Secure and Revocable Biometric Template Using Fuzzy Vault ...shodhganga.inflibnet.ac.in/bitstream/10603/5559/7/07_chapter1.pdf · Introduction Chapter 1 1 Secure and Revocable Biometric

Introduction Chapter 1

1

Secure and Revocable Biometric Template Using Fuzzy

Vault for Fingerprint, Iris and Retina

CHAPTER 1

1. INTRODUCTION

1.1 OVERVIEW OF BIOMETRICS

1.1.1 TYPES OF BIOMETRICS

1.1.2 REQUIREMENTS OF BIOMETRICS

1.1.3 BIOMETRIC TEMPLATES

1.1.4 APPLICATION AREAS OF BIOMETRICS

1.1.5 ATTACKS AGAINST BIOMETRIC SYSTEMS

1.1.6 NEED FOR BIOMETRIC TEMPLATE SECURITY

1.2 OVERVIEW OF EXISTING WORK

1.3 PROPOSED METHODOLOGY

1.4 OBJECTIVE OF THE THESIS

1.5 SIGNIFICANT CONTRIBUTIONS

1.6 ORGANIZATION OF THE THESIS

1.7 CHAPTER SUMMARY


2

Establishing the identity of a person is very crucial in th e current

connected scenario. The existing authentication mechanisms are password

based and token based. Biometric authentication has proved itself superior

compared to these traditional authenticat ion methods.

1.1 OVERVIEW OF BIOMETRICS

Biometrics is defined as automated methods for identifying or

authenticating a person based on his/her physiological or behavioral traits. The

word biometrics is derived from the Greek words namely “Bio” meaning life

and “metrics” meaning measurements. Biometrics generally deals with the

application of statistical analysis to measurable biological data of a human. The

interesting and basic idea of biometric is that our body itself acts as a password.

The concept of biometrics as a means to identify a person dates back to ancient

period. The significant advancement in the field of computer processing made

possible the recent automated biometric personal identification and

authentication systems.

Pros and Cons of Biometrics over Traditional Authentication Methods

Biometric authentication identifies a person based on “ Who he is?” The

traditional knowledge based authentication methods like password identifies a

person based on “What he knows?” and token based authenticati on method like

badges and cards identifies a person based on “ What he has?” Biometrics

cannot be stolen, shared, guessed, lost or forgotten unlike passwords and

tokens. User need not memorize or carry anything to authenticate him self.

The person has to present himself at the point of authentication. Biometric

systems authenticate a person as such without the necessity to carry or to

memorize anything. Biometric characters are unique to an individual.

Anyhow, biometrics cannot be revoked or reissued unlik e passwords.

Moreover, biometrics leaks personal information about the body of a person.


3

Operational Modes of Biometric System

Biometric authentication system requires compari son of a registered or

enrolled biometric sample against newly captured biometr ic sample. Biometric

systems can operate in two different modes namely , identification mode and

verification mod e. In identification mode, the system identifies a person from

the entire enrolled population by searching a database for a match based solely

on the biometric. For example, entire database can be searched to verify a

person’s identity and to find out if he/she has not applied for entitlement

benefits under two different names. This type of matching is known as “one-

to-many” matching. In verification mode, the biometric system authenticates a

person’s claimed identity from their previously enrolled pattern. This is known

as “one-to-one” matching. This type of authentication mechanism is mainly

used in most computer access or network access envi ronments.

The authentication process involves two phases namely , enrolment

phase and identification phase. During enrolment phase , biometric samples are

captured from individuals and stored in the form of biometric templates in

databases. In identificatio n phase, the biometric samples are extracted from the

individuals and compared against the one stored in the database. I f there is a

match, the person is successfully authenticated and he/she is allowed to utilize

the resource or service s and he/she is a legal person. It there is no match, the

personal is not successfully authenticated and he/she is prevented from utilizing

the resource or service s and he/she is an illegal person. The Figure 1.1 shows

the two different phases of personal authentication.

During enrolment phase the biometric samples extracted from

the user is stored in database in the form of biometric templates. Templates

reveal personal information about a person and are prone to attacks. Therefore ,

it is crucial for any biometric system to ensure the security of the biometric

templates.


4

Figure 1.1 Phases of Biometric Authentication Process

1.1.1 Types of Biometrics

Biometrics is normally classified into two categories namely,

physiological and behavioural. Physiological biometrics is called passive

biometrics and behavio ural biometrics is called active biometrics. The main

difference between these two types of biometrics is in the data acquisition. In

physiological biometrics data is acquired in the form of bodily measurement

which does not necessaril y require an action by the user . Data acquisition of

biometric information in the behavioural category requires users to be active,

i.e. to perform some activity in front of a sensor. Behavio ural biometric

capturing require user co-operation. Most of the physiological biometrics can

be acquired even without explicit consent of subjects. Physiological

biometrics uses a physical trait, such as a fingerprint . The physical trait is

analyzed, measured and digitally store d. Behavioural biometrics involves the

Verification

Capture Process

Process Capture

Compare

Store

Present Biometric

No Match

Match

Present Biometric

Enrollment


5

use of a behavioural trait or pattern, such as a voice . These traits are stored in a

similar way to the physiological traits except they are updated regularly to cope

with the ever changing patterns in the trait. These two types are suitable to

different situations and circumstances. Physiological biometrics ha s proved

more reliable than the behavioural one as the physical traits generally stay the

same all the time, whereas behavioral traits change and have more chance for

error. Examples of physical biometrics are fingerprint, iris, retina, DNA, palm

print, hand geometry, footprint etc. Examples of behavioural biometrics

involve voice, key stoke dynamics, mouse dynamics, gait, signature etc.

Another class of biometric called esoteric biometric as elaborated by

John Woodward et al [58] is also identified. Esoteric biometrics is still under

early development or at an experimental stage . As the computing power

becomes economic they will in future be moved from esoter ic biometric to

primary main stream biometrics. Examples of esoteric biometric s are vein

pattern, body odour, brain wave pattern, facial thermograph, skin

luminescence, fingernail bed, ear shape, foot print, foot dynamics, lip print, lip

movement, knee creases, elbow creases and swea t pores. Even tooth can be

used as biometrics as shown by A.K. Jain et al [45]. Antonellin et al [7]

detected fake fingerprints by analyzing skin distortion.

Certain other type of biometrics is known as soft biometrics. Soft

biometrics is not distinct and permanent. They are not enough to uniquely

identify a person. Soft biometrics when combined with primary biometrics like

face, fingerprint, iris and retina gives better results . Example of soft biometrics

involves age, height, weight, body fat content, eye colo ur, skin colour, scar,

tattoos and marks. Figure 1.2 shows different biometric traits. All these

biometrics add meaning to the phrase “our body as password”.


6

Figure 1.2 Different Types of Biometrics

(a) Fingerprint (b) Hand Geometry (c) Palm (d) Vein Pattern

(e) Eye (f) Retina (g) Iris (h) Facial Thermogram

(i) Tooth (j) Ear (k) DNA (l) Gait

(m) Footprint (n) Voice (o) Signature (p) Mouse dynamics

(q) Hair (r) Key stroke dynamics (s) Face (t) Nose


7

Biometric traits like fingerprint, retina and iris have certain merits when

compared to other biometrics. They can be employed in specific applications.

Fingerprints are largely universal. Fingerprints are unique even for ide ntical

twins. Fingerprints are reliable, easy to measure and impart high user

convenience. Fingerprint capturing devices are inexpensive. Fingerprint

scanners are more accurate, faster and require less computation and storage.

Fingerprint is the most acc epted biometrics. Fingerprints are classified

depending on the flow curves [24]. Multiple fingerprint scans can make the

system more resistive towards attacks.

Iris provides high speed of comparison and it is well suited for one-to-

many identification. The iris templates are more stable or have more template

longevity. Iris templates need not be updated frequently, a single enrollment

can last a lifetime. It is an internal organ that is well protected against damage

and wear by a highly transparent and se nsitive membrane. The shape of the iris

is more predictable than face due to its geometric configuration unlike face.

The iris has a fine texture. Even genetically identical individuals have

completely independent iris textures unlike DNA. Genetically iden tical twins

have same DNA structure. Liveness detection mechanism can be augmented

with iris recognition for better performance. Light will not converge on a

deceased person’s iris.

Retina scanning is quite accurate and very unique to each individual

similar to the iris scan. The retina patterns are unique and difficult to duplicate.

