attack on minutiae-based fingerprint authentication
TRANSCRIPT
ATTACK ON MINUTIAE-BASED FINGERPRINT AUTHENTICATION
SYSTEMS BY USING GENETIC ALGORITHM
by
ANDRAS ROZSA
A thesis submitted to the Graduate Faculty of the
University of Colorado at Colorado Springs
in partial fulfillment of the
requirements for the degree of
Master of Science in Computer Science
Department of Computer Science
2014
ii
This thesis for the Master of Science in Computer Science degree by
Andras Rozsa
has been approved for the
Department of Computer Science
by
_______________________
Dr. Terrance Boult, Chair
_______________________
Dr. Albert Glock
_______________________
Dr. Chuan Yue
_______________
Date
iii
Rozsa, Andras (M.S., Computer Science)
Attack on minutiae-based fingerprint authentication systems by using genetic algorithm
Thesis directed by Professor Terrance Boult
Biometric authentication systems are becoming more and more popular due to the
convenience provided to their users. Compared to traditional authentication systems,
there are no passwords or passphrases to remember or tokens to possess. Biometric traits
are something we all have, so they are naturally available for authentication purposes.
Since biometric traits are generally unique to each person, they are more reliable in
verifying identity than traditional methods, however new problems have been introduced
by them. As biometric traits are closely tied to a person, there is always a privacy concern
related to their ultimate usage. Also, after being compromised, the irreplaceability of
biometric data makes it more difficult to return to a secure state. Recent research has been
focused on addressing these problems and the proposed solutions have been targeted for
being tested and compromised as well. Fingerprint authentication systems are one of the
most commonly used biometrics-based authentication systems due to the reduced size of
fingerprints and the social acceptability. This thesis introduces a completely new and
effective approach to successfully attack minutiae-based fingerprint authentication
systems by using genetic algorithms.
iv
ACKNOWLEDGEMENTS
The author would like to thank Dr. Boult for his support and providing resources
and consultation in this work. The author would also like to thank Dr. Glock and Dr. Yue
for their support and consultation in this work.
v
TABLE OF CONTENTS
CHAPTER
I. INTRODUCTION .............................................................................................................. 1
II. BACKGROUND AND PREVIOUS WORK ............................................................................. 6
Minutiae ..................................................................................................................... 6
Attacking fingerprint authentication systems .............................................................. 8
Previous related work ............................................................................................... 10
III. APPROACH ................................................................................................................... 15
Introduction to genetic algorithms ............................................................................ 15
The attacking system ................................................................................................. 18
IV. TARGETED SYSTEMS AND DATASET .............................................................................. 27
The targeted systems ................................................................................................ 27
Dataset ..................................................................................................................... 29
V. EXPERIMENTS ............................................................................................................... 31
MCC .......................................................................................................................... 32
PMCC ........................................................................................................................ 35
Biotope ..................................................................................................................... 42
Summary ................................................................................................................... 44
VI. FUTURE WORK ............................................................................................................. 45
Initial population ....................................................................................................... 45
Parallel implementations........................................................................................... 46
Self-adaptive genetic algorithm ................................................................................. 48
Compromising the privacy of PMCC systems ............................................................. 49
REFERENCES ............................................................................................................................. 51
APPENDICES
A. RESULTS OF ATTACKING MCC ....................................................................................... 54
B. RESULTS OF ATTACKING PMCC (K=16) .......................................................................... 58
C. RESULTS OF ATTACKING PMCC (K=32) .......................................................................... 62
D. RESULTS OF ATTACKING PMCC (K=64) .......................................................................... 66
E. RESULTS OF ATTACKING BIOTOPETM ............................................................................. 70
vi
LIST OF FIGURES
Figure
1. Equal error rate ........................................................................................................... 3
2. Minutiae examples ...................................................................................................... 7
3. Illustration of minutiae-triplets: ridge ending and ridge bifurcation ............................. 8
4. Data-flow paths and attack points of a biometric verification system .......................... 8
5. The genetic process ................................................................................................... 16
6. The binary representation of minutiae ...................................................................... 19
7. Crossover operators supported by our genetic algorithms......................................... 22
8. Minutia-based SMM .................................................................................................. 25
9. The progress of matching scores (MCC - 1_12) .......................................................... 33
10. The distribution of matching scores (MCC system) .................................................... 34
11. The progress of matching scores (PMCC - 1_6 with k=16) .......................................... 36
12. The distribution of matching scores (PMCC system with k=16) .................................. 37
13. The progress of matching scores (PMCC - 1_7 with k=32) .......................................... 38
14. The distribution of matching scores (PMCC system with k=32) .................................. 39
15. The progress of matching scores (PMCC - 1_11 with k=64) ........................................ 40
16. The distribution of matching scores (PMCC system with k=64) .................................. 41
17. The progress of matching scores (BiotopeTM - 1_9) .................................................... 42
18. The distribution of matching scores (BiotopeTM) ........................................................ 43
CHAPTER 1
INTRODUCTION
Authentication – the verification of an entity’s identity – is a fundamental process
in computer science. There are several, different ways in which an entity can be
authenticated, but they can be divided into four basic categories as the factors of
authentication. The first one is knowledge factors: something only the user knows such as
a password, passphrase or personal identification number (PIN). Traditional
authentication systems prefer these factors due to the low implementation costs. The
second category of authenticators is ownership or possession factors: something only the
user has such as a smart card or security token. The third category consists of inherence
factors: something only the user is or does. These factors are biometric identifiers such as
fingerprints, iris characteristics or keystroke dynamics. The last category relies on the
user’s actual location as authenticator: where the user is. For example, banks can track
the geolocation of customers via their cellphones to detect suspected credit card fraud.
Secure systems apply multi-factor authentication (MFA) to prevent impersonation by
requiring multiple, independent factors during the identity verification process.
Biometric or biometrics-based authentication systems using physiological or
behavioral traits are becoming more and more popular compared to traditional systems
[1]. Physiological traits are some characteristics of a person’s body, examples include,
but not limited to fingerprints, iris recognition, palm veins and face recognition.
Behavioral traits are related to some pattern of person’s behavior such as typing rhythm
or voice recognition. The popularity of biometric systems originated from the
2
convenience provided to their users – there are no passwords to remember or tokens to
possess, the users only need to use their biometric traits for authentication.
Authentication systems using biometric traits work as follows. First of all, users
need to be enrolled into the system by capturing their biometric traits and storing those in
a form of a reference template. Enrolled users can authenticate themselves by providing
fresh biometric traits again, which are captured by the system and transformed into a
sample template. The stored reference template is then compared against the new, sample
template. If they match – their similarity is high enough – implying that the two templates
originated from the same user, the user is deemed authenticated. Each system employs an
algorithm called the matcher to compare the reference and sample templates and estimate
their similarity by calculating their matching score. A match means that the score is
higher than a predefined threshold value. If the fixed threshold is too high, then some
biometric samples originating from the legitimate user will be falsely rejected and the
user needs to provide a new sample. False rejections cause frustration to users, reduction
in work due to inconvenient, repeated verifications. On the other hand, with a low
threshold the system will falsely accept biometric samples coming from illegitimate users
and that is a security issue as users can be impersonated.
Each biometric has different characteristics, which can be used to assess their
suitability and usability. Jain et al. [1] identified seven factors that can be used to assess
and compare different biometric systems. Universality, as the first factor, means that
every user of the system should possess the biometric trait. Second, uniqueness states that
the biometric trait needs to be sufficiently different in relevant population, so the system
can distinguish its users. Third factor, permanence describes how the biometric trait
3
varies over time. Good permanence means that the trait will be relatively invariant.
Measurability or collectability is the fourth factor, which describes the ease of
measurement or acquisition of the trait. Fifth factor is performance describing the
accuracy and speed of given system. Sixth, acceptability relates to individual or social
acceptability of collecting certain biometric trait. Last factor is circumvention assessing
the difficulty of imitation or substitution of the biometric trait. There is no single
biometric that can meet all the different requirements of all possible systems and
environments.
