Privacy Weaknesses in Biometric Sketches

Simoens, Koen; Tuyls, Pim; Preneel, Bart

doi:10.1109/sp.2009.24

Cited by 140 publications

(124 citation statements)

References 21 publications

Supporting

Mentioning

123

Contrasting

Order By: Relevance

“…Boyen [1] studies the re-usability of sketches where the concern is whether multiple sketches of the same biometric data reveal sensitive information. This security model is further extended and studied by Boyen et al [2] and Simoens et al [20], where the latter work focuses more on privacy issues. Kholmatov et al [12] and Hong et al [9] demonstrate such limitations by giving correlation attacks on known schemes.…”

Section: Related Workmentioning

confidence: 99%

Secure Sketch for Multiple Secrets

Fang

Chang

2010

Applied Cryptography and Network Security

View full text Add to dashboard Cite

Abstract. Secure sketches are useful in extending cryptographic schemes to biometric data since they allow recovery of fuzzy secrets under inevitable noise. In practice, secrets derived from biometric data are seldom used alone, but typically employed in a multi-factor or a multimodality setting where multiple secrets with different roles and limitations are used together. To handle multiple secrets, we can generate a sketch for each secret independently and simply concatenate them. Alternatively, we can "mix" the secrets and individual sketches, for example, by taking the first secret as the key to encrypt the sketches of all other secrets. Hence, it is interesting to investigate how the secrets are to be mixed so as to cater for different requirements of individual secrets. We found that, by appropriate mixing, entropy loss on more important secrets (e.g., biometrics) can be "diverted" to less important ones (e.g., password or PIN), thus providing more protection to the former. On the other hand, we found that mixing may not be advisable if the amount of randomness invested in sketch construction is large, or the sketch contains high redundancy, or all secrets are of the same importance. Our analysis provides useful insights and guidelines in the applications of secure sketches in biometric systems.

show abstract

Section: Related Workmentioning

confidence: 99%

Secure Sketch for Multiple Secrets

Fang

Chang

2010

Applied Cryptography and Network Security

View full text Add to dashboard Cite

show abstract

“…The aim of a biometric cryptosystem, which features the n-indistinguishability attribute as defined by Simoens et al [12] is that no adversary has a significant advantage over random guessing in determining whether n sketches {P 1 , P 2 , · · · P n } are related or not.…”

Section: Function Used During Verification That Given a Word X And Anmentioning

confidence: 99%

“…Simoens et al [12] model n-indistinguishability as a game where it is assumed that an adversary has obtained a database of protected biometric references and wants to find the sketches that are related to the reference he holds. As it is the customary in cryptography, the adversary is assumed to know all algorithms used to protect the biometric references.…”

Section: Function Used During Verification That Given a Word X And Anmentioning

confidence: 99%

“…2-INDISTINGUISHABILITY (Simoens et al [12]). For completeness, we give the description of the game, for two sketches (n = 2) below.…”

Section: Function Used During Verification That Given a Word X And Anmentioning

confidence: 99%

“…Firstly, we present a technique, which allows an adversary to match a protected biometric references generated using a continuous method, e.g., Quantization Index Modulation, (QIM) proposed by Linnartz and Tuyls [9] and extended by Buhan et al [2]. Secondly, we quantify indistinguishability by means of the indistinguishability game proposed by Simoens et al [12], and the limitations of this approach are outlined. Thirdly, an alternative, practical evaluation to quantify indistinguishability is described and results for real-world biometric data are provided based on the MCYT fingerprint database.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Quantitative Analysis of Indistinguishability for a Continuous Domain Biometric Cryptosystem

Buhan

Breebaart

Guajardo

et al. 2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Biometric information is regarded as highly sensitive information and therefore encryption techniques for biometric information are needed to address security and privacy requirements of biometric information. Most security analyses for these encryption techniques focus on the scenario of one user enrolled in a single biometric system. In practice, biometric systems are deployed at different places and the scenario of one user enrolled in many biometric systems is closer to reality. In this scenario, cross-matching (tracking users enrolled in multiple databases) becomes an important privacy threat. To prevent such cross-matching, various methods to create renewable and indistinguishable biometric references have been published. In this paper, we investigate the indistinguishability or the protection against cross-matching of a continuous-domain biometric cryptosystem, the QIM. In particular our contributions are as follows. Firstly, we present a technique, which allows an adversary to decide whether two protected biometric reference data come from the same person or not. Secondly, we quantify the probability of success of an adversary who plays the indistinguishability game and thirdly, we compare the probability of success of an adversary to the authentication performance of the biometric system for the MCYT fingerprint database. The results indicate that although biometric cryptosystems represent a step in the direction of privacy enhancement, we are not there yet.

show abstract

A face template protection approach using chaos and GRP permutation

Nazari

Moin

Kanan

2016

Security Comm Networks

View full text Add to dashboard Cite

In biometric systems, template protection is a vital issue for preventing from identity theft. Fuzzy commitment scheme is a template cryptographic method providing secure templates by binding a uniform random key to a template. Fuzzy commitment scheme suffers from its lacks in privacy, in cancelability, and also in robustness against cross-matching attacks. To improve both the security and cancelability properties simultaneously, we present a novel template protection approach for face recognition systems based on fuzzy commitment scheme, permutated features, and chaos symmetric key. To permute feature vectors, we produce pseudo random numbers by using nonlinear chaos function to fill the control array of GRP permutation method. Even if the permutated template is compromised, it is possible to substitute it with a new permutated template by changing the initial conditions of chaos map. To evaluate our proposed approach, a series of experiments have been conducted on two well-known face databases ORL and Yale. We showed that the new feature permutation leads to more secure protected templates against decodability based on cross-matching attacks. The experimental results also showed that our proposed approach outperforms existing fuzzy commitment methods both in security and privacy aspects without influencing the accuracy.

show abstract

Privacy Weaknesses in Biometric Sketches

Cited by 140 publications

References 21 publications

Secure Sketch for Multiple Secrets

Secure Sketch for Multiple Secrets

A Quantitative Analysis of Indistinguishability for a Continuous Domain Biometric Cryptosystem

A face template protection approach using chaos and GRP permutation

Contact Info

Product

Resources

About