Security Efficiency Analysis of a Biometric Fuzzy Extractor for Iris Templates (original) (raw)

Biometric Fuzzy Extractor Scheme for Iris Templates

Abstract ‐ Biometric recognition offers a reliable and natural solution to the problem,of user authenti- cation by means of her physical and behavioral traits. An iris template protection scheme which associates and,retrieves a secret value with a high level of security, is proposed. The security is guaranteed thanks to the requirements of fuzzy extractors. The implemen- tation of the scheme is done in Java and experimental results are performed to calculate its False Acceptance Rate and its False Rejection Rate. Keywords: Cancelable biometrics, Fuzzy extractor,

Securing Iris Templates using Combined User and Soft Biometric based Password Hardened Fuzzy Vault

Arxiv preprint arXiv:1003.1449, 2010

Personal identification and authentication is very crucial in the current scenario. Biometrics plays an important role in this area. Biometric based authentication has proved superior compared to traditional password based authentication. Anyhow biometrics is permanent feature of a person and cannot be reissued when compromised as passwords. To over come this problem, instead of storing the original biometric templates transformed templates can be stored. Whenever the transformation function is changed new revocable/cancelable templates are generated. Soft biometrics is ancillary information that can be combined with primary biometrics to identify a person in a better way. Iris has certain advantage compared to other biometric traits like fingerprint. Iris is an internal part that is less prone to damage. Moreover is very difficult for an attacker to capture an iris. The key advantage of iris biometrics is its stability or template longevity. Biometric systems are vulnerable to a variety of attacks. This work generates cancelable iris templates by applying user and soft biometric based password transformations and further secures the templates by biometric cryptographic construct fuzzy vault.

Reusable Authentication from the Iris

IACR Cryptol. ePrint Arch., 2017

Mobile platforms use biometrics for authentication. Biometrics exhibit noise between repeated readings. Due to the noise, biometrics are stored in plaintext increasing risk if a device is compromised. Since biometrics cannot be regenerated or refreshed, they will be reused, increasing the impact of such a compromise. Fuzzy extractors derive a stable cryptographic key from biometrics (Dodis et al., Eurocrypt 2004). Previous works claim biometric key derivation systems using fuzzy extractors but these works either assume an adversary model where plaintext biometric storage is secure or have incorrect analysis. In addition, no construction handles the case of biometric reuse. The goal of this work is to derive keys from an actual biometric with formal and explicit conditions for security. We focus on the iris due to its strong uniqueness (Prabhakar, Pankanti, and Jain, IEEE S&P 2003). We build an iris key derivation system with 45 bits of security even when the iris is reused. Our star...

Information analysis of iris biometrics for the needs of cryptology key extraction

The paper presents a rigorous analysis of iris biometric information for the synthesis of an optimized system for the extraction of a high quality cryptology key. Estimations of local entropy and mutual information were identified as segments of the iris most suitable for this purpose. In order to optimize parameters, corresponding wavelets were transformed, in order to obtain the highest possible entropy and mutual information lower in the transformation domain, which set frameworks for the synthesis of systems for the extraction of truly random sequences of iris biometrics, without compromising authentication properties.

Extraction of Human Iris Patterns for Biometric keys Generation

The International Conference on Electrical Engineering, 2012

With the increasing reliance on electronic information, which needs to be exchanged across the internet or stored on open networks, cryptography is becoming an increasingly important feature of computer security. A biometric key dependent cryptosystem is proposed, to ensure the security of the whole system by using iris pattern as a key in a cryptosystem, like, Key-dependent Advanced Encryption Standard (KAES). KAES is used to ensure that no trapdoor is present in cipher and to expand the key-space to slow down attacks. The proposed system gave significant results under various tests for the key uniqueness and the system randomness.

A fuzzy vault development based on iris images

EUREKA: Physics and Engineering

Biometric systems gather information from the person's biometric attributes, used extensively to authorize the individuals. Due to the obvious convenience of using specific individual traits such as face, fingerprints, palm veins, and irises, biometric authentication is becoming more common. In particular, Iris systems are in high demand for high-assurance applications, because they contain a broad feature set and remain stable. Authentication methods based on iris biometrics are now commonly used in a variety of fields. This is due to the fact that iris biometric authentication is both safer and more comfortable than conventional passwords. Template Security is a major concern in biometric systems. The template security mechanism ensures reusable, permanent, and un-linkable models. The Fuzzy Vault strategy is one of the most popular security schemes for Template protection. Fuzzy vault has demonstrated to be an effective protection method but lacks revocability and security att...