Each biometric system presents different biometric accuracy, which needs to be
carefully considered before application. In general, three metrics are used to judge
biometric accuracy: false acceptance rate (FAR), false rejection rate (FRR) and equal
error rate (EER).
Figure 1: Equal error rate
Figure 1 shows the correlation between FAR, FRR and EER: as the threshold
increases FAR drops, but FRR grows. The threshold defines the sensitivity of the system
and needs to be carefully chosen to balance between FAR and FRR.
4
Using biometrics can also become an issue in our society as the acceptance relies
on human factors. There are biometric systems able to measure the characteristics of
individuals without any contact (e.g. voice recognition), while other systems require little
participation or cooperation from users (e.g. fingerprints). Former systems might be
considered more convenient, user-friendly and hygienic, but those systems actually
introduce privacy issues as biometric characteristics can be easily captured without the
individuals’ knowledge [2]. Retina scans – a laser scan to map the capillaries of the retina
– present further privacy issues as health information can be gained: conditions such as
pregnancy or diabetes can be determined based on the scan.
Biometric systems compared to traditional security systems have introduced two
new problems: lack of secrecy and irreplaceability [3]. The first problem simply means
that biometric traits can be collected and misused by others. For example, fingerprints
can be relatively easily collected as we leave fingerprint impressions on surfaces. The
second one is irreplaceability: once the biometric data is compromised, unlike replacing a
key or password in traditional systems, it is much more difficult to return to a secure
situation. Considering fingerprint authentication systems, after being compromised user
can enroll and use one of the nine remaining, uncompromised fingerprints for
authentication, but obviously the alternatives are limited.
Fingerprint authentication systems are one of the most widely used biometrics-
based authentication systems today due to the reduced size of fingerprints and social
acceptability [4]. In spite of the advantages provided by fingerprint authentication
systems, they are still vulnerable to attacks [5] and there are many security concerns
related to biometric systems [6].
5
In this thesis, a novel approach is introduced to attack minutiae-based fingerprint
authentication systems. After providing some background and summarizing related work,
we present a new general attack using a genetic algorithm. Then, we evaluate the
performance of the attacking system by analyzing the results of our experiments using the
selected dataset. Finally, we identify possible directions of future work to further improve
both our genetic algorithm and the attacking system as well.
CHAPTER 2
BACKGROUND AND PREVIOUS WORK
This chapter introduces minutiae as the cornerstone of fingerprint authentication
and then provides an overview of possible attacks on fingerprint authentication systems
in general. Finally, previous related works are presented.
Minutiae
Fingerprints are patterns of ridges and valleys on the surface of fingertips. Since
each individual has unique fingerprints, they can be used for personal identification and
authentication. The uniqueness of a fingerprint is determined by local ridge
characteristics and their relationships.
Minutiae are special ridge characteristics: they are local discontinuities of ridges
in the fingerprint pattern [7]. In 1986 the American National Standards Institute has
proposed four minutia-types for minutiae classification: ridge ending, ridge bifurcation,
compound and undetermined [8]. Ridge ending can be simply defined as the point where
the ridge ends abruptly. A bifurcation is defined as the point where the ridge diverges into
two ridges. Compound, also called as crossover is defined as the point where two ridges
intersect each other. All other cases are identified as undetermined. Overall, more than
100 local ridge characteristics have been identified [9] – they are not distributed evenly
and some of them are hard to observe in fingerprints depending on the conditions of
impressions and the quality of fingerprints. Figure 2 shows examples of the two most
common minutiae: ridge endings and ridge bifurcations.
7
Figure 2: Minutiae examples
Fingerprint authentication systems highly depend on the templates they work
with. It is very critical to automatically and reliably extract minutiae from fingerprint
images, which is indeed a difficult task as the quality of the images can be poor due to
scanning devices, skin conditions or simply by the variations in impression conditions.
Several algorithms have been developed to improve the extraction from low quality
fingerprint images [10][11].