A retina scan cannot be faked as it is currently impossible to forge a human

retina. Furthermore, the retina of a deceased person decays too rapidly to be

used to deceive a retinal scan. Retina, being the internal organ , is less prone to

damage. Retina is more suitable for high security applications like military,

access to power plant and other high security governme nt applications.


8

1.1.2 Requirements for Biometrics

Physical and Behavio ural biometrics should posses certain characters

that make them suitable to be employed in biometric system s. Requirements

are separated as theoritical and practical and are as follows,

Theoritical requirements : -

• Universality: Each person should have the biometric characteristic s

• Distinctiveness: Any two persons are not equal in terms of the

characteristic

• Permanence: The characteristics remain the same over time or has no

abrupt changes

• Collectabillity: The characteristics should be able to be measured

quantitatively

Practical requirements :-

• Performance: The achievable recognition accuracy and speed that the

biometric system can achieve

• Acceptability: The acceptance of the end-users in using the biometric

system in their daily lives

• Circumvention: The degree of security of the system given fraudulent

attacks

Biometric samples captured during enrollment phase are stored in the

form of templates. Biometric templates play important role in the biometric

authentication process. Biometric templates should possess certain important

properties.

1.1.3 Biometric Templates

A template represents a set of salient features that summarizes the

biometric data (signal) of an individual. A biometric template is a digital

reference of distinct characteristics that have been extracted from a biometric

sample. Templates are used during the biometric authentication process . Due


9

to its compact nature, it is commonly assumed that the template c annot be used

to elicit complete information about the original biometric signal. Furthermore,

since the templates are typically stored in an encrypted form, it is substantially

difficult to decrypt and determine the contents of the stored template.

Constraints for Biometric Templates

Protected biometric templates used in a privacy -protected verification

system should satisfy the following constraints ;

• Original biometric samples should not be decoded from the protected

templates

• Private information should not be derived from the protected

templates

• It should not be possible to link subjects within and across the

databases through comparison of templates

• Should allow identity verification data for specific predefined

application only

Properties of Biometric Templates

Biometric template should posses the following properties ;

• Revocable, renewable and diversifiable protected template

• Universal approach

• Interoperability

• Data minimization

• Intrinsic security

• Seamless integration with existing veri fication methods

• Architecture flexibility


10

Biometric Templates Security and Privacy Risks

The security and privacy risks involved in biometric templates are as

follows;

• Identity theft – When biometric templates are lost, a person

loses his identity. When compromised they cannot be revoked or

reissued.

• Cross matching attacks – Adversary can cross –link the stolen

templates with other biometric databases or datasets. Privacy of

the human being is not guaranteed.

• Disclosure of Sensitive informati on - Biometric information

allows arriving at conclusions about the properties of the

enrollee's body. Biometric templates may reveal sensitive

medical information.

1.1.4 Application Areas of Biometrics

Biometric authentication finds its applications in the fol lowing vital areas

namely,

• Access Control to Facilities and Computers

• Criminal Identification

• Border Security

• Access to Nuclear Power Plant

• Identity Authentication in Network Environment

• Airport Security

• Issue of Passports or Driving Licenses

• Forensic and Medical Databases

The Biometric-based authentication applications include the following areas;

Ø Workstation and Network Access

Ø Single sign-on


11

Ø Application logon

Ø Data protection

Ø Remote Access to Resources

Ø Transaction Security

Ø Web Security

Ø E-commerce and E-government

Ø Investing and other Financial Transactions

Ø Retail Sales

Ø Secure Electronic Banking

Ø Law Enforcement

Ø Health and Social Services

Biometric technologies are expected to play a key role in

Ø Personal authentication for la rge-scale enterprise network

authentication environments

Ø Point-of-Sale

Ø Protection of all types of digital content such as

• Digital Rights Management

• Health Care Applications

1.1.5 Attacks against Biometric Systems

Attacks, vulnerabilities and issues related to biometrics are discussed in

the work of Alder et al [1[[2][3], A.K. Jain et al [53][54], A. Ross et al [99],

Uludag et al [123], Williams et al [131] . Biometric systems are prone to a

variety of attacks. Attacks against biometric system s are grouped into four

categories namely,


12

(i) Attacks at the user interface (input level),

(ii) Attacks at the interfaces between modules

(iii) Attacks on the modules

(iv) Attacks on the stored templates

Among the above four varieties of attack, the st ored biometric template

attack is the worst. This work provides security to biometric templates against

stored biometric template attack s.

1.1.6 Need for biometric template security

A template represents a set of salient features that summarizes the

biometric data (signal) of an individual. As biometrics finds its applications in

crucial high security areas and is subjected to different types of attacks,

providing security and revocability to the biometric template is an important

issue. Biometrics is not private and only limited biometrics are present in the

human body. Hence, it is very important to secure biometric templates.

Moreover, they leak personal information like disease and disorders in a

person. When the biometric is lost , a person loses his identity. Therefore

providing security to biometric templates is very important in any biometric

based authentication system.

1.2 OVERVIEW OF EXISTING WORK

As a result of literature survey it is found that the biometric systems are

prone to variety of attacks. Stored biome tric template attack is the severe of all

the attacks. Biometric templates schemes are broadly classified as feature

transformation based approach and crypto biometric system based approach.

Feature transformation based approach is further divided into sal ting and non

invertible transformation. Crypto biometric systems are further categorized as

key generation and key binding approach.


13

A single approach is not enough to achieve all the properties of a

biometric template like security, revocability and dive rsity. Hybrid methods

perform well compared to single primary method for biometric template

security. Multibiometrics are more significant than unibiometric systems as

they overcome certain limitations of unibiometrics. Multibiometric

authentication systems are employed in several high security applications.

Therefore providing security to multibiometric system is of much importance.

Anyhow, very few have worked in multibiometric template security using a

hybrid approach.

Eye biometrics like iris and reti na has certain merits when compared to

other biometric trait. Retina is suitable for high security applications.

However, very few have worked on retinal template security. Providing

security to retinal template is very crucial as it reveals diseases and disorders in

a person like hypertension and diabetes.

Based on the above discussions the proposed method arrived is Fuzzy

vault, which is a key binding based crypto biometric method. It is a proven

technology for biometric template security. It mixes t he idea of biometrics

with cryptography. Fuzzy vault eliminates the key management problem as

compared to other practical cryptosystems. The security of the fuzzy vault lies

in the polynomial reconstruction problem.

Fuzzy vault has certain limitations li ke non-revocability and function

creeping. Fuzzy vault when hardened with password overcome s these

limitations. Password hardening provides security as well as revocability.

Password hardening of fuzzy vault is a hybrid approach. It mixes the idea of

biometric crypto biometric system (fuzzy vault) with that of feature

transformation based approach (salting – password transformation).

Multibiometric templates can also be protected using password hardened fuzzy

vault.


14

From the literature it is found that s oft biometrics when combined with

primary biometrics gives better performance. The idea of soft biometrics is

also utilized to derive combined user and soft biometric based password for

transforming the biometric templates. Soft biometrics like height, ge nder and

eye colour are applied. Iris and retinal template combination improves user

convenience as both the capturing cameras can be mounted on a single device.

From the existing methods , it is observed that very few have worked on the

following;

• Multibiometric template security

• Hybrid approach on multibiometric security

• Retinal template security

• The calculation of the strength of their method s

• Providing all the properties of biometric template namely security,

revocability and diversity

• Methods that are resistive towards attacks

In order to overcome the limitations in the existing method s the

proposed method provides security to multi biometric templates using a hybrid

approach.

1.3 PROPOSED METHODOLOGY

The proposed method is attempted to provide secur ity, diversity and

revocability to unibiometric and multibiometric templates by a hybrid

approach. The security of the proposed fuzzy vault method is measured by

min-entropy which is expressed in terms of security bits. The number of

evaluations required t o compromise the vault by a brute force attack is also

calculated. This method is resistive towards specific attacks against fuzzy vault

namely, record multiplicity attack, stolen key inversion attack and blended


15

substitution attack. It also constructs re tina based fuzzy vault for high security

applications.

