Benjamin Tams

Security Considerations in Minutiae-Based Fuzzy Vaults

The fuzzy vault scheme is a cryptographic primitive that can be used to protect human fingerprint templates where stored. Analyses for most implementations account for brute-force security only. There are, however, other risks that have to be consider, such as false-accept attacks, record multiplicity attacks, and information leakage from auxiliary data, such as alignment parameters. In fact, the existing work lacks analyses of these weaknesses and are even susceptible to a variety of them. In view of these vulnerabilities, we redesign a minutiae-based fuzzy vault implementation preventing an adversary from running attacks via record multiplicity. Furthermore, we propose a mechanism for robust absolute fingerprint prealignment. In combination, we obtain a fingerprint-based fuzzy vault that resists known record multiplicity attacks and that does not leak information about the protected fingerprints from auxiliary alignment data. By experiments, we evaluate the performance of our security-improved implementation that, even though it has slight usability merits as compared with other minutiae-based implementations, provides improved security. However, despite heavy efforts spent in improving security, our implementation is, like all other implementations based on a single finger, subjected to a fundamental security limitation related to the false acceptance rate, i.e., false-accept attack. Consequently, this paper supports the notion that a single finger is not sufficient to provide acceptable security. Instead, implementations for multiple finger or even multiple modalities should be deployed the security of which may be improved by the technical contributions of this paper.

Unlinkable minutiae-based fuzzy vault for multiple fingerprints

The ‘fuzzy vault scheme’ is a cryptographic primitive being considered for storing fingerprint minutiae protected. A well-known problem of the fuzzy vault scheme is its vulnerability against correlation attack-based cross-matching thereby conflicting with the ‘unlinkability requirement’ and ‘irreversibility requirement’ of effective biometric information protection. Yet, it has been demonstrated that in principle a minutiae-based fuzzy vault can be secured against the correlation attack by passing the to-be-protected minutiae through a quantisation scheme. Unfortunately, single fingerprints seem not to be capable of providing an acceptable security level against offline attacks. To overcome the aforementioned security issues, this study shows how an implementation for multiple fingerprints can be derived on basis of the implementation for single finger thereby making use of a Guruswami–Sudan algorithm-based decoder for verification. The implementation, for which public C++ source code can be downloaded, is evaluated for single and various multi-finger settings using the MCYT-Fingerprint-100 database and provides security-enhancing features such as the possibility of combination with password and a slow-down mechanism.

Improved Fuzzy Vault Scheme for Alignment-Free Fingerprint Features

The fuzzy vault scheme is one of the most prominent tools for protecting fingerprint templates, typically being minutiae-based. However, there exist two major problems. Firstly, the fuzzy vault scheme is vulnerable to attacks correlating different templates of the same user. Secondly, auxiliary alignment data may leak information about the protected fingerprints which negatively affects security and privacy. In this paper, we tackle both problems. Our implementation uses alignment-free fingerprint features and fusions thereof, thereby removing the need to store alignment parameters. Furthermore, the features are passed through a quantization scheme and then dispersed in a maximal number of chaff, thereby thwarting correlation attacks.

Towards efficient privacy-preserving two-stage identification for fingerprint-based biometric cryptosystems

Biometric template protection schemes in particular, biometric cryptosystems bind secret keys to biometric data, i.e. complex key retrieval processes are performed at each authentication attempt. Focusing on biometric identification exhaustive 1: N comparisons are required for identifying a biometric probe. As a consequence comparison time frequently dominates the overall computational workload, preventing biometric cryptosystems from being operated in identification mode. In this paper we propose a computational efficient two-stage identification system for fingerprint-biometric cryptosystems. Employing the concept of adaptive Bloom filter-based cancelable biometrics, pseudonymous binary prescreeners are extracted based on which top-candidates are returned from a database. Thereby the number of required key-retrieval processes is reduced to a fraction of the total. Experimental evaluations confirm that, by employing the proposed technique, biometric cryptosystems, e.g. fuzzy vault scheme, can be enhanced in order to enable a real-time privacy preserving identification, while at the same time biometric performance is maintained.

Xtarp: Improving the Tented Arch Reference Point Detection Algorithm

In 2013, Tams et al. proposed a method to determine directed reference points in fingerprints based on a mathematical model of typical orientation fields of tented arch type fingerprints. Although this Tented Arch Reference Point (TARP) method has been used successfully for pre-alignment in biometric cryptosystems, its accuracy does not yet ensure satisfactory error rates for single finger systems. In this paper, we improve the TARP algorithm by deploying an improved orientation field computation and by integrating an additional mathematical model for arch type fingerprints. The resulting Extended Tented Arch Reference Point (xTARP) method combines the arch model with the tented arch model and achieves a significantly better accuracy than the original TARP algorithm. When deploying the xTARP method in the Fuzzy Vault construction of Butt et al., the false non-match rate (FNMR) at a security level of 20 bits is reduced from 7.4% to 1.7%.

Current Challenges for IT Security with Focus on Biometry

In this paper we give a survey of biometrical applications in security context. We start with a brief overview of the different biometric modalities which are most frequently used and compare their security contribution with classical cryptographic primitives. We then consider the case of fingerprints when used as password surrogates. We discuss the main security concerns of biometry in more detail on this practical example and make a point that the false accept error probability should be considered as the de facto measure of security.