Professional Documents
Culture Documents
2 January 2012
2 January 2012
2 January 2012
2 January 2012
Alice
Biometric Template
Alice
2 January 2012
2 January 2012
Alice
Biometric Template Verification
2 January 2012
Enrollment
H(
Alice
H(
Alice
Verification
2 January 2012
10
2 January 2012
11
2 January 2012
12
Feature Transformation
A transformation function F is applied to the biometric template T
Only the transformed template F(T,K) is stored in the database
Feature Transformation
Salting
Transformation function is invertible
Non-invertible transformation
Transformation function is one-way
2 January 2012
14
Biometric Cryptosystems
They have 2 secrets: biometric template and cryptographic key
Both must be protected
Some public information about the biometric template is stored Public information is usually referred to as helper data The helper data should not reveal much about template or key
2 January 2012 FIT 2011, 19-21 Dec 2011 15
Biometric Cryptosystems
Key Binding Systems
The helper data is obtained by binding a key with the biometric template Computationally hard to recover either the key or the original template Matching involves recovery of the key from the helper data using the query biometric features
2 January 2012
16
Biometric Cryptosystems
Key Generation Systems
Helper data (key) is derived only from the biometric template The helper data and the query biometric features combine to generate the key
2 January 2012
17
Discard Merge
Smart card
Discard
2 January 2012
18
Merge
2 January 2012
19
Major Challenge
The fuzziness has to be removed
Enrollment
Alice Biometric Template
Verification
2 January 2012
23
Iris Segmentation
Feature Encoding
2 January 2012 FIT 2011, 19-21 Dec 2011
2 January 2012
25
Biometric Template
Biometric Template
2 January 2012
26
Proposed System
Biometric enrollment process Biometric verification process
2 January 2012
27
2 January 2012
28
2 January 2012
29
2 January 2012
30
2 January 2012
31
Key Encoding
Key encoding using BCH codes
(4095,260,696)-BCH code
Codeword length = 4095 bits Message (key) length = 260 bits Error correction capability = 696 bits
BCH code sizes are 2m 1 m too small small key M too large slow decoding We use m = 12 to get a good balance
2 January 2012
32
2 January 2012
34
Experimental Evaluation
Iris Dataset: University of Bath iris dataset
A total of 1000 images 20 images of each eye captured from each of 25 subjects We used all right eye images We used 3 images per subject for final template generation and remaining 17 for testing
2 January 2012
36
Verification Results
Error Correction Capability (Bits) 573 614 655 696 737 778 819 860 601 HD Threshold 0.14 0.15 0.16 0.17 0.18 0.19 0.2 0.21 0.22 Key Size (Bits) 322 322 322 260 176 98 98 98 47 FRR % 1.65 1.18 0.94 0.24 0.24 0.24 0 0 0 FAR % 0 0 0 0 0.01 0.03 0.11 0.21 0.37
2 January 2012
37
2 January 2012
38
Security Analysis
The user has two secrets
Biometrics Smart cards
We assume that the adversary can steal one of the two secrets
2 January 2012
39
Security Analysis
1. Biometrics is compromised
The chances of a particular biometric trait being compromised depends on the trait
Face and voice are easy to capture Retina and iris are hard to capture
The adversary has to find a 4095-bit codeword with a message size of 260 bits The brute force attack requires 2260 attempts which is not feasible
2 January 2012
40
Security Analysis
2. Smart card is compromised
We use iris templates of 4095 bits having an estimated degree of freedom of 249 bits [2] There is no systematic correlation in iris templates Assuming adversary knows all correlations, then to guess the original template, the adversary has to find a 249-bit string requiring a BF effort of 2249 bits Continued on next slide
2 January 2012
41
Security Analysis
2. Smart card is compromised (cont.)
Due to BCH error correction, the adversary will win if he/she finds a 249-bit string with a distance of 42 bits (17%) Using sphere-packing bound, this will need 290 attempts
Still reasonably high Higher than all previous systems Not only string generation, but also xor, decode, and hash
2 January 2012
42
References
1. Ziauddin, S. and Dailey, M. (2010), Robust Iris Verification for Key Management ', Pattern Recognition Letters 31(9), 926935. 2. Daugman, J. (2003), 'The importance of being random: statistical principles of iris recognition', Pattern Recognition 36(2), 279291.
2 January 2012
43