Federal Office for Information Security (BSI)

BioKeyS

Biometric Authentication Systems based on Biometric Template Protection Schemes

An important aspect to consider when designing and implementing biometric systems is the privacy of the stored biometric reference information. The standard “ISO/IEC 24745 – Information technology – Security techniques – Biometric information protection” lists several methods for biometric template protection. Biometric encryption – also known as biometric cryptosystems – is an important class of methods, which aims at protecting the biometric reference information without the need to store secret information such as cryptographic keys. Biometric encryption allows biometric authentication using reference data that does not reveal the original biometric information.

An overview of the state of the art in biometric template protection is provided in the final project report of BioKeyS Pilot-DB Teil II. This report also includes a summary of the standardisation activities in this field – namely the ISO/IEC 24745 – and the framework that was contributed to the standard by the European Integrated Project TURBINE.

Report:
Projekt BioKeyS-Pilot-DB Teil II, Abschlussbericht (PDF, 6MB, File is accessible)

Publication:

Biometric Encryption based on genetic fingerprints

In the first project of the BioKeyS project series, a biometric cryptosystem using genetic fingerprints was specified. A detailed security analysis was presented based on estimates of the entropy of the DNA data and formal security results on the underlying Fuzzy Commitment Scheme. The resulting scheme was shown to be robust and efficient by analysing the typical frequency and structure of errors in DNA (deoxyribonucleic acid) measurements and selecting appropriate error correcting codes. As a result, a security level was obtained equivalent to cryptographic keys with 73 bits and a False Reject Rate (FRR) well below 1%.
The project BioKeyS-DNA was initiated by the BSI and accomplished by an interdisciplinary group consisting of:

  • secFederal Office for Information Security (BSI), Bonn, Germany
  • Giesecke & Devrient GmbH, München, Germany
  • Institut für Medizinische Informatik und Statistik, Christian-Albrechts-Universität Kiel, Kiel, Germany
  • Institut für Experimentelle Mathematik, Universität Duisburg-Essen, Essen, Germany
  • Labor Dr. Krone & Partner, Bad Salzuflen, Germany
  • secunet Security Networks AG, Essen, Germanyunet Security Networks AG, D-45128 Essen, Deutschland

The following report finalises this project:
A cryptographic biometric authentication system based on genetic fingerprints (PDF, 412KB, File does not meet accessibility standards)

Publication:

  • U. Korte, M. Krawczak, U. Martini, J. Merkle, M. Niesing, R. Plaga, C. Tiemann, and H. Vinck: "A cryptographic biometric authentication system based on genetic fingerprints", in Proceedings of Sicherheit 2008: Sicherheit, Schutz und Zuverlässigkeit. Lecture Notes in Informatics (LNI), © Gesellschaft für Informatik e.V. (GI), P-128, ISBN 978-3-88579-222-2, S. 263-276, 2008.

Implementation of a Fuzzy Fingerprint Vault

The evaluation and practical implementation of one biometric cryptosystem – the Fuzzy Vault – was the main objective of the project BioKeyS-Multi. Here, a BioKey-System for fingerprints of multiple fingers was introduced that combines two approaches: The Fuzzy Vault links the fingerprint templates with a secret polynomial and conceals it in a set of random “chaff points”, and uses a special fingerprint comparison algorithm for additional error correction. To enhance the entropy of the biometric information, fingerprints of multiple fingers of one person were used.

Within the project BioKeyS-Multi the security capacity of this scheme was investigated. In parallel a reference implementation was developed to investigate the feasibility.

The project BioKeyS-Multi was initiated by the BSI and accomplished by an interdisciplinary group consisting of::

  • Federal Office for Information Security (BSI), Bonn, Germany
  • secunet Security Networks AG, Essen, Germany

Report:
Projekt BioKeyS-Multi: Implementierung eines Fuzzy Fingerprint Vault Version 1.1.1, 03.09.2009 (PDF, 1MB, File is accessible)

Publication:

Improvement of the Fuzzy Fingerprint Vault

The results of the project BioKeyS-Multi revealed several approaches for potential optimisations. These were investigated in the follow-up project BioKeyS-Pilot-DB I. It was shown that minutia quality filtering and enforcing a minimum number of minutia per finger in the template significantly increases recognition performance. Both optimisations are very sensitive to the respective thresholds, which must be carefully set on the basis of empirical data. Although it was not possible to achieve recognition rates required to prove the security by information theoretic arguments, a security level against existing attacks of 80 bit for three fingers and of 100 bit for 4 fingers was obtained.

The simulation of enrolment and verification indicated that this optimised scheme can be effective and efficient in practice. The process of capturing several fingers can be facilitated using multi-finger sensors. Nevertheless, the parameters need to be selected with care to reduce the error rates and effort for enrolment.