After identifying minutia in a fingerprint image, each minutia m can be defined as
a triplet m = {xm, ym, θm}, where xm and ym define the minutia location in the image and θm
is the minutia orientation in the range of [0, 2π[ as it is shown for the two most prominent
minutiae, ridge ending and ridge bifurcation in Figure 3.
8
Figure 3: Illustration of minutiae-triplets: ridge ending and ridge bifurcation
The extracted minutiae are used to construct a fingerprint minutiae template,
usually compliant to the ISO/IEC 19794-2 [12] standard. The file contains the basic
attributes of the source fingerprint image (width, height and resolution), the number of
extracted minutiae and then all minutiae triplets are listed.
Attacking fingerprint authentication systems
Fingerprint recognition systems are vulnerable to attacks, so their security levels
can be decreased. Possible attacks against general biometric verification systems have
been studied and 8 different types of attack have been classified [5]. The possible attack
points are depicted in Figure 4.
Figure 4: Data-flow paths and attack points of a biometric verification system
Type 1 attacks aim directly at the sensor, the entry point of the system. From the
attacker point of view, it is the best point to attack as no knowledge about the biometric
authentication system and/or access privileges are necessary to launch these attacks. Of
9
course, the attacker “only” needs to have a fake biometric to submit, but compared to
other attacks the feasibility of type 1 attacks can be very high. The attacker does not need
to know anything about the image created by the sensor (e.g. dimensions and resolution),
what kind of template specification is used by the extractor and the matcher etc. From the
system point of view, the big problem with this type of attack is to detect as an attack –
the sensor is the entry point of the system and used as usual [13]. Type 1 attacks have
been researched and shown to be quite successful. After collecting a fingerprint – from a
surface for example – an artificial, dummy finger can be created within few hours and
used for the attack [14][15].
Type 2 attacks aim at the communication channel between the sensor and the
feature extractor. The attack can be as simple as replaying a previously intercepted
fingerprint image, trying several images and hope there is a similarity to the target or the
attacker can try to use synthetic images as well. The only knowledge necessary for these
attacks is attributes of the image. On the other hand, creating synthetic fingerprint images
from a set of minutiae (known as fingerprint reconstruction) is a challenging task, but it is
indeed possible [16][17].
Type 4 attack is also a communication channel attack. The attacker needs to know
the minutiae template specification used by the system to be able to generate synthetic
minutiae templates. Replay attacks might be possible as well. Type 7 and 8 attacks are
similar to 2 and 4 as they all aim at communication channels. Replaying previously
intercepted content might work. Otherwise, a priori information about the exchange
format is needed for attackers to be able construct synthetic content. Possible defense
techniques against type 2, 4, 7 and 8 attacks – as they are all communication channel
10
attacks – can be simply protecting content transmitted on the channel by using encryption
and some challenge/response based system to prevent content coming from attackers to
be handled as legitimate traffic.
The targets of type 3 and 5 attacks are the feature extractor and the matcher.
These attacks might be performed as Trojan Horse attacks to change their behavior.
Obviously, protecting the integrity of those components is critical to keep the system
functional and uncompromised.
Finally, type 6 attacks aim at the template database storing the reference
templates. The database can be compromised in different ways. The attacker can delete or
replace templates – it is a data-integrity issue. The attacker can also try to reverse-
engineer reference templates to recover the minutiae template.
If the attempt is successful, type 4 attack can be launched. By reconstructing the
fingerprint image from the recovered minutiae template type 2 attacks are possible as
well. Furthermore, by creating a dummy finger from the reconstructed fingerprint, even
type 1 attacks can be successfully executed against the system. Reference templates need
to be protected by using encryption techniques and/or reference templates have to be
designed to make reverse engineering impossible.
Previous related work
Since our attacking system is designed to launch type 4 attacks, we are focusing
on previous related work attacking fingerprint authentication systems by using that type
of attack. As a reminder, type 4 attack’s goal is to synthetize minutiae template files
resulting in a “match” against the reference template.