The proposed method considers fuzzy vault scheme to provide security

to biometric templates. The fuzzy vault is password hardened to impart

revocability to biometric templates. Hence, th e password hardened fuzzy vault

is a hybrid approach which blends the idea of feature transformation approach

as salting and biometric crypto system approach as fuzzy vault. The problem

of providing security to the stored biometric templates and making it more

resistive towards attack has been addressed in the following approaches. The

proposed method is structured into six different phases,

Phase 1 Unimodal biometric fuzzy vaults for fingerprint, iris and retinal

templates

• To provide security

Phase 2 Password hardened fuzzy vault

• To overcome certain limitations of fuzzy vault

• To provide additional security , revocability and diversity

• To make the vault more difficult for attackers

Phase 3 Multimodal biometric fuzzy vaults

• To overcome certain limitations of unimoda l biometrics

• To provide multimodal biometric security and to utilize its

merits

• Compromising both the biometric template becomes v ery

difficult for an attacker

Phase 4 Password hardened multimodal fuzzy vaults (bimodal)

• To provide additional security, revocability and div ersity in

multimodal biometrics

• Compromising both the biometric template and password at the

same time becomes very difficult for an attacker


16

• To overcome the limitations of unibiometrics and plain fuzzy

vault

• To utilize the merits of password hardening and multibiometrics

Phase 5 Password hardened multimodal fuzzy vaults (Trimodal)

• To provide additional security, revocability and diversity in

multimodal biometrics

• To make the vault more suitable for very high security

applications

• Compromising all the three biometric template and password at

the same time becomes very difficult for an attacker

• To overcome the limitations of unibiometrics and plain fuzzy

vault

• To utilize the merits of password hardening and multibiometrics

Phase 6 Combined user and soft biometric based password hardened fuzzy

vault

• To introduce the idea of soft biometrics

1.3.1 Unimodal biometric Fuzzy Vault

This Phase contains the following steps: -

Step 1:- Feature extraction from the biometrics (fingerprint, iris, and

retina)

Step 2:- Construction of Fuzzy Vault

Step 3:- Security Analysis of unimodal Fuzzy Vault

In step 1 the co-ordinates (x, y) of the minutiae feature points from the

biometric are extracted. They act as the locking and unlocking unit for the

fuzzy vault. In step 2 the unimodal fuzzy vault is implemented for fingerprint,

iris, and retina. Finally, in step 3 the security of the fuzzy vault is mea sured by

min-entropy which is expressed in terms of security bits. The min -entropy of

the minutiae template M T given the vault V can be calculated as [84][85].


17

Where

r = number of genuine points in the vault

c = number of chaff points in the vault

t = the total number of points in the vault (r + c)

n = degree of the polynomial

In this phase it is found that fuzzy vault provides security but lacks

revocability. Fuzzy vault can be subjected to cross -matching across data base.

It is easy for an attacker to substitute some of his own points as chaff points

and conquer the vault. Fuzzy vault canno t be used for diversifiable

applications. To overcome all these limitations , fuzzy vault is password

hardened in phase 2. Retina fuzzy vault can be used for high security

applications.

1.3.2 Password Hardened Unimodal biometric Fuzzy Vault

Phase 2 implements password hardened fuzzy vault for fingerprint, iris

and retina templates. The following steps show the process of password

hardening the fuzzy vault.

Steps in Password Hardening: -

1. A random transformation function is derived from the user

password

2. The password transformed function is ap plied to the biometric

template

3. Fuzzy vault frame work is constructed to secure the transformed

template


18

4. The key derived from the same password is used to encrypt the

vault

This process of random transformation enhances t he user privacy and

facilitates the generation of revocable templates that resist cross matching. This

transformation reduces the similarity between the original and transformed

template. The user password is restricted to the size of 8 characters.

Therefore, the length of the password is 64 bits. These 64 bits are divided into

4 blocks of each 16 bits in length. The feature point highlighted in fingerprint

template and retinal vascular tree is divided into 4 quadrants. One password

block is assigned to each quadrant. Permutation is applied in such a way that

the relative position of the feature point does not change.

Each 16 bit password block is split into two components T u of 7 bits

and Tv of 9 bits in length. T u and Tv represent the amount of translation in the

horizontal and vertical directions, respectively. The new feature points are

obtained by the following transformation.

X’u = (Xu + Tu) mod (2 ^ 7)

Y’u = (Yv + Tv) mod (2 ^ 9)

Where Xu and X’u are the horizontal distance before and after transformation

respectively. Similarly Y v and Y’v are the vertical distance before and after

transformation respectively.

This transformation is applied for fingerprint, iris and retina templates.

Then fuzzy vault is constructed for transformed templates. In this

implementation 128 bit random key is generated. This key can also be

generated from the retinal structure or iris or fingerprint for added security.

