Securing Fingerprint Template - Fuzzy Vault with Helper Data
description
Transcript of Securing Fingerprint Template - Fuzzy Vault with Helper Data
![Page 1: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/1.jpg)
Securing Fingerprint Template - Fuzzy Vault with Helper Data
Presenters:
Yeh Po-Yin
Yang Yi-Lun
![Page 2: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/2.jpg)
Outline
ReviewPrevious Work
Introduction – Fuzzy vault
Proposed SystemEncodingDecoding
Experimental ResultsGenuine Accept Rate (GAR)False Accept Rate (FAR)
Conclusions
![Page 3: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/3.jpg)
Registration
Template
Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 4: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/4.jpg)
Template is stored
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 5: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/5.jpg)
Authentication
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 6: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/6.jpg)
Authentication
?
It’s Alice!
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 7: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/7.jpg)
Templates represent intrinsic information about you
Alice
Theft of a template is theft of identity
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 8: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/8.jpg)
Server-side matching
Server
Client
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 9: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/9.jpg)
Server-side matching
Server
Client
“access
granted”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 10: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/10.jpg)
Client-side matching
Server
“It’s Alice!”“Hi, Alice!”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 11: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/11.jpg)
Client-side matching
Server
“It’s Alice!”“It’s Alice!”“Hi, Alice!”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 12: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/12.jpg)
On-device matching
SecurID
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 13: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/13.jpg)
On-device matching
SecurID
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 14: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/14.jpg)
“password”
UNIX protection of passwords
“password” h(“password”)
“password”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 15: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/15.jpg)
Template protection?
h( )
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 16: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/16.jpg)
Fingerprint is variable
Differing angles of presentation
Differing amounts of pressure
Chapped skin
Don’t have exact key!So hashing won’t work...
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
![Page 17: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/17.jpg)
Introduction – Fuzzy vault
Juels and Sudan (2002)
The movie lover problem - encryptAlice has a set of favorite movies (A)
Alice wants to give her Tel # to someone with the same interests
Alice does not want the others to know about her interests
Alice encrypt her Tel # under A
![Page 18: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/18.jpg)
Introduction – Fuzzy vault
The movie lover problem – decryptBob has a set of favorite movies (B)
If B is identical to A, then Bob gets Alice’s Tel #
If B is different than A, then Bob gets nothing
If B is similar to A, then Bob might get Alice’s Tel # ( depend on the algorithm Alice used to encrypt he Tel # )
![Page 19: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/19.jpg)
EncodingAlice partitions her secret value (S) into shares s1, s2,..., sk
Construct a polynomial (p) so that
p(xj) = sk-1xk-1 + sk-2xk-2 + ... + s1x + s0
For every element in set A,
find ( ai, p(ai) )
Projecting elements of A onto p
Create chaff points that do not lie on p
Call this collection of points R
![Page 20: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/20.jpg)
Flow chart - Encode
Secret data (S)(Tel #)
Polynomial (p)construction
PolynomialProjection
Chaff PointGeneration (C)
Set (A)(Favorite movies)
+
Vault (VA)
![Page 21: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/21.jpg)
Algorithm Lock
[1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002
![Page 22: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/22.jpg)
Decoding
Project R onto bi (elements in set B)
If there exists a pair (bi, y) in R for any y
then (xi, yi) = (bi, y), else (xi, yi) = null
Call this collection of points Q
Perform the Reed-Solomon decoding algorithm and reconstruct a unique polynomial p
![Page 23: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/23.jpg)
Reed-Solomon decoding
The classical algorithm of
Peterson-Berlekamp-Massey decodes successfully if at least (k+t)/2 points in Q share a common polynomial
t = the # of points in set A
k = a polynomial of degree less than k
![Page 24: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/24.jpg)
Flow chart - Decode
