Skip to main content
SpringerLink
Log in

Securing Fuzzy Commitment Scheme Against Decodability Attack-Based Cross-Matching

  • Conference paper
  • First Online:
International Conference on Wireless, Intelligent, and Distributed Environment for Communication (WIDECOM 2018)

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 18))

Abstract

Although biometric-based identification and authentication schemes provide considerable advantages over the traditional password-based or token-based methods, yet there is a scope for improving the security of these schemes. While template protection scheme based on fuzzy commitment scheme secures the templates, it is important to consider cross-matching. It is feasible to cross-match the protected template using decodability attacks. In this paper, we present an approach to secure fuzzy commitment scheme against cross-matching-based decodability attack. The security is achieved at the cost of an additional secret matrix. This additional key of size n × n makes it impossible for the intruder to directly use decoding on the auxiliary data and ensure the unlinkability between the templates.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. A.K. Jain, K. Nandakumar, A. Nagar, Biometric template security. EURASIP Journal on Advances in Signal Process 113 (2008)

    Google Scholar 

  2. A.B.J. Teoh, D.C.L. Ngo, Cancellable biometrics featuring with tokenized random number. Pattern Recogn. Lett 26(10), 1454–1460 (2005)

    Article  Google Scholar 

  3. A.B.J. Teoh, A. Goh, D.C.L. Ngo, Random multispace quantization as an analytic mechanism for biohashing of biometric and random identity inputs. IEEE Trans. Pattern Anal. Mach. Intell. 28(12), 1892–1901 (2006)

    Article  Google Scholar 

  4. C.S. Chin, A.T.S. Jin, D.N.C. Ling, High security iris verification system based on random secret integration. Comput. Vis. Image Underst. 102(2), 169–177 (2006)

    Article  Google Scholar 

  5. T. Connie, A.B.J. Teoh, M. Goh, D.C.L. Ngo, Palmhashing: A novel approach for cancelable biometrics. Inf. Process. Lett. 93(1), 1–5 (2005)

    Article  MathSciNet  Google Scholar 

  6. T.S. Ong, A.B.J. Teoh, S.E. Khor, T. Connie, Reliable template protection technique for biometric authentication. IEICE Electron. Express 5(8), 278–284 (2008)

    Article  Google Scholar 

  7. F. Farooq, R.M. Bolle, J. Tsai-Yang, N.K. Ratha, Anonymous and revocable fingerprint recognition, in IEEE Conference on Computer Vision and Pattern Recognition (CVPR ‘07), (2007), pp. 1–7

    Google Scholar 

  8. C. Lee, J. Kim, Cancelable fingerprint templates using minutiae-based bitstrings. J. Netw. Comput. Appl. 33(3), 236–246 (2010)

    Article  MathSciNet  Google Scholar 

  9. N.K. Ratha, J.H. Connell, R.M. Bolle, Enhancing security and privacy in biometrics-based authentication systems. IBM Syst. J. 40(3), 614–634 (2001)

    Article  Google Scholar 

  10. N.K. Ratha, S. Chikkerur, J.H. Connell, R.M. Bolle, Generating cancelable fingerprint templates. IEEE Trans. Pattern Anal. Mach. Intell. 29(4), 561–572 (2007)

    Article  Google Scholar 

  11. E. Maiorana, P. Campisi, J. Fierrez, J. Ortega-Garcia, A. Neri, Cancelable templates for sequence-based biometrics with application to on-line signature recognition. IEEE Trans. Syst. Man Cybern. Part A Syst. Hum. 40(3), 525–538 (2010)

    Article  Google Scholar 

  12. S. Chikkerur, N.K. Ratha, J.H. Connell, R.M. Bolle, Generating registration free cancelable fingerprint templates, in 2nd IEEE International Conference on Biometrics: Theory, Applications and Systems, (2008)

    Google Scholar 

  13. B. Yang, C. Busch, P. Bours, D. Gafurov, Robust minutiae hash for fingerprint template protection. Proc. SPIE 7541, Media Forensics and Security II, (2010)

    Google Scholar 

  14. J. Bringer, H. Chabanne, B. Kindarji, Anonymous identification with cancelable biometrics, in 6th Interanational Symposium on Image and Signal Processing and Analysis (ISPA ‘09), (2009)

    Google Scholar 

  15. J. Zuo, N.K. Ratha, J.H. Connell, Cancelable iris biometric, in 19th International Conference on Pattern Recognition (ICPR ‘08), (2008)

    Google Scholar 

  16. A. Juels, M. Wattenberg, A fuzzy commitment scheme, in 6th ACM Conference on Computer and Communications Security, (1999), pp. 28–36