This key is transformed by the 64 bit user passwor d and is used to encrypt the

vault.


19

Password hardened biometric templates are revocable and cross -

matching of templates across databases is avoided. Different password can be

used for different applications. Strength of biometric template increases as the

guessing entropy of the password is added with the min -entropy of the fuzzy

vault. Apart from providing revocability, password acts as an additional layer

of security. Vault can be compromised only when the password and biometric

are compromised. Password hardened vault becomes computationally hard for

an attacker to compromise.

Anyhow unimodal fuzzy vault also ha s some limitations. In order to

overcome those limitations, phase 3 constructs multimodal fuzzy vault.

Multimodal fuzzy vault is constructed for three different combinations namely

fingerprint and iris, iris and retina, retina and fingerprint.

1.3.3 Multimodal biometric Fuzzy Vault

Unimodal biometrics [98]-[100] suffers from the following limitations

namely, noise in sensed data, intra-class variations, distinctiveness, non-

universality and easy for spoof attacks. Multimodal fuzzy vault can address the

non-universality problem. It can reduce the Failure to Enroll Rate and Failure

to Capture Rate. It can reduce the effect of noisy data. Multimodal Biometri cs

is more resistant to spoof attacks. Feature points from both the biometric

templates are secured in the fuzzy vault. Multimodal biometric fuzzy vault is

better when compared to their Unimodal counterparts. Security of the templates

increases. It is comp utationally hard for an attacker to compromise the multi

biometric fuzzy vault. Anyhow , multimodal biometric fuzzy vault suffers from

non-revocability and cross matching. Therefore , in phase 4 multimodal

biometric fuzzy vaults are hardened with password.

1.3.4 Password Hardened Multimodal Biometric Fuzzy Vault

All the three vaults are password hardened to impart revocability. To

check for revocability the biometric templates are subjected to three different 8


20

character user passwords namely ‘secu rity’, ’quadrant’ and ‘template’.

Multimodal biometric fuzzy vault minimizes the FTCR (Failure to Capture

Rate). Multimodal biometric fuzzy vault is more secure when compared to

unimodal vault.

It is computationally hard for an attacker to compromise. When

hardened with p assword, it becomes non -revocable and overcomes cross -

matching. The attacker can gain the vault only when he/she is able to

simultaneously capture both the biometrics and password. Multibiometric s

provide more user convenience. In this phase security of th e unimodal and

multimodal fuzzy vault s are compared. In Phase 5 , combined user and soft

biometric based password is used for hardening.

1.3.5 Trimodal Biometric Fuzzy Vault

In phase 6, feature points from all three biometrics namely fingerprint,

iris and retina are combined together to f orm a multimodal biometric fuzzy

vault. This vault secures trimodal biometric templates. This trimodal vault is

also hardened to achieve revocability and diversity. It is computationally very

tough for an attacker to compromise a trimodal vault. It is not possible for an

attacker to compromise all the biometrics and password at the same time.

Trimodal biometric fuzzy vault is suitable for very high security applications.

1.3.6 Soft biometric based Password Hardened Biometric Fuzzy V ault

Soft biometrics provides ancillary information about a person.

Examples: - gender, ethnicity, age, height, weight, eye colo ur etc. They lack

distinctiveness or permanence. Hence, Soft biometrics alone is not enough to

differentiate two individuals. An yhow, when combined with primary

biometrics (fingerprint, iris, retina etc.,) soft biometrics gives better results. In

this phase, soft biometric component of the password is obtained by combin ing

the height, eye colour and gender of the person. Seven dif ferent eye colours

are identified and single character code is assigned for them. Consider the 5


21

character user password ‘FUZZY’ (40 bits) and soft biometric password

‘155BM’ (24 bits) and the combined password becomes ‘FUZZY155BM’ (64

bits). In this phase, combined user and soft biometric based password hardened

multimodal fuzzy vault is also constructed. The security of the combined soft

biometric based password will have the same security level as that of plain

password based fuzzy vault. However, it wi ll be hard for an attacker to find

out which soft biometric trait combination the system adapts. Current

authentication systems are provided with gender identification, height

measurement, facility to capture the eye colo ur. These facilities can be capture d

and utilized .Certain difficult combination s of soft biometrics can be used to

filter the attackers.

1.3.7 EXPERIMENTAL RESULTS AND SECURITY ANALYSIS

The proposed fuzzy vault to protect biometric template contains genuine

points from the biometric template and chaff points. The chaff points added are

10 times more than that of the genuine points. Figure 1.3 illustrates feature

extraction from fingerprint , iris and retina. The brute force attack calculations,

parameters and security of the trimodal fuzzy vault s are shown in table 1.1. In

the case of the vault with polynomial degree n, if the adversary uses brute force

attack, the attacker has to try total of (t, n+ 1) combinations of n+1 element

each. Only (r, n+1) combinations are required to decode the vault . Hence, for

an attacker to decode the vault it takes C (t, n+1)/C (r, n+1) evaluations.

a) Fingerprint b)Fingerprint

Minutiae

c) Iris d) Iris Minutiae


22

e) Retina f) Retina bifurcation point

Figure 1.3 Feature Extractions from Fingerprint , Iris and Retina

Table 1.1 Security Analyses and Brute Force Attack Calculation for

Unimodal Biometric Fuzzy Vault

The fingerprint, iris and retina are transformed for three different user

passwords to check for revocability. Consider an 8 character user password

‘security’, the ASCII value of which is given by (115, 111, 99, 117, 114, 105,

116, and 121) or 64 bits. These 64 bits are divided into four blocks of 16 bits

each and these are further divided into 7 bits and 9 bits for transformation in

horizontal and vertical directions respectively. The feature point transformation

Fuzzy Vault

Param-meters

Min-entropy of the vault in

terms of security bits

Total no. of Combinations

tried

Combinations required to decode the

vault

No. of

Evaluations

Fingerprint

r = 30 c = 300 t = 330

n = 11

44 2.8440 x 1021 8.6493 x 107 3.2881 x 1013

Iris r = 28 c = 280 t = 308

n = 11

45 1.2247 x 1021 3.0422 x 107 4.0257 x 1013

Retina r = 30 c = 300 t = 330

n = 11

44 2.8440 x 1021 8.6493 x 107 3.2881 x 1013


23

is done with other two user passwords namely ‘template’ and ‘quadrant’. For

the same original template different transformed templates are obtaine d when

password is changed. The transformed template for retina is shown in Figure

1.4. This property of hardened fuzzy vault facilitates revocability. Different

passwords can be utilized for di fferent applications to avoid cross matching and

to provide diversity.

a) Password 'security’ (b) Password 'template' (c) Password 'quadrant'

Figure 1.4 Transformed Retinal Features

The min-entropy of the password hardened fuzzy vault is h igher as the

guessing entropy of the password is added with min -entropy of the multi

biometric fuzzy vault. For an 8 ASCII character password the guessing entropy

falls in the range of 18 – 30 bits. The security analysis of the password

hardened unimodal, bimodal, trimodal biometric fuzzy vault is shown in Table

1.2. The security of the vault increases as more number of biometric traits is

considered. Password hardened multibiometric fuzzy vault is more resistive to

spoof attack. The proposed system is imp lemented in Matlab 7.0.


24

Table 1.2 Security Analysis of Password Hardened Fuzzy Vault

1.4 OBJECTIVES OF THE THESIS

The major objectives of the thesis are as follows;

i. To provide security to biometric templates

ii. To impart revocability to biometric templates

iii. To avoid cross-matching of biometric templates across databases

iv. To provide diversity to biometric templates

Brute Force Attack Calculations

Vault Type

Degree of

polynomial

Min-

entropy

of the

vault(in

security

bits)

Total no: of

combinations

tried to decode

the vault

Combinations

Required to

decode the vault

No: of

Evaluations

Min-entropy +

Guessing

entropy of the

password

(in security

bit)

Iris 8 33 6.1088 X 10 16 6.9069 X10 6 8.8445 X 10 9 51 to 63

Retina 8 33 1.1457 X 10 17 1.4307 X 10 7 8.0079 X 10 9 51 to 63

Fingerprint 8 33 1.1457 X 10 17 1.4307 X 10 7 8.0079 X 10 9 51 to 63

Combined Iris and Retina

10 39 1.6377X 10 23 2.2769 X 10 11 7.1925 X 10 11 57 to 69

Combined Fingerprint and Retina

10 39 2.3848 X 10 23 3.4270 X10 11 6.9587 X 10 11 57 to 69

Combined Fingerprint

and Iris 10 39 1.6377X 10 23 2.2769 X 10 11 7.1925 X 10 11 57 to 69

Combined Fingerprint,

Iris and Retina 15 67 2.3872 x 10 37 1.4477 x 10 17

1.6487 x 10 20

85 to 97


25

v. To utilize the idea of multibiometrics to overcome certain

limitations of unibiometrics

vi. To make biometric templates more resistive to stored biometric

template attacks

vii. To provide multibiometric template security for different

applications

viii. To provide a hybrid template protection approach

ix. To render the fuzzy vault more resistive towards specific attacks

against it

x. To introduce the idea of soft biometrics

1.5 SIGNIFICANT CONTRIBUTIONS

The following are the significant contribution of this thesis work;

• Retina based fuzzy vaults for high security applications

• Password hardening of multimodal fuzzy vault for added security and

revocability

• Multimodal retina and fingerprint, retina and iris vaults

• Retinal biometric fuzzy vault mounted on a single capturing device

• The idea of soft biometrics is mixed with fuzzy vault scheme

1.6 ORGANIZATION OF THE THESIS

The rest of the thesis is organized as follows ;

• Chapter 2 provides a picture of the attacks against biometric templates,

various methods for Sprotecting the biometric templates , the merits of

hybrid schemes and survey on existing schemes.

• Chapter 3 explains fuzzy vault scheme as the proposed methodology and

shows the different phases of the proposed methodology.


26

• Chapter 4 discusses unimodal biometric fuzzy vault, its merits and

demerits.

• Chapter 5 discusses password hardened unimodal fuzzy vault.

• Chapter 6 brings out the merits o f multimodal biometrics and secures

three different combinations of multi modal templates using bimodal

biometric fuzzy vault.

• Chapter 7 shows the password hardened bimodal fuzzy vault.

• Chapter 8 discusses the construction of a tri modal fuzzy vault to pro tect

fingerprint, iris and retinal templates for very high security applications.

This chapter also compares the strength of the vaults discussed in the

previous phases.

• Chapter 9 introduces the idea of soft biometric based password

transformation in fuzzy vault.

• Chapter 10 concludes the thesis with the future scope.

1.7 CHAPTER SUMMARY

This chapter gives the overview of the biometrics and its types. The

importance of biometric templates and their security are elaborated. Biometric

technology has proved itse lf as a powerful alternative to traditional password

based and token based authentication technology. Biometric templates cannot

be revoked or reissued on spoofing. Biometric authentication is employed in

different crucial applications. Any how, biometric authentication systems are

prone to different types of attacks. Stored biometric template attack is the most

severe of all other attacks. Biometrics is generally proposed for high security

applications. Therefore it is very important to provide suitable t emplate

protection mechanism with revocability.

The existing approaches to stored biometric template security do not

provide revocability and diversity. They fail to avoid function creeping where


27

the captured biometric template is used for other applica tions other than for

what it is intended for. They do not provide the strength of their method.

Only a very few methods provide security for multibiometric templates

using hybrid approach . Again, only a very few are resistive against stored

biometric template attacks.

Hence, the proposed method attempts to overcome the above mentioned

disadvantages using password hardened fuzzy vault which is a hybrid approach

for biometric template security. This method provides revocability and

diversity apart from se curity to stored biometric templates by password

hardened fuzzy vault. Hardening acts as an additional layer of security apart

from providing revocability. To overcome certain limitations of unimodal

fuzzy vault, multimodal fuzzy vault is constructed. Mul tibiometric fuzzy vault

is more secure when compared to the unibiometric fuzzy vault. Failure to

Capture Rate (FTCR) is minimized in multimodal biometric fuzzy vault.

Attacker finds it very difficult to compromise the password hardened

multimodal fuzzy vau lt as he/she has to simultaneously capture both the

biometrics and password. The strength of the vault is calculated and number of

evaluation required to capture the vault using brute force attack is also found

out.


28

Documents

Secure and Revocable Biometric Template Using Fuzzy Vault ...shodhganga.inflibnet.ac.in/bitstream/10603/5559/7/07_chapter1.pdf · Introduction Chapter 1 1 Secure and Revocable Biometric