A hybrid cryptosystem for biometric authentication and template protection
Biometrics provides a secure means of authentication because it is difficult to copy, forge, or steal biometric modalities. However, the biometric modalities used are not secret as biometric data can be obtained without the knowledge, permission or cooperation of the owner, thus violating the sec...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2017
|
| Subjects: | |
| Online Access: | http://psasir.upm.edu.my/id/eprint/110997/1/FSKTM%202017%2043%20-%20IR.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Biometrics provides a secure means of authentication because it is difficult to copy,
forge, or steal biometric modalities. However, the biometric modalities used are not
secret as biometric data can be obtained without the knowledge, permission or
cooperation of the owner, thus violating the security of the authentication system and
the privacy of legitimate users. Stolen and compromised biometric information can
be used to carry out replay, template reconstruction attacks, and other unscrupulous
activities such as function creep, profiling, template sharing, and data matching,
resulting in catastrophic incidents of security attack, privacy violation and loss of
identity, as well as a significant loss of users' confidence in the authentication system.
Existing hybrid cryptosystems rely on the secrecy of user-specific parameter and the
complexity of template protection algorithms, but do not guarantee template
security, user privacy and identity protection once the constituent template protection
schemes are compromised.
This research proposes a hybrid biometric cryptosystem based on key binding and
salting techniques to provide template security, user privacy, resistance to loss of
identity and good recognition accuracy. The proposed key binding scheme known as
modified shielding function minimizes the complexity of image processing and
addresses the security as well as privacy limitations of generic shielding function.
We also propose a salting technique known as matrix transformation technique that
increases the security of stored biometric data and prevents the recovery of original
biometric data from secured templates. Although matrix transformation provides
high level template security and user privacy, it has poor recognition accuracy.
Therefore, a hybrid cryptosystem is proposed, which leverages on the high security
of matrix transformation and good recognition accuracy of the modified shielding
function to provide an authentication approach which increases the security of stored
biometric data, privacy of legitimate users, resistance to loss of identity and good
recognition accuracy.
The feasibility of the proposed approach is assessed using face, iris and
multibiometric data. The goal is to compare the performance of the approach on
different biometric modalities. This provides a comparison between the recognition
accuracy of a highly reliable biometric modality such as iris and that of a less reliable
modality such as face. The multibiometric modality provides a midpoint between the
performances based on iris and face. This is to show that presence of iris bits in
multibiometric templates minimizes the impact of the pervasiveness of face on the
recognition accuracy of the system. Tt also shows that the presence of face data in
multibiometric templates has a negative impact on the reliability of iris. The face
dataset consists of 756 face images of 108 subjects obtained from CASIA near
infrared database. The experimental dataset for iris also consists of 756 images of
108 subjects which are obtained from the CASIA iris VI database. The
multibiometric dataset is constructed based on the fusion of756 face images and 756
iris images of 108 subjects.
Experimental results show that the hybrid scheme has better recognition accuracy
for iris as compared to face or multibiometric data. The genuine-imposter curves
show that template protection leads to a reduction in recognition accuracy. Security
and privacy analyses show that the hybrid scheme provides much better template
security, user privacy and resistance to loss of identity compared to modified
shielding function and matrix transformation. Overall, the hybrid scheme provides
good recognition accuracy and increases the security of stored biometric data,
privacy of legitimate users and protection against loss of identity even if an impostor
compromises the constituent template protection algorithms. |
|---|