Comparative Study on Biometric Template Protection
Schemes
Ruchi Nagpure
Nilmani Verma
(Research Scholar)
(HOD of computer science and engg.)
School of Engineering and IT, MATS
University, Raipur, India
ruchi.nagpure@gmail.com
School of Engineering and IT, MATS
University, Raipur, India
nilmaniv@matsuniversity.ac.in
results are combined together. Through this matching
performance can be increased.
ABSTRACT
Biometric cryptosystem is the combination of cryptography and
biometrics to enhance the security as misuse of biometric data can be
avoided by using cryptosystem. In order to overcome the problems of
unibiometric that is non- uviversality and less accuracy,
multibiometrics seems to be more reliable. Multibiometric system
means using more than one trait (eg. Fingerprint, iris, face, palmprint
etc.) for identification of a person. This system increases security and
is more accurate. However, multibiometric for each user needs to be
stored as separate entities which in turn increases the risk to user
privacy and security of the system. Therefore, fusion scheme is
applied to ensure user’s privacy and system security and biometric
cryptosystem is applied for template protection. Two well known
biometric cryptosystem namely key generation and key binding are
studied. A significant amount of approaches for both fusion scheme
and template protection has been published in the previous years. In
this paper comprehensive overview of research in fusion and
template protection is presented.
Keywords
multibiometric crptosystem, fusion, template protection.
Fig. 1 Shows feature level fusion of two biometric traits.
iris
fingerprint
Feature
Extraction
Feature
Extraction
Fused Set of
Features
Matching Module
I. INTRODUCTION
Biometric means recognizing a person based on his/her behavioral or
physical traits [1]. Unibiometric suffers from the problem of nonuniversality, uniqueness and less accuracy. To overcome these
problems, multibiometric appears to be more reliable and accurate.
Multibiometric systems is a combination of different biometric
modalities (e.g.- iris, palmprint, fingerprint etc.) to identify a
person[2]. In comparison to unibiometric system, multibiometric
system provides higher accuracy rate and high level of security.
Decision
Database(Stored
template)
Accept/Reject
Fig. 1 Feature level fusion of two biometric traits
Fusion of different modalities results in multibiometric. Fusion is
categorized in 3 levels- [3]
1.
Feature level fusion: In this level features from different
modalities are combined and a new feature vector is
constructed.
2.
Score level fusion: Feature vectors extracted from the input
image are processed separately for the generating a
matching score of each. Then the match score is combined.
3.
Decision level fusion: In this, for each biometric trait a
separate authentication decision is made and then final
For the security of biometric templates proper attention has not
been given. Multibiometric templates desires to be protected as the
leakage of biometric template information can lead to security and
privacy threat due to intrusion attack and function creep [3]. Hence,
biometric cryptosystem which is combination of biometric &
cryptography provides better key management & security.
The challenges for unibiometric cryptosystem focuses on 3
fundamental challenges- template security, feature extraction and
error tolerance. Security is the main challenge which has to be taken
care of while designing BC [5]. For resolving the purpose 3
frameworks are designed- fuzzy commitment [6], fuzzy vault [7], and
fuzzy extractor [8]. In fuzzy commitment a codeword is XORed with
the template and secure sketch is generated. During authentication
new codeword is formed and key is generated. If the hash value of
both the key is same, it is authentic. In fuzzy vault, security depends
on the infeasibility of the polynomial reconstructions problem and is
generally used to secure biometric features which are point-set. In
fuzzy extractor, two primitives are used secure sketch and fuzzy
extractor. In secure sketch biometric is given as input and a sketch is
generated which does not reveal much information about the
biometric and in fuzzy extractor a random string R is extracted.
1.1 Literature Review
In [9], the author presented preprocessing of the fingerprint and
how efficiently features can be extracted from the enhanced image.
Post processing is also done after minutiae extraction to validate the
minutiae. In [10], iris detection is done. For finding the inner
boundary, bisection method is used by the authors. To find collarette
boundary histogram equalization is used. In [11], the authors have
proposed a multimodal system taking features of fingerprint, palm
print and hand geometry. These biometrics are taken from the
identical image. Firstly fusion of fingerprint and palm print is
performed at matching score level and then matching score fusion
between multimodal system and unimodal system i.e. hand geometry
is performed. In [12], the authors proposed a multimodal system
combining finger print and iris. Decision is considered from each
modality and then finally combined by “AND” operator. In [13], the
authors proposed polar, surface and Cartesian folding transformations
to generate cancellable finger print. According to [14] biometric
cryptosystem can be classified in two major categories namely 1. Key
binding 2. Key generation. Key binding is a mechanism in which
helper data is obtained by combining biometric template with a key.
Key generation is a mechanism in which helper data is derived from
the template and helper data helps to generate the cryptographic key.
Fig.2 Different template Protection scheme. In [15], author proposed
a multimodal system in which finger print and face template are
taken as biometrics and are combined to form a binary string. The
binary strings that are obtained are concatenated and further fuzzy
commitment scheme is applied. In [4], authors proposed a
multibiometric cryptosystem that is based on feature level fusion
which in turn generates a single secure sketch and for both binary
string and point-set based representations practical implementation
issues are considered. In [16], authors proposed a modular approach
for multibiometric cryptosystem which takes two biometrics and
from first biometric sketch is obtained along with the hash value of
1st biometric which is then used to secure second template. In [17],
authors proposed an approach biometric templates or passwords are
combined in a single secure sketch in cascaded manner. In [18], the
authors proposed a methodology in which biometric template pass
through cancellable transformation. Further decision is made by
using individual classifiers and finally fusion is implemented at the
decision level using any of unimodal and unialgorithm, unimodal and
multialgorithm, multimodal and multialgorithm. This results that
recognition task becomes more difficult and complex when
cancellable biometrics are used. In [19], authors have proposed
hybrid template protection scheme which is carried out in 3 stages.
Firstly feature level fusion is performed. In second stage random
feature set is generated and in third stage template bit string is
obtained. This ensures that diversified and revocable templates will
be generated. In [20], authors have proposed an optional
multibiometric that is based on fuzzy extractor. Fuzzy extractor
extracts a stable codeword from biometric trait and a codeword set is
formed. Secret share procedure would generate a public template
with the help of a random key. Fuzzy extractor is responsible for the
security. The rest of the paper is organized as follows-
Section II provides brief introduction of cryptosystem. Section III
provides the different methodologies used. Results are discussed in
section IV. Conclusion and future work are summarized in section V.
II. PROBLEM DEFINITION
Cryptosystem makes reference to the aggregation of cryptographic
algorithms that is needed to implement a security service and
confidentiality. Cryptosystem is basically used when the
cryptographic algorithms that is needed to implement a security
service and confidentiality. Cryptosystem is basically used when the
concept of key generation is important. Biometric cryptosystems
combine both cryptography and biometrics to provide better security
and take the advantage of both cryptograpy and biometric.
Template Protection
Feature Transformation
Salting
Noninvertible
Transforms
Biometric Cryptosystem
Key
binding
Key
generation
Fig. 2 Different template Protection schemes
III. METHODOLOGY
A.Nagar, K.Nandakumar, A.K.Jain proposed a multibiometric
system with feature level fusion which secures templates by using
biometric cryptosystem [4]. Fig. 3 Shows the schematic diagram for
multibiometric Cryptosystem. Firstly biometric templates are taken as
input and if they are heterogeneous then conversions from binary to
point-sets, point-sets to binary string and real valued vectors to binary
strings. Second fusing of these biometric templates is done by simply
concatenating the string which can be secured by using two known
biometric cryptosystems namely fuzzy vault if the string is point-set
and fuzzy commitment in case of binary string. Thirdly imposing a
minimum matching constraint for different modalities in a
multibiometric cryptosystems. This paper not only provides security
to the multibiometric templates but also to the unibiometric template
by applying unique keys that are different form the one used in
securing multibiometric template which in turn generates a
unibiometric secure sketch. Finally this unibiometric secure sketch is
binded with the key that helped in generating multibiometric
template. For authentication purpose the key associated with the
multibiometric template needs to be recovered and further
unibiometric secure sketch are decoded. Experiments are conducted
on two databases which contains face, fingerprint and iris. This
system demonstrates that multibiometric cryptosystem is not only
beneficial in increasing matching performance but simultaneously
increases the template security.
