Secure Biometric Authentication System Architecture using Error Correcting Codes and Distributed Cryptography

nauseatingcynicalSecurity

Feb 22, 2014 (3 years and 3 months ago)

73 views

Secure Biometric Authentication System Architecture
using Error Correcting Codes and Distributed Cryptography
Emanuele Maiorana,Chiara Ercole
Dip.Elettronica Applicata,Universitµa degli Studi\Roma Tre",
Via della Vasca Navale 84,I-00146 Roma,Italy
ABSTRACT
The most emerging technology for people identi¯cation and authentication is biometrics.In contrast with
traditional recognition approaches,biometric authentication relies on who a person is or what a person does,
being based on strictly personal traits,much more di±cult to be forgotten,lost,stolen,copied or forged than
traditional data.In this paper,we focus on two vulnerable points of biometric systems:the database where the
templates are stored and the communication channel between the stored templates and the matcher.Speci¯cally,
we propose a method,based on user adaptive error correction codes,to secure the stored templates and achieve
the requisite of cancelability of the templates.The proposed architecture is applied either to signature and iris
recognition.Moreover,in order to avoid corruption or interception of the stored templates in the transmission
channels,we propose a scheme based on threshold cryptography:the distribution of the certi¯cate authority
functionality among a number of nodes provides distributed,fault-tolerant,and hierarchical key management
services.Experimental results show the e®ectiveness of our approach,when compared to traditional non-secure
correlation-based classi¯ers.
1.INTRODUCTION
The most emerging technology for people authentication is biometrics.It can be de¯ned as the analysis of
physiological or behavioral people characteristics for automatic people recognition.Biometrics authentication
relies on who a person is or what a person does,in contrast with traditional authentication approach,based
on what a person knows (password) or what a person has (ID card)
1,2
.Then,it is based on strictly personal
traits,much more di±cult to be forgotten,lost,stolen,copied or forged than traditional data.Loosely speaking
biometric systems are essentially pattern-recognition applications,performing identi¯cation or authentication
using biometrics features derived from physiological or behavioral characteristics that persons possess.
Biometric authentication systems consist of two stages,indicated as enrollment and authentication.In the
enrollment subsystemthe biometric data are captured froma subject and checked for their quality.Then relevant
information,typically indicated as biometric features,are extracted and eventually stored in a database.As for
the authentication subsystem,two methods can be taken into account:
²
veri¯cation:the subject who claims an identity presents some form of identi¯er (like used ID,ATM card)
and a biometric characteristic.The system extracts the features from the biometrics,and compares the
features stored in the database,associated with the provided ID,with the acquired ones (1-to-1 matching);
²
identi¯cation:the system acquires the biometric sample from the subject,extracts features from the raw
measurements,and searches the entire database for matches using the extracted biometric features (1-to-N
matching).
Although biometric system can improve security over existing methods of user authentication,security leak-
age,unintended by the designer,
3
can be introduced in any real life system.As detailed in
4
attacks can be
perpetrated at the sensor level:the coercive attack where the true biometric is presented but in some unau-
thorized manner,the replay attack where a recorded version of the true data is presented to the sensor,the
Corresponding authors Emanuele Maiorana,e-mail:maiorana@uniroma3.it,Telephone:+39.06.55177298,Fax:
+39.06.55177026;Chiara Ercole,e-mail:cercole@uniroma3.it,Telephone:+39.06.55177298,Fax:+39.06.55177026.
impersonation attack where unauthorized individuals changes his/her biometric to appear like an authorized
individual.Moreover attacks can be perpetrated on the channels interconnecting the di®erent part of the bio-
metric system,like the channel between the sensor and the biometric system (if one has access to this point),the
channel between the feature extractor and the matcher,the channel between the matcher and the application
device thus overriding the output of the matching module,and the channel between the central or distributed
database and the authentication system.Also,the feature extractor could be forced to produce a pre-selected
feature,the matcher can be attacked to produce an arti¯cially high or low match score,and attacks on the
database itself can be done.
In this paper we focus on the protection of templates,which can be stored either in a central database or in
distributed databases.A malicious user can steal a template both by intercepting a communication through the
channel between the database and the authentication system and by breaking into the databases.In both cases
the biometric system is compromised.Although it was believed that it is not possible to reconstruct the original
biometric data starting from the corresponding extracted template,some concrete counter examples,which
contradicts this assumption,have been provided in the recent literature for faces and ¯ngerprints.
5
Moreover,
even if,fromthe stolen template,it is either not possible or computationally infeasible to reconstruct the original
biometric data,the stolen template cannot be used anymore by the user to summarize the biometric data under
analysis.In fact,whereas a password can be changed as many times as the user wants,the same is not possible
for biometrics since they are limited in number and cannot be easily changed by the user.This makes the
template protection issue of paramount importance in the design of a biometric system.
