Biometric Template Security

AMSecurity

Nov 30, 2011 (5 years and 9 months ago)

1,095 views

Biometric Template
Security
Biometric Template
Security
SecuritySecurity
Biometric AuthenticationBiometric Authentication
Person recognition based on
permanent
and
unique
body traits (fingerprint, face, iris)
Enrollment
Limitations of BiometricsLimitations of Biometrics
Infrastructure
Abuse of Biometric DataAbuse of Biometric Data
BiometricDatabase
Recovered
Samples
Biometric
Database 1
•Information
consolidation
•Tracking
•Spoof attack
•Targeted False Accept
•Recovery of Medical Info
Need to design techniques to
address
these issues
Template InversionTemplate Linkage
Biometric Template Security
Hardware
Software
Match on
System on
Encryption
Template
Transformation
Match on
Card
System on
Card
Transformation
Biometric
Cryptosystem
Hardware solutions are
expensive
and
inconvenient
Template Protection TechniquesTemplate Protection Techniques
Encryption
Biometric
Cryptosystems
Template
Transformation
Description
Encrypt the
template;
decrypt before
authentication
Bind key to
biometric to obtain
secure sketch;
recover key or
original biometric
for verification
Transform template
using password;
query also
transformed before
matching
Match criteria
Score (original
biometric)
Key recovery
Score
(transformed)
Access to
biometric
During
authentication
After acceptNever
Respo
nsibilit
ies
User’s
Provide
biometric
Provide biometric
Provide biometric &
password (optional)
System’s
Store key
Keysafety after
accept
None
Main advantage
Performance
preservation
Provides key
management
Ensures non3
linkability
Main limitation
Key
management
LinkabilityWeak security
All
combinations
of the above techniques are also possible
Cryptosystem ExamplesCryptosystem Examples
Fuzzy Vault
(Point set)
Random number
[
5324
]
5
x3+
3
x2+
2
x+
4
(Helper Data)(Chaff points)
Fuzzy
Commitment
(Vector)
1 1 0 0 1 0 0 1 1
(Codeword)
0 1 1 1 0 0 1 0 1
(Feature Vector)
1 0 1 1 1 0 1 1 0
(Helper Data)
Random number
[
5324
]
ECC
Transformation ExamplesTransformation Examples
Cancelable
fingerprints
(Point set)
Original BiometricTransformed Biometric
Minutiae
Translation
Biohashing
(Vector)
Biometric Trait
Feature Vector
e.g. Eigenface
1 0 1 1 1 0 1 1 0
Key
Orthogonal
Matrix
Projection +
Thresholding
0 1 1 1 0 0 1 0 1 0
Transformed Template
Limitations of Template
Protection
Limitations of Template
Protection
•Restricted fusion capability
•Restricted feature representations

Weak analysis

Weak analysis
Need to develop a framework for template security
Improving Fingerprint Fuzzy VaultImproving Fingerprint Fuzzy Vault
•Fingerprint fuzzy vault is a
common
biometric cryptosystem
•Improvements:

Incorporate user passwords

Incorporate user passwords
–Incorporate additional features
–Incorporate additional biometrics
–Improved security analysis
Incorporating Password Incorporating Password
Transformed
Template
(
T
1
)
Fuzzy Vault
Construction
Fuzzy Vault
H = F(T1)
Biometric
Recovery
Extracted
Key (K2)
Validity
Check
Match/
Non3match
Biometric
Template
(
T
)
Password
(K1)
Transformed
Template
(
Q
1

)
Password
(K1)
•Fingerprint
transformed
before vault encoding;
vault can also be encrypted using password
•Reduces false matches due to
increased
randomness
in features
Template
(
T
1
)
Biometric
Query (Q)
EnrollmentAuthentication
Template
(
T
)
Template
(
Q
1

)
K. Nandakumar, A. Nagar and A.K.Jain, " Hardening Fingerprint3based Fuzzy Vault Using
Password",ICB 2007.
Transformation FunctionTransformation Function
Feature
Transformation
64 bit password
•Permute
the four image quadrants
•Translate
the minutiae
Original
Template
Transformed
Template
Transformation
Translation and permutation are two
similarity preserving
transforms
Vault AnalysisVault Analysis
•Template
security
and matching
accuracy
are the indices of performance
•Security: Security is difficulty in identifying
n+1
genuine points; n is degree of polynomial
1
log
r
n


+




#
genuine points=r,
•Matching Accuracy:
–False Accept Rate (
FAR
)
–Genuine Accept Rate (
GAR
)
–Failure to Capture Rate (
FTCR
)
1
1
log
n
rs n