11
After examining a generic attack model against biometric authentication systems,
Ratha et al. explain that in case sufficiently many minutiae points are present in the
reference minutiae template, then synthetizing a matching target minutiae template by
exhaustively searching the space of all possible templates is infeasible [18]. In other
words, brute-force attacks are infeasible against reference templates containing “enough”
minutiae points. In general, the feature extractor can identify and extract 40-100 minutia
points from a good quality fingerprint image and that number is sufficiently high.
Hill climbing procedures have been designed and implemented to attack different
biometric systems (e.g. face- and fingerprint-based systems).
Uludag and Jain present such an attack against minutiae-based fingerprint
authentication systems [13]. Their attack system inputs synthetic minutia sets to the
matcher trying to gain access to the system in place of a genuine user. Information about
the reference template format is unknown to the attacking system. By using the matching
scores returned by the attacked system and the characteristics of the minutiae sets, the
attacking system tries to generate a minutiae set to produce a sufficiently high matching
score to achieve a positive authentication.
To attack a user-account by applying hill climbing technique, the attacking system
follows 5 steps described below:
Step 1 (Initial guessing): The attacking system generates predefined number of
synthetic templates containing randomly generated minutia points. The number of
synthetic templates and the number of contained minutiae are configurable. In
their implementation 100 templates are created with 25 random minutia points.
12
Step 2 (Try initial guesses): Their system attacks user-account with synthetic
templates generated in Step 1 and accumulates the corresponding matching
scores.
Step 3 (Pick the best initial guess): The attacking system identifies the best guess
by selecting the synthetic template with the highest matching score.
Step 4 (Try modification set): Their system modifies the best guess identified in
Step 3 by applying one of the following four operations: perturbing an existing
minutia, adding a new minutia, replacing an existing minutia or deleting an
existing minutia. If any of these modified templates produce a higher matching
score than the previous best, then that template is declared as the best.
Step 5 (Obtaining result): In case the best is a match against the reference
template – its score is higher than the threshold, the attack stops as it is successful.
Otherwise, Step 4 needs to be repeated.
When they designed the attacking system, an assumption has been made: the
attributes (size and resolution) of the images used to create the original reference
templates are known. This can be considered as a valid assumption as sensor
manufacturers announce those values.
As the resolution determines the minimum inter-ridge distance – 9 pixels for 500
dpi – they applied a rectangular grid with 9 x 9-pixel cells to prevent their system from
creating minutia points too close to each other. Also for minutia orientation, they
quantized the [0,2π[ range into 16 equally spaced intervals. Obviously, these design
decisions drastically reduced the number of possible minutia points in the search space
and their attack system has been proved to be quite effective.
13
Pashalidis published a conceptually similar attack which differs in three aspects
[19]. Firstly, he uses simulated annealing – an advanced form of hill climbing technique –
attack which is able to escape from local optima. Secondly, his attacking system is
optimized to attack vicinity-based matchers, it does not explore the whole search space
and its goal is not to recover the original minutiae template, instead, it tries to create one
template with a sufficiently high matching score against the reference template. Thirdly,
the attack is applied against PMCC [21] – a template protection technique, where the
attacker is explicitly allowed to access the protected reference template, so an offline
attack can be launched.
The description of the attack published by Pashalidis:
An initial template is generated which consists of multiple vicinities. The exact
number of vicinities is horizontally and vertically configurable (e.g. 4 and 4: the
image-size is divided into 16 vicinities). Each vicinity is populated with a number
of random minutiae (with random location and orientation), the number of
minutiae is randomly chosen from a configurable range (e.g. [2,4]).
Matching score of the initial template is calculated.
A new candidate template is constructed by replacing one of the vicinities by one
new and randomly generated vicinity. If the candidate template produces higher
matching score than the original, the candidate template is kept and the procedure
is repeated for predefined, configurable times. Compared to hill climbing
technique simulated annealing sometimes replaces the current template with
another candidate having a worse matching score. The replacement is done by a
14
configurable probability and its goal is to avoid the search getting trapped in a
local optima.