There exist several security techniques to thwart attacks on the templates.Template encryption can be used
to make the data useless without the knowledge of the key that must be kept secret.However,once the key is
broken or the data are decrypted they are not protected anymore.To overcome this limitation,watermarking
techniques
6,7
can be used.Either a time-stamp can be embedded into the template in such a way that after
the expiration date the template is useless,or the template can be embedded into a host signal to make its
presence undetectable.In
8
a fragile watermarking method for ¯ngerprint veri¯cation is proposed in order to
detect tampering while not lowering veri¯cation performance.In
9
a secure biometric storage based on the use of
syndrome codes is described.Error correction has also been employed to protect face biometric data in
10
where
Reed-Solomon codes have been used.Templates protection is achieved in
11
by partially deleting and splitting
template information and partially deleting themwhile enabling their restoration through error correction coding.
In some approaches template protection can be addressed by integrating biometrics with cryptographic tech-
niques
12
.In
13
the so called fuzzy commitment scheme,where a cryptographic hashed version of the data is
stored/transmitted,was introduced.In
14
the cancelable biometric concept is exploited.It consists of an inten-
tional non-invertible distortion on the biometric data both in the enrollment stage and in the authentication one.
Since only the distorted data are stored in the database,even if the database is compromised,the biometric data
cannot be retrieved.In
15
biometric secrecy preservation and replaceability are obtained using random tokens
together with multiple-bit discretization and permutation,thus obtaining replaceable cryptographic signature
keys.Based on
13
,a new template protection approach,called Helper Data System was proposed in
16
for acoustic
ear,in
17
for ¯ngerprint,and in
18
for face recognition.
In this paper we propose a user adaptive cryptosystem,based on fuzzy commitment scheme
13
for the security
of the stored data and their renewability.A practical implementation of the system has been designed with
reference to either signature and iris recognition.
The paper is organized as follows.In Section 2 the proposed biometric protection scheme is presented,
outlining its general properties and the user adaptiveness of the method.In Section 3 a distributed storing
architecture is proposed,aimed at avoiding interception or corruption of data,providing robustness and fault-
tolerance to the system.The details for the application of the proposed scheme to signature and iris recognition
are presented in Section 4 and Section 5 respectively.Eventually,experimental results and conclusions are drawn
in Section 6.
2.BIOMETRIC PROTECTION SCHEME
In this Section the proposed scheme for biometric templates protection is presented.Basically,it is based on
Juels'proposal on the use of helper data and error correcting codes.
13
This approach is twofold,allowing the
system both to manage cancelable biometrics
14
and to handle the unavoidable intra-class variability of biometric
data.As far as signature biometric is concerned,being a behavioral characteristic signatures taken from a
user can exhibit a lot of variability between di®erent realizations,mainly due to lack of user's habit and to
the di®erent conditions of execution (seated or standing position,wide or narrow area for resting the arms).
Therefore,features extracted from a subject's signatures may not be always the same.Even for irides the same
problems arise:although an user's iris does not change in time,the treated templates can be di®erent in two
successive acquisitions,due to variations in illumination or to the variable user's distance and position with
respect of the sensor.This variability is here handled by considering the obtained templates as a noisy version
of the\ideal"template,where the noise power is related to their variance.The general schemes of the proposed
enrollment and authentication procedure are illustrated in Figures 1 and 2 respectively.
Figure 1.Enrollment scheme:the acquired data are analyzed,quantized and summed to error correcting codes.The
stored data are ¹,HD1,HD2 and h(N).
The enrollment and authentication stages are detailed respectively in Section 2.1 and 2.2.In these sections,
we do not refer to any speci¯c biometric characteristic,but the exposed concepts are general and can be referred
to both signature and iris templates.The details of how the proposed schemes can be applied to the considered
biometrics are presented in Sections 4 and 5.
2.1.Enrollment stage
As can be seen from Figure 1,data are ¯rst acquired by a sensor,that can be an electronic digitizer tablet for
signatures,or an high-quality camera for irides.In the enrollment phase,a number I of biometrics measurements
are recorded for each subject s.
For each i-th measurement from subject s,it is supposed to be able to obtain one or more 1-D feature vectors
f
s;i
,i = 1;:::;I,s = 1;:::;S,whose dimension is indicated with K.In Sections 4 and 5 it is speci¯ed how the
aforementioned feature vectors can be derived,for signature and iris respectively.In this Section we will consider
the case where only one feature vector has to be managed.
A statistical analysis is then performed on the available data,estimating the intra-class ¹
s
and the inter-class
¹ vector mean as:
¹
s
=
1
I
I
X
i=1
f
s;i
;¹ =
1
S
S
X
s=1
¹
s
(1)
where S is the number of enrolled subjects.Then,the enrolled features vectors f
s;i
,with i = 1;:::;I for the
user s,are binarized by using the inter-class mean ¹,and collected as row vectors in a binary matrix B
s
,with
I (signature samples) rows and K (features) columns,whose generic element B
s
[i;k] is obtained as:
B
s
[i;k] =
½
0 if f
s;i
[k] · ¹[k]
1 if f
s;i
[k] > ¹[k]
(2)
A binary vector,representative of the features extracted from each signature made by the user s,is then
obtained in two di®erent ways:
²
making use of the estimated intra-class mean ¹
s
for the user s,thus obtaining the representative vector
b
s
¹
whose k-th element is obtained as follows:
b
s
¹
[k] =
½
0 if ¹
s
[k] · ¹[k]
1 if ¹
s
[k] > ¹[k]:
(3)
²
considering the most probable bit among the corresponding elements of the binarized features collected in
the binary matrix B
s
as follows:
b
s
p
[k] =
½
0 if
P
I
i=1
B
s
[i;k] · I=2
1 if
P
I
i=1
B
s
[i;k] > I=2:
(4)
that is,choosing for each component b
s
p
[k] the most probable binary value.