Anne M.P. Canuto, Fernando Pintro, Joao C. Xavier. This paper
investigates multibiometric cancellable recognition with different
fusion approaches [18]. Fig. 4 shows Structure of the methodology.
The authors proposed a framework that takes biometric template as
input and passes it through cancellable transformation module,
training is provided to these transformed templates by individual
classifiers and then decision level fusion is performed following any
of the three approaches (unimodal and unialogorithm, unimodal and
multialgorithm, multimodal and multialgorithm). In this paper,
investigation of ensemble based multibiometric cancellable systems
for different fusion approaches is analyzed. Original biometric data
are also used for the comparison purpose without any cancellable
transformation.
Biometric
Template 1
Biometric
Template 2
Embedding
algorithm
Embedding
algorithm
Chi Chen, chaogang Wang, Iengfei Yang, Dongdai Lin, Song Wang,
Jiankun Hu [5]. In this paper an optional multibiometric system based
on fuzzy extractor is proposed. Two procedures are followed in this
scheme. First fuzzy extractor extracts a stable codeword from the
feature vectors of each biometric traits, from all the generated
codewords a codeword set is formed. Secret Share forms a public
template by binding codewords with a random key. During
verification,
Biometric trait
Biometric Trait
Biometric
Template
Biometric
Template
Cancellable
Transforma
tion
Cancellable
Transforma
tion
Cancellable
Transforma
tion
Cancellable
Transforma
tion
Individual
Classifiers
Individual
Classifiers
Individual
Classifiers
Individual
Classifiers
Fusion
Uni-algorithm
Uni-modal fusion
Key (kc)
Biometric
Cryptosystem
Multibiometric
Secure Sketch
Database
(Stored Template)
Fig. 3 Schematic diagram for multibiometric Cryptosystem
As a result, it is demonstrated that, when using more than one
transformation cancellable transformations are more efficient.
Increase in accuracy level when multimodal fusion is did. Thus, when
multialgorithm and multifusion all the three cancellable
transformation were combined it delivered the highest result.
Y.J. chin, T.S. Ong, A.B.J. Teoh, K.O.M. Goh [19]. Fig. 5 shows a
schematic diagram of hybrid template protection method. In this
paper the authors proposed a hybrid template protection scheme.
Integration of fingerprint and palmprint is done at feature level. To
the fused feature a random tiling is applied. To generate the template
bit string random features are discretized. This proposed method in
both stolen and plain token scenario gives a promising result.
Evaluation illustrates that this proposed method provides
discrimination against imposters. Diversified and revocable templates
are also generated.
Uni-algorithm
Uni-modal fusion
Uni-algorithm
Uni-modal fusion
Fig. 4 Structure of the methodology.
the key is recovered with the help of correct codewords. Further hash
values of both the keys are matched for validating the genuine user.
This proposed system shows feasibility and efficiency. The security
of this system is based on fuzzy extractor.
IV. RESULT
The biometric trait iris with fuzzy vault individually gives the
result at GAR of 90% which is at 45 bits. When face and fingerprint
are involved then security is at 90 bits for the same GAR. This is for
virtual database. For real multimodal database proposed fusion for
fuzzy vault GAR is 68% and fuzzy commitment GAR is 75%. For
virtual database proposed fusion gives the result of 99% of GAR for
both fuzzy vault and fuzzy commitment. For optional multibiometric
based fuzzy extractor FAR is 0.1%.
V. CONCLUSION AND FUTURE WORK
The different methodologies presented here provides security to the
biometric template with the use of biometric cryptosystem or
cancellable transformations. Biometric cryptosystem namely fuzzy
vault, fuzzy commitment and fuzzy extractor improves the security
and matching performance of the system. By using these template
protection schemes it becomes difficult for the hacker to guess which
type of biometric is used or how many. There are some critical issues
that needs to be investigated further, firstly, different feature extraction
techniques can be used. Secondly, other fusion scheme to generate a compact
template. Most intensive work is to improve the security.
