Ensemble Performance of Biometric Authentication Systems Based on Secret Key Generation

Merhav, Neri

doi:10.1109/tit.2018.2873132

Cited by 7 publications

(12 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The problem setting is similar to the one in [9], but with a few small differences, mainly related to the fact that here, in contrast to [9], we allow variable-rate binning codes.…”

Section: A Problem Settingmentioning

confidence: 99%

“…For the FA probability, the exact best achievable error exponent was characterized, and finally, more refined upper bounds for privacy leakage and the secrecy leakage were derived. This paper is a further development of [9], where the focus is on the trade-off between the FA error exponent and the FR error exponent. In the design of the helper message encoder, the following conflict arises: on the one hand, it is desirable that the helper message W would be informative enough about S, such that in the presence of Y , the identity of the legitimate subscriber will be approved with high probability.…”

mentioning

confidence: 99%

“…But on the other hand, it is also desired that in the absence of Y , the helper message would tell as little as possible about S, in order to make it difficult for imposters to access the system. Indeed, the converse theorem in [9,Theorem 5] is based on the assumption that every type class of source sequences {X}, is mapped, by the helper-message encoder, to as many different helper messages {W } as possible, thus making it as close as possible to be a one-to-one mapping, or in other words, making W is "as informative as possible" about the source vector X, and hence also about the secret key S, generated from X. This is good for achieving a small FR probability (or, equivalently, a large FR error exponent), at the expense of a limitation on the achievable FA exponent.…”

mentioning

confidence: 99%

“…To this end, we first derive an expression of the FR random coding error exponent as a function of the desired FA error exponent for fixed-rate binning. This is a relatively straightforward manipu-lation of the results of [9], but it will serve as a reference result. The more interesting part, however, is about extending the scope to the ensemble of variable-rate random binning codes, whose rate function depends on the source vector only via its type (similarly as in [12] and [3]).…”

mentioning

confidence: 99%

“…On a technical note, it should be pointed out that while in [9], the error exponent expressions are provided in the Csiszár-style formulation (i.e., minimizations of certain functionals of information measures over probability distributions), here we pass to Gallager-style formulations (i.e., maximizations of functions of relatively few parameters). The reasons for our interest in Gallagerstyle expressions are that they lend themselves more conveniently to numerical calculations (see the discussion after Theorem 1 below, for more details), and that they may be of independent interest on their own right.…”

mentioning

confidence: 99%

See 4 more Smart Citations

False-Accept/False-Reject Trade-Offs for Ensembles of Biometric Authentication Systems

Merhav

2019

IEEE Trans. Inform. Theory

Self Cite

View full text Add to dashboard Cite

Biometric authentication systems, based on secret key generation, work as follows. In the enrollment stage, an individual provides a biometric signal that is mapped into a secret key and a helper message, the former being prepared to become available to the system at a later time (for authentication), and the latter is stored in a public database. When an authorized user requests authentication, claiming his/her identity to be one of those of the subscribers, he/she has to provide a biometric signal again, and then the system, which retrieves also the helper message of the claimed subscriber, produces an estimate of the secret key, that is finally compared to the secret key of the claimed user. In case of a match, the authentication request is approved, otherwise, it is rejected.Evidently, there is an inherent tension between two desired, but conflicting, properties of the helper message encoder: on the one hand, the encoding should be informative enough concerning the identity of the real subscriber, in order to approve him/her in the authentication stage, but on the other hand, it should not be too informative, as otherwise, unauthorized imposters could easily fool the system and gain access. A good encoder should then trade off the two kinds of errors: the false reject (FR) error and the false accept (FA) error.In this work, we investigate trade-offs between the random coding FR error exponent and the best achievable FA error exponent. We compare two types of ensembles of codes: fixed-rate codes and variable-rate codes, and we show that the latter class of codes offers considerable improvement compared to the former. In doing this, we characterize optimal rate functions for both types of codes. We also examine the effect of privacy leakage constraints for both fixed-rate codes and variable-rate codes.Index Terms: biometric systems, secret sharing, error exponents, random binning, fixed-length, variable-length, privacy leakage.We consider a biometric authentication system which is based on the one described in [6, Sections 2.2-2.6], and on the notion of secret key generation and sharing of Maurer [7] and Ahlswede and Csiszár [1], [2]. In particular, this system works in the following manner. In the enrollment phase, a person that subscribes to the system, feeds it with a biometric signal, X = (X 1 , X 2 , . . . , X n ).The system then responds by generating (using its encoder) two outputs. The first is a secret key, S, at rate R s and the second is a helper message, W , at rate R w . The secret key will be used by the system later, at the authentication stage and the helper message is saved in a database. When an authorized user (a subscriber) wishes to sign in, claiming to be one of the subscribers that have already enrolled, he/she is requested to provide again his/her biometric signal, Y = (Y 1 , . . . , Y n ) (correlated to X, if indeed from the same person, or independent, otherwise). The system then retrieves the helper message W of the claimed subscriber from the database, and responds (using its decoder...

show abstract

“…The problem setting is similar to the one in [9], but with a few small differences, mainly related to the fact that here, in contrast to [9], we allow variable-rate binning codes.…”

Section: A Problem Settingmentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations