on untargeted attacks that can be carried out both online and offline, and in both identification and verification modes. On the first hand, we focus our analysis on the accuracy metrics of biometric systems. We provide the complexity of untargeted attacks using the False Match Rate (FMR) and the False Positive Identification Rate (FPIR) to address the security of these systems. Studying near-collisions with these metrics allows us to estimate the maximum number of users in a database, given a chosen FMR, to preserve the security and the accuracy. These results are evaluated on systems from the literature. On the other hand, we rely on probabilistic modelling to assess the theoretical security limits of biometric systems. The study of this metric space, and system parameters (template size, threshold and database size), gives us the complexity of untargeted attacks and the probability of a near-collision.

Cryptography and Security,Computer Vision and Pattern Recognition

Ning Wang,Qiong Li,Ahmed A Abd El-Latif,Jialiang Peng,Xiamu Niu

DOI: https://doi.org/10.12733/jcis6822

2013-01-01

Journal of Computational Information Systems

Abstract:Multibiometric fusion is a very promising approach to improve the overall system's accuracy and the recognition performance. Due to the multi templates stored in the system, the protection of the multibiometric template is much more important than unimodal. In recent years, there are several approaches toward studying multibiometric template protection. However, most of them haven't considered the forgery, large difference of intra-class and the security of unimodal biometrics leakage. A novel multibiometric template protection scheme based on fuzzy commitment is proposed in this paper. Initially, the thermal and visible face images are fused to overcome the forgery problem. Second, the score level fusion based on Aczél-Alsina triangular-norm for left and iris are concentrated after the first stage to acquire the final recognition result. Eventually, the entropy of mutlibiometrics and unimodal information leakage is analyzed to show the security of the proposed approach. The experimental tests are conducted on a virtual multibiometrics database, which merges the challenging CASIA-Iris-Thousand database and the NVIE face database. The comparative experiments show that the proposed multibiometric template protection approach outperforms the unimodal biometric systems in terms of recognition and security. © 2013 Binary Information Press.

Thi Ai Thao Nguyen,Tran Khanh Dang,Dinh Thanh Nguyen

DOI: https://doi.org/10.48550/arXiv.1904.00264

2019-03-31

Abstract:Biometric template protection is one of most essential parts in putting a biometric-based authentication system into practice. There have been many researches proposing different solutions to secure biometric templates of users. They can be categorized into two approaches: feature transformation and biometric cryptosystem. However, no one single template protection approach can satisfy all the requirements of a secure biometric-based authentication system. In this work, we will propose a novel hybrid biometric template protection which takes benefits of both approaches while preventing their limitations. The experiments demonstrate that the performance of the system can be maintained with the support of a new random orthonormal project technique, which reduces the computational complexity while preserving the accuracy. Meanwhile, the security of biometric templates is guaranteed by employing fuzzy commitment protocol.

Cryptography and Security