Biometric Authentication Systems based on Biometric Template Protection Schemes
An important aspect to consider when designing and implementing biometric systems is the privacy of the stored biometric reference information. The standard “ISO/IEC 24745 – Information technology – Security techniques – Biometric information protection” lists several methods for biometric template protection. Biometric encryption – also known as biometric cryptosystems – is an important class of methods, which aims at protecting the biometric reference information without the need to store secret information such as cryptographic keys. Biometric encryption allows biometric authentication using reference data that does not reveal the original biometric information.
An overview of the state of the art in biometric template protection is provided in the final project report of BioKeyS Pilot-DB Teil II. This report also includes a summary of the standardisation activities in this field – namely the ISO/IEC 24745 – and the framework that was contributed to the standard by the European Integrated Project TURBINE.
In the first project of the BioKeyS project series, a biometric cryptosystem using genetic fingerprints was specified. A detailed security analysis was presented based on estimates of the entropy of the DNA data and formal security results on the underlying Fuzzy Commitment Scheme. The resulting scheme was shown to be robust and efficient by analysing the typical frequency and structure of errors in DNA (deoxyribonucleic acid) measurements and selecting appropriate error correcting codes. As a result, a security level was obtained equivalent to cryptographic keys with 73 bits and a False Reject Rate (FRR) well below 1%.
The project BioKeyS-DNA was initiated by the BSI and accomplished by an interdisciplinary group consisting of:
The following report finalises this project:
A cryptographic biometric authentication system based on genetic fingerprints (PDF, 412KB, File does not meet accessibility standards)
The evaluation and practical implementation of one biometric cryptosystem – the Fuzzy Vault – was the main objective of the project BioKeyS-Multi. Here, a BioKey-System for fingerprints of multiple fingers was introduced that combines two approaches: The Fuzzy Vault links the fingerprint templates with a secret polynomial and conceals it in a set of random “chaff points”, and uses a special fingerprint comparison algorithm for additional error correction. To enhance the entropy of the biometric information, fingerprints of multiple fingers of one person were used.
Within the project BioKeyS-Multi the security capacity of this scheme was investigated. In parallel a reference implementation was developed to investigate the feasibility.
The project BioKeyS-Multi was initiated by the BSI and accomplished by an interdisciplinary group consisting of::
The results of the project BioKeyS-Multi revealed several approaches for potential optimisations. These were investigated in the follow-up project BioKeyS-Pilot-DB I. It was shown that minutia quality filtering and enforcing a minimum number of minutia per finger in the template significantly increases recognition performance. Both optimisations are very sensitive to the respective thresholds, which must be carefully set on the basis of empirical data. Although it was not possible to achieve recognition rates required to prove the security by information theoretic arguments, a security level against existing attacks of 80 bit for three fingers and of 100 bit for 4 fingers was obtained.
The simulation of enrolment and verification indicated that this optimised scheme can be effective and efficient in practice. The process of capturing several fingers can be facilitated using multi-finger sensors. Nevertheless, the parameters need to be selected with care to reduce the error rates and effort for enrolment.
The project BioKeyS-Pilot-DB I was initiated by the BSI and accomplished by an interdisciplinary group consisting of:
The recognition and security performance of Biometric Template Protection Schemes is limited by the entropy of biometric data, while in knowledge-based authentications it is hard for users to remember long secure passwords. Thus, the project BioKeyS-Pilot-DB II, on the one hand, combined the Fuzzy Vault Fingerprint system with additional information (PIN, Passwords) to improve both, security and recognition performance.
On the other hand, the project investigated identification scenarios and the specific challenges that occur, if such applications shall be combined with protected templates. Thus, in an interdisciplinary approach, techniques were researched that realize a fast database search over a set of protected templates. Various techniques were implemented and benchmarked on the publicly available database NIST SD14.
Finally, the project investigated the impact of the quality of minutia extraction methods, which have considerable impact on the security and robustness of template protection techniques including the Fuzzy Vault scheme. For this purpose, a semantic conformance testing methodology was applied on a NIST SD14 and NIST SD29 dataset for which dactyloscopic ground truth data (i.e. minutiae data determined by human experts) were available. The results achieved were presented at the NIST International Biometric Performance Conference (IBPC 2010).
The project BioKeyS-Pilot-DB Teil II was a research project of the BSI and accomplished by an interdisciplinary group consisting of:
Biometric cryptosystems have been developed and reached maturity to an extent that commercial products have become available. Among the most prominent examples are constructions based on a cryptographic technique known as fuzzy commitment scheme. The aim of the project BioKeyS-Pilot-DB III was to assess the achievable level of privacy and accuracy of biometric cryptosystems for fingerprints based on the fuzzy commitment scheme.
The project first defined a general framework for the assessment of the privacy of biometric cryptosystems, which was published in a paper “A Reference Framework for the Privacy Assessment of Biometric Encryption Systems” at the BIOSIG 2010 Conference. Furthermore, approaches for the fusion of several fingers per subject were investigated in the context of biometric cryptosystems and a new fusion method was presented, which preserves the privacy properties and is also easy to implement.
Based on the framework for privacy assessment and traditional methods for determining the recognition accuracy of biometric solutions, the project assessed the potential of biometric cryptosystems for fingerprints based on the fuzzy commitment scheme considering a commercial product as an example implementation. This analysis was based on heuristic arguments and a thorough discussion of possible attacks as well as on an empirical evaluation on public and proprietary databases .
The project BioKeyS-Pilot-DB III was initiated by the BSI and accomplished by an interdisciplinary group consisting of: