Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Fingerprint Template - Fuzzy Vault with Helper Data

Published byJimmy Dockery Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Fingerprint Template - Fuzzy Vault with Helper Data"— Presentation transcript:

1 Securing Fingerprint Template - Fuzzy Vault with Helper Data
Presenters: Yeh Po-Yin Yang Yi-Lun

2 Outline Review Previous Work Proposed System Experimental Results
Introduction – Fuzzy vault Proposed System Encoding Decoding Experimental Results Genuine Accept Rate (GAR) False Accept Rate (FAR) Conclusions

3 Registration Alice Template Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

4 Template is stored Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

5 Authentication Alice Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

6  Authentication It’s Alice! ? Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

7 Templates represent intrinsic information about you
Alice Alice Theft of a template is theft of identity [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

8 Server-side matching Alice Client Server
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

9 Server-side matching Alice Alice Client Server 
“access granted” Server Alice [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

10 Client-side matching Alice “Hi, Alice!” “It’s Alice!” Server 
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

11 Client-side matching Alice “Hi, Alice!” “It’s Alice!” “It’s Alice!”
Server Alice [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

12 On-device matching Alice Alice
SecurID [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

13 On-device matching Alice Alice Alice 
SecurID Alice [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

14 UNIX protection of passwords
h h(“password”) “password” “password” “password” [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

15 Template protection? h( ) h Alice Alice Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

16 Fingerprint is variable
Alice Differing angles of presentation Differing amounts of pressure Chapped skin Don’t have exact key! So hashing won’t work... [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

17 Introduction – Fuzzy vault
Juels and Sudan (2002) The movie lover problem - encrypt Alice has a set of favorite movies (A) Alice wants to give her Tel # to someone with the same interests Alice does not want the others to know about her interests Alice encrypt her Tel # under A

18 Introduction – Fuzzy vault
The movie lover problem – decrypt Bob has a set of favorite movies (B) If B is identical to A, then Bob gets Alice’s Tel # If B is different than A, then Bob gets nothing If B is similar to A, then Bob might get Alice’s Tel # ( depend on the algorithm Alice used to encrypt he Tel # )

19 Encoding Alice partitions her secret value (S) into shares s1, s2,..., sk Construct a polynomial (p) so that p(xj) = sk-1xk-1 + sk-2xk s1x + s0 For every element in set A, find ( ai, p(ai) ) Projecting elements of A onto p Create chaff points that do not lie on p Call this collection of points R

20 Flow chart - Encode + Set (A) (Favorite movies) Secret data (S)
(Tel #) Polynomial (p) construction Polynomial Projection Chaff Point Generation (C) + Vault (VA)

21 Algorithm Lock [1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002

22 Decoding Project R onto bi (elements in set B)
If there exists a pair (bi, y) in R for any y then (xi, yi) = (bi, y), else (xi, yi) = null Call this collection of points Q Perform the Reed-Solomon decoding algorithm and reconstruct a unique polynomial p

23 Reed-Solomon decoding
The classical algorithm of Peterson-Berlekamp-Massey decodes successfully if at least (k+t)/2 points in Q share a common polynomial t = the # of points in set A k = a polynomial of degree less than k

24 Flow chart - Decode Set (B) (Favorite movies) Candidate point
identification Error-correcting codes (Reed-Solomon codes) Vault (VA) Polynomial (p) reconstruction Secret data (S) (Tel #)

25 Algorithm Unlock [1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002

26 Security Depends on the # of chaff points r-t in the target set R
r = the total # of points t = the # of points in set A Attacker cannot distinguish between the correct polynomial p and all of the spurious ones Security proportional to the # of spurious polynomials

27 Fuzzy Fingerprint Vault
Replace favorite movies with Fingerprint minutiae data Different from favorite movies, minutiae data needs to be aligned without any information leak Quantification is applied to account for slight variations in minutiae data example: block size = 11x11 [1,11] → 6

28 Encode Error-correction scheme 128bit secret + 16bit CRC = 144bit (S)
Cyclic Redundancy Check (CRC) 16bit CRC: gCRC(a) = a16 + a15 + a2 +1 128bit secret + 16bit CRC = 144bit (S) divided into 9 non-overlapping 16-bit segments ( 144/16 = 9) p(x) = s8x8 + s7x s1x + s0 Quantify minutiae data (A) Apply fuzzy vault scheme → get VA Construct helper data

29 (Quantified minutiae)
Set (A) (Quantified minutiae) Polynomial (p) construction Polynomial Projection Secret data (S) CRC encoding Chaff Point Generation (C) + Vault (VA)

30 Decode Quantify minutiae data (B) Apply fuzzy vault scheme → get p
Decrypt secret from p (144bit code) Apply CRC coding to check whether there are errors in this secret Divide the secret with CRC code / 11 = Remainder is not zero : error!

31 (Quantified minutiae)
Set (B) (Quantified minutiae) Vault (VA) Candidate point identification Error-correcting codes (Reed-Solomon codes) Polynomial (p) reconstruction CRC decoding Secret data (S)

32 Helper data Orientation Field Flow Curves (OFFC)
Sets of piecewise linear segments the represent the underlying flow of fingerprint ridges Robust to noise minutiae islands smudges cuts

33 Constructing Helper Data
Find the orientation field that shows the dominant orientation in each block 8*8 sj = sj-1 + dj * lj * oSj-1 j = the index of points on the curve dj = the flow direction between sj and sj-1 { -1, 1 } lj = the length of line segment between these two points oSj-1 = the orientation value at location sj-1

34 Helper Data Filtering outliers points with too low curvature
points with too high curvature

35 [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

36 ICP base Alignment Iterative Closest Point
Estimate the initial transformation Find the center of mass Iterate until convergence C: curvature, r: row, c: column higher αvalues emphasize the effect of curvature (100, 150, 400) [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