Although the attack does not apply a minimum inter-ridge distance, based on the
results of the concluded experiments, it is indeed efficient and effective.
CHAPTER 3
APPROACH
After giving a general overview of genetic algorithms, this chapter provides an
overall summary of the designed attacking system. The major goal of the design was to
keep the system as simple and flexible as possible, so it can be easily adapted to attack
any minutiae-based fingerprint authentication system by applying small modifications
such as configuration changes.
Introduction to genetic algorithms
A Genetic Algorithm (GA) is simply a robust searching and optimization
technique based on ideas originating from genetic and evolutionary theory [23] and
biological genetic development principles firstly developed by John Holland [24]. GAs
were invented to mimic the processes observed in natural evolution – natural selection
and natural genetics. Optimization simply means a process to make something better by
trying variations on an initial concept and using the gained information to improve the
idea. In engineering, optimization and optimization algorithms have been researched,
developed and used for a long time.
GA is a general optimization technique and has received considerable attention
regarding its potential. It can be effectively applied to a wide range of problems due to its
three major advantages:
GA does not have many mathematical requirements – it can search for
possible solutions without regard to the specifics of the problem.
16
The evolution operators (selection, crossover and mutation) make GA perform
a global search. With carefully chosen and configured operators the algorithm
can be prevented from being trapped in local optima.
GA provides flexibility – it can be relatively easily tailored to solve specific,
complex problems.
As detailed above, there are many advantages, but solving complex problems with
exact, complex constraints by applying a GA might be difficult and very time consuming.
Figure 5: The genetic process
The steps of the genetic algorithm or genetic process are depicted in Figure 5. The
GA starts with an initial set of solutions – called a population. Each individual in the
population – called a chromosome – represents a solution to the problem. The
chromosomes of the initial population are usually created randomly. The chromosomes
evolve through iterations – called generations – as the GA modifies the chromosomes by
some genetic operators such as selection, crossover and mutation. Also, they are
evaluated by using some measure of fitness to assess their applicability as solutions of the
given problem, which is simply called fitness value. A new chromosome, called an
17
offspring is usually created by selecting its parents from the current population,
“merging” or “breeding” them by applying some crossover operation and/or mutating the
offspring.
The three genetic operators are the key of GA. First, to produce better and better
chromosomes their parents need to be chosen with care – fitter parents need to have
higher probabilities to be selected. Second, crossover operation performs some kind of
mixing – two chromosomes of parents are combined together to create the offspring.
Finally, mutation usually randomly changes some part(s) of the chromosome to introduce
something “new” in the population which may have beneficial results. Crossover in GA
is responsible for exploring a “local hill” and finding its local optima, while mutation
helps to break out from there, so the GA is able search for solutions in a wide area.
Chromosomes are usually represented as binary-strings. Crossover means simply
recombining the representations of the selected parents and mutation is as simple as
inverting bit(s). To design and implement an effective and efficient attacking system
using GA, the followings need to be carefully chosen:
Population size
Parents selection
Crossover operator
Mutation operator
Mutation probability (% of the chromosome to be mutated)
Elitism selection (selected chromosomes from population for later breeding)
It is not easy to set and choose the above listed parameters. Crossover and
mutation probability are critical to the success of genetic algorithms as they are together
18
responsible for creating new, hopefully fitter offspring chromosomes. A low mutation
rate would not introduce genetic diversity – the chromosomes would remain too similar
and the GA could not escape from local optima. On the other hand, too high mutation
probability would transform GA into a random search algorithm. The optimal values for
the listed parameters vary along with the problem of concern and need to be identified
and estimated by running some experiments.
The attacking system
The designed attacking system has been implemented in JavaTM
, which is one of
the most popular object-oriented programming languages as of 2014. It has been selected
due to its provided portability between different platforms, as Java is specifically
designed to have as few implementation dependencies as possible. In practice, this means
that our attacking system can be used in any environment (any combinations of hardware
and operating systems) with adequate runtime support.
