Abstract
The use of biometric systems is becoming an important solution to replace traditional authentication. However, biometric systems are vulnerable to attacks. When biometric data is compromised, unlike a password, it can’t be changed. Therefore, the security of biometrics models is essential in designing an authentication system. To achieve this protection of biometric models, two categories of approaches are proposed in the literature, namely, methods based on transformation of characteristics and biometric cryptosystems. For the first type of approaches, a study is made to assess the security of biometric systems. In biometric cryptosystems the realized works are hampered by the lack of formal security analysis. Hence the purpose of this paper is to propose standard criteria for a formal security analysis of biometric cryptosystems. The proposed measures take into account the specific effect of key binding cryptosystems. The security analysis is illustrated by experiments on the techniques of Fuzzy Commitment and Fuzzy Vault which we use in this work for the protection of biometric face recognition system. Our analysis indicates that both techniques are vulnerable to intrusion and binding attacks because of the ease of obtaining the user’s model using the elements known to the attacker.
Chapter PDF
Similar content being viewed by others
References
Ratha, N.K., Connell, J.H., Bolle, R.M.: An Analysis of Minutiae Matching Strength. In: Bigun, J., Smeraldi, F. (eds.) AVBPA 2001. LNCS, vol. 2091, pp. 223–228. Springer, Heidelberg (2001)
Nagar, A.: Secure Biometric Recognition. In: PRIP Seminar (2008)
Nagar, A., Nandakumar, K., Jain, A.K.: A hybrid biometric cryptosystem for securing fingerprint minutiae models. Elsevier Pattern Recognition Letters (2010)
Nagar, A., Nandakumar, K., Jain, A.K.: Biometric Model Transformation: A Security analysis. SPIE (2010)
Jain, A.K., Nandakumar, K., Nagar, A.: Biometric Model Security. Eurasip Journal (2008)
Uludag, U., Pankanti, S., Prabhakar, S., Jain A.: Biometric cryptosystems: Issues and challenges, pp. 948–960. IEEE (2004)
Hao, F., Anderson, R., Daugman, J.: Combining crypto with biometrics effectively. IEEE Trans. Comput., 1081–1088 (2006)
Li, Q., Sutcu, Y., Memon, N.: Secure Sketch for Biometric Templates. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 99–113. Springer, Heidelberg (2006)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, pp. 523–540. Springer (2004)
Juels, A., Wattenberg, M.: A Fuzzy Commitment Scheme. In: Sixth ACM Conference on Computer and Communications Security, Singapore, pp. 28–36 (1999)
Juels, A., Sudan, M.: A Fuzzy Vault Scheme. In: IEEE International Symposium on Information Theory, Lausanne, Switzerland (2002)
Adair, K.L., Parthasaradhi, S.T.V., Kennedy., J.: Real World Evaluation: Avoiding Pitfalls of Fingerprint System Deployments. BiometricsIndia Expo. (2008)
Gu, S., Tan, Y., He, X.: Laplacian Smoothing Transform for Face Recognition, pp. 2415–2428. Springer (2010)
Khan, A., Farooq, H.: Principal Component Analysis-Linear Discriminant Analysis Feature Extractor for Pattern Recognition. International Journal of Computer Science Issues (IJCSI) 8(6) (2011)
Moujahdi, C., Ghouzali, S., Mikram, M., Abdul, W., Rziza, M.: Inter-communication classification for Multi-view Face Recognition. In: The 4th International Conference on Multimedia Computing and Systems (ICMCS), Tangier, Morocco (2012)
Gu, S., Tan, Y., He, X.: Discriminant Analysis via Support Vectors. Neurocomputing (2010)
Bellhumer, P.N., Hespanha, J., Kriegman, D.: Eigenfaces vs. fisherfaces: Recognition using class specific linear projection. IEEE Trans. Patt. Anal. and Mach. Intel. Special Issue on Face Recognition, 711–720 (1997)
MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. North Holland (1977)
Schneider, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn. Wiley, New York (1996)
Fawcet, T.: ROC Graphs: Notes and Practical Considerations for Researchers. HP Laboratories, 1143–1501 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lafkih, M., Mikram, M., Ghouzali, S., El Haziti, M. (2012). Security Analysis of Key Binding Biometric Cryptosystems. In: Elmoataz, A., Mammass, D., Lezoray, O., Nouboud, F., Aboutajdine, D. (eds) Image and Signal Processing. ICISP 2012. Lecture Notes in Computer Science, vol 7340. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31254-0_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-31254-0_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31253-3
Online ISBN: 978-3-642-31254-0
eBook Packages: Computer ScienceComputer Science (R0)