Multi Unit Iris Biometric Encrypted Template Formation and Authentication

International Journal of Signal Processing, Image Processing and Pattern Recognition, 2014

Biometrics has been one the main security solutions in almost every type of infrastructure (whether critical or non-critical) ranging from the main doors at home, libraries to the critical infrastructures like banks and airports. Despite the forceful impetus on research on biometric security that has taken biometrics from one simple level to much higher levels of security, there are still some open challenges in this field of security that need to be filled. Among all those challenges and loopholes, the security of template is of the most important concern. The reason for this is that we don't want any identity compromises. If a biometric template in the database of the system of a person is compromised that consequently would mean identity theft of that person. This paper proposes a novel method that uses two different biometric data from the same person for making a biometric template against each person. The two biometric modalities that have been used in our work are left and right iris using best features. The features and verification of the proposed system has been done using MATLAB.

Fuzzy commitment scheme for generation of cryptographic keys based on iris biometrics

IET Biometrics, 2017

This work presents a method based on information-theoretic analysis of iris biometric that aims to extract homogeneous regions of high entropy. Successful extraction of these regions facilitates the development of effective systems for generation of cryptographic keys of lengths up to 400 bits per iris. At the same time, this approach allows for the application of simpler error correction codes with equal false accept rate levels, which reduces the overall complexity of this class of systems.

A Thorough Survey on Security Issues of Iris Biometrics and Open Research Challenges

2018

Biometrics is the study of automated methodologies for perceiving a person"s identity. The term "biometric" is often categorized as physical versus behavioral characteristics that can be employed to verify a person"s identity. Relying on physical properties of an individual offers both simplicity and ease of usage. At the same time, it becomes more reliable to facilitate identification and authentication of different individuals that are widely deployed nowadays for not only in access control and surveillance but also in national and international security systems [1]. Biometric applications can be broadly segregated into two different categories: identification and authentication. When the user"s identity is unknown, then identification is performed. This is done by the system wherein it searches the database of enrolled users and matches the biometric data of a particular user with the biometric data of all the enrolled users. On the other hand, authentication is the procedure of verifying the user"s identity when his corresponding biometric data is furnished. Presently, both the applications are in use and deployed ubiquitously. As a matter of fact nowadays devices can be secured by usage of a secure password system. But traditional passwords generally employ a mix of alphanumeric characters/symbols which are mostly cumbersome and often difficult to memorize. This causes user frustration and prevents users from easy access of business data on such devices. Biometric authentication measures offer secured and easy access to systems that can be offered as a natural substitute to conventional password schemes. Several techniques of biometry have already been considered for recognition of a person. However the most popular present day technique involves the fingerprints, face and iris biometric recognition schemes in particular [2]. Simultaneously, nowadays owing to recent sophisticated technological inventions; various security breaches such as spoofing attacks have been created by sharp malicious minds to defeat the security services offered by such biometric measures. Despite offering countless benefits, biometric measures too are vulnerable to several security assaults some of which include; presentation of fake biometric user traits (such as synthetic fingerprints, gait, signature etc.) or previously intercepted biometric data can be used to launch replay attacks by intruders etc. [3,4,5,6,7]. Iris recognition scheme has gained significant popularity among all presently existent biometric modalities (such as face, fingerprint, gait, signature etc.) for authenticated access owing to its intrinsic security and non-intrusiveness. It offers multiple benefits like; high reliability both in terms of identification and verification tasks; its uniqueness for every individual; being an intrinsic eye component, it is well protected from environmental hazards and even remains moderately stable with age [8,9]. However, despite offering multiple advantages, iris biometric systems are highly vulnerable to many security breaches exclusively at the sensory level. Various kinds of attacks specifically with respect to threats using printed iris images or more recently through cosmetic contact lenses which have come to practice. In general, assaults in the biometric system can be universally categorized as direct (presentation and spoofing assaults) and indirect assaults.

A new scheme of signature extraction for iris authentication

2013

Iris recognition, a relatively new biometric technology, has great advantages, such as variability, stability and security, thus is the most promising for high security environment. Iris recognition is proposed in this report. We describe some methods, the first one is based on grey level histogram to extract the pupil, the second is based on elliptic and parabolic HOUGH transformation to determinate the edge of iris, upper and lower eyelids, the third we used 2D Gabor Wavelets to encode the iris and finally we used the Hamming distance for authentication.