Secure and Private Biometrics Secure and Private Biometrics

licoricebedsΑσφάλεια

22 Φεβ 2014 (πριν από 3 χρόνια και 7 μήνες)

93 εμφανίσεις

Secure and Private Biometrics
Secure and Private Biometrics
Ton Akkermans
ton.h.akkermans@philips.com
Ton Akkermans
ton.h.akkermans@philips.com
Confidential, Philips Research, Safe-NL
2
Confidential, Philips Research, TA, Safe-NL
Outline
•Biometric Authentication
•Biometrics and Relevance for Philips
•Privacy and Security issues of biometric
systems
•New sensors/biometrics
•Privacy protection
•Conclusions
3
Confidential, Philips Research, TA, Safe-NL
What is Biometric Authentication?
•Authentication based on physical
properties of humans
Iris
Fingerprints
Face
Signature
4
Confidential, Philips Research, TA, Safe-NL
What is Biometric Authentication?
•Authentication based on physical
properties of humans
Ear
Hand geometry
Gait recognition
5
Confidential, Philips Research, TA, Safe-NL
Biometric market share and modalities
6
Confidential, Philips Research, TA, Safe-NL
“Mission”
•Life becomes “better” and more
convenient when passwords and pin-
codes are replaced by non-forgetable
biometric pin-codes. (15-25 pins/passw)
7
Confidential, Philips Research, TA, Safe-NL
Relevance for Philips
•Personalisationof CE-devices: convenience
–Mobiles, remote controls, head-phones
–Access to multimedia content: Person-based
DRM
•Security applications
–Access control in devices: pin-code replacement
–Developing low cost secure biometric sensors
(PS)
8
Confidential, Philips Research, TA, Safe-NL
Outline
•Biometrics and Relevance for Philips
•Privacy and Security issues of biometric
systems
•New sensors/biometrics
•Privacy protection
•Conclusions
9
Confidential, Philips Research, TA, Safe-NL
Privacy and security issues
•Privacy
Templates in the clear => Tracking persons
–Cross matching
–Medical information
•Identity theft
–Limited number of biometrics (e.g.1 face, 2 irises)
•Once lost, it’s lost forever
•In 2003 more than 10M US victims (insiders)
•30% to 40% helpdesk calls are due to forgotten passwords:
costs 300 $/user/year
10
Confidential, Philips Research, TA, Safe-NL
Privacy and security issues (2)
•A possible solution: livenessdetection
•(Good) biometrics cannot be forgotten,
shared, lost or stolen
=>Must be difficult to
duplicate…
“Malaysia car thieves steal finger”
BBCnews4-4-2005
11
Confidential, Philips Research, TA, Safe-NL
Research focus
•Privacy preserving techniques
•Security: anti theft of biometrics
–Template protection system –New Modalities (not easy to tap)
–New sensors (low-cost, small form-factor)
–Livenessdetection
12
Confidential, Philips Research, TA, Safe-NL
Outline
•Biometrics and Relevance for Philips
•Privacy and Security issues of biometric
systems
•New sensors/biometrics (security)
•Privacy protection
•Conclusions
13
Confidential, Philips Research, TA, Safe-NL
New type of fingerprint sensors
•Below skin measurements
•Blood-vein structure=“fingerprint”
•No fingerprint if no blood flows=liveness
detection => difficult to fake
Doppler
sensor
14
Confidential, Philips Research, TA, Safe-NL
Acoustical Ear recognition
15
Confidential, Philips Research, TA, Safe-NL
16
Confidential, Philips Research, TA, Safe-NL
Acoustical Ear recognition
•Properties
–Duplication/tapping is more difficult (w.r.t.
fingerprints, voice, face)
–Less sensitive to injuries than fingerprints
–Ideal method for (mobile) phones/PDA’s
–Low cost sensors (loudspeaker/microphone)
–Other living creatures can be identified too
(Dogs, Cows etc)
17
Confidential, Philips Research, TA, Safe-NL
Performance based on error rates
•FAR ( False Acceptance Rate )
⇒Bad guys get in
•FRR ( False Rejection Rate )
⇒Good guy gets rejected
18
Confidential, Philips Research, TA, Safe-NL
Performance (2)Probability density distributions (histograms)
Threshold T
Imposters
(inter-class
variation)
Genuines
(intra-class)
Similarity
FRR
FAR
19
Confidential, Philips Research, TA, Safe-NL
Results
•Ear recognition: EER ~2%
•Applied to Headphones, Mobile Phone, Ear-phones
FAR
FRR
Convenience
Security
Mics
20
Confidential, Philips Research, TA, Safe-NL
State of the art performance
FRRFAR
•Finger3-7 %0.001-0.1%
•Face10-20%0.1-10%
•Voice10-20%2-5%
•Iris 2-10%<0.001%
•Hand0.2-1%0.2-1%
•Signature10-20%2-5% Best error-rates found in lit.(IBM research report June 2002)
•Acoustic ear 1%<1% <=
•Optical ear 1%<3% <=
21
Confidential, Philips Research, TA, Safe-NL
Outline
•Biometrics and Relevance for Philips
•Privacy and Security issues of biometric
systems
•New sensors/biometrics
•Privacy protection
•Results & Conclusions
22
Confidential, Philips Research, TA, Safe-NL
Vision and Multimodality (enhanced security, but templates protected)
Robust fingerprint
sensing
Ear
recognition
Real time Face
Recognition
Iris
Speaker
Recognition
Below skin
Acoustic and Optical
Low Power
23
Confidential, Philips Research, TA, Safe-NL
Template protection system
•Never store biometrics in the clear => scrambled
(one way)
Data
Base
Biometric
Modality X
One way
Secret extraction
S1
W
Helper data
Robust and Versatile
S2
Sn
:
:
I(s;w)=0
I(x;w)~0
W1
W2 Wn
24
Confidential, Philips Research, TA, Safe-NL
General template protection scheme
G
X
Random
Number
Generator
H( )
S
Database
H(S)W
G-1
Y
W
H( )
S’H(S’)
H(S)=?
H(S’)
yes/no
H(S)
Enrollment Authentication
25
Confidential, Philips Research, TA, Safe-NL
Graphical representation
X
W
Y
C =enc(S)
W
•Helper W data and error correction
δ
26
Confidential, Philips Research, TA, Safe-NL
Reliable components scheme(+err corr)
Feat.
Extr. + Quant.
XFP
YFP
Feat.
Extr. + Quant.
Reliable
Bits
X
W1
DB
Select
Select
Y
W1
W2
ENC
C
RNG
S
H( )
H(S)
X’
W2
Z
Y’
DEC
H(S)=?
H(S
r)
H( )
H(S)
H(S
r)
Sr
yes/no
Authentication
Enrollment
+
+
27
Confidential, Philips Research, TA, Safe-NL
Template protection DEMO
28
Confidential, Philips Research, TA, Safe-NL
Results