37 [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

38 [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

39 Experiments DB2 database of FVC 2002 study
8 impressions for each of the 100 distinct fingers Image size: 560*296 Resolution: 569dpi Block size: 11*11 24 genuine minutiae points dispersed among 200 chaff points are used

40 Results Two impression per finger are used
1 for locking, 1for unlocking GAR = 72.6% at FAR = 0% has less than 24 minutiae (16) Unlocking with two impression per finger GAR = 84.5% at FAR = 0% errors in helper data (7) poor quality image (4) common minutiae between locking and unlocking prints less than the required number (2)

41 Conclusion Secured 128-bit AES keys feasibly
An automatic alignment scheme based on helper data derived from the orientation field of fingerprints The helper data does not leak any information about the minutiae-based fingerprint template User is expected to be cooperative Reduce false rejects

42 References [1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002 [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006 [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

Download ppt "Securing Fingerprint Template - Fuzzy Vault with Helper Data"

Similar presentations

Ari Juels RSA Laboratories Marty Wattenberg 328 W. 19th Street, NYC A Fuzzy Commitment Scheme.

Ari Juels RSA Laboratories Marty Wattenberg 328 W. 19th Street, NYC A Fuzzy Commitment Scheme.
Biometrics: Fingerprint Technology Calvin Shueh Professor Stamp CS265.

Biometrics: Fingerprint Technology Calvin Shueh Professor Stamp CS265.
Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”

Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
1 Is your biometric data safe? Alex Kot School of Electrical & Electronic Engineering Nanyang Technological University Singapore.

1 Is your biometric data safe? Alex Kot School of Electrical & Electronic Engineering Nanyang Technological University Singapore.
Fuzzy Vaults: Toward Secure Client-Side Matching Ari Juels RSA Laboratories 10th CACR Information Security Workshop 8 May 2002 LABORATORIES.

Fuzzy Vaults: Toward Secure Client-Side Matching Ari Juels RSA Laboratories 10th CACR Information Security Workshop 8 May 2002 LABORATORIES.
Fuzzy Stuff 6.857 Lecture 24, 2006. Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting.

Fuzzy Stuff Lecture 24, Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting.
Biometrics based Cryptosystem Design. Cryptosystem A mechanism using which one can encode an information content to an incomprehensible form and also.

Biometrics based Cryptosystem Design. Cryptosystem A mechanism using which one can encode an information content to an incomprehensible form and also.
1 Design and Implementation for Secure Embedded Biometric Authentication Systems Shenglin Yang Advisor: Ingrid Verbauwhede Electrical Engineering Department.

1 Design and Implementation for Secure Embedded Biometric Authentication Systems Shenglin Yang Advisor: Ingrid Verbauwhede Electrical Engineering Department.
Fingerprint Verification Bhushan D Patil PhD Research Scholar Department of Electrical Engineering Indian Institute of Technology, Bombay Powai, Mumbai.

Fingerprint Verification Bhushan D Patil PhD Research Scholar Department of Electrical Engineering Indian Institute of Technology, Bombay Powai, Mumbai.
BIOMETRICS By Lt Cdr V Pravin 05IT6019. BIOMETRICS  Forget passwords...  Forget pin numbers...  Forget all your security concerns...

BIOMETRICS By Lt Cdr V Pravin 05IT6019. BIOMETRICS  Forget passwords...  Forget pin numbers...  Forget all your security concerns...
Fingerprint Minutiae Matching Algorithm using Distance Histogram of Neighborhood Presented By: Neeraj Sharma M.S. student, Dongseo University, Pusan South.

Fingerprint Minutiae Matching Algorithm using Distance Histogram of Neighborhood Presented By: Neeraj Sharma M.S. student, Dongseo University, Pusan South.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
The Statistics of Fingerprints A Matching Algorithm to be used in an Investigation into the Reliability of the Use of Fingerprints for Identification Bob.

The Statistics of Fingerprints A Matching Algorithm to be used in an Investigation into the Reliability of the Use of Fingerprints for Identification Bob.
A Review of “Adaptive fingerprint image enhancement with fingerprint image quality analysis”, by Yun & Cho Malcolm McMillan.

A Review of “Adaptive fingerprint image enhancement with fingerprint image quality analysis”, by Yun & Cho Malcolm McMillan.
How it works. When the user places their finger on Fingerprint Recognition Device (FRD) for the first time, the fingerprint is scanned and a 3-D fingerprint.

How it works. When the user places their finger on Fingerprint Recognition Device (FRD) for the first time, the fingerprint is scanned and a 3-D fingerprint.
2005/6/16 by pj 1 Hiding Biometric Data Hiding Biometric Data IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, VOL. 25, NO. 11, NOVEMBER.

2005/6/16 by pj 1 Hiding Biometric Data Hiding Biometric Data IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, VOL. 25, NO. 11, NOVEMBER.
66: Priyanka J. Sawant 67: Ayesha A. Upadhyay 75: Sumeet Sukthankar.

66: Priyanka J. Sawant 67: Ayesha A. Upadhyay 75: Sumeet Sukthankar.
Randomized Radon Transforms for Biometric Authentication via Fingerprint Hashing 2007 ACM Digital Rights Management Workshop Alexandria, VA (USA) October.

Randomized Radon Transforms for Biometric Authentication via Fingerprint Hashing 2007 ACM Digital Rights Management Workshop Alexandria, VA (USA) October.
Biometric Cryptosystems Presenters: Yeh Po-Yin Yang Yi-Lun.

Biometric Cryptosystems Presenters: Yeh Po-Yin Yang Yi-Lun.

Similar presentations

Ads by Google