Abstract
Although biometric-based identification and authentication schemes provide considerable advantages over the traditional password-based or token-based methods, yet there is a scope for improving the security of these schemes. While template protection scheme based on fuzzy commitment scheme secures the templates, it is important to consider cross-matching. It is feasible to cross-match the protected template using decodability attacks. In this paper, we present an approach to secure fuzzy commitment scheme against cross-matching-based decodability attack. The security is achieved at the cost of an additional secret matrix. This additional key of size n × n makes it impossible for the intruder to directly use decoding on the auxiliary data and ensure the unlinkability between the templates.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
A.K. Jain, K. Nandakumar, A. Nagar, Biometric template security. EURASIP Journal on Advances in Signal Process 113 (2008)
A.B.J. Teoh, D.C.L. Ngo, Cancellable biometrics featuring with tokenized random number. Pattern Recogn. Lett 26(10), 1454–1460 (2005)
A.B.J. Teoh, A. Goh, D.C.L. Ngo, Random multispace quantization as an analytic mechanism for biohashing of biometric and random identity inputs. IEEE Trans. Pattern Anal. Mach. Intell. 28(12), 1892–1901 (2006)
C.S. Chin, A.T.S. Jin, D.N.C. Ling, High security iris verification system based on random secret integration. Comput. Vis. Image Underst. 102(2), 169–177 (2006)
T. Connie, A.B.J. Teoh, M. Goh, D.C.L. Ngo, Palmhashing: A novel approach for cancelable biometrics. Inf. Process. Lett. 93(1), 1–5 (2005)
T.S. Ong, A.B.J. Teoh, S.E. Khor, T. Connie, Reliable template protection technique for biometric authentication. IEICE Electron. Express 5(8), 278–284 (2008)
F. Farooq, R.M. Bolle, J. Tsai-Yang, N.K. Ratha, Anonymous and revocable fingerprint recognition, in IEEE Conference on Computer Vision and Pattern Recognition (CVPR ‘07), (2007), pp. 1–7
C. Lee, J. Kim, Cancelable fingerprint templates using minutiae-based bitstrings. J. Netw. Comput. Appl. 33(3), 236–246 (2010)
N.K. Ratha, J.H. Connell, R.M. Bolle, Enhancing security and privacy in biometrics-based authentication systems. IBM Syst. J. 40(3), 614–634 (2001)
N.K. Ratha, S. Chikkerur, J.H. Connell, R.M. Bolle, Generating cancelable fingerprint templates. IEEE Trans. Pattern Anal. Mach. Intell. 29(4), 561–572 (2007)
E. Maiorana, P. Campisi, J. Fierrez, J. Ortega-Garcia, A. Neri, Cancelable templates for sequence-based biometrics with application to on-line signature recognition. IEEE Trans. Syst. Man Cybern. Part A Syst. Hum. 40(3), 525–538 (2010)
S. Chikkerur, N.K. Ratha, J.H. Connell, R.M. Bolle, Generating registration free cancelable fingerprint templates, in 2nd IEEE International Conference on Biometrics: Theory, Applications and Systems, (2008)
B. Yang, C. Busch, P. Bours, D. Gafurov, Robust minutiae hash for fingerprint template protection. Proc. SPIE 7541, Media Forensics and Security II, (2010)
J. Bringer, H. Chabanne, B. Kindarji, Anonymous identification with cancelable biometrics, in 6th Interanational Symposium on Image and Signal Processing and Analysis (ISPA ‘09), (2009)
J. Zuo, N.K. Ratha, J.H. Connell, Cancelable iris biometric, in 19th International Conference on Pattern Recognition (ICPR ‘08), (2008)
A. Juels, M. Wattenberg, A fuzzy commitment scheme, in 6th ACM Conference on Computer and Communications Security, (1999), pp. 28–36