The project BioKeyS-Pilot-DB I was initiated by the BSI and accomplished by an interdisciplinary group consisting of:

  • Federal Office for Information Security (BSI), Bonn, Germany
  • secunet Security Networks AG, Essen, Germany

Report:
Projekt BioKeyS-PilotDB-Teil 1 Projektbericht, Version 1.1.1, 27.04.2010 (PDF, 1MB, File is accessible)

Publications:

Template Protection Schemes linked with Password Authentication and Investigation of Identification Scenarios

The recognition and security performance of Biometric Template Protection Schemes is limited by the entropy of biometric data, while in knowledge-based authentications it is hard for users to remember long secure passwords. Thus, the project BioKeyS-Pilot-DB II, on the one hand, combined the Fuzzy Vault Fingerprint system with additional information (PIN, Passwords) to improve both, security and recognition performance.
On the other hand, the project investigated identification scenarios and the specific challenges that occur, if such applications shall be combined with protected templates. Thus, in an interdisciplinary approach, techniques were researched that realize a fast database search over a set of protected templates. Various techniques were implemented and benchmarked on the publicly available database NIST SD14.
Finally, the project investigated the impact of the quality of minutia extraction methods, which have considerable impact on the security and robustness of template protection techniques including the Fuzzy Vault scheme. For this purpose, a semantic conformance testing methodology was applied on a NIST SD14 and NIST SD29 dataset for which dactyloscopic ground truth data (i.e. minutiae data determined by human experts) were available. The results achieved were presented at the NIST International Biometric Performance Conference (IBPC 2010).

The project BioKeyS-Pilot-DB Teil II was a research project of the BSI and accomplished by an interdisciplinary group consisting of:

  • Federal Office for Information Security (BSI), Bonn, Germany
  • Hochschule Darmstadt (HDA), Darmstadt, Germany
  • Fraunhofer Institut für Graphische Datenverarbeitung (IGD), Darmstadt, Germany
  • Rheinisch-Westfälische Technische Hochschule Aachen (RWTH), Aachen, Germany
  • Ludwig-Maximilians-Universität München (LMU), München, Germany
  • secunet Security Networks AG, Essen, Germany

Report:
Projekt BioKeyS-Pilot-DB Teil II, Abschlussbericht (PDF, 6MB, File is accessible)

Publications

  • C. Busch, U. Korte, S. Abt, C. Böhm, I. Färber, S. Fries, J. Merkle, C. Nickel, A. Nouak, A. Opel, A. Oswald, T. Seidl, B. Wackersreuther, P. Wackersreuther, X. Zhou: "BiometricTemplate Protection - Ein Bericht über das Projekt BioKeyS", In DuD – Datenschutz und Datensicherheit, Heft 3/2011, Gabler-Verlag, S. 183-191, 2011.
  • C. Böhm, I. Färber, S. Fries, U. Korte, J. Merkle, A. Oswald, T. Seidl, B. Wackersreuther, P. Wackersreuther: "Filtertechniken für geschützte biometrische Datenbanken", Proc. 14th GI Conference on Database Systems for Business, Technology, and the Web (BTW 2011), Kaiserslautern, Germany, S. 379-389, 2011.
  • X. Zhou, A. Opel, U. Korte, J. Merkle und C. Busch: "Enhanced Template Protection with Passwords for Fingerprint Recognition". in Proceddings: IWSCN 20122, 3rd International Workshop on Security and Communication Networks, ISBN: 978-82-91313-67-2, pp.67-74, 2011.
  • C. Böhm, I. Färber, S. Fries, U. Korte, J. Merkle, A. Oswald, T. Seidl, B. Wackersreuther, P. Wackersreuther: "Efficient Database Techniques for Identification with Fuzzy Vault Templates", in Proceedings of BIOSIG 2011, © Gesellschaft für Informatik e.V. (GI), P-191, ISBN 978-3-88579-285-7, pp. 115-126, 2011.

Privacy and Accuracy of Fingerprint Recognition Based on the Fuzzy Commitment Scheme

Biometric cryptosystems have been developed and reached maturity to an extent that commercial products have become available. Among the most prominent examples are constructions based on a cryptographic technique known as fuzzy commitment scheme. The aim of the project BioKeyS-Pilot-DB III was to assess the achievable level of privacy and accuracy of biometric cryptosystems for fingerprints based on the fuzzy commitment scheme.

The project first defined a general framework for the assessment of the privacy of biometric cryptosystems, which was published in a paper “A Reference Framework for the Privacy Assessment of Biometric Encryption Systems” at the BIOSIG 2010 Conference. Furthermore, approaches for the fusion of several fingers per subject were investigated in the context of biometric cryptosystems and a new fusion method was presented, which preserves the privacy properties and is also easy to implement.

Based on the framework for privacy assessment and traditional methods for determining the recognition accuracy of biometric solutions, the project assessed the potential of biometric cryptosystems for fingerprints based on the fuzzy commitment scheme considering a commercial product as an example implementation. This analysis was based on heuristic arguments and a thorough discussion of possible attacks as well as on an empirical evaluation on public and proprietary databases .

The project BioKeyS-Pilot-DB III was initiated by the BSI and accomplished by an interdisciplinary group consisting of:

  • Federal Office for Information Security (BSI), Bonn, Germany
  • priv-ID B.V., Eindhoven, Netherlands
  • secunet Security Networks AG, D-45128 Essen, Germany

Report:
Study of the Privacy and Accuracy the Fuzzy Commitment Scheme, BioKeyS III Final Report, Version 2.0 (PDF, 2MB, File is accessible)

Publication: