Von der Unmöglichkeit der
Fälschungserkennung
TeleTrusT AG Biometrie 5. September 2012 in Darmstadt Manfred Bromba Bromba GmbH Biometrics www.bromba.comThe AAA faking process
1. Acquire– Acquire the pattern of the biometric characteristic - not discussed here
2. A
ssemble
– Assemble a plagiarism from the biometric characteristic • including unique pattern and
• including / excluding properties the biometric system uses for fake detection (if known)
– Behavioral characteristics: for example, training of a robot 3. Apply
– Apply the plagiarism to the biometric capture system in just the way required for optimum recognition – not discussed here
Difficulty of faking steps
• Rough estimation of relative effort “in the natural case” – More stars means more effort
– No fake detection assumed (refers to Apply)
– No cooperative victims assumed (refers to Acquire)
– No acquisition behind a sensor assumed (refers to Acquire)
3D face 2D face
Finger veins
Signature (dyn. full) Fingerprint Biometric Password Apply Assemble Acquire
Effort
Bottom – Up
Our simple fake testing method
• Using standard commercial rubber stamps– Different coatings match different sensor principles (color, conductivity, etc.)
Fake detection method: Temperature
• Idea: finger is genuine => temperature is in a certain range
• Passable skin temperatures for finger are between 12 °C (DIN 33403) and >35 °C
• It’s easy to bring every fake finger to any required temperature
• Problem: temperature is in a certain range ≠> finger is genuine
– Temperature is not a very characteristic property of human fingers
• Really a cheap but silly fake detection method
– OK, it can be used to detect non-liveness: If temperature is below 0°C or above 100°C for a certain time, finger is NOT al ive
Fake detection method: Capacitive sensors
• Idea: perform pattern capturing using ‘life’ properties• Life property: skin contains water and water has a high relative permittivity (ε
r ~ 80)
• Problem 1: In reality not ε
r is measured but the capacitance
• 1. fake method: plastics with barium titanate (difficult)
• 2. fake method : gelatin (contains a lot of water, but is not durable) • 3. fake method : rubber stamp, possibly with conducting coating or
with breathing upon it (perfect)
• 4. fake method : overhead foil with printed finger pattern and breathing upon it (cheap but difficult to apply)
Fake detection method: Blood oxygen measurement
• Idea: measuring the level of blood oxygen by determining the varyingabsorption of two different infrared light wavelengths by hemoglobin – the oxygen concentration changes periodically with pulse
– method has been verified by Delsy 10 years ago with optical sensor
• How to circumvent: Use a live finger and cover it with a foil
implementing the finger pattern while being transparent to infrared light
• Problem: it is not verified whether live finger and pattern belong to the same person
The best method today
• Using optical finger & skin spectrum by using
multi-spectral illumination in an optical fingerprint scanner
• Successfully implemented by Lumidigm V302 (‘Venus’)
– Reliably rejects even our fingerprint stamps – Does not show significant false reject rates
• Less successfully implemented by Lumidigm M311 (‘Mariner’)
– False acceptions of our fingerprint stamps possible • How to circumvent: Find a matching coating for the
fake finger
• Problem: measures only a few properties of the finger which may not be very specific
Further fake finger detection methods
• 3D Ultrasound: explore the finger structure beneath the fingerprint pattern
– Problem: Only the ultrasound properties of the finger are investigated – How to circumvent: A 3D copy (using 3D printers?) with the same
ultrasound properties should do
• A similar consideration holds for optical coherence tomography except for the different influence of microscopic structures
– The smaller wavelength of light may increase fake assembly effort
Other biometric characteristics
• Fingerprint considered here because of broad own experience – Best investigated biometric modality except for biometric password
– As a result, it is erroneously ill-reputed as the most vulnerable biometric modality
• There is no biometric characteristic which is invulnerable
– Not yet faked usually means not yet tried to fake
– However, there may be difficult to compare differences between different modalities regarding the AAA steps
12
Conclusions
• Today’s fake detection methods only deliver annoying results – All methods can be circumvented once revealed
– Circumvention effort steadily decreases (technology, knowledge)
• If I verify a biometric pattern this does not verify the complete human identity
• It has not sufficiently been ensured that all properties being tested belong to the same human entity
• Literature: Dragula, P.: Erkennung der feinen Hautbewegungen des Fingers, Diploma Thesis (tutor: Martin Drahanský), FIT BUT, CZ, 2007 Status
Top – Down
Science fiction (?)
What is identity?
