Privacy-Enhancing Fingerprint Authentication Using Cancelable Templates with Passwords

  • Daesung Moon
  • Sungju Lee
  • Seunghwan Jung
  • Yongwha Chung
  • Okyeon Yi
  • Namil Lee
  • Kiyoung Moon
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4298)


Biometric based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as compromise of the data will be permanent. Cancelable biometrics store a non–invertible transformed version of the biometric data. Thus, even if the storage is compromised, the biometric data remains safe. Cancelable biometrics also provide a higher level of privacy by allowing many templates for the same biometric data and hence non-linkability of user’s data stored in different databases. In this paper, we propose an approach for cancelable fingerprint templates by using the idea of fuzzy vault. By integrating the fuzzy fingerprint vault with the existing password-based authentication system, we can use a different “long and random” password for each application, and the fuzzy fingerprint vault can be changed by simply changing the password.


Crypto-Biometric Privacy Cancelable Template Fuzzy Vault 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Maltoni, D., et al.: Handbook of Fingerprint Recognition. Springer, Heidelberg (2003)zbMATHGoogle Scholar
  2. 2.
    Bolle, R., Connell, J., Ratha, N.: Biometric Perils and Patches. Pattern Recognition 35, 2727–2738 (2002)zbMATHCrossRefGoogle Scholar
  3. 3.
    Prabhakar, S., Pankanti, S., Jain, A.: Biometric Recognition: Security and Privacy Concerns. IEEE Security and Privacy, 33-42 (2003)Google Scholar
  4. 4.
    Moon, D., et al.: An Efficient Selective Encryption of Fingerprint Images for Embedded Processors. ETRI Journal 28(4), 444–452 (2006)Google Scholar
  5. 5.
    Uludag, U., et al.: Biometric Cryptosystems: Issues and Challenges: Principals and Practice. Proc. of IEEE 92(6), 948–960 (2004)CrossRefGoogle Scholar
  6. 6.
    Schneier, B.: The Uses and Abuses of Biometrics. Communications of the ACM 42(8), 136 (1999)CrossRefGoogle Scholar
  7. 7.
    Monrose, F., Reiter, M., Wetzel, S.: Password Hardening based on Keystroke Dynamics. In: Proc. of ACM Conf. on Computer and Comm. Security, pp. 73–82. ACM Press, New York (1999)CrossRefGoogle Scholar
  8. 8.
    Davida, G., Frankel, Y., Matt, B.: On Enabling Secure Applications through Off-Line Biometric Identification. In: Proc. of Symp. on Privacy and Security, pp. 148–157 (1998)Google Scholar
  9. 9.
    Ratha, N., Connel, J., Bolle, R.: Enhancing Security and Privacy in Biometrics-based Authentication Systems. IBM Systems Journal 40(3), 614–634 (2001)CrossRefGoogle Scholar
  10. 10.
    Cambier, J., et al.: Application-Specific Biometric Templates. In: Proc. of AutoID, pp. 167–171 (2002)Google Scholar
  11. 11.
    Ang, R., Safavi-Naini, R., McAven, L.: Cancelable Key-Based Fingerprint Templates. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 242–252. Springer, Heidelberg (2005)Google Scholar
  12. 12.
    Savvides, M., Kumar, B., Khosla, P.: Cancelable Biometric Filters for Face Recognition. In: Proc. of ICPR, pp. 922–925 (2004)Google Scholar
  13. 13.
    Soutar, C., et al.: Biometric Encryption – Enrollment and Verification Procedures. In: Proc. SPIE, vol. 3386, pp. 24–35 (1998)Google Scholar
  14. 14.
    Juels, A., Sudan, M.: A Fuzzy Vault Scheme. In: Proc. of Symp. on Information Theory, p. 408 (2002)Google Scholar
  15. 15.
    Clancy, T., Kiyavash, N., Lin, D.: Secure Smartcard-based Fingerprint Authentication. In: Proc. of ACM SIGMM Multim., Biom. Met. & App., pp. 45–52. ACM Press, New York (2003)Google Scholar
  16. 16.
    Uludag, U., Pankanti, S., Jain, A.: Fuzzy Vault for Fingerprints. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 310–319. Springer, Heidelberg (2005)Google Scholar
  17. 17.
    Wolfson, H., Rigoutsos, I.: Geometric Hashing: an Overview. IEEE Computational Science and Engineering 4, 10–21 (1997)CrossRefGoogle Scholar
  18. 18.
    Jain, A.K., Hong, L., Pankanti, S., Bolle, R.: An Identity Authentication System using Fingerprints. Proceedings of the IEEE 85(9), 1365–1388 (1997)CrossRefGoogle Scholar
  19. 19.
    Chung, Y., et al.: Automatic Alignment of Fingerprint Features for Fuzzy Fingerprint Vault. In: Feng, D., Lin, D., Yung, M. (eds.) CISC 2005. LNCS, vol. 3822, pp. 358–369. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Ahn, D., et al.: Specification of ETRI Fingerprint Database (in Korean). Technical Report – ETRI (2002)Google Scholar

Copyright information

© Springer Berlin Heidelberg 2007

Authors and Affiliations

  • Daesung Moon
    • 1
    • 2
  • Sungju Lee
    • 2
  • Seunghwan Jung
    • 2
  • Yongwha Chung
    • 2
  • Okyeon Yi
    • 3
  • Namil Lee
    • 4
  • Kiyoung Moon
    • 1
  1. 1.Biometrics Technology Research Team, EtriKorea
  2. 2.Department of Computer and Information Science, Korea UniversityKorea
  3. 3.Department of Mathematics, Kookmin UniversityKorea
  4. 4.Fingerprint Business Division, TestechKorea

Personalised recommendations