Developed Template protection
Realizes renewability, prevents crossmatching
•Tested on Acoustical Ear, FP and Face recognition
•Extracted keys >40 bits
•Comparable EERs, from 2 to 4% EER (FAR=FRR)
Similarity threshold
FAR and FRR probabilities
With template protection
2e-2
4e-2
29
Confidential, Philips Research, TA, Safe-NL
Outline
•Biometrics and Relevance for Philips
•Privacy and Security issues of biometric
systems
•Privacy protection
•New sensors/biometrics
•Conclusions
30
Confidential, Philips Research, TA, Safe-NL
Results template protection
•Extract key from biometrics (Noise robust
=> Crypto Hash functions)
•Realizes Revocability/Renewability
•Blocks cross matching
31
Confidential, Philips Research, TA, Safe-NL
Conclusion
•Biometrics makes life more convenient
–By replacing pin-codes, passwords
–But “normal” systems are not privacy preserving
•Market acceptance depends on Privacy and
Security levels:
–Easier accepted due to privacy protection system
–New types sensors and biometrics can solve
security issues
32
Confidential, Philips Research, TA, Safe-NL
Papers
•P.Tuyls, E. Verbitskiy, T. Ignatenko, D. Schobbenand T.Akkermans.
Privacy Protected Biometric Templates: Acoustic Ear Identification.
Proceedings of SPIE, Vol. 5404, 176-182, April 2004.
•J-P. Linnartzand P. Tuyls, New shielding functions to enhance privacy
and prevent misuse of biometric templates, 4 thInternational
Conference on Audio-and Video-Based Biometric PersonAuthentication, 2003
•P. Tuylsand J. Goseling, Capacity and Examples of Template
Protection in Biometric Authentication systems, Biometric
Authentication Workshop (BioAW2004), LNCS 30087, 158-170,
Prague, 2004.
•P. Tuyls, A. Akkermans, T.Kevenaar, G-J Schrijen, A. Bazenand R.
Veldhuis. Practical Biometric Authentication with Template Protection.
AVBPA 2005 conference New York, July 2005.