• Identity is the set of all independent, measurable properties of a
subject
– Detlef Hühnlein: “Die Identität einer Entität ist bestimmt durch die Menge ihrer Attribute, wobei eine Entität genau eine Identität besitzt.” (DuD 3/2008 S165)
– Mondinis Study on Identity Management in eGovernment: Common Terminological Framework for Interoperable Electronic Identity Management; Consultation Paper v.2.01; November 23, 2005
• Each linear independent property spans one coordinate in an “identity vector space”
– Each identity is characterized by one point at a time instant in the identity vector space
– Example for a one-dimensional identity vector space of human heights showing about 25 identities:
Identity vector space I
• Example: 2D identity vector space
– In reality, dimension will be extremely high
Identity vector space II
• Identities change with respect to time
Identity vector space III
• Alternatively, the fluctuations of an identity may be shown as a cloud whose density represents the joint probability to have certain
properties
• It is NOT important that identity remains constant, rather separability is essential
Identity vector space IV
• Biometrics is complex enough to guarantee that no two identities have the same distribution shape
– This fact greatly reduces the value of biometric failure rates from large scale tests for individuals
19
What types of identity properties are there?
• Human identity comprises unique and common properties• Unique identity properties are considered as biometric characteristics – Unique properties have parts of genotypic, randotypic, and behavioral
origin
• Common identity properties are common for all humans – and define a human being if considered completely
– Exceptions such as diseases, special marks, etc. are considered as
anomalies
• Properties may be divided into sub-properties until simple measurability is achieved (elementary property)
– Example: Presence of head may be divided into presence of eyes, nose, mouth, hair, ears, ... etc.
Identity determination
• Identity determination is the measurement of measurable human properties
– Identity determination encompasses unique and common properties
• Identity determination is used for
1. creating and storing an identity reference (enrolment)
2. comparison of the resulting data with a stored reference (verification)
• A complete identity determination considers ALL identity properties – A perfect identity determination needs no fake detection!
Human identity determination: Challenges
• Human subjects are no closed systems– Humans cannot permanently be separated from their surrounding • Are all properties measurable in a non-destructive way?
– E.g., when measuring DNA information cell by cell • Clothing as a fast varying part of the identity?
– There may be limited enthusiasm for undressing... – Clothing is a valuable identifier for short-time linkage – Foreign DNA (most of all cells are of non-human origin)
• Privacy goodbye!
– The perfect identity de-terminator knows everything about a subject! – The deviations from the common reference (anomalies) are most
How many identity properties are there?
• The real challenge seems to be the enormous number of properties to be measured, possibly with different sensors
For simplicity we consider the reference size
• The genotypic structure of humans is determined by the genome and includes unique and common parts
– The genome represents an information of roughly 50 MB, including non-coding sequences
(http://de.wikipedia.org/wiki/Erbinformation#Genomgr.C3.B6.C3.9Fen) • How much for unique randotypic parts and anomalies?
– No information found – would require the knowledge of all biometric modalities
• For the behavioral part the storage capacity of brain may be an indication
– Brain stores about 2 PB = 2000 TB = 2x1015 B [?, Wikipedia]
23
Human identity determination is a complex task
• Is this the identity de-terminator of the future?Identity confirmation
• Identity confirmation is the comparison of two sets of identity properties
– The result may be "Yes" or "No" • The task may be split into two parts:
1. the comparison of unique identity properties (mandatory) 2. the comparison of common identity properties (optional)
• The following references are required for identity confirmation – Unique properties: One reference data set required per identity – Common properties: One reference data set for all humans – Anomalies: One reference data set required per identity
• A complete identity confirmation considers ALL identity properties – Nevertheless, due to small identity changes and measurement errors,
What is a fake?
A fake is a partial imitation of an identity
– Name for hardware-based imitations: spoof / spoofing, plagiarism – Name for software-based (behavior) imitations: mimicry
• A fake may imitate unique (mandatory) and common (optional) properties
• A successful fake has to imitate ALL properties with good quality which are used for identity confirmation
Fake detection
Realization of fake detection type I (passive):
• Find at least one mismatch with common parts of identity reference – Non-matching common properties are due to fakes or anomalies – The more properties are compared, the better the fake resistance
Realization of fake detection type II (active):
• Find at least one match with fake references
– A fake may have specific properties which do not match with originals – Like virus scanners it needs the references of all known fake methods – Like virus scanners, a permanent update is required - but including
hardware (sensors)
– Advantage: For a perfect fake detection a limited number of props suff. – Problem: does not detect unknown fakes
The big challenge: transplantations
• Transplantations create ‘mixtures’ of human identities and define a new human identity (at least due to different DNA)
– Requires re-enrolment - how to securely link to old identities?
• Transplantations may affect biometric characteristics
– Today, biometrically effective transplantations are possible at least for faces and fingers
• Legal / ethical identity aspects of transplantations
– Is there something like an identity center such as brain?
– Can we exclude that ever brain transplantations will become possible? – Who is responsible for the obligations of the old identities?
The practical solution: Fake prevention
Fake prevention instead of or in combination with fake detection
• Do the security requirements match the feasible?• For higher requirements use independent multiple protection & identity confirmation stages
• Provide measures against mixing identity properties from different subjects during measurement (AAA)
– separation required (known from physical access control)
• Undertake small attempts on sensor side to complicate fake application (AAA)
Why faking is easier than fake detection
• Fake detection is like the trial to keep water in a sieve
• If you only plug a few holes (compare a few properties) the water will quickly find another way (easy)