• No results found

Three Factor Scheme for Biometric-Based Cryptographic Key Regeneration Using Iris

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Three Factor Scheme for Biometric-Based Cryptographic Key Regeneration Using Iris"

Copied!
19
0
0

Loading.... (view fulltext now)

Download now ( 19 Page )

Full text

(1)

Three Factor Scheme for

Biometric-Based

Cryptographic Key

Regeneration Using Iris

Sanjay KANADE, Danielle CAMARA, Emine KRICHEN,

Dijana PETROVSKA-DELACRÉTAZ, and Bernadette DORIZZI

TELECOM & Management SudParis

Evry, France

Last Updated 17th September, 2008

This work was funded by the

(2)

Outline

• Why Combine Biometrics with Cryptography

• State of the art

• Existing works based on iris

• Iris Code Matching as Error Correction Problem

• Iris Code Shuffling

• Increasing Error Correction Capability of Hadamard

Code

• Experimental Results

• Security Analysis

(3)

Why Combine Biometrics with

Cryptography

• Shortcomings of Biometrics:

– Biometric data is noisy

– Lack of revocability: - Biometric templates once

stolen/compromised cannot be replaced and new

template cannot be issued

– No template diversity

• Shortcomings of Cryptography:

– Easy to guess and can be stolen

– No strong link between authenticator & user

identity

(4)

State of the Art

Three main categories:

• Protecting biometrics and adding revocability

to biometrics – e.g. cancelable biometrics,

etc.

• Cryptographic key generation from biometrics

– e.g. Hardened password, Fuzzy extractors,

etc.

• Cryptographic key regeneration using

biometrics – e.g. fuzzy vault, fuzzy

(5)

Existing Works on

Key Regeneration Using Iris

• Hao et al. scheme

– Uses Reed-Solomon and Hadamard codes for correcting

errors in iris codes

– 25% error correction is possible

– Cannot change error correction capability of Hadamard

codes

– For comparatively noisy databases (like ICE), this scheme

cannot work because many genuine comparisons have

Hamming distance greater than 25%

• Bringer et al. scheme

– Reed-Muller and Product codes are used

(6)

Iris Code Matching as Error

Correction Problem

Noisy

Communication Channel

Data Encoder

Data Decoder

K

K’

Noise causing elements

Iris Code 1

Iris Code 2

• Variations in iris codes are treated as errors and are corrected by the

decoder.

• Error correcting capacity of the decoder should be such that it can

separate genuine users from impostors

(7)

Schematic Diagram of the Key

Regeneration Scheme

(8)

Iris Code Shuffling

• A shuffling key is generated using a password

• Iris code is divided into blocks;

number of blocks = number of bits in shuffling key

• If a bit in the key is 1, corresponding iris code block

is moved to the beginning; otherwise it is moved to

the end

• This scheme increases Hamming distance for

impostors, but for genuine users Hamming distance

is unchanged

(9)

Iris Code Shuffling – Schematic

Diagram

(10)

Hamming Distance Distributions –

Before and After Shuffling

Overlap between genuine and impostor users’ Hamming

distance is decreased because of shuffling

(11)

Error Correcting Codes

• Iris codes have two types of errors:

– Background errors:- Due to camera noise, iris

distortion, image-capture effects, etc. These are

uniformly distributed

– Burst errors:- Due to eye-lids, eye-lashes, and

specular reflections. These occur as bursts.

• We use

Hadamard code

to correct

background errors and

Reed-Solomon Codes

(12)

Increasing Error Correction

Capability of Hadamard Code

• Hadamard code’s inherent error correction capacity is 25%

which cannot be changed. Large number of genuine users

comparisons where the hamming distance is more 25%.

• Adding similarity to the data can change the error distribution

by decreasing the number of errors in a block

– Let there be p errors in n bits

– Adding q zeros uniformly to n will change the error ratio to

R=p/(q+n); if R < 25%, p errors can be corrected

– Thus by changing q we can change (increase) the error

correction capacity of Hadamard code

(13)

Database Used for System

Evaluation

• NIST-ICE Database

– Exp-1 - 1,425 images of right irises of 124 users

• 12,214 genuine and 1,002,386 impostor comparisons

– Exp-2 - 1,528 images of left irises of 120 users

(14)

Experimental Results

• Experimental parameters

• m = 6, Number of bits in each Reed-Solomon code block

• n

s

= 61, Number of blocks after Reed-Solomon encoding

• 8 zeros added to every 12 bits in the iris code; modified iris code

length = 1,980, which is truncated to 1,952 bits.

