Share Email Print
cover

Proceedings Paper

Biometric template transformation: a security analysis
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

One of the critical steps in designing a secure biometric system is protecting the templates of the users that are stored either in a central database or on smart cards. If a biometric template is compromised, it leads to serious security and privacy threats because unlike passwords, it is not possible for a legitimate user to revoke his biometric identifiers and switch to another set of uncompromised identifiers. One methodology for biometric template protection is the template transformation approach, where the template, consisting of the features extracted from the biometric trait, is transformed using parameters derived from a user specific password or key. Only the transformed template is stored and matching is performed directly in the transformed domain. In this paper, we formally investigate the security strength of template transformation techniques and define six metrics that facilitate a holistic security evaluation. Furthermore, we analyze the security of two wellknown template transformation techniques, namely, Biohashing and cancelable fingerprint templates based on the proposed metrics. Our analysis indicates that both these schemes are vulnerable to intrusion and linkage attacks because it is relatively easy to obtain either a close approximation of the original template (Biohashing) or a pre-image of the transformed template (cancelable fingerprints). We argue that the security strength of template transformation techniques must consider also consider the computational complexity of obtaining a complete pre-image of the transformed template in addition to the complexity of recovering the original biometric template.

Paper Details

Date Published: 27 January 2010
PDF: 15 pages
Proc. SPIE 7541, Media Forensics and Security II, 75410O (27 January 2010); doi: 10.1117/12.839976
Show Author Affiliations
Abhishek Nagar, Michigan State Univ. (United States)
Karthik Nandakumar, A*STAR Institute for Infocomm Research (Singapore)
Anil K. Jain, Michigan State Univ. (United States)
Korea Univ. (Korea, Republic of)


Published in SPIE Proceedings Vol. 7541:
Media Forensics and Security II
Nasir D. Memon; Jana Dittmann; Adnan M. Alattar; Edward J. Delp III, Editor(s)

© SPIE. Terms of Use
Back to Top