Advertisement

A Quantitative Analysis of Indistinguishability for a Continuous Domain Biometric Cryptosystem

  • Ileana Buhan
  • Jeroen Breebaart
  • Jorge Guajardo
  • Koen de Groot
  • Emile Kelkboom
  • Ton Akkermans
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5939)

Abstract

Biometric information is regarded as highly sensitive information and therefore encryption techniques for biometric information are needed to address security and privacy requirements of biometric information. Most security analyses for these encryption techniques focus on the scenario of one user enrolled in a single biometric system. In practice, biometric systems are deployed at different places and the scenario of one user enrolled in many biometric systems is closer to reality. In this scenario, cross-matching (tracking users enrolled in multiple databases) becomes an important privacy threat. To prevent such cross-matching, various methods to create renewable and indistinguishable biometric references have been published. In this paper, we investigate the indistinguishability or the protection against cross-matching of a continuous-domain biometric cryptosystem, the QIM. In particular our contributions are as follows. Firstly, we present a technique, which allows an adversary to decide whether two protected biometric reference data come from the same person or not. Secondly, we quantify the probability of success of an adversary who plays the indistinguishability game and thirdly, we compare the probability of success of an adversary to the authentication performance of the biometric system for the MCYT fingerprint database. The results indicate that although biometric cryptosystems represent a step in the direction of privacy enhancement, we are not there yet.

Keywords

Equal Error Rate Quantization Step Biometric Data Biometric System False Acceptance Rate 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Buhan, I.R., Doumen, J., Hartel, P.H., Veldhuis, R.N.J.: Fuzzy extractors for continuous distributions. In: Deng, R., Samarati, P. (eds.) Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS), Singapore, pp. 353–355. ACM, New York (2007)CrossRefGoogle Scholar
  2. 2.
    Buhan, I.R., Doumen, J., Hartel, P.H., Veldhuis, R.N.J.: Embedding renewable cryptographic keys into continuous noisy data. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 294–310. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Chen, B., Wornell, G.W.: Quantization index modulation methods for digital watermarking and information embedding of multimedia. The Journal of VLSI Signal Processing 27(1-2), 7–33 (2001)zbMATHCrossRefGoogle Scholar
  4. 4.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)Google Scholar
  5. 5.
    Duda, R.O., Hart, P.E., Stork, D.G.: Pattern Classification, 2nd edn. Wiley-Interscience, Hoboken (2000)Google Scholar
  6. 6.
    Jain, A.K., Nandakumar, K., Nagar, A.: Biometric template security. Journal on Advances in Signal Processing (EURASIP) 2008, 17 (2008)Google Scholar
  7. 7.
    Kelkboom, E., Garcia Molina, G., Breebaart, J., Kevenaar, T.A.M., Veldhuis, R.N.J., Jonker, W.: Binary biometrics: An analytic framework to estimate the performance curves under gaussian assumptions. IEEE Transactions on Systems, Man and Cybernetics (to appear, 2009)Google Scholar
  8. 8.
    Li, Q., Sutcu, Y., Memon, N.: Secure sketch for biometric templates. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 99–113. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Linnartz, J.P., Tuyls, P.: New shielding functions to enhance privacy and prevent misuse of biometric templates. In: Kittler, J., Nixon, M.S. (eds.) AVBPA 2003. LNCS, vol. 2688, pp. 393–402. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Ortega-Garcia, J., Fierrez-Aguillar, J., Simon, D., Gonzalez, J., Faundez-Zanuy, M., Espinosa, V., Satue, A., Hernaez, I., Igarza, J.-J., Vivaracho, C., Escudero, D., Moro, Q.-I.: Myct baseline corpus: a bimodal biometric database. In: IEEE Proceedings on Vision, Image and Signal Processing, Special Issue on Biometrics on the Internet, vol. 150, pp. 395–401. IEEE Computer Society Press, Los Alamitos (2003)Google Scholar
  11. 11.
    ISO/IEC JTC1 SC27. CD 24745 - information security - biometric template protectionGoogle Scholar
  12. 12.
    Simoens, K., Tuyls, P., Preneel, B.: Privacy weakness in biometric sketches. In: IEEE Symposium on Security and Privacy, Oakland, California, USA (May 2009)Google Scholar
  13. 13.
    Tuyls, P., Akkermans, A., Kevenaar, T., Schrijen, G., Bazen, A., Veldhuis, R.: Practical biometric authentication with template protection. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 436–446. Springer, Heidelberg (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Ileana Buhan
    • 1
  • Jeroen Breebaart
    • 1
  • Jorge Guajardo
    • 1
  • Koen de Groot
    • 1
  • Emile Kelkboom
    • 1
  • Ton Akkermans
    • 1
  1. 1.Philips Research LaboratoriesEindhovenThe Netherlands

Personalised recommendations