Biometric Trait
Biometric Trait
Preprocessing
Preprocessing
Fusion
Fused Feature
Random Tiling
Helper Data
Generation
Discretization
Database
Template Bit
String
Fig. 5 Schematic diagram of hybrid template protection method
REFERENCES
[1] S.C. Dass, K. Nandakumar & A.K. Jain, Secure and
reliable
Multimodal System.
[2] A. Ross, K. Nandakumar, and A.K. Jain, Handbook of
Multibiometrics. New York: Springer, 2006.
[3] Austin Hicklin, Brad Ulery, Craig Watson “A brief introduction
to biometric fusion” 16 june 2006.
[4] A. Nagar, A.K. Jain, K. Nandakumar “Multibiometric
cryptosystems
based on feature-level fusion” IEEE
Transactions on Information Forensices and Security 7 (2012)
255–268.
[5] Chi Chen, chaogang Wang, Iengfei Yang, Dongdai Lin, Song
Wang, Jiankun Hu “Optional multibiometric cryptosystem based on
fuzzy extractor”, Proceedings of IEEE 2014, 11th International
Conference on Fuzzy Systems and Knowledge Discovery. 989-994.
[6] A. Juels and M. Wattenberg, “A fuzzy commitment scheme,” in
Proc. Sixth ACM Conf. Computer and Communications Security,
Singapore, Nov. 1999, pp. 28–36.
[7] A. Juels and M. Sudan, “A fuzzy vault scheme,” in Proc. IEEE
Int. Symp. Information Theory, Lausanne, Switzerland, 2002, p.
408.
[8] Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, Fuzzy
Extractors: How to Generate Strong Keys from Biometrics and
Other Noisy Data cryptology ePrint Archive, Tech. Rep. 235,
Feb. 2006, A preliminary version of this work appeared in
EUROCRYPT 2004.
[9] Raymond Thai “Fingerprint Image enhancement and Minutiae
Extraction” year 2003 School of Computer Science and Software
Engineering, The University of Western Australia, 2003.
[10] H. Sung, J. Lim, J. Park, and Y. Lee. Iris recognition using
collarette boundary localization. In 17th International
Conference on PatternRecognition, volume 4, pages 857–860,
2004.
[11] F. Yang, B.MA, “A new mixed mode biometrics information
fusion based on fingerprint, hand geometry and palm print”.
Proceedings 4th International IEEE Conf. Image Graph, 2007, pp689-693.
[12] F. Besbes, H. Trichili, and B. Solaiman, “Multimodal biometric
system based on Fingerprint identification and iris recognition” in
proceedings 3rd International IEEE conf. Inf. Communication
technology. ICITA 2008, pp-1-5.
[13] N.K. Ratha, S.Chikkerur, J.H. Connell, R.M. Bolle, “Generating
cancellable fingerprint templates”, IEEE transaction on paper
analysis and machine intelligence 29, 2007. pp-561-572.
[14] A.K. Jain, K. Nandakumar, A. Nagar, “Biometric Template
Security”. EURASIP journal on advances in signal processing,
2008.
[15] Y. sutcu, Q. Li, and N. Memon, “Secure biometric templates from
fingerprint-face features” in Proc. CVPR Workshop Biometrics,
june 2007.
[16] S. Cimato, M. Gamassi, V. Piuri, R. Rassi, and F. Scotti,
“Privacy-aware biometrics: Design and Implementation of a
multimodal verification system” in proc. IEEE annual conference
Computer Security Applications, 2008.
[17] C. Fang, Q.Li, and C. Chang, “Secure sketch for multiple secrets”
in proc. International Conference Applied Cryptography and
Network Security, 2010.
[18] Anne M.P. Canuto, F. Pintro, J.C. Xavier-jr., “Investigating
fusion approaches in multibiometric cancellable recognition”
Expert Systems with Applications, Elsevier, 2013. pp-1971-1980.
[19] Y. J. Chin, T.S. Ong, A.B.J. Teoh, K.O.M. Goh, “Integrated
biometrics template protection technique based on fingerprint and
palm print feature level fusion”. Expert Systems with
Applications, Elsevier, 2014. pp-161-174.