    Google Scholar 

  17. F. Hao, R. Anderson, J. Daugman, Combining crypto with biometrics effectively. IEEE Trans. Comput. 55(9), 1081–1088 (2006)

    Article  Google Scholar 

  18. J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, G. Z’emor, Optimal iris fuzzy sketches in First IEEE International Conference on Biometrics: Theory, Applications, and Systems (2007). https://doi.org/10.1109/BTAS.2007.4401904

  19. L. Zhang, Z. Sun, T. Tan, S. Hu, Robust biometric key extraction based on iris cryptosystem, in Advances in Biometrics. ICB 2009. LNCS 5558, ed. by M. Tistarelli, M. S. Nixon (Springer, Berlin/Heidelberg, 2009)

    Google Scholar 

  20. C. Rathgeb, A. Uhl, Systematic construction of iris-based fuzzy commitment scheme, in Advances in Biometrics. ICB 2009. LNCS 5558, ed. by M. Tistarelli, M. S. Nixon (Springer, Berlin/Heidelberg, 2009)

    Chapter  Google Scholar 

  21. S. Yang, I. Verbauwhede, Secure iris verification, in IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP), (2007)

    Google Scholar 

  22. J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, G. Z’emor, Theoretical and practical boundaries of binary secure sketches. IEEE Trans. Inf. Forensics Secur 3(4), 673–683 (2008)

    Article  Google Scholar 

  23. K. Simoens, P. Tuyls, B. Preneel, Privacy weaknesses in biometric sketches, in 2009 30th IEEE Symposium on Security and Privacy, (2009)

    Google Scholar 

  24. Y. Dodis, R. Ostrovsky, L. Reyzin, A. Smith, Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing 38(1), 97–139 (2008)

    Google Scholar 

  25. E.C. Chang, S. Roy, Robust extraction of secret bits from minutiae, in Advances in Biometrics, ICB 2007. LNCS 4642, ed. by S. W. Lee, S. Z. Li (Springer, Berlin/Heidelberg, 2007)

    Google Scholar 

  26. E.J.C. Kelkboom, B. Gokberk, T.A.M. Kevenaar, A.H.M. Akkermans, M. van der Veen, “3D face”: Biometric template protection for 3D face recognition, in Advances in Biometrics, ICB 2007. LNCS 4642, ed. by S. W. Lee, S. Z. Li (Springer, Berlin/Heidelberg, 2007)

    Chapter  Google Scholar 

  27. T.A.M. Kevenaar, G.J. Schrijen, M. Van der Veen, A.H.M. Akkermans, F. Zuo, Face recognition with renewable and privacy preserving binary templates, in Fourth IEEE Workshop on Automatic Identification Advanced Technologies, (2005)

    Google Scholar 

  28. P. Tuyls, A.H.M. Akkermans, T.A.M. Kevenaar, G.J. Schrijnen, A.M. Bazen, R.N.J. Veldhuis, in AVBPA 2005, LNCS 3546, ed. by T. Kanade, A. Jain, N. K. Ratha (Springer, Berlin/Heidelberg, 2005), pp. 436–446

    Google Scholar 

  29. J.P. Linnartz, P. Tuyls, New shielding functions to enhance privacy and prevent misuse of biometric templates, in 4th International Conference AVBPA 2003, LNCS, vol. 2688, ed. by J. Kittler, M. S. Nixon (Springer, Berlin/Heidelberg, 2003), pp. 393–402

    Google Scholar 

  30. F.M. Bui, K. Martin, H. Lu, K.N. Plataniotis, D. Hatzinakos, Fuzzy key binding strategies based on quantization index modulation (QIM) for biometric encryption (be) applications. IEEE Trans. Inf. Forensics Secur 5(1), 118–132 (2010)

    Article  Google Scholar 

  31. I.R. Buhan, J. Doumen, P. Hartel, T. Qiang, R.N.J. Veldhuis, Embedding renewable cryptographic keys into noisy data. Int. J. Inf. Secur. 9(3), 193–208 (2010)

    Article  Google Scholar 

  32. A. Juels, M. Sudan, A fuzzy vault scheme. Proceedings of the 2002 international symposium on information theory, (2002)

    Google Scholar 

  33. A. Kumar, A. Kumar, Development of a new cryptographic construct using Palmprint-based fuzzy vault. EURASIP J. Adv. Signal Process (Dec 2009)

    Google Scholar 

  34. Y.J. Lee, K.R. Park, S.J. Lee, K. Bae, J. Kim, A new method for generating an invariant iris private key based on the fuzzy vault system. IEEE Trans. Syst. Man Cybern. B Cybern. 38(5), 1302–1313 (2008)