F. Hao, R. Anderson, J. Daugman, Combining crypto with biometrics effectively. IEEE Trans. Comput. 55(9), 1081–1088 (2006)
J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, G. Z’emor, Optimal iris fuzzy sketches in First IEEE International Conference on Biometrics: Theory, Applications, and Systems (2007). https://doi.org/10.1109/BTAS.2007.4401904
L. Zhang, Z. Sun, T. Tan, S. Hu, Robust biometric key extraction based on iris cryptosystem, in Advances in Biometrics. ICB 2009. LNCS 5558, ed. by M. Tistarelli, M. S. Nixon (Springer, Berlin/Heidelberg, 2009)
C. Rathgeb, A. Uhl, Systematic construction of iris-based fuzzy commitment scheme, in Advances in Biometrics. ICB 2009. LNCS 5558, ed. by M. Tistarelli, M. S. Nixon (Springer, Berlin/Heidelberg, 2009)
S. Yang, I. Verbauwhede, Secure iris verification, in IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), (2007)
J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, G. Z’emor, Theoretical and practical boundaries of binary secure sketches. IEEE Trans. Inf. Forensics Secur 3(4), 673–683 (2008)
K. Simoens, P. Tuyls, B. Preneel, Privacy weaknesses in biometric sketches, in 2009 30th IEEE Symposium on Security and Privacy, (2009)
Y. Dodis, R. Ostrovsky, L. Reyzin, A. Smith, Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing 38(1), 97–139 (2008)
E.C. Chang, S. Roy, Robust extraction of secret bits from minutiae, in Advances in Biometrics, ICB 2007. LNCS 4642, ed. by S. W. Lee, S. Z. Li (Springer, Berlin/Heidelberg, 2007)
E.J.C. Kelkboom, B. Gokberk, T.A.M. Kevenaar, A.H.M. Akkermans, M. van der Veen, “3D face”: Biometric template protection for 3D face recognition, in Advances in Biometrics, ICB 2007. LNCS 4642, ed. by S. W. Lee, S. Z. Li (Springer, Berlin/Heidelberg, 2007)
T.A.M. Kevenaar, G.J. Schrijen, M. Van der Veen, A.H.M. Akkermans, F. Zuo, Face recognition with renewable and privacy preserving binary templates, in Fourth IEEE Workshop on Automatic Identification Advanced Technologies, (2005)
P. Tuyls, A.H.M. Akkermans, T.A.M. Kevenaar, G.J. Schrijnen, A.M. Bazen, R.N.J. Veldhuis, in AVBPA 2005, LNCS 3546, ed. by T. Kanade, A. Jain, N. K. Ratha (Springer, Berlin/Heidelberg, 2005), pp. 436–446
J.P. Linnartz, P. Tuyls, New shielding functions to enhance privacy and prevent misuse of biometric templates, in 4th International Conference AVBPA 2003, LNCS, vol. 2688, ed. by J. Kittler, M. S. Nixon (Springer, Berlin/Heidelberg, 2003), pp. 393–402
F.M. Bui, K. Martin, H. Lu, K.N. Plataniotis, D. Hatzinakos, Fuzzy key binding strategies based on quantization index modulation (QIM) for biometric encryption (be) applications. IEEE Trans. Inf. Forensics Secur 5(1), 118–132 (2010)
I.R. Buhan, J. Doumen, P. Hartel, T. Qiang, R.N.J. Veldhuis, Embedding renewable cryptographic keys into noisy data. Int. J. Inf. Secur. 9(3), 193–208 (2010)
A. Juels, M. Sudan, A fuzzy vault scheme. Proceedings of the 2002 international symposium on information theory, (2002)
A. Kumar, A. Kumar, Development of a new cryptographic construct using Palmprint-based fuzzy vault. EURASIP J. Adv. Signal Process (Dec 2009)
Y.J. Lee, K.R. Park, S.J. Lee, K. Bae, J. Kim, A new method for generating an invariant iris private key based on the fuzzy vault system. IEEE Trans. Syst. Man Cybern. B Cybern. 38(5), 1302–1313 (2008)