In this way,a binary vector,either b
s
¹
or b
s
p
is then obtained fromthe original feature vectors f
s;i
,i = 1;:::;I.
The binary vector is generically indicated as b
s
in the following.
In order to achieve both template protection and renewability,our scheme uses error correcting codes (BCH
codes)
19
whose error correction capabilities (ECC) can be a priori selected,as in,
18
and detailed in Section 2.1.1.
An ECC selection procedure depending on the intra-class variability of each user's biometrics is also proposed,
as pointed out in Section 2.1.2.
2.1.1.A priori Selection of Error Correction Capability
After having obtained the binary feature vector b
s
,a BCH code whose ECC is decided a priori,depending on
the desired False Acceptance Rate (FAR) or False Rejection Rate (FRR),is employed.
Speci¯cally,a codeword c
s
,is generated from a randomly selected number N
s
.Then a XOR operation
between the codeword c
s
and b
s
is performed,thus obtaining:
HD1
s
= b
s
©c
s
(5)
From (5) it is clear that the length of the ¯nal binary feature vector b
s
should be equal to the length of the
selected BCH codewords c
s
.As far as BCH codes is concerned,the length of the codewords have to be equal
to W = 2
w
¡1;if the length K of b
s
is not equal to W (typically K is less than the selected value of W),the
binary vector b
s
can be zero-padded before applying (5).
Ahashed version h(N
s
) of N
s
,created using a SHA-1 algorithm
20
,is then stored,together with the inter-class
mean ¹ and the Helper Data HD1
s
.
2.1.2.Adaptive Selection of Error Correction Capability
The approach described in Section 2.1.1 is able to provide cancelability of the template simply by changing the
codeword c
s
(i.e.,the random generated number N
s
) associated to the user during enrollment.
However,we can also provide adaptability to the user biometrics variability.This implies that we manage
the intra-variability of the considered biometrics,which re°ects on bit di®erences between the feature vector b
s
representative of the user s and the feature vector
~
b
s
obtained in the authentication stage from the same user s
(see Figure 2).This is done by choosing the BCH code and its ECC,among a set of available codes,in such a
way that for users who give rise to a high intra-class variability,codes with higher error correction capabilities
are selected.
Therefore,in the enrollment stage,an intra-class analysis is performed as follows.From the matrix B
s
introduced in (2),the Hamming distances D
s;i
,with i = 1;:::;I,between any binary row of B
s
,and b
s
are
evaluated.The average Avg
s
of the D
s;i
values,
Avg
s
=
1
I
I
X
i=1
D
s;i
(6)
is then used to characterize the intra-class variability of the user s.
Speci¯cally,after having chosen a BCH code with codeword length equal to W = 2
w
¡1,its ECC is selected
to be equal to ª[Avg
s
+v] where v is a value common to all users and the operator ª[¢] represents the possible
nearest ECC greater than or equal to [¢].Then,the selected BCH ECC is stored in HD2
s
.
Once the BCH code and its ECC have been selected,a codeword c
s
is generated from a randomly selected
number N
s
.Then a XOR operation between the codeword c
s
and b
s
is performed,thus obtaining:
HD1
s
= b
s
©c
s
:(7)
A hashed version h(N
s
) of N
s
,created using a SHA-1 algorithm is eventually stored.
The proposed framework provides security,being impossible to retrieve f
s
from ¹;HD1
s
;HD2
s
and h(N
s
).
2.2.Authentication stage
Figure 2.Authentication scheme:when a subject claims his identity,a response is given using the stored data ¹,HD1,
HD2 and h(N).
The authentication phase follows the same steps as the enrollment stage (see Figure 2).When a subject
claims his identity,he provides his signature,which is converted in the features vector
~
f
s
.Then the quantization
is done using the inter class mean ¹ thus obtaining
~
b
s
.The codeword
~
c
s
results from the XOR operation
~
c
s
=
~
b
s
©HD1
s
:(8)
The BCH decoder is selected depending on the encoder used in enrollment,obtaining
~
N
s
from
~
c
s
.Finally,the
SHA-1 hashed version h(
~
N
s
) is compared to h(N
s
):if both values are identical the subject is authenticated.
3.THRESHOLD CRYPTOGRAPHY ARCHITECTURE
In the proposed approach,four di®erent entities have to be stored for each user:the inter-class media ¹,the
Helper Data HD1,HD2,and the hash h(N).None of these parameter can supply any information about the
users'biometrics by itself,but each of them carries a piece of information in the authentication phase:if any
of these entities is not available at a certain time,user authentication is not possible.Moreover,the single
parameter ¹ can give informations on general traits of users'signatures.