    Article  Google Scholar 

  35. T.C. Clancy, N. Kiyavash, D.J. Lin, Secure smartcard-based fingerprint authentication. Proc. of 2003 ACM SIGMM Workshop Biometrics Methods and Application (WBMA), pp. 45–52, (2003)

    Google Scholar 

  36. A. Juels, M. Sudan, A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237–257 (2006)

    Article  MathSciNet  Google Scholar 

  37. T. Frassen, Z. Xuebing, C. Busch, Fuzzy vault for 3D face recognition systems, in International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIHMSP ‘08), (2008)

    Google Scholar 

  38. S. Lee, D. Moon, W.Y. Choi, Y. Chung, Analysis of tradeoffs among verification accuracy, memory consumption, and execution time in the GH-based fuzzy fingerprint vault, in International Conference on Security Technology (SecTech ‘08), (2008)

    Google Scholar 

  39. P. Li, X. Yang, K. Cao, P. Shi, J. Tian, Security-enhanced fuzzy fingerprint vault based on minutiae’s local ridge information, in Advances in Biometrics. ICB 2009. LNCS, 5558, ed. by M. Tistarelli, M. S. Nixon (Springer, Berlin/Heidelberg, 2009)

    Chapter  Google Scholar 

  40. K. Nandakumar, A.K. Jain, S. Pankanti, Fingerprint-based fuzzy vault: Implementation and performance. IEEE Trans. Inf. Forensics Secur 2(4), 744–757 (2007)

    Article  Google Scholar 

  41. S. Yang, I. Verbauwhede, Automatic secure fingerprint verification system based on fuzzy vault scheme, in IEEE International Conference on Acoustics, Speech, and Signal Processing, (2005)

    Google Scholar 

  42. U. Uludag, A.K. Jain, Securing fingerprint template: Fuzzy vault with helper data. Computer Vision and Pattern Recognition Workshop, 163 (2006)

    Google Scholar 

  43. Y. Dodis, L. Reyzin, A. Smith, Fuzzy extractors: How to generate strong secret keys from biometrics and other noisy data, in Advances in Cryptology – Eurocrypt 2004. LNCS, (2004), pp. 532–540

    Google Scholar 

  44. Q. Li, Y. Sutcu, N. Memon, Secure sketch for biometric template. Advances in Cryptology ASIACRYPT LNCS 4284, 99–113 (2006)

    Google Scholar 

  45. Y. Sutcu, Q. Li, N. Menon, Protecting biometric templates with sketch: Theory and practice. IEEE Trans. Inf. Forensics Secur 2(3), 503–512 (2007)

    Article  Google Scholar 

  46. J. Bringer, H. Chabanne, B. Kindarji, The best of both worlds: Applying secure sketches to cancelable biometrics, in Science of Computer Programming, (2008)

    MATH  Google Scholar 

  47. Q. Li, M. Guo, E.-C. Chang, Fuzzy extractors for asymmetric biometric representation, in IEEE Workshop on Biometrics (In Association with CVPR), (2008)

    Google Scholar 

  48. A. Arakala, J. Jeffers, K.J. Horadam, Fuzzy extractors for minutiae-based fingerprint authentication, in International Conference on Biometrics, (2007), pp. 760–769

    Google Scholar 

  49. Y. Sutcu, Q. Li, N. Menon, Design and analysis of fuzzy extractors for faces, in Biometric Technology for Human Identification, Part of the SPIE International Defense and Security Symposium, (2009)

    Google Scholar 

  50. J. Bringer, H. Chabanne, B. Kindarji, The best of both worlds: Applying secure sketches to cancelable biometrics. Science of Computer Programming 74(1–2), 43–51 (2008)

    Google Scholar 

  51. E.J.C. Kelkboom, On the Performance of Helper Data Template Protection Scheme. PhD thesis, University of Twente, 2010

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, SRM University, Delhi-NCR, Sonipat, Haryana, India

    Sonam Chauhan & Ajay Sharma

Authors
  1. Sonam Chauhan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ajay Sharma
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Ryerson University, Toronto, Ontario, Canada

    Isaac Woungang

  2. CAITFS, Division of Information Technology, Netaji Subhas Institute of Technology, University of Delhi, New Delhi, India

    Sanjay Kumar Dhurandher

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chauhan, S., Sharma, A. (2018). Securing Fuzzy Commitment Scheme Against Decodability Attack-Based Cross-Matching. In: Woungang, I., Dhurandher, S. (eds) International Conference on Wireless, Intelligent, and Distributed Environment for Communication. WIDECOM 2018. Lecture Notes on Data Engineering and Communications Technologies, vol 18. Springer, Cham. https://doi.org/10.1007/978-3-319-75626-4_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-75626-4_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-75625-7

  • Online ISBN: 978-3-319-75626-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation