A Genetic Algorithm Enabled Similarity-Based Attack on Cancellable Biometrics

Biometric recognition has the potential to authenticate individuals by an intrinsic link between the individual and their physical, physiological and/or behavioral characteristics. This leads a higher security level than the authentication solely based on knowledge or possession. One of the reasons why biometrics is not completely accepted is the lack of trust in the storage of biometric templates in external servers. Biometric data are sensitive data which should be protected as is contemplated in the data protection regulation of many countries. In this work, we propose the use of biometric Learning Parity With Noise (LPN) commitments as template protection scheme. To the best of our knowledge, this is the first proposal for biometric template protection based on the LPN problem (that is, the difficulty of decoding random linear codes), which offers post-quantum security. Biometric features are compared in the protected domain. Irreversibility, revocability, and unlinkability properties are satisfied as well as resistance to False Acceptance Rate (FAR), crossmatching, Stolen Token, and similarity-based attacks. A recognition accuracy with a 0% FAR is achieved, because user-specific secret keys are employed, and the False Rejection Ratio (FRR) can be adjusted depending on a threshold to preserve the accuracy of the unprotected scheme in the Stolen Token scenario. A good performance in terms of execution time, template storage and operation complexity is obtained for security levels at least of 80 bits. The proposed scheme is employed in a dual-factor authentication protocol from the literature to illustrate how it provides security using authentication and database (cloud) servers that can be malicious. The proposed LPN-based protected scheme can be applied to any biometric trait represented by binary features and any matching score based on Hamming or Jaccard distances. In particular, experimental results are included of a practical finger vein-based recognition system implemented in Matlab.

Section: Introductionmentioning

confidence: 54%

Section: Introductionmentioning

confidence: 99%

A Post-Quantum Biometric Template Protection Scheme Based on Learning Parity With Noise (LPN) Commitments

Arjona

Baturone

2020

“…They also demonstrated that the irreversibility of both schemes is overestimated. Moreover, Wang et al [25] proposed a constrained optimization similarity-based attack (CSA) based on a genetic algorithm enabled similarity-based attack originally proposed in [26] and demonstrated its effectiveness in breaching IoM This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ This article has been accepted for publication in a future issue of this journal, but has not been fully edited.…”

Section: Authenticationmentioning

confidence: 99%

“…For instance, the authors of some CB schemes demonstrate the security properties of their methods under specific transformation parameter settings and show the commitment of their methods to the recognition accuracy preservation under different parameter settings. Several recent studies [15]- [26] showed that the security of many CB schemes against invertibility and linkability attacks are overestimated or cannot be assured without significant de-terioration in recognition accuracy. Therefore, analyzing the security properties of recent CB schemes is of paramount importance in order to assess the suitability of adopting such schemes in practical applications.…”

Section: Introductionmentioning

confidence: 99%

On the Practicality of Local Ranking-Based Cancelable Iris Recognition

Ouda

2021

Practical cancelable biometrics (CB) schemes should satisfy the requirements of revocability, non-invertibility, and non-linkability without deteriorating the matching accuracy of the underlying biometric recognition system. In order to bridge the gap between theory and practice, it is important to prove that new CB schemes can achieve a balance between the conflicting goals of security and matching accuracy. This paper investigates the security and accuracy trade-off of a recently proposed local ranking-based cancelable biometrics (LRCB) scheme for protecting iris-codes. First, the irreversibility of the LRCB is revisited and a new attack for reversing the LRCB transform is proposed. The proposed attack utilizes the distribution of order statistics for discrete random variables to reverse the protected rank values and obtain a close approximation of the original iris template. This ranking-inversion attack is then utilized to realize authentication, record multiplicity, and correlation attacks against the LRCB transform. Our theoretical analysis shows that the proposed reversibility attack can recover more than 95% of the original iris-code bits and the proposed correlation attack can correctly correlate two templates 100% of the time for the parameter settings that retain the recognition accuracy of the underlying iris recognition system. The validity of the proposed attacks is verified using the same iris dataset adopted by the authors of the LRCB scheme. Experimental results support our theoretical findings and demonstrate that the security properties of irreversibility and non-linkability can only be fulfilled at the expense of significant and impractical degradation of the matching accuracy.INDEX TERMS Cancelable biometrics, iris recognition, local ranking, order statistics, irreversibility, attacks via record multiplicity, linkability attack.

“…Inspired by these characteristics, many biometric protection scheme algorithms have been proposed in the field of cancellable biometric recognition [25]- [27]. However, the security problems must be considered and the bloom filter-based has been cracked as reported in [28]. During design the biometric protection scheme, biometric feature type is one vital factor, such as binary code, real number vector.…”

Section: Related Workmentioning

confidence: 99%

One-Factor Cancellable Palmprint Recognition Scheme Based on OIOM and Minimum Signature Hash

Wang

2019

The traditional Cancellable biometrics scheme needs another key or token to generate the revocable template, which usually suffers from the token-stolen problem. To solve this problem, a one-factor cancellable palmprint biometric recognition scheme based on Orthogonal Index of Maximum (OIOM) hash and Minimum Signature Hash (MSH) is proposed to generate pseudonymous identifier. Firstly, to improve the efficiency and effectiveness, a parallel structure is designed to obtain Orthogonal Gaussian random projection(GRP)matrices, which is employed to generate the OIOM hash code. Secondly, a random binary string is XOR the binary OIOM hash code to construct the helper data and it is stored in the database. Meanwhile, this string is hashed by MSH to get the final pseudonymous identifier. Lastly, during matching stage, based on helper data and a palmprint images, another pseudonymous identifier is generated to recognition. This implies that, just one factor, a palmprint of user, is needed in the matching stage, and therefore the privacy of user is preserved. To evaluate the proposed scheme, PolyU database and touchless TJU database are used in experiments. The noninvertible, renewability, unlinkability and several security attacks of the proposed scheme are analyzed. The experiment results and analysis show that the proposed scheme has strong security on the basis of maintaining palmprint recognition performance.INDEX TERMS Biometric recognition, cancellable palmprint feature, orthogonal index of maximum, minimum signature hash.