In addition,as for the storage of biometric templates,we have to design both a secure storage system and a
secure modality to transmit the stored templates to the matcher
14
.
Applying simple cryptographic algorithms can be not enough:even if an intruder cannot retrieve the features
values,he can however corrupt the data,making the authentication impossible.Moreover,for an attack coming
from the inside of the system,it is possible to retrieve the cryptographic key and decrypt the information.
In order to avoid corruption,modi¯cations or interception of the stored templates we propose a scheme based
on threshold cryptography
21,22
.In this system,the distribution of the certi¯cate authority functionality among
a number of nodes provides distributed,fault tolerant,and hierarchical key management services.
Shamir
23
was the ¯rst to highlight the possibility of sharing a secret key among di®erent entities.The ¯rst
practical threshold cryptosystem,based on ElGamal and RSA cryptographic keys,was proposed by Desmedt
in.
21
In brief,threshold cryptography allows l entities to share the ability of performing a cryptographic operation,
distributing trust and building a highly available and secure key management service.In a t-out-of-l scheme,
any t parties,where t is the system threshold,can perform this operation jointly,whereas it is infeasible for any
t ¡1 parties (or less) to do so,even by colluding.In such a system,an attacker needs to break at least t nodes in
order to compromise system security.The values of t and l may be chosen according to the desired security and
fault-tolerance requirements:lowering t means lowering the security provided,while increasing it can be useful
for more security critical services.
Threshold cryptography is widely used in computer networks to provide security in terms of availability,
con¯dentiality,and secure key or data distribution,¯nding its main application in document authorization or
veri¯cation,e-commerce transactions,and distributed online certi¯cation authority
22{24
.
The employed approach uses RSA and Lagrange Interpolating Polynomial Scheme.This approach takes
the public (n;e) and private (n;d) RSA key and distribute the private key d on l di®erent servers.When the
encrypted message M
d
(mod n) has to be reconstructed,each i-th server outputs a partial signature S
i
= M
®
i
,
instead of sending their key share and therefore without revealing the private key to any party.The receiver
selects t signatures,from which it computes the original signature
Q
t
i=1
S
i
,as shown in Figure 3.
Figure 3.Distributed Architecture based on Threshold Cryptography.
To obtain the partial keys ®
i
,a polynomial h(x) = a
0
+a
1
x+:::+a
t¡1
x
t¡1
of degree t ¡1,with a
0
= d,the
secret key,is considered.It is demonstrated that given t points (x
1
;y
1
);:::;(x
t
;y
t
) with di®erent x coordinates,
there is a unique polynomial of degree less than t¡1 passing through them.Considering the Lagrange Polynomial
expression
h(x) =
t
X
i=1
y
i
h
t
Y
j6=i
x ¡x
j
x
i
¡x
j
i
;(9)
the di®erent shares can be taken as y
i
= h(x
i
) for 1 · i · l.Then,given t of these shares the Lagrange
polynomial can be reconstructed,where any t ¡1 shares cannot do so.The basic sharing procedure assumes
21
:
M
d
=
t
Y
i=1
M
®
i
= M
P
t
i=1
®
i
;d = h(0) =
t
X
i=1
®
i
=
t
X
i=1
y
i
h
t
Y
j6=i
0 ¡x
j
x
i
¡xj
i

i
= y
i
h
t
Y
j6=i
0 ¡x
j
x
i
¡xj
i
(10)
where x
i
are the (known) indices assigned to each server (for simplicity it can be x
i
= i).
4.DYNAMIC SIGNATURE BIOMETRICS
In this Section some fundamental concepts on signature biometrics are presented,together with the speci¯c
method used in order to obtain the feature vector f mentioned in Section 2,for signature templates protection.
People recognition based on signatures is one of the most accepted biometric veri¯cation methods,since it
is perceived as a non-invasive and non-threatening process by the most of users.Moreover,it is actually one
of the most reliable behavioral biometrics together with speech,is characterized by a high collectibility and,
due to the large experiences on it,has a high legal value
25{27
.Signature recognition can be either static or
dynamic:in the ¯rst mode,also referred to as o®-line,only the signature image is acquired in a digitized form
through an optical scanner or a camera,while in the second mode,also called on-line,signatures are acquired by a
digitizer tablet or a pen-sensitive computer display.These devices usually capture the position of the pen (in x(t)
and y(t) coordinates being t the temporal coordinate),and the pressure p(t) applied by the pen.To accomplish
recognition or veri¯cation,further information are extracted fromthese raw data,such as global or local velocity,
acceleration or strokes,to cite only a few,commonly referred to as signature features.On-line signatures are
therefore more di±cult to forge than o®-line ones,so they are more suitable for personal authentication in legal
and commercial transactions.
In our work,on-line signatures are acquired using an Interlink Electronics ePad-ink,based on a resistive
touchpad with 300dpi resolution.A total of K = 63 features,detailed in Table 1,
28
are extracted from the
acquired signals.Statistical moments M
rz
,de¯ned as M
rz
=
P
C
c=1
x
r
c
y
z
c
,where C is the number of acquired
samples and x,y are the coordinates of a signature sample,are also included.
