A Cryptanalysis of Two Cancelable Biometric Schemes Based on Index-of-Max Hashing

Ghammam, Loubna; Karabina, Koray; Lacharme, Patrick; Thiry-Atighehchi, Kevin

doi:10.1109/tifs.2020.2977533

Cited by 46 publications

(12 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Their previous works on random projection [15] [2], index-of-max hashing [16], and kernalized hashing [20] are however, susceptible to similarity-based attacks. A cryptanalysis conducted by Ghamman et al [9] also proves the vulnerability of [16].…”

Section: Review Workmentioning

confidence: 90%

Random Hash Code Generation for Cancelable Fingerprint Templates using Vector Permutation and Shift-order Process

Abdullahi,

Shuifa

2021

Preprint

View full text Add to dashboard Cite

Cancelable biometric techniques have been used to prevent the compromise of biometric data by generating and using their corresponding cancelable templates for user authentication. However, the non-invertible distance preserving transformation methods employed in various schemes are often vulnerable to information leakage since matching is performed in the transformed domain. In this paper, we proposed a non-invertible distance preserving scheme based on vector permutation and shift-order process. First, the dimension of feature vectors is reduced using kernelized principle component analysis (KPCA) prior to randomly permuting the extracted vector features. A shift-order process is then applied to the generated features in order to achieve non-invertibility and combat similarity-based attacks. The generated hash codes are resilient to different security and privacy attacks whilst fulfilling the major revocability and unlinkability requirements. Experimental evaluation conducted on 6 datasets of FVC2002 and FVC2004 reveals a high-performance accuracy of the proposed scheme better than other existing state-of-the-art schemes.

show abstract

Section: Review Workmentioning

confidence: 90%

Random Hash Code Generation for Cancelable Fingerprint Templates using Vector Permutation and Shift-order Process

Abdullahi,

Shuifa

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Ghammam et al [17] propose a constrained optimization SA against IoM hashing. The method applies inequalities as constraints to seek preimage solution.…”

Section: Related Work 21 Similarity-based Attack (Sa)mentioning

confidence: 99%

Interpretable security analysis of cancellable biometrics using constrained-optimized similarity-based attack

Wang

Dong

Jin

et al. 2021

2021 IEEE Winter Conference on Applications of Computer Vision Workshops (WACVW)

View full text Add to dashboard Cite

Cancellable biometrics (CB) intentionally distorts biometric template for security protection, and simultaneously preserving the distance/similarity for matching in the transformed domain. Despite its effectiveness, the security issues attributed to similarity preservation property of CB is underestimated. Dong et al. [BTAS'19], exploited the similarity preservation trait of CB and proposed a similarity-based attack with high successful attack rate. The similarity-based attack utilizes preimage that generated from the protected biometric template for impersonation and perform cross matching. In this paper, we propose a constrained optimization similarity-based attack (CSA), which is improved upon Dong's genetic algorithm enabled similarity-based attack (GASA). The CSA applies algorithm-specific equality or inequality relations as constraints, to optimize preimage generation. We justify the effectiveness of CSA from the supervised learning perspective. We conduct extensive experiments to demonstrate CSA against Index-of-Max (IoM) hashing with LFW face dataset. The results suggest that CSA is effective to breach IoM hashing security, and outperforms GASA remarkably. Furthermore, we reveal the correlation of IoM hash code size and the attack performance of CSA.

show abstract

“…Ghammam et al [24] 2020 IoM hashing based CB schemes [11] Reversibility, authentication, and linkability…”

Section: Linkabilitymentioning

confidence: 99%

“…It is demonstrated in [23] that the negative iris recognition scheme is vulnerable to reversibility, linkability and record multiplicity attacks. Ghammam et al [24] cryptanalyzed two CB schemes based on Index-of-Max (IoM) hashing functions proposed by Jin et al [11]. Although it is argued in [11] that both schemes are robust against reversibility and linkability attacks under the stolen-token scenario, the rigorous analysis presented in [24] showed that the two schemes are severely vulnerable to authentication and linkability attacks.…”

Section: Authenticationmentioning

confidence: 99%

On the Practicality of Local Ranking-Based Cancelable Iris Recognition

Ouda

2021

IEEE Access

View full text Add to dashboard Cite

Practical cancelable biometrics (CB) schemes should satisfy the requirements of revocability, non-invertibility, and non-linkability without deteriorating the matching accuracy of the underlying biometric recognition system. In order to bridge the gap between theory and practice, it is important to prove that new CB schemes can achieve a balance between the conflicting goals of security and matching accuracy. This paper investigates the security and accuracy trade-off of a recently proposed local ranking-based cancelable biometrics (LRCB) scheme for protecting iris-codes. First, the irreversibility of the LRCB is revisited and a new attack for reversing the LRCB transform is proposed. The proposed attack utilizes the distribution of order statistics for discrete random variables to reverse the protected rank values and obtain a close approximation of the original iris template. This ranking-inversion attack is then utilized to realize authentication, record multiplicity, and correlation attacks against the LRCB transform. Our theoretical analysis shows that the proposed reversibility attack can recover more than 95% of the original iris-code bits and the proposed correlation attack can correctly correlate two templates 100% of the time for the parameter settings that retain the recognition accuracy of the underlying iris recognition system. The validity of the proposed attacks is verified using the same iris dataset adopted by the authors of the LRCB scheme. Experimental results support our theoretical findings and demonstrate that the security properties of irreversibility and non-linkability can only be fulfilled at the expense of significant and impractical degradation of the matching accuracy.INDEX TERMS Cancelable biometrics, iris recognition, local ranking, order statistics, irreversibility, attacks via record multiplicity, linkability attack.

show abstract

A Cryptanalysis of Two Cancelable Biometric Schemes Based on Index-of-Max Hashing

Cited by 46 publications

References 21 publications

Random Hash Code Generation for Cancelable Fingerprint Templates using Vector Permutation and Shift-order Process

Random Hash Code Generation for Cancelable Fingerprint Templates using Vector Permutation and Shift-order Process

Interpretable security analysis of cancellable biometrics using constrained-optimized similarity-based attack

On the Practicality of Local Ranking-Based Cancelable Iris Recognition

Contact Info

Product

Resources

About