Article

Finding the original point set hidden among chaff

Authors:

Ee-Chien Chang,

Ren Shen,

Francis Weijian TeoAuthors Info & Claims

ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security

Pages 182 - 188

https://doi.org/10.1145/1128817.1128845

Published: 21 March 2006 Publication History

Get Access

Abstract

In biometric identification, a fingerprint is typically represented as a set of minutiae which are 2D points. A method [4] to protect the fingerprint template hides the minutiae by adding random points (known as chaff) into the original point set. The chaff points are added one-by-one, constrained by the requirement that no two points are close to each other, until it is impossible to add more points or sufficient number of points have been added. Therefore, if the original template consists of s points, and the total number of chaff points and the original points is m, then a brute-force attacker is expected to examine half of m chooses s possibilities to find the original. The chaff generated seem to be "random", especially if the minutiae are also randomly generated in the same manner. Indeed, the number of searches required by the brute-force attacker has been used to measure the security of the method. In this paper, we give an observation which leads to a way to distinguish the minutiae from the chaff. Extensive simulations show that our attacker can find the original better than brute-force search. For e.g. when s = 1 and the number of chaff points is expected to be about 313, our attacker on average takes about 100 searches. Our results highlight the need to adopt a more rigorous notion of security for template protection. We also give an empirical lower bound of the entropy loss due to the sketch.

References

[1]

Fvc2004 databases. http://biometrics.cse.msu.edu/fvc04db/index.html.

Google Scholar

[2]

BOYEN, X. Reusable cryptographic fuzzy extractors. In 11th ACM conf. on Computer and Communications Security (2004), pp. 82--91.

Digital Library

Google Scholar

[3]

CHANG, E.-C., AND LI, Q. Small secure sketch for point-set difference. Cryptology ePrint Archive, Report 2005/145 (2005).

Google Scholar

[4]

CLANCY, T. C., KIYAVASH, N., AND LIN, D. J. Secure smartcardbased fingerprint authentication. In ACM SIGMM workshop on Biometrics methods and applications (2003), pp. 45--52.

Digital Library

Google Scholar

[5]

DODIS, Y., REYZIN, L., AND SMITH, A. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Eurocrypt'04 (2004), pp. 523--540.

Crossref

Google Scholar

[6]

Jr., E. C., FLATTO, L., AND JELENKOVIć, P. Interval packing: the vacant interval distribution. The Annals of Applied Probability 10, 1 (2000), 240--257.

Crossref

Google Scholar

[7]

JUELS, A., AND SUDAN, M. A fuzzy vault scheme. In IEEE Intl. Symp. on Information Theory (2002).

Crossref

Google Scholar

[8]

JUELS, A., AND WATTENBERG, M. A fuzzy commitment scheme. In ACM Conf. on Computer and Communications Security (1999), pp. 28--36.

Digital Library

Google Scholar

[9]

LINNARTZ, J.-P. M. G., AND TUYLS, P. New shielding functions to enhance privacy and prevent misuse of biometric templates. In AVBPA 2003 (2003), pp. 393--402.

Digital Library

Google Scholar

[10]

MALTONI, D., MAIO, D., JAIN, A. K., AND PRABHAKAR, S. Handbook of Fingerprint Recognition. Springer--Verlag, 2003.

Digital Library

Google Scholar

[11]

PALASTI, I. On some random space filling problems. Publ. Math. Inst. Hung. Acad. Sci. 5 (1960), 353--359.

Google Scholar

[12]

RNYI, A. On a one-dimensional problem concerning random space-filling. Publ. Math. Inst. Hung. Acad. Sci. 3 (1958), 109--127.

Google Scholar

[13]

S. YANG, I. V. Secure fuzzy vault based fingerprint verification system. In 38th Asilomar Conf. on Signals, Systems, and Computers (2004), vol. 1, pp. 577--581.

Google Scholar

Cited By

View all

Tran QTurnbull BHu J(2021)Biometrics and Privacy-Preservation: How Do They Evolve?IEEE Open Journal of the Computer Society10.1109/OJCS.2021.30683852(179-191)Online publication date: 2021
https://doi.org/10.1109/OJCS.2021.3068385
Dang TTran LNguyen TChoi D(2020)FEHash: Full Entropy Hash for Face Template Protection2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW)10.1109/CVPRW50498.2020.00413(3527-3536)Online publication date: Jun-2020
https://doi.org/10.1109/CVPRW50498.2020.00413
Islam MSafavi-Naini R(2020)Fuzzy Vault for Behavioral Authentication SystemICT Systems Security and Privacy Protection10.1007/978-3-030-58201-2_20(295-310)Online publication date: 14-Sep-2020
https://doi.org/10.1007/978-3-030-58201-2_20
Show More Cited By