+

+


+






#
genuine points=r,
#chaff points=s
Security =
ResultsResults
FVC
2002
DB-2
FTCR
(%)
n=7n=8n=9
GAR
(%)
FAR
(%)
Sec
(bits)
GAR
(%)
FAR
(%)
Sec
(bits)
GAR
(%)
FAR
(%)
Sec
(bits)
Without
Pwd
2910.1327910.013186035
With
Pwd
2900808808481088
FTCR
n=10
n=11
n=12
Significant
decrease
in false accept rate with little affect on genuine
accept rate
n is the degree of the polynomial
MSU-
DBI
FTCR
(%)
n=10
n=11
n=12
GAR
(%)
FAR
(%)
Sec
(bits)
GAR
(%)
FAR
(%)
Sec
(bits)
GAR
(%)
FAR
(%)
Sec
(bits)
Without
Pwd
5.6850.084082.50.024478.8049
With
Pwd
580.609375.609773.80102
For FVC2002 DB32: r=24, s=200
For MSU3DBI: r=30, s=300
Security of 83character
(94 char alphabet)
password is ~53 bits
Vault with Additional FeaturesVault with Additional Features
Minutiae DescriptorsMinutiae Descriptors
•Relative ridge orientation
and
ridge frequency
values
at points sampled in a minutia’s neighborhood
•Descriptors capture discriminative local fingerprint
characteristics around a minutia point
Relative
Relative
Orientation
Ridge
Frequency
Minutia
Neighborhood
J. Feng. Combining minutiae descriptors for fingerprint matching. Pattern Recognition, 41(1):342–352, 2008.
Generating Binary DescriptorsGenerating Binary Descriptors

Orientation and frequency values are quantized to 5

Orientation and frequency values are quantized to 5
and 4 bits, respectively
•Gray codes
are used for coding to minimize Hamming
distance between adjacent quantized values
•76x(4+5)=684 bits are extracted from each minutiae
descriptor
•511
least varying bits
, usually the left most bits in
Gray codes are selected to be used as features
Security AnalysisSecurity Analysis
•Descriptor security depends on
–# bits
in ordinate value
–Discriminative
information in descriptor
–Correlation
among neighboring descriptors
•If entropy of minutia descriptor is ID
and ρof
these should be corrected, security is
•Vault security
increased
by (n+1)R bits
•Assumes
perfect codes
and
unrelated
descriptors
log(2/)
D
D
I
I
R
ρ

=





Dimensionality reduction
can be used to relax need for perfect codes;
effect of correlation still need to be studied.
ResultsResults
Genuine Accept RateFalse Accept Rate
Database: FVC2002 DB2
100 genuine and 9900
impostors
#genuine = 24
#chaff = 200
Assuming R~2 and n=8, security
with and without descriptors is
31 bits and 31+18=
49 bits
MultibiometricCryptosystemMultibiometricCryptosystem
•Multibiometricsis
crucial
to achieve high
accuracy
•Match score fusion is most
effective
; but
cryptosystems do not
output
scores

Feature fusion
leads to significant

Feature fusion
leads to significant
improvement versus cascade cryptosystems
•Major challenges
–Heterogeneous data
–Feature adaptation
for biometric cryptosystems
How to design an
effective
multibiometriccryptosystems
Security Analysis for
Biometric Cryptosystem
Security Analysis for
Biometric Cryptosystem
•Security analysis requires attack strategy
•Attacker can i)
Guess the key
, ii)
Guess the
biometric
, and iii)
Try impostor matches
•Key size can be
easily
increased