Vault (VA)
Secret data (S)(Tel #)
Set (B)(Favorite movies)
Error-correctingcodes
(Reed-Solomon codes)
Polynomial (p)reconstruction
Candidate pointidentification
![Page 25: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/25.jpg)
Algorithm Unlock
[1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002
![Page 26: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/26.jpg)
Security
Depends on the # of chaff points r-t in the target set R
r = the total # of points
t = the # of points in set A
Attacker cannot distinguish between the correct polynomial p and all of the spurious ones
Security proportional to the # of spurious polynomials
![Page 27: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/27.jpg)
Fuzzy Fingerprint VaultReplace favorite movies with Fingerprint minutiae data
Different from favorite movies, minutiae data needs to be aligned
without any information leak
Quantification is applied to account for slight variations in minutiae data
example:block size = 11x11
[1,11] → 6
![Page 28: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/28.jpg)
EncodeError-correction scheme
Cyclic Redundancy Check (CRC)
16bit CRC: gCRC(a) = a16 + a15 + a2 +1
128bit secret + 16bit CRC = 144bit (S)divided into 9 non-overlapping 16-bit segments ( 144/16 = 9)
p(x) = s8x8 + s7x7 + ... + s1x + s0
Quantify minutiae data (A)
Apply fuzzy vault scheme → get VA
Construct helper data
![Page 29: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/29.jpg)
Secret data (S)Polynomial (p)construction
PolynomialProjection
Chaff PointGeneration (C)
Set (A)(Quantified minutiae)
+
Vault (VA)
00110100
CRC encoding
0011010011
![Page 30: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/30.jpg)
Decode
Quantify minutiae data (B)
Apply fuzzy vault scheme → get p
Decrypt secret from p (144bit code)
Apply CRC coding to check whether there are errors in this secret
Divide the secret with CRC code
0011010011 / 11 = 00110100 ..... 0Remainder is not zero : error!
![Page 31: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/31.jpg)
Secret data (S)
Set (B)(Quantified minutiae)
Vault (VA)
00110100
CRC decoding 0011010011
Candidate pointidentification
Error-correctingcodes
(Reed-Solomon codes)
Polynomial (p)reconstruction
![Page 32: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/32.jpg)
Helper data
Orientation Field Flow Curves (OFFC)Sets of piecewise linear segments the represent the underlying flow of fingerprint ridges
Robust to noise minutiae
islands
smudges
cuts
![Page 33: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/33.jpg)
Constructing Helper DataFind the orientation field that shows the dominant orientation in each block
8*8
sj = sj-1 + dj * lj * oSj-1
j = the index of points on the curve
dj = the flow direction between sj and sj-1
{ -1, 1 }
lj = the length of line segment between these two points
oSj-1 = the orientation value at location sj-1
![Page 34: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/34.jpg)
Helper Data Filtering
outliers
points with too low curvature
points with too high curvature
![Page 35: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/35.jpg)
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
![Page 36: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/36.jpg)
ICP base AlignmentIterative Closest Point
1. Estimate the initial transformationFind the center of mass
2. Iterate until convergence
C: curvature, r: row, c: column
higher αvalues emphasize the effect of curvature
(100, 150, 400)
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
![Page 37: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/37.jpg)
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
![Page 38: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/38.jpg)
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
![Page 39: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/39.jpg)
Experiments
DB2 database of FVC 2002 study8 impressions for each of the 100 distinct fingers
Image size: 560*296
Resolution: 569dpi
Block size: 11*11
24 genuine minutiae points dispersed among 200 chaff points are used
![Page 40: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/40.jpg)
ResultsTwo impression per finger are used
1 for locking, 1for unlockingGAR = 72.6% at FAR = 0%
has less than 24 minutiae (16)
Unlocking with two impression per finger
GAR = 84.5% at FAR = 0%errors in helper data (7)poor quality image (4)common minutiae between locking and unlocking prints less than the required number (2)
![Page 41: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/41.jpg)
Conclusion
Secured 128-bit AES keys feasiblyAn automatic alignment scheme based on helper data derived from the orientation field of fingerprintsThe helper data does not leak any information about the minutiae-based fingerprint template User is expected to be cooperative
Reduce false rejects
![Page 42: Securing Fingerprint Template - Fuzzy Vault with Helper Data](https://reader036.fdocuments.net/reader036/viewer/2022062518/56814834550346895db5550e/html5/thumbnails/42.jpg)
References[1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002