Index Terms

Finding the original point set hidden among chaff

Recommendations

Enhance fuzzy vault security using nonrandom chaff point generator

Toward the combination of cryptographic and biometric systems, by performing specific binding technique on cryptographic key and biometric template, the fuzzy vault framework enhances security level of current biometric cryptographic systems in terms of ...
Security notions of biometric remote authentication revisited
STM'11: Proceedings of the 7th international conference on Security and Trust Management

In this paper, we describe a new biometric-based remote authentication (BRA) system by combining distributed biometric authentication and cancelable biometrics. The motivation of this construction is based on our new attacks against the BRA schemes ...
Performance analysis of a parameterized minutiae-based approach for securing fingerprint templates in biometric authentication systems
Abstract
The fingerprint templates include almost the entire information about an individual’s fingerprints, and the user validation is totally determined by the fingerprint minutiae features. Due to the sort of attacks, the most challenging ...
Highlights
- Analyzing the fingerprint minutia features and their relevant parameters.
- ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security

March 2006

384 pages

ISBN:1595932720

DOI:10.1145/1128817

Conference Chair:
Ferng-Ching Lin
Executive Yuan, Taiwan
,
General Chairs:
Der-Tsai Lee
Academia Sinica, Taiwan
,
Bao-Shuh Lin
ITRI, Taiwan
,
Program Chairs:
Shiuhpyng Shieh
National Chiao Tung University, Taiwan
,
Sushil Jajodia
George Mason University, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 March 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

Asia CCS06

Sponsor:

SIGSAC

Asia CCS06: ACM Symposium on Information, Computer and Communications Security 2006

March 21 - 24, 2006

Taipei, Taiwan

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

66
Total Citations
View Citations
432
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 21 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Tran QTurnbull BHu J(2021)Biometrics and Privacy-Preservation: How Do They Evolve?IEEE Open Journal of the Computer Society10.1109/OJCS.2021.30683852(179-191)Online publication date: 2021
https://doi.org/10.1109/OJCS.2021.3068385
Dang TTran LNguyen TChoi D(2020)FEHash: Full Entropy Hash for Face Template Protection2020 IEEE/CVF Conference on Computer Vision and Pattern Recognition Workshops (CVPRW)10.1109/CVPRW50498.2020.00413(3527-3536)Online publication date: Jun-2020
https://doi.org/10.1109/CVPRW50498.2020.00413
Islam MSafavi-Naini R(2020)Fuzzy Vault for Behavioral Authentication SystemICT Systems Security and Privacy Protection10.1007/978-3-030-58201-2_20(295-310)Online publication date: 14-Sep-2020
https://doi.org/10.1007/978-3-030-58201-2_20
Sinha HAjmera P(2019)Upgrading security and protection in ear biometricsIET Biometrics10.1049/iet-bmt.2018.50818:4(259-266)Online publication date: 20-Feb-2019
https://doi.org/10.1049/iet-bmt.2018.5081
Zhao DFang SXiang JTian JXiong S(2018)Iris Template Protection Based on Local RankingSecurity and Communication Networks10.1155/2018/45195482018Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1155/2018/4519548
Zhao DHu XTian JXiong SXiang J(2018)Iris Template Protection Based on Randomized Response Technique and Aggregated Block Information2018 IEEE 29th International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE.2018.00034(248-258)Online publication date: Oct-2018
https://doi.org/10.1109/ISSRE.2018.00034
(2017)An approach to matching fingerprints using cryptographic one-way hashesInternational Journal of Biometrics10.1504/IJBM.2017.0866459:3(205-224)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1504/IJBM.2017.086645
Singla NKaur MSofat S(2017)Secure fingerprint fuzzy vault including novel chaff point generation method2017 International Conference on Computing, Communication and Automation (ICCCA)10.1109/CCAA.2017.8229959(1098-1103)Online publication date: May-2017
https://doi.org/10.1109/CCAA.2017.8229959
Gerdes JHuang CSharaf M(2017)Incorporating biometrics into veiled certificatesElectronic Commerce Research10.1007/s10660-016-9222-y17:2(289-316)Online publication date: 1-Jun-2017
https://dl.acm.org/doi/10.1007/s10660-016-9222-y
Li CHu J(2016)A Security-Enhanced Alignment-Free Fuzzy Vault-Based Fingerprint Cryptosystem Using Pair-Polar Minutiae StructuresIEEE Transactions on Information Forensics and Security10.1109/TIFS.2015.250563011:3(543-555)Online publication date: Mar-2016
https://doi.org/10.1109/TIFS.2015.2505630
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Enhance fuzzy vault security using nonrandom chaff point generator

Security notions of biometric remote authentication revisited

Performance analysis of a parameterized minutiae-based approach for securing fingerprint templates in biometric authentication systems