Use larger finite field in Fuzzy vault

Use larger finite field in Fuzzy vault
–Duplicate bits in fuzzy commitment
•Attack strategy considered
–Try impostor matches; modify query if
unsuccessful
–FAR is a
part
of security
The GAR3Security curveThe GAR3Security curve
•User
convenience (GAR)
and system
security
are two basic requirements of a
biometric system
•Inherent
trade3off
between convenience
and security
and security
•A desirable technique provides a
higher
convenience3security graph
Easier to compare techniques with a
singleexhaustive
evaluation measure
Results: MultibiometricVaultResults: MultibiometricVault
Genuine Accept Rate (%)
Databases (100 subjects):
CASIA Ver31 (Iris)
FVC 2002 DB32 (Fingerprint)
XM2VTS (Face)
Genuine Accept Rate (%)
Security (bits)
Baseline: AND3fusion rule
Proposed approach is significantly
better
than a
serial
combination
Results: MultibiometricCommitmentResults: MultibiometricCommitment
Genuine Accept Rate (%)
Genuine Accept Rate (%)
Security (bits)
Databases (100 subjects):
CASIA Ver31 (Iris)
FVC 2002 DB32 (Fingerprint)
XM2VTS (Face)
Baseline: AND3fusion rule
Feature
adaptation
leads to performance loss
Comparison with PasswordsComparison with Passwords
TraitsFuzzy vault
Fuzzy
Commitment
Iris
88%91%
Finger
51%2%
Face
58
%
12%
GAR at 53 bits of security (
equiv. to 8 character password
)
Face
58
%
12%
Baseline Fusion
75%89%
Proposed Fusion
99%99%
Constrained CryptosystemConstrained Cryptosystem
•Attacker having access to
sufficient
number
of traits of a user can decode the
cryptosystem
•How to ensure the user has certain amount
of information for
each
relevant biometric
of information for
each
relevant biometric
trait
Free
representations can be verified individually after decoding
while a
primary
representation is used in multibiometricsystem;
it is
difficult
to recover free rep. given the primary.
The Constrained DesignThe Constrained Design
Embedding
Algorithm E
1(.)
Embedding
Algorithm E
2(.)
Embedding
Algorithm E
M(.)
Fusion
Module C(.)
Biometric
Template (x1E)
Biometric
Template (x2E)
Biometric
Template (xME)
Key (κ
c)
Helper Data
Extraction
fc(.)
...
Multibiometric
Secure Sketch
fc
(zE,κc), h(κc)
z1E
zME
z2E
zE
System
Database
Key (κc)
xME(1)
x1E(1)
Key (κ1)
Helper Data
Extraction
fc(.)
Key (κ2)
Helper Data
Extraction
fc(.)
Unibiometric
Secure Sketch
fc(x1E(2),κ1), h(κ1)
Unibiometric
Secure Sketch
f
c(xME(2),κ2), h(κ
2)
Symmetric Key
Encryption
x1E(2)
xME(2)
In
Iris3fingerprint
cryptosystem, attacker having access to iris template can
recover binary fingerprint (primary representation); the unibiometricsketch
requires
minutiae
(free representation) thereby thwarting the attack
Biometric Cryptosystem:
Summary
Biometric Cryptosystem:
Summary
•A
stable
key can be associated to
biometrics
•Possible to
augment
biometric
cryptosystems using
i
) external
cryptosystems using
i
) external
information, ii) additional features,
iii) additional biometrics
•GAR3Security graph provides a
thorough
and
simple
evaluation
Effective template transformation is still required to curb
linkability
Quantitative Evaluation MeasuresQuantitative Evaluation Measures
•System usability
–FRR
T
•Security against intrusion

FAR
KK
, FAR
UK
, IRIS, IRID

FAR
KK
, FAR
UK
, IRIS, IRID
•Security against database linkage
–CMR
T, CMR
O
Summary of Evaluation MetricsSummary of Evaluation Metrics
CategoryStrategyInformation Available to AttackerMetric
Usability
False rejects require exception
handling that can be misused
No assumption
Intrusion
Use biometric & trans. parameters
of user J to masquerade as user I
Biometric & trans. parameters of
a different user
Intrusion
Use biometric of user J &
parameters of user I to
masquerade as user I
Biometric of a different user &
trans. parameters of user to be
masqueraded
Intrusion
Recover biometric from stored
template & replay to same system
Stored template & parameters of
user to be masqueraded
()
T
FRR
ε
()
UK
FAR
ε
()
KK
FAR
ε
(,)
IRIS
βε
template & replay to same system
user to be masqueraded
Intrusion
Recover biometric from stored
template & replay to a different
system
Template stored in one database
& trans. parameters of user in
both systems
Linkage
Match stored templates from one
database with those from another
database to find links
Templates stored in two different
databases
Linkage
Inverts templates stored in two
databases and match them in the
original domain
Templates stored in two different
databases & trans. parameters
used in both systems
(,)
IRIS
βε
(,)
IRID
βε
()
T
CMR
ε
(,)
O
CMR
βε
(,)
O
FCMR
βε
A. Nagar, K. Nandakumar, A. K. Jain, "Biometric Template Transformation: A Security
Analysis",Proc. of SPIE, Electronic Imaging, Media Forensics and Security XII, San Jose, Jan. 2010.
Cancelable FingerprintsCancelable Fingerprints
Many3to3one minutiae transforms that are
locally
smooth
and globally non3smooth (e.g., GMM)
Translation magnitude: , direction:
Directiondifference:
1
1
2
()()'
1
()
iii
N
xx
ii
i
fxte
µµ
π

−−Σ−
=
=



Original minutiae
Transformed minutiae
using Trans32 ( =60)
γ
Transformed minutiae
using Trans31 ( =30)
γ
()(1())
d
xfx
φγ
=+