29
This set of features include
both global and local features,where the last ones are based on a partition of each signature in ¯ve consecutive
and disjoint segments with the same temporal extension:the need of local features for the analysis of dynamic
signature is well expressed in.
30
ID
Description
ID
Description
ID
Description
1
Number of Strokes
10 ¡11
Average Xand Y Acceleration
41 ¡50
X and Y Sub-Accelerations (Local)
2
Time Duration
12 ¡13
Initial X and Y
51 ¡52
Height and Width
3
Aspect Ratio (y vs x)
14 ¡15
Final X and Y
53 ¡55
Mean X,Y and Pressure Value
4 ¡5
X and Y Area (y vs x)
16 ¡20
M
11
,M
12
,M
21
,M
30
and M
03
56 ¡58
Maximum X,Y and Pressure Value
6 ¡7
Average Xand Y Velocity
21 ¡30
X and Y Sub-Areas (Local)
59 ¡61
Minimum X,Y and Pressure Value
8 ¡9
Absolute Average Xand Y Velocity
31 ¡40
X and Y Sub-Velocities (Local)
62 ¡63
Maximum X and Y Velocity
Table 1.Features extracted from on-line signatures.
As already mentioned,the Helper Data System proposed in 2 can be applied to signatures using the afore-
mentioned features,and being W = K = 63.
5.IRIS BIOMETRICS
Among all the employed biometric traits,the iris is the most promising in terms of security and robustness,
as well as people's acceptability.The peculiar complex texture is a mesh of collagenous stromal ¯bres,ciliary
processes,crypts,vascularized stroma,rings,corona,coloration,and freckles;it forms during gestation and its
development lasts until the ¯rst postnatal years.Since the iris texture formation has no genetic origin,beyond its
physiology and general appearance,the texture itself is actually a randompattern,granting high discriminability
among people.Furthermore,the iris is part of an internal organ,this granting protection and stability over time.
What helps improving the acceptability of iris as a biometric identi¯er is the ease in the acquisition phase,since
the sensor does not need a close contact with the eye,and a subject can have his iris acquired from 40-50 cm up
to 1 meter.
Though richly detailed and theoretically highly discriminant,the human iris shows an intrinsic di±culty in
identifying and classifying meaningful features like for ¯ngerprints.The most signi¯cant results were achieved
by Daugman,
31
who extracted texture phase structure using multi-scale Gabor ¯lters.Such iris image phase
information originated 1024 complex phasors,each of them further quantized in one of the four quadrants of the
complex plane using two bits,generating a 256 Byte IrisCode.The original algorithm is actually protected by
Iridian Technology copyright.
32
Wildes
33
proposed the use of a Laplacian pyramid at di®erent resolutions to
represent the iris texture and compute the normalized correlation between two di®erent templates,so to assess
the ownership to a speci¯c class.Ma et al.developed a texture analysis-based method using multi-channel
Gabor ¯lters at di®erent scales and orientations
34
;further works
35
implemented special spatial ¯lters to capture
sharp variations in the iris image,achieving better results.
In order to extract a binary feature vector f starting from a gray-scale iris image,like those present in
the CASIA database,
36
the iris has ¯rst to be localized.In order to do so,the iris image is segmented using
Canny edge detector followed by the circular Hough transform.The implemented algorithmsucceeds in correctly
segmenting 661 images out of 756,thus proving a 87,4% success rate.
After localization,the segmented iris is projected on a polar coordinate system,following the idea of Daug-
man's rubber sheet
37
.The process,commonly referred to as normalization,allows to manage rectangular
representations of the iris texture that are not constrained by pupil dilation/compression.Moreover,the e®ect
of head tilt (rotation) is transposed in a simple horizontal shift of the template.The minimum suggested radial
resolution to capture su±cient information of the rich iris meshwork is 70 pixels;in the presented application a
resolution of 80 pixels in the radial direction was employed.Since the iris peculiar texture presents a relevant
correlation in the radial direction,a higher resolution in the angular direction is employed,leading to the choice
of 512 angular sectors.
After normalization and compensation for rotation (achieved through vertical and horizontal displacements),
the normalized iris templates composed by 80£512 pixels is cropped to 60£280 pixels,discarding the 20 farthest
rings from the pupil that are usually masked by eyelashes and the upper part of the iris usually covered by
eyelids.The whole process is described in Fig.4.
Figure 4.Iris segmentation,normalization and template generation
BCH Code
Test A
Test B
BCH Code
Test A
Test B
ECC
FRR
FAR
RF
FAR
SF
FRR
FAR
RF
FAR
SF
ECC
FRR
FAR
RF
FAR
SF
FRR
FAR
RF
FAR
SF
10
13,80%
10,48%
32,33%
14,33%
9,55%
24,44%
10
8,47%
12,11%
34,67%
11,87%
10,73%
27,33%
11
11,20%
11,80%
34,66%
10,86%
10,96%
27,33%
11
6,13%
13,83%
39,00%
9,67%
12,51%
30,66%
13
6,13%
15,15%
40,33%
4,20%
14,36%
36,66%
13
3,13%
18,46%
47,33%
4,20%
16,34%
41,66%
(a) (b)
Table 2.First Signature Experiment:system performances with signature recognition and without adaptive BCH code
selection,varying BCH ECC.The results refer to systems using:a) b
s
¹
;b) b
s
p
.
