ETRI Journal

  • 제32권6호
  • /
  • Pages.950-960
  • /
  • 2010
  • /
  • 1225-6463(pISSN)
  • /
  • 2233-7326(eISSN)
한국전자통신연구원 (Electronics and Telecommunications Research Institute)
권호 표지
DOI QR코드

DOI QR Code

Secure Face Authentication Framework in Open Networks

  • 투고 : 2010.03.15
  • 심사 : 2010.09.20
  • 발행 : 2010.12.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

In response to increased security concerns, biometrics is becoming more focused on overcoming or complementing conventional knowledge and possession-based authentication. However, biometric authentication requires special care since the loss of biometric data is irrecoverable. In this paper, we present a biometric authentication framework, where several novel techniques are applied to provide security and privacy. First, a biometric template is saved in a transformed form. This makes it possible for a template to be canceled upon its loss while the original biometric information is not revealed. Second, when a user is registered with a server, a biometric template is stored in a special form, named a 'soft vault'. This technique prevents impersonation attacks even if data in a server is disclosed to an attacker. Finally, a one-time template technique is applied in order to prevent replay attacks against templates transmitted over networks. In addition, the whole scheme keeps decision equivalence with conventional face authentication, and thus it does not decrease biometric recognition performance. As a result, the proposed techniques construct a secure face authentication framework in open networks.

키워드

참고문헌

  1. G. Davida, Y. Frankel, and B.J. Matt, "On Enabling Secure Applications through Off-Line Biometric Identification," IEEE Symp. Security Privacy, 1998, pp. 148-157.
  2. N.K. Ratha, J.H. Connell, and R.M. Bolle, "Enhancing Security and Privacy in Biometrics-Based Authentication Systems," IBM Syst. J., vol. 40, no. 3, Jan. 2001, pp. 614-634.
  3. T. Connie et al., "PalmHashing: A Novel Approach for Cancelable Biometrics," Inf. Process. Lett., vol. 93, no. 1, Jan. 2005, pp. 1-5. https://doi.org/10.1016/j.ipl.2004.09.014
  4. T. Kevenaar et al., "Face Recognition with Renewable and Privacy Preserving Binary Templates," IEEE Workshop Automatic Identification Advanced Technol., 2005, pp. 21-26.
  5. Y. Sutcu, T. Sencar, and N. Memon, "A Secure Biometric Authentication Scheme Based on Robust Hashing," ACM Workshop on Multimedia and Security, 2005, pp. 111-116.
  6. J.H. Ton and T. Kalker, "Robust Audio Hashing for Content Identification," Content-Based Multimedia Indexing, 2001.
  7. Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data," Adv. Cryptology - EUROCRYPT, LNCS 3027, 2004, pp. 523-540.
  8. A. Juels and M. Sudan, "A Fuzzy Vault Scheme," IEEE Int. Symp. Inf. Theory, 2002, p. 408.
  9. A. Juels and M. Wattenberg, "A Fuzzy Commitment Scheme," ACM Conf. Computer Commun. Security, 1999, pp. 28-36.
  10. Q. Li, Y. Sutcu, and N. Memon, "Secure Sketch for Biometric Templates," Adv. Cryptology - ASIACRYPT, LNCS 4284, 2006, pp. 99-113.
  11. J.P. Linnartz and P. Tuyls, "New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates," Audioand Video-Based Biometric Person Authentication, LNCS 2688, 2003, pp. 393-402.
  12. K. Simoens, P. Tuyls, and B. Preneel, "Privacy Weaknesses in Biometric Sketches," IEEE Symp. Security Privacy, 2009, pp. 188-203.
  13. R. Ang, R. Safavi-Naini, and L. McAven, "Cancelable Key- Based Fingerprint Templates," Australasian Conf. Inf. Security Privacy, LNCS 3574, 2005, pp. 242-252.
  14. N. Ratha et al., "Cancelable Biometrics: A Case Study in Fingerprints," Int. Conf. Pattern Recog., vol. 4, 2006, pp. 370-373.
  15. N.K. Ratha et al., "Generating Cancelable Fingerprint Templates," IEEE Trans. Pattern Anal. Mach. Intell., vol. 29, no. 4, 2007, pp. 561-572.
  16. Y.J. Lee et al., "One-Time Templates for Face Authentication," Int. Conf. Convergence Inf. Technol., Nov. 2007, pp. 1818-1823.
  17. M. Turk and A. Pentland, "Eigenfaces for Recognition," J. Cognitive Neuroscience, vol. 3, no. 1, Jan. 1991, pp. 71-86. https://doi.org/10.1162/jocn.1991.3.1.71
  18. P.N. Belhumeur, J.P. Hespanha, and D.J. Kriegman, "Eigenfaces vs. Fisherfaces: Recognition Using Class Specific Linear Projection," IEEE Trans. Pattern Analysis Mach. Intell., vol. 19, no. 7, Oct. 1997, pp. 711-720. https://doi.org/10.1109/34.598228
  19. Y.J. Lee, Y.S. Chung, and K.Y. Moon, "Inverse Operation and Preimage Attack on Biohashing," IEEE Workshop Computational Intell. Biometrics: Theory, Algorithms, Appl., Mar. 2009, pp. 92-97.
  20. Y.K. Lee and I. Verbauwhede, "Secure and Low-Cost RFID Authentication Protocols," IEEE Int. Workshop Adaptive Wireless Networks, Nov. 2005.
  21. K. Messer et al., "XM2VTSDB: The Extended M2VTS Database," Audio- and Video-Based Biometric Person Authentication, Mar. 1999, pp. 72-77.
  22. A.T.B. Jin, D.N.C. Ling, and A. Goh, "Biohashing: Two Factor Authentication Featuring Fingerprint Data and Tokenised Random Number," Patt. Recog., vol. 37, no. 11, Nov. 2004, pp. 2245-2255. https://doi.org/10.1016/j.patcog.2004.04.011
  23. A.B.J. Teoh, D.C.L. Ngo, and A. Goh, "An Integrated Dual Factor Authenticator Based on the Face Data and Tokenised Random Number," Int. Conf. Biometric Authentication, LNCS 3072, 2004, pp. 117-123.
  24. A. Kong et al., "An Analysis of BioHashing and Its Variants," Pattern Recog., vol. 39, no. 7, July 2006, pp. 1359-1368. https://doi.org/10.1016/j.patcog.2005.10.025