'()
()arctan()
'()
y
x
fx
x
fx
ψψ
φα
=+



'()
()arctan()
'()
y
x
gx
x
gx
θθ
φα
=+



Inverting Cancelable FingerprintsInverting Cancelable Fingerprints
•Transformed squares
encasing
a minutia correspond
to its pre3image
•Most
likely
pre3image element is taken as inverse
–More pre3images considered in order of likelihood
to improve feature
recovery
Original Fingerprint
Transformed Fingerprint
A. Nagar and A. K. Jain, "On the Security of Non3Invertible Fingerprint Transforms",WIFS 2009.
Security of Cancelable FingerprintsSecurity of Cancelable Fingerprints
Trans32 is more secure but less usable than Trans31
E(β) is the #guesses required to recover βfraction of the original biometric
FVC02DB32 (100 fingers; 8 impressions per finger)
High Intrusion:
64% IRID at 33% FRR
T
(Trans31)
High Linkage :
94%CMR
O
at 1% FCMR
O
(Trans31)
BiohashingBiohashing
Biometric Trait
Feature Vector
e.g. Eigenface
Projection +
Thresholding
0 1 1 1 0 0 1 0 1 0
Transformed Template
1 0 1 1 1 0 1 1 0
Key
Orthogonal
Matrix
An
effective
technique for features represented as vectors;
significant
improvement
in matching performance due to
increased uniformity
of feature distribution
How difficult is its inversion?
Inverting the BiohashInverting the Biohash
•Estimate of the original features is obtained by
solving the following problem for
2
1
argmin,
,0
,1
n
ijjii
j
n
ijjii
xa
Mxifb
Mxifb
δ
δ
=
=

Σ<=
Σ≥=
Where is the biometric feature from a
database, is the transformation matrix,
is the transformed feature and is the
threshold for the ith
feature
a
M
b
i
δ
x
•Weighted combination of multiple solutions is used
as the final estimate of x
Original Face
Recovered Face
1
,1
ijjii
j
Mxifb
δ
=
Σ≥=
Security of BiohashingSecurity of Biohashing
500 subjects, 2 impressions/subject are used from FERET database for our
experiments. Top 100 eigenface features are used to extract 803bit biohash
High Intrusion:
50% IRID at 9% FRR
T
High Linkage :
80% CMR
O
at 10% FCMR
O
Template Transformation:
Summary
Template Transformation:
Summary
•Proposed
metrics
to evaluate the
template transformation techniques

Cancelable fingerprints &
biohashing

Cancelable fingerprints &
biohashing
are vulnerable to intrusion and linkage
attacks due to
ease of inversion
Proposed WorkProposed Work
•Large scale evaluation
–Success of certain attacks depend on size of
available biometric database

Template inversion analysis

Template inversion analysis
–Need to formally define parameters of
inversion; design inversion schemes for
other common transformations
Expected ContributionsExpected Contributions
•An improved analysis of the biometric
cryptosystems including convenience3security
trade3off
•Improvements to fingerprint fuzzy vault by
incorporating (
i
) passwords and (ii) additional
incorporating (
i
) passwords and (ii) additional
features associated with minutiae
•Framework for multibiometriccryptosystem
•A set of metrics to evaluate the security of the
template transformation techniques
TimelineTimeline
Month, YearActivity
June3August, 2011Internship, UID India
September3November, 2011Efficient implementation in C of
biometric cryptosystems such
as fuzzy vault and large scale
as fuzzy vault and large scale
evaluation of unibiometricand
multibiometriccryptosystems
December3February, 2012Study inversion of template
transformation
March, 2012Dissertation Writing
April, 2012Thesis Defense
ThanksThanks
ThanksThanks
Embedding: Real to BinaryEmbedding: Real to Binary
12
25
48
34
23
1 0 0 0 1 1 0 0 1 1 1 1 1 1 1 0 1 1 0 0
0 1 0 1 1 1
Real vector
Unary
Coding
All bitsSelected bits
•Unary
encoding preserves
L1
distance
•Bit selection
further improves accuracy
•Other techniques include: Locality Sensitive
Hashing (
LSH
), Detection Rate Optimized Bit
Allocation (
DROBA
), Binary Multidimensional
Scaling
Embedding: Point set to RealEmbedding: Point set to Real
1
2
3
4
3324
•Set of
randomly
generated rectangles are
placed over the point set
•Features extracted include
–Number of points, mean and deviation
of points in
(x,y,θ)
Set of Points
Real vector
Embedding: Binary to PointEmbedding: Binary to Point
0 1 0 1 1 1 0 1 0 0 0 1 1 1
0 1 0 1 1 1 0 1 0 0 0 1 1 1
0 1 0 1
1 1 0 1
0 0 0 1
Binary vector
Set of points
•Small groups lead to large number of
less
discriminative
and
noisy
points
•Large groups limit the number of points
obtained
Binary vector
Set of points