Having generated a normalized iris template with 60£280 pixels,this template is decomposed in 60 feature
vectors f
j
,j = 1;:::;60,taking each template row as a feature vector.Unlike what exposed regarding signatures,
as far as iris is concerned we therefore generate 60 feature vectors f
s;i
j
for each considered acquisition i taken
from user s.The enrollment and authentication operations detailed in Section 2 and 2.2 are then performed
separately on each feature vectors f
j
,j = 1;:::;60.An user s is authenticated if and only if all the 60 hashed
versions h(
~
N
s
j
) are equal to the stored values h(N
s
j
),j = 1;:::;60,obtained in enrollment.
6.EXPERIMENTAL RESULTS AND CONCLUSIONS
In this Section an extensive set of experimental results,concerning the system performances are presented.As
mentioned earlier,the proposed secure biometric authentication system architecture is applied to signature and
iris,and results regarding both of the considered biometrics are presented.
6.1.HDS applied to Signature Recognition
As far as signature authentication is concerned,we have performed experimentations in order to compare:
²
the adaptive approach detailed in Section 2.1.2 with the non adaptive one described in 2.1.1,which is
referred to as classic;
²
the use of the binary vector b
s
¹
with the use of b
s
p
,to represent each user during enrollment.
Moreover,to understand the in°uence of the enrollment phase in the authentication process,we performed
two tests with di®erent number of acquired signatures during the enrollment.Speci¯cally,ten signatures were
recorded by thirty subjects in Test A,whereas only ¯ve signatures were acquired from the same set of subjects
in Test B in the enrollment stage.
The ¯rst experiment was aimed at evaluating system performances without the use of adaptive BCH code
selection.Several BCH codes,with di®erent ECC,have been applied.Speci¯cally,we have used BCH codes
with codeword length W = 63 with di®erent ECC equal to 10,11 and 13.The system performances have been
assessed through FRR and FAR as shown in Table 2.More in detail,for FRR estimation ¯fty signatures from
each enrolled subject have been recorded in di®erent times in the time span of a week.The FAR is both referred
to conditions of random forgeries
25
,indicated as FAR
RF
,and to conditions of skilled forgeries,indicated as
FAR
SF
.For each subject,the ¯fty signatures of all the remaining twenty nine users are used as randomforgeries,
whereas in the case of skilled forgeries a test set of ten skilled forgeries was created for each subject,using a
training time of ten minutes for each signature whose original was made available.Speci¯cally,in Table 2 the
system performances for di®erent ECC values are shown.Table 2.a refers to a system using b
s
¹
as subject's
representative binary vector,whereas Table 2.b refers to a system using b
s
p
.
In the second experiment we tested the system using the adaptive codes selection scheme we have here
proposed,which results in improved performances as shown in Table 3.The ECC is selected as detailed in
Section 2.1.2 having used the values v = 3;4;5 for W = 63.
The obtained experimental results highlight that:
BCH Code
Test A
Test B
BCH Code
Test A
Test B
ECC
FRR
FAR
RF
FAR
SF
FRR
FAR
RF
FAR
SF
ECC
FRR
FAR
RF
FAR
SF
FRR
FAR
RF
FAR
SF
ª[Avg
s
+3]
10,00%
5,36%
21,33%
13,07%
4,00%
20,67%
ª[Avg
s
+3]
10,13%
6,53%
21,67%
14,53%
4,77%
20,33%
ª[Avg
s
+4]
6,93%
7,52%
30,67%
9,33%
6,10%
23,00%
ª[Avg
s
+4]
7,00%
8,63%
29,33%
9,87%
6,95%
24,00%
ª[Avg
s
+5]
5,27%
10,52%
33,73%
6,73%
8,08%
27,00%
ª[Avg
s
+5]
5,67%
10,90%
35,00%
8,20%
8,74%
28,67%
(a) (b)
Table 3.Second Signature Experiment:systemperformances with signature recognition and adaptive BCHcode selection,
varying BCH ECC.The results refer to systems using:a) b
s
¹
;b) b
s
p
.
²
The use of the adaptive code selection method increases the performances of the system in terms of FAR,
especially when skilled forgeries are taken into account.Performances in terms of FRR are the same as
the classic approach.
²
Taking more signatures during enrollment results in a little increase of FAR and a signi¯cative decrease of
FRR,thanks to the possibility to better estimate the statistics of each user.
²
For representing each user s,the use of the binary vector b
s
p
instead of b
s
¹
increases the performances in
terms of FAR,while lowers the performances in terms of FRR.
Therefore,while the utilization of the adaptive code selection method gives better performances overall,the
use of b
s
p
instead of b
s
¹
,or the choice of the number of enrolled biometrics have to be chosen according to the
desired FRR (for user acceptability-focused applications) or FAR (for security-focused applications) ratios.
6.2.HDS applied to Iris Recognition
As far as iris authentication is concerned,the experimentations we made are based on the iris taken from the
CASIA v.1 database.
36
The database is organized in 108 di®erent subject;for each subject,seven iris images are
collected in two separate sets,where three images are captured in the ¯rst set and four in the second one.Thus,
the images acquired during the second session will be employed for the enrollment stage,while the remaining
three images of the ¯rst set will be used for testing the system authentication capabilities.
In order to prove the good discriminant power of the proposed technique,traditional correlators have been
used for classi¯cation purposes,where the correlation grade is expressed in terms of normalized cross-correlation,
as follows:
½ =
¾
e;a
¾
e
¢ ¾
a
where ¾
e;a
is the correlation index between the enrollment and the authentication templates,¾
e
is the standard
deviation of the enrollment template and ¾
a
is the standard deviation of the authentication template.
Figure 5 shows classi¯cation results for di®erent values of the threshold for CASIA database.The corre-
sponding equal error rate (EER) is found to be 25,93% at a correlation threshold value of 0,2475.However,it
must be noted that the high variability of the available data a®ect the recognition results.In fact,the data set
chosen for these experiments have not been pre-selected but maintains all the heavily occluded images,so to
represent a realistic operating condition.
We then present the results regarding the application of the proposed HDS scheme to iris recognition.Di®erent
tests have been run on the entire database,applying an a priori selection of BCH error correcting codes (detailed
in Section 2.1.1),where the binary vector b
s
¹
is employed to represent each user during enrollment.
In the reported preliminary results of Table 4,we used BCH codewords with length W = 511 (thus applying
zero padding to the binary vectors obtained from the irides as detailed in Section 2.1.1,being K = 280),where
the selected ECC is set to be equal to 119 and 127.The FAR is evaluated considering other users than the
legitimate one as possible imposters claiming the legitimate identity and presenting their iris biometrics.
It is worth pointing out that the achieved results are not based on the entire CASIA database,rather on a
narrowed set of 10 users:such results are then strongly in°uenced by the limited number of considered users.
0
0.2
0.4
0.6
0.8
1
10
-5
10
-4
10
-3
10
-2
10
-1
10
0
Correlation Threshold
Error Rate


FAR
FRR
Figure 5.Correlation based classi¯cation results of CASIA database.EER is 25,93%.
BCH Code ECC
FRR
FAR
119
90,00%
0,00%
127
50,00%
7,00%
Table 4.System performances with iris recognition and without adaptive BCH code selection,varying BCH ECC.The
results refer to systems using b
s
p
.
More experimentations have to be done in order to further investigate the e®ective performances of the proposed
system.From the results we obtained for signature,it can be supposed than better results can be achieved using
codewords with di®erent lengths and ECC,and integrating the adaptive approach.
REFERENCES
1.
A.K.Jain,An introduction to biometric recognition,IEEE Transactions on Circuits and Systems for Video
Technology,Vol.14,No.1,2004
2.
R.M.Bolle,J.H.Connell,S.Pankati,N.K.Ratha,A.W.Senior,Guide to Biometrics,Springer,New York,
USA,2004.
3.
S.Prabhakar,S.Pankanti,A.K.Jain,Biometric Recognition:Security and Privacy Concerns,IEEE Security
& Privacy Magazine 1 (2003),pp:33-42,2003.
4.
N.Ratha,J.H.Connell,and R.M.Bolle,An analysis of minutiae matching strength,in Proc.Int.Conf.
Audio and Video-based Biometric Person Authentication,Halmstad,Sweden,Jun.2001,pp.223228.
5.
U.Uludag and A.K.Jain,Attacks on biometric systems:a case study in ¯ngerprints,in Proc.SPIE-
EI Security,Steganography and Watermarking of Multimedia Contents VI,San Jose,CA,Jan.2004,pp.
622633.
6.
N.K.Ratha,J.H.Connell,R.Bolle,Secure data hiding in wavelet compressed ¯ngerprint images,ACM
Multimedia 2000 Workshops Proc.,pp:127-130,2000.
7.
A.K.Jain,U.Uludag,Hiding Biometric Data,IEEE Transactions on Pattern Analysis and Machine Intelli-
gence,Vol.25,No.11,pp:1494-1498,2003.
8.
S.Pankanti,M.M.Yeung,Veri¯cation Watermarks on Fingerprint Recognition and Retrieval,Proc.SPIE,
Vol.3657,1999,pp:66-78.
9.
E.Martinian,S.Yekhanin,J.Yedidia,Secure Biometrics Via Syndromes,Allerton Conference on Commu-
nications,Control and Computing,2005
10.
Y.Cheng Feng,P.C Yuen,Protecting Face Biometric Data on Smartcard with Reed-Solomon Code,Proc.on
Computer Vision and Pattern Recognition Workshop,2006.
11.
T.Ohki,S.Akatsuka,N.Komatsu,Safety of templates in biometric person authentication using error-
correcting code,Proc.SPIE,Security,Steganography,and Watermarking of Multimedia Contents VIII,2006.
12.
U.Uludag,S.Pankanti,S.Prabhakar,A.K.Jain,Biometric Cryptosystems:Issues ans Challanges,Proc.of
IEEE,vol.92,no.6,pp.948-960,June 2004.
13.
A.Juels,M.Wattenberg,A Fuzzy Commitment Scheme,6th ACM Conf.Computer and Communication
Security,pp:28-36,1999.
14.
N.K.Ratha,J.H.Connell,R.Bolle,Enhancing Security and Privacy of Biometric-based Authentication
Systems,IBM Systems Journal,Vol.40,No.3,2002.
15.
Y.W.Kuan,A.Goh,D.Ngo,A.Teoh,Cryptographic Keys from Dynamic Hand-Signatures with Biometric
Secrecy Preservation and Replaceability,Proc.Fourth IEEE Workshop on Automatic Identi¯cation Advanced
Technologies,pp:27-32,2005.
16.
P.Tuyls,E.Verbitsky,T.Ignatenko,D.Schobben,T.H.Akkermans,Privacy Protected Biometric Templates:
Acoustic Ear Identi¯cation,SPIE Proc.,Vol.5404,pp:176-182,2004
17.
P.Tuyls,A.Akkermans,T.Kevenaar,G.J.Schrijen,A.Bazen,R.Veldhuis,Practical biometric template
protection system based on reliable components,AVBPA Proc.,2005
18.
M.Van der Veen,T.Kevenaar,G.-J.Schrijen,T.H.Akkermans,F.Zuo,Face biometrics with renewable
templates,Security,Steganography,and Watermarking of Multimedia Contents,SPIE Proc.,Vol.6072,2006.
19.
M.Purser,Introduction to Error-Correcting Codes,Artech House,Boston,1995.
20.
Federal Information Processing (FIP) Standards Publication 180-1,Security Hash Standard,
http://www.itl.nist.gov/fipspubs/fip180-1.htm,April 1995.
21.
Y.Desmedt,Y.Frankel,Threshold cryptosystems,Advances in Cryptology-Crypto'89,Lecture Notes in
Computer Science 435,Springer-Verlag,pp:307-315,1990.
22.
Y.Desmedt,Some Recent Research Aspects of Threshold Cryptography,Information Security Proc.(Lecture
Notes in Computer Science 1396),Springer-Verlag,pp:158-173,1997.
23.
A.Shamir,How to share a secret,Communications of the ACM,22,pp:612-613,1979.
24.
L.Zhou,Towards Fault-Tolerant and Secure On-line Services,Ph.D.dissertation,Dept.of Computer Science,
Cornell University,Ithaca,NY,2001.
25.
M.Faundez-Zanuy,Signature recognition state-of-the-art,IEEE Aerospace and Electronic Systems Magazine,
Vol.20,Issue 7,pp:28-32,2005.
26.
C.Vielhauer,R.Steinmetz,A.MayerhÄofer,Biometric Hash based on statistical Features of online Signatures,
International Conference on Pattern Recognition (ICPR),IEEE Proc.,Vol.1,pp:123-126,2002.
27.
M.Freire-Santos,J.Fierrez-Aguilar,J.Ortega-Garcia,Cryptographic key generation using handwritten sig-
nature,Defense and Security Symposium,Biometric Technologies for Human Identi¯cation,SPIE Proc.,Vol.
6202,pp:225-231,2006.
28.
T.H.Rhee,S.J.Cho,J.H.Kim,On-Line Signature Veri¯cation Using Model-Guided Segmentation and
Discriminative Feature Selection for Skilled Forgeries,Sixth International Conference on Document Analysis
and Recognition,pp:645 -649,2001.
29.
R.M.Guest,The Repeatability of Signatures,Ninth International Workshop on Frontiers in Handwriting
Recognition,pp:492-497,2004.
30.
F.Ramirez Rioja,M.N.Miyatake,H.Prez Meana,K.Toscano,Dynamic features Extraction for on-Line
Signature veri¯cation,14th International Conference on Electronics,Communications and Computers,pp:
156-161,2004.
31.
J.G.Daugman,How Iris Recognition Works,IEEE Transactions on Circuits and Systems for Video Tech-
nology,Vol.14,No.1,2004.
32.
J.G.Daugman,Biometric Personal Identi¯cation System Based on Iris Analysis,United States Patent
5291560,1994.
33.
R.P.Wildes,Iris Recognition:an Emerging Biometric Technology,IEEE Proceedings,Vol.85,No.9,1997.
34.
L.Ma,Y.Wang and T.Tan,Iris Recognition based on Multichannel Gabor Filtering,5th Asian Conf.
Computer Vision,Vol.1,2002
35.
L.Ma,T.Tan,Y.Wang and D.Zhang,E±cient Iris Recognition by Characterizing Key Local Variations,
IEEE Transactions on Image Processing,Vol.1,2002.
36.
http://www.cbsr.ia.ac.cn/IrisDatabase.htm
37.
J.G.Daugman,High Con¯dence Visual Recognition of Persons by a Test of Statistical Independence,IEEE
Trans.Pattern Analysis and Machine Intelligence,1993.