T.C. Clancy, N. Kiyavash, D.J. Lin, Secure smartcard-based fingerprint authentication. Proc. of 2003 ACM SIGMM Workshop Biometrics Methods and Application (WBMA), pp. 45–52, (2003)
A. Juels, M. Sudan, A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237–257 (2006)
T. Frassen, Z. Xuebing, C. Busch, Fuzzy vault for 3D face recognition systems, in International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP ‘08), (2008)
S. Lee, D. Moon, W.Y. Choi, Y. Chung, Analysis of tradeoffs among verification accuracy, memory consumption, and execution time in the GH-based fuzzy fingerprint vault, in International Conference on Security Technology (SecTech ‘08), (2008)
P. Li, X. Yang, K. Cao, P. Shi, J. Tian, Security-enhanced fuzzy fingerprint vault based on minutiae’s local ridge information, in Advances in Biometrics. ICB 2009. LNCS, 5558, ed. by M. Tistarelli, M. S. Nixon (Springer, Berlin/Heidelberg, 2009)
K. Nandakumar, A.K. Jain, S. Pankanti, Fingerprint-based fuzzy vault: Implementation and performance. IEEE Trans. Inf. Forensics Secur 2(4), 744–757 (2007)
S. Yang, I. Verbauwhede, Automatic secure fingerprint verification system based on fuzzy vault scheme, in IEEE International Conference on Acoustics, Speech, and Signal Processing, (2005)
U. Uludag, A.K. Jain, Securing fingerprint template: Fuzzy vault with helper data. Computer Vision and Pattern Recognition Workshop, 163 (2006)
Y. Dodis, L. Reyzin, A. Smith, Fuzzy extractors: How to generate strong secret keys from biometrics and other noisy data, in Advances in Cryptology – Eurocrypt 2004. LNCS, (2004), pp. 532–540
Q. Li, Y. Sutcu, N. Memon, Secure sketch for biometric template. Advances in Cryptology ASIACRYPT LNCS 4284, 99–113 (2006)
Y. Sutcu, Q. Li, N. Menon, Protecting biometric templates with sketch: Theory and practice. IEEE Trans. Inf. Forensics Secur 2(3), 503–512 (2007)
J. Bringer, H. Chabanne, B. Kindarji, The best of both worlds: Applying secure sketches to cancelable biometrics, in Science of Computer Programming, (2008)
Q. Li, M. Guo, E.-C. Chang, Fuzzy extractors for asymmetric biometric representation, in IEEE Workshop on Biometrics (In Association with CVPR), (2008)
A. Arakala, J. Jeffers, K.J. Horadam, Fuzzy extractors for minutiae-based fingerprint authentication, in International Conference on Biometrics, (2007), pp. 760–769
Y. Sutcu, Q. Li, N. Menon, Design and analysis of fuzzy extractors for faces, in Biometric Technology for Human Identification, Part of the SPIE International Defense and Security Symposium, (2009)
J. Bringer, H. Chabanne, B. Kindarji, The best of both worlds: Applying secure sketches to cancelable biometrics. Science of Computer Programming 74(1–2), 43–51 (2008)
E.J.C. Kelkboom, On the Performance of Helper Data Template Protection Scheme. PhD thesis, University of Twente, 2010
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Chauhan, S., Sharma, A. (2018). Securing Fuzzy Commitment Scheme Against Decodability Attack-Based Cross-Matching. In: Woungang, I., Dhurandher, S. (eds) International Conference on Wireless, Intelligent, and Distributed Environment for Communication. WIDECOM 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 18. Springer, Cham. https://doi.org/10.1007/978-3-319-75626-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-75626-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-75625-7
Online ISBN: 978-3-319-75626-4
eBook Packages: EngineeringEngineering (R0)