• t

s

Error correction capability of Reed-Solomon Code

• t

s

acts as threshold by adjusting which we can fine tune the

t

s

Key

Length

ICE-Exp-1

ICE-Exp-2

FAR

FRR

FAR

FRR

11

234

0.0008

2.48

0.003

3.49

14

198

0.055

1.04

0.124

1.41

15

186

0.096

0.76

0.21

1.09

(15)

Security Analysis

2

2

Entropy log

N

H

N

w

=

⎛ ⎞

⎜ ⎟

⎝ ⎠

N is the number of degrees of freedom which can be calculated as

where p = mean of the binomial distribution, and

σ = standard deviation of the distribution

w = number of bits corresponding to the error correction capacity (which is 35%)

2

(1

) /

N

=

p

p

σ

In our experiments, N = 1,172,

w = 410 corresponding to 35% error correction capacity, thus

(16)

Comparison With Other Iris

Based Systems

• RSH – Reed-Solomon and Hadamard codes

• RMP – Reed-Muller and Product codes

[1] J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, and G. Zémor, "Optimal iris fuzzy sketches," in IEEE

Conference on Biometrics: Theory, Applications and Systems, 2007.

[2] F. Hao, R. Anderson, and J. Daugman, "Combining crypto with biometrics effectively," IEEE Transactions

on Computers, vol. 55, no. 9, pp. 1081-1088, 2006.

Authors

ECC

Key Bits FRR in %

FAR in %

Entropy

in bits

Database

Hao et al.[2]

RSH

140

0.47

0

44

proprietary

Bringer et al.[1]

RMP

42

5.62

10

-5

-

ICE

-

RSH

186

0.76

0.096

83

ICE-Exp-1

-

RSH

234

2.48

0.0008

83

ICE-Exp-1

(17)

Conclusions and Discussions

Shuffling makes the iris codes more random, which helps in increasing the entropy; also it

acts as interleaver and helps in error correction by distributing the error bursts

The zero insertion scheme increases the error correction capability of Hadamard code which

is otherwise fixed

Longer keys compared to other schemes can be obtained with the proposed scheme which

will have nearly 83 bit entropy

The keys obtained with this scheme can be used in cryptographic systems; otherwise Hash

values of the original and regenerated keys can be compared to securely verify the user

The locked iris template does not reveal any biometric information thereby protecting the

biometric data

In case of compromise detection, the cryptographic key, smart card, and password can be

changed and a new template can be issued; thus the templates are revocable

(18)

Contacts

For further questions, please contact –

[email protected]

[email protected]

[email protected]

(19)

References

Download now ( PDF - 19 Page - 135.67 KB )

Related documents

Health related quality of life assessment in acute coronary syndrome patients: the effectiveness of early phase I cardiac rehabilitation

ACS: Acute Coronary Syndrome; ANOVA: One-way analysis of variance; BP: Bodily pain; CCRP: Conventional Cardiac Rehabilitation Programmes; CRP: Cardiac Rehabilitation Programmes;

oa Botswana Law Journal - Sneaking Aboriginal Title into Botswana's legal system through a side door: Review of Sesana and Others v the Attorney-General

cause, among international non-governmental organisations, has spent the year vilifying the Botswana Government for failure to comply with rulings of its own court.

DURP. Department of Urban and Regional Planning. University of Hawai`i at Mānoa Program Guide

The Department emphasizes theory, meth- odology, and practice in the following areas: community planning and social policy, environmental planning and natural resource

Near-to-Surface properties affecting bond strength in concrete repair

Fig.6 Failure modes on pull-off test scheme for bond strength (fh ) evaluation and examples of type A/B (interface) and B (in the substrate) failure modes. Fig.7 Failure modes

SAGE Publications. Database Concepts and Applications in Human Resource Information Systems. Janet H. Marler and Barry D. Floyd EDITORS NOTE CHAPTER

decision support systems (DSS) 42 enterprise resource planning (ERP) 41 file-oriented data structures 39 foreign key 46 management reporting systems (MRS) 38 master file

Armstrong Ceiling

Waiting areas Ultima, Perla, Vector range Clip-In, Lay-In, Hook-On, Wall Cladding Canopy range Exposed or Concealed System Lounges Madera, Ultima, Perla, Vector range Metal

The role of potential vorticity anomalies in the Somali Jet on Indian summer monsoon intraseasonal variability

During active phases, strong positive wind stress curl anomalies force oceanic

Individual Planning Staff As An Actor Of GIS Translation In The Planning Departments Of Kuala Lumpur City Hall, Malaysia

The 16 management officers interviewed include three plan- ning directors (PD), two deputy directors (PDD), four senior town planning officers (STP), and seven