Scribd Logo
Upload

Welcome to Scribd!

  • Fit 2011

    Uploaded by

    Kashif Aziz Awan
    10 views44 pages
    COMSATS Institute of Information Technology Abbottabad FIT 2011

    Original Title

    FIT 2011

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    COMSATS Institute of Information Technology Abbottabad FIT 2011

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views44 pages

    Fit 2011

    Uploaded by

    Kashif Aziz Awan
    COMSATS Institute of Information Technology Abbottabad FIT 2011

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 44

    Biometric Template Security: Issues and Challenges

    Dr. Sheikh Ziauddin


    Assistant Professor, Department of Computer Science COMSATS Institute of Information Technology, Islamabad, Pakistan
    Frontiers of Information Technology (FIT) 2011

    Options for Authentication


    There are three types of data which can be used for entity authentication
     Something the user knows (passwords)  Something the user has (hardware tokens)  Something the user is (biometrics)

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Drawbacks of Password-based Systems


    A password can be forgotten It can be compromised Many passwords can be guessed by carrying out an extensive search for known dictionary words The entropy of passwords vary considerably from user to user

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Drawbacks of Hardware Token-based Systems


    Hardware tokens can be stolen They can be forged They can be compromised A user can forget to carry them along

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Biometric Authentication Systems


    Biometric authentication is more reliable than password-based authentication Biometric characteristics cannot be lost or forgotten They are extremely difficult to copy, share, and distribute Require the person being authenticated to be present
    2 January 2012 FIT 2011, 19-21 Dec 2011 5

    Biometric Authentication Systems


    It is difficult to forge biometrics It is unlikely for a user to repudiate All users have a relatively equal entropy But biometric authentication systems have their own issues

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Biometrics Template Protection: Motivation


    Biometric data stored in plain form is susceptible to theft

    Alice
    Biometric Template

    Alice

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Biometrics Template Protection: Motivation


    Theft of biometric template corresponds to the theft of identity

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Biometrics Template Protection: Motivation


    Store hashed templates?
    Alice
    Biometric Template Enrollment

    Alice
    Biometric Template Verification

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    Biometrics Template Protection: Motivation


    Store hashed templates?
    Alice Biometric Template

    Enrollment

    H(

    Alice

    Alice Biometric Template

    H(

    Alice

    Verification

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    10

    Biometrics Template Protection: Properties


    An ideal biometric template protection scheme should possess the following four properties
        Diversity Revocability Security Performance

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    11

    Biometrics Template Protection: Categories


    Template protection schemes can be categorized into two main categories:
     Feature Transformation  Biometric Cryptosystem

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    12

    Feature Transformation
    A transformation function F is applied to the biometric template T
     Only the transformed template F(T,K) is stored in the database

    The same transformation function is applied to query features Q


     Transformed query F(Q,K) is directly matched against the transformed template F(T,K)
    2 January 2012 FIT 2011, 19-21 Dec 2011 13

    Feature Transformation
    Salting
     Transformation function is invertible

    Non-invertible transformation
     Transformation function is one-way

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    14

    Biometric Cryptosystems
    They have 2 secrets: biometric template and cryptographic key
     Both must be protected

    Some public information about the biometric template is stored Public information is usually referred to as helper data The helper data should not reveal much about template or key
    2 January 2012 FIT 2011, 19-21 Dec 2011 15

    Biometric Cryptosystems
    Key Binding Systems
     The helper data is obtained by binding a key with the biometric template  Computationally hard to recover either the key or the original template  Matching involves recovery of the key from the helper data using the query biometric features

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    16

    Biometric Cryptosystems
    Key Generation Systems
     Helper data (key) is derived only from the biometric template  The helper data and the query biometric features combine to generate the key

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    17

    A Sample Key Binding Scheme: Ziauddin and Dailey [1]


    At enrollment time, key and biometric template are merged and only this merged value stored on a smart card
    Pseudorandom Number Generator

    Discard Merge
    Smart card

    Discard

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    18

    A Sample Key Binding Scheme


    At verification time, key is regenerated with the help of a fresh biometric scan and the data stored on the smart card
    Smart card

    Merge

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    19

    Major Challenge
    The fuzziness has to be removed
    Enrollment
    Alice Biometric Template

    Alice Biometric Template

    Verification

    We use Error Control Codes to remove fuzziness


    2 January 2012 FIT 2011, 19-21 Dec 2011 20

    Background: Error Control Codes


    In telecommunications, error control codes (ECC) are used to correct errors introduced during transmission over a noisy channel. Before transmitting a message, some redundancy is added to it to get a larger codeword (called encoding). This redundant data helps in reconstructing the transmitted codeword from the received corrupted codeword (called decoding).
    2 January 2012 FIT 2011, 19-21 Dec 2011 21

    Background: Error Control Codes


    Each ECC can correct a certain number of errors in a received codeword called error correction capability of the code. We will represent a code as (n,k,t) code where n is codeword size, k is message size and t is error correction capability. In particular, we use BCH code
     (4095,260,696)-BCH code
    Codeword (template) length = 4095 bits Message (key) length = 260 bits Error correction capability = 696 bits
    2 January 2012 FIT 2011, 19-21 Dec 2011 22

    Background: Error Control Codes


    Biometric readings of the same user taken at enrollment and verification times can be treated as the transmitted data and the received data respectively over a noisy channel.

