Internet Archive Scholar

Biometric template transformation: a security analysis

Abhishek Nagar, Karthik Nandakumar, Anil K. Jain, Nasir D. Memon, Jana Dittmann, Adnan M. Alattar, Edward J. Delp III
2010 Media Forensics and Security II  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (871.8 kB)
https://web.archive.org/web/20151106054730/http://www.cse.msu.edu:80/biometrics/Publications/SecureBiometrics/NagarTempTransSecAnalysis_SPIE10.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL. The file type is application/pdf.

One of the critical steps in designing a secure biometric system is protecting the templates of the users that are stored either in a central database or on smart cards. If a biometric template is compromised, it leads to serious security and privacy threats because unlike passwords, it is not possible for a legitimate user to revoke his biometric identifiers and switch to another set of uncompromised identifiers. One methodology for biometric template protection is the template transformation
more » ... pproach, where the template, consisting of the features extracted from the biometric trait, is transformed using parameters derived from a user specific password or key. Only the transformed template is stored and matching is performed directly in the transformed domain. In this paper, we formally investigate the security strength of template transformation techniques and define six metrics that facilitate a holistic security evaluation. Furthermore, we analyze the security of two wellknown template transformation techniques, namely, Biohashing and cancelable fingerprint templates based on the proposed metrics. Our analysis indicates that both these schemes are vulnerable to intrusion and linkage attacks because it is relatively easy to obtain either a close approximation of the original template (Biohashing) or a pre-image of the transformed template (cancelable fingerprints). We argue that the security strength of template transformation techniques must also consider the computational complexity of obtaining a complete pre-image of the transformed template in addition to the complexity of recovering the original biometric template. Further author information: (Send correspondence to A. Nagar, nagarabh@cse.msu.edu, 1 517 285 3592) * A template is a set of features extracted from the biometric trait. A template is stored in the biometric system database and is used for matching with the input biometric during an authentication attempt. † A pre-image of a transformed template is the collection of all the templates in the original domain that can generate the given transformed template.
doi:10.1117/12.839976 dblp:conf/mediaforensics/NagarNJ10 fatcat:aanpnghbj5futenagrq5fnc4wi
Citation

Abhishek Nagar, Karthik Nandakumar, Anil K. Jain, Nasir D. Memon, Jana Dittmann, Adnan M. Alattar, Edward J. Delp III. "Biometric template transformation: a security analysis." Media Forensics and Security II (2010) 75410O