1 / 42

Securing Fingerprint Template - Fuzzy Vault with Helper Data

Securing Fingerprint Template - Fuzzy Vault with Helper Data. Presenters: Yeh Po-Yin Yang Yi-Lun. Outline. Review Previous Work Introduction – Fuzzy vault Proposed System Encoding Decoding Experimental Results Genuine Accept Rate (GAR) False Accept Rate (FAR) Conclusions. Alice.

chessa
Download Presentation

Securing Fingerprint Template - Fuzzy Vault with Helper Data

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing Fingerprint Template - Fuzzy Vault with Helper Data Presenters: Yeh Po-Yin Yang Yi-Lun

  2. Outline • Review • Previous Work • Introduction – Fuzzy vault • Proposed System • Encoding • Decoding • Experimental Results • Genuine Accept Rate (GAR) • False Accept Rate (FAR) • Conclusions

  3. Alice Registration Alice Template [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  4. Alice Template is stored [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  5. Alice Alice Authentication [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  6. Alice Authentication ?  It’s Alice! [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  7. Alice Alice Templates represent intrinsic information about you Theft of a template is theft of identity [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  8. Alice Server-side matching Client Server [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  9. Alice Alice “access granted” Server-side matching Client Server  [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  10. Alice “It’s Alice!” “Hi, Alice!” Client-side matching Server  [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  11. Alice “It’s Alice!” “It’s Alice!” “Hi, Alice!” Client-side matching Server [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  12. Alice Alice SecurID On-device matching [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  13. Alice Alice Alice SecurID On-device matching  [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  14. h h(“password”) “password” UNIX protection of passwords “password” “password” [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  15. Alice Alice Alice Template protection? h h( ) [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  16. Alice Fingerprint is variable • Differing angles of presentation • Differing amounts of pressure • Chapped skin Don’t have exact key! So hashing won’t work... [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

  17. Introduction – Fuzzy vault • Juels and Sudan (2002) • The movie lover problem - encrypt • Alice has a set of favorite movies (A) • Alice wants to give her Tel # to someone with the same interests • Alice does not want the others to know about her interests • Alice encrypt her Tel # under A

  18. Introduction – Fuzzy vault • The movie lover problem – decrypt • Bob has a set of favorite movies (B) • If B is identical to A, then Bob gets Alice’s Tel # • If B is different than A, then Bob gets nothing • If B is similar to A, then Bob might get Alice’s Tel # ( depend on the algorithm Alice used to encrypt he Tel # )

  19. Encoding • Alice partitions her secret value (S) into shares s1, s2,..., sk • Construct a polynomial (p) so that p(xj) = sk-1xk-1 + sk-2xk-2 + ... + s1x + s0 • For every element in set A, find ( ai, p(ai) ) • Projecting elements of A onto p • Create chaff points that do not lie on p • Call this collection of points R

  20. Flow chart - Encode Set (A) (Favorite movies) Secret data (S) (Tel #) Polynomial (p) construction Polynomial Projection Chaff Point Generation (C) + Vault (VA)

  21. Algorithm Lock [1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002

  22. Decoding • Project R onto bi (elements in set B) • If there exists a pair (bi, y) in R for any y then (xi, yi) = (bi, y), else (xi, yi) = null • Call this collection of points Q • Perform the Reed-Solomon decoding algorithm and reconstruct a unique polynomial p

  23. Reed-Solomon decoding • The classical algorithm of Peterson-Berlekamp-Massey decodes successfully if at least (k+t)/2 points in Q share a common polynomial • t = the # of points in set A • k = a polynomial of degree less than k

  24. Flow chart - Decode Set (B) (Favorite movies) Candidate point identification Error-correcting codes (Reed-Solomon codes) Polynomial (p) reconstruction Vault (VA) Secret data (S) (Tel #)

  25. Algorithm Unlock [1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002

  26. Security • Depends on the # of chaff points r-t in the target set R • r = the total # of points • t = the # of points in set A • Attacker cannot distinguish between the correct polynomial p and all of the spurious ones • Security proportional to the # of spurious polynomials

  27. Fuzzy Fingerprint Vault • Replace favorite movies with Fingerprint minutiae data • Different from favorite movies, minutiae data needs to be aligned • without any information leak • Quantification is applied to account for slight variations in minutiae data • example: • block size = 11x11 • [1,11] → 6

  28. Encode • Error-correction scheme • Cyclic Redundancy Check (CRC) • 16bit CRC: gCRC(a) = a16 + a15 + a2 +1 • 128bit secret + 16bit CRC = 144bit (S) • divided into 9 non-overlapping 16-bit segments ( 144/16 = 9) • p(x) = s8x8 + s7x7 + ... + s1x + s0 • Quantify minutiae data (A) • Apply fuzzy vault scheme → get VA • Construct helper data

  29. Set (A) (Quantified minutiae) 00110100 0011010011 Polynomial (p) construction Polynomial Projection Secret data (S) CRC encoding Chaff Point Generation (C) + Vault (VA)

  30. Decode • Quantify minutiae data (B) • Apply fuzzy vault scheme → get p • Decrypt secret from p (144bit code) • Apply CRC coding to check whether there are errors in this secret • Divide the secret with CRC code • 0011010011 / 11 = 00110100 ..... 0 • Remainder is not zero : error!

  31. Set (B) (Quantified minutiae) Vault (VA) Candidate point identification Error-correcting codes (Reed-Solomon codes) Polynomial (p) reconstruction CRC decoding 0011010011 Secret data (S) 00110100

  32. Helper data • Orientation Field Flow Curves (OFFC) • Sets of piecewise linear segments the represent the underlying flow of fingerprint ridges • Robust to noise • minutiae • islands • smudges • cuts

  33. Constructing Helper Data • Find the orientation field that shows the dominant orientation in each block • 8*8 • sj = sj-1 + dj * lj * oSj-1 • j = the index of points on the curve • dj = the flow direction between sj and sj-1 • { -1, 1 } • lj = the length of line segment between these two points • oSj-1 = the orientation value at location sj-1

  34. Helper Data Filtering • outliers • points with too low curvature • points with too high curvature

  35. [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

  36. ICP base Alignment • Iterative Closest Point • Estimate the initial transformation • Find the center of mass • Iterate until convergence • C: curvature, r: row, c: column • higher αvalues emphasize the effect of curvature • (100, 150, 400) [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

  37. [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

  38. [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006

  39. Experiments • DB2 database of FVC 2002 study • 8 impressions for each of the 100 distinct fingers • Image size: 560*296 • Resolution: 569dpi • Block size: 11*11 • 24 genuine minutiae points dispersed among 200 chaff points are used

  40. Results • Two impression per finger are used • 1 for locking, 1for unlocking • GAR = 72.6% at FAR = 0% • has less than 24 minutiae (16) • Unlocking with two impression per finger • GAR = 84.5% at FAR = 0% • errors in helper data (7) • poor quality image (4) • common minutiae between locking and unlocking prints less than the required number (2)

  41. Conclusion • Secured 128-bit AES keys feasibly • An automatic alignment scheme based on helper data derived from the orientation field of fingerprints • The helper data does not leak any information about the minutiae-based fingerprint template • User is expected to be cooperative • Reduce false rejects

  42. References • [1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002 • [2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006 • [3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002

More Related