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    23

    Background: Iris Template Generation


    Image Acquisition

    Iris Segmentation

    Iris Normalization Template Mask


    24

    Feature Encoding
    2 January 2012 FIT 2011, 19-21 Dec 2011

    Background: Iris Template Generation


    Both template and mask are binary strings Mask tells whether a particular point belongs to the iris (1) or it represents noise (0)

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    25

    Overview of Our Scheme


    Codeword Secret Key Recovery Information Corrupted Codeword

    Biometric Template

    Biometric Template

    K = K iff W and W belong to the same person

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    26

    Proposed System
    Biometric enrollment process Biometric verification process

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    27

    Biometric Enrollment Process


    Biometric Template Generation Reliable Bit Selection (To minimize fuzziness) Encoding using BCH Code (To remove fuzziness)

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    28

    Iris Template Generation


    We use 3 images per subject for enrollment Generate 3 (base) templates (and masks) per subject corresponding to three images using the steps described earlier

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    29

    Reliable Bit Selection


    Generate a single final template and a flag vector for each subject using reliable bit selection technique

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    30

    Reliable Bit Selection

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    31

    Key Encoding
    Key encoding using BCH codes
     (4095,260,696)-BCH code
    Codeword length = 4095 bits Message (key) length = 260 bits Error correction capability = 696 bits

    BCH code sizes are 2m 1 m too small small key M too large slow decoding We use m = 12 to get a good balance

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    32

    Biometric Enrollment Process

    K: Secret key R: Recovery information F: Flag


    2 January 2012

    C: Codeword W: Final template H: Hash of key


    33

    FIT 2011, 19-21 Dec 2011

    Biometric Verification Process


    We take one image per subject

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    34

    Biometric Verification Process

    K: Recovered key R: Recovery information F: Flag


    2 January 2012

    C: Recovered codeword W: Final template H,H: Hash of key


    35

    FIT 2011, 19-21 Dec 2011

    Experimental Evaluation
    Iris Dataset: University of Bath iris dataset
     A total of 1000 images  20 images of each eye captured from each of 25 subjects  We used all right eye images  We used 3 images per subject for final template generation and remaining 17 for testing

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    36

    Verification Results
    Error Correction Capability (Bits) 573 614 655 696 737 778 819 860 601 HD Threshold 0.14 0.15 0.16 0.17 0.18 0.19 0.2 0.21 0.22 Key Size (Bits) 322 322 322 260 176 98 98 98 47 FRR % 1.65 1.18 0.94 0.24 0.24 0.24 0 0 0 FAR % 0 0 0 0 0.01 0.03 0.11 0.21 0.37

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    37

    Comparison with Existing Systems


    Researcher(s) Monrose et al. (1999) Monrose et al. (2001) Goh and Ngo (2003) Uludag et al. (2005) Hao et al. (2006) Santos et al. (2006) Yang and Verbauwhede (2007) Lee et al. (2008) Ziauddin and Dailey (2010) [1] Biometric Trait Used Keystroke patterns Voice Face Fingerprints Iris Handwritten signatures Iris Iris Iris Key Size (Bits) 15 46 80 128 140 128 92 128 260 FRR % 18 17 0.93 21 0.47 57 0.8 0.32 to 31.8 0.24

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    38

    Security Analysis
    The user has two secrets
     Biometrics  Smart cards

    We assume that the adversary can steal one of the two secrets

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    39

    Security Analysis
    1. Biometrics is compromised
     The chances of a particular biometric trait being compromised depends on the trait
    Face and voice are easy to capture Retina and iris are hard to capture

     The adversary has to find a 4095-bit codeword with a message size of 260 bits  The brute force attack requires 2260 attempts which is not feasible

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    40

    Security Analysis
    2. Smart card is compromised
     We use iris templates of 4095 bits having an estimated degree of freedom of 249 bits [2]  There is no systematic correlation in iris templates  Assuming adversary knows all correlations, then to guess the original template, the adversary has to find a 249-bit string requiring a BF effort of 2249 bits  Continued on next slide

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    41

    Security Analysis
    2. Smart card is compromised (cont.)
     Due to BCH error correction, the adversary will win if he/she finds a 249-bit string with a distance of 42 bits (17%)  Using sphere-packing bound, this will need 290 attempts
    Still reasonably high Higher than all previous systems Not only string generation, but also xor, decode, and hash

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    42

    References
    1. Ziauddin, S. and Dailey, M. (2010), Robust Iris Verification for Key Management ', Pattern Recognition Letters 31(9), 926935. 2. Daugman, J. (2003), 'The importance of being random: statistical principles of iris recognition', Pattern Recognition 36(2), 279291.

    2 January 2012

    FIT 2011, 19-21 Dec 2011

    43

    Thank You and Questions

    You might also like