The primary goal of our attacking system is to effectively synthetize minutiae
templates with efficiently high matching scores against a reference template by applying
a genetic algorithm. Carefully defining the search space is very important for any
optimization algorithm, as the number of all possible solutions can determine the overall
performance of the algorithm. Obviously, it is faster to find an optimal solution from a
smaller search space. For genetic algorithms the possible solutions (chromosomes) are
represented as binary strings, so keeping the search space small simply means to have as
short chromosomes as possible.
Similarly to the attack presented by Uludag and Jain [13], our attacking system
also applies a rectangular grid with configurable size of cells. Each cell of the grid can
19
contain maximum one minutia. As the resolution of the fingerprint image determines the
minimum inter-ridge distance, the grid prevents our system from creating minutiae
unnecessarily close to each other. Also, the grid significantly reduces the number of all
possible minutiae and the search space as well. For example, the minutiae templates
released with Minutia Cylinder-Code Software Development Kit (SDK) Version 1.4 [25]
have been extracted from fingerprint images with the size of 351 x 492 pixels and 500 dpi
resolution. The resolution defines the minimum inter-ridge distance as 9 pixels, so the
grid can be configured to consist of 9 x 9 pixel cells, having 39 columns and 54 rows.
The spatial location of minutiae can be represented by 12 bits – 6 bit is needed to define
the column and 6 bit for the row as well. Considering minutia-orientation to be quantized
into 16 equally spaced intervals, so defined by 4 bits, a minutia can be represented by a
16-bit binary string as shown in Figure 6.
Figure 6: The binary representation of minutiae
20
Our attacking system takes another step to further reduce the number of possible
solutions. The perimeters of the fingerprint images usually contain fewer minutiae than
the center areas – this is generally true due to the shape of the images. To utilize that, our
system can be configured to basically ignore the perimeter by setting a centralized “target
area” within the grid, where all the generated minutiae are placed. For example, by using
only the 60-60% of the grid’s height and width, the target area becomes a significantly
smaller (36% of the original grid), both horizontally and vertically centralized portion of
the grid. This spatial location reduction also allows the system to try generating fewer
minutiae (the number is configurable), so reduce the overall number of possible solutions.
The initial population is randomly generated. As described earlier, each
chromosome represents a minutiae template containing configurable number of minutiae.
Each minutia is defined by a randomly generated x, y and θ triplet. If the location of the
newly generated minutia was already taken in the configured target area, it would be
simply ignored and another random minutia would be generated. The size of the initial
population is also configurable. The initial population plays a very important role of the
genetic algorithm, as all offspring chromosomes are their descendants.
The population of all further generations is created by following the genetic
process. The three genetic operators are responsible for performing a global search in the
solution space. Selection needs to imitate natural selection to make the genetic algorithm
mimic the evolutionary process. By simply selecting the few best chromosomes for
breeding, the genetic algorithm can easily produce inbred populations lacking diversity.
To prevent that, our genetic algorithm applies one of the most popular and widely used
selection methods, which is called tournament selection. When the genetic algorithm
21
needs to find a parent for breeding, using tournament selection means to randomly pick a
predefined number of chromosomes from the population and then select the best/fittest of
them. The number of randomly selected chromosomes is called tournament size and
needs to be chosen carefully. With a relatively large tournament size compared to the
population size, the fittest chromosomes of the population can completely prevent the rest
from being selected for breeding, so an inbred population can be produced as an
unwanted result. The advantage of tournament selection is to give higher probabilities to
fitter chromosomes, but also let chromosomes with lower fitness values to breed as well,
so with an adequately defined tournament size the diversity of the offspring
chromosomes can be assured. As described later, our genetic algorithm uses crossover
operators breeding two parents. Since tournament selection is used to select one parent, it
is possible to use different tournament sizes for parent 1 (mother) and parent 2 (father).
Another aspect of selection needs to be considered is elitism or elitist selection. In
practice, elitism simply means to allow the best/fittest chromosome(s) to be selected for
breeding in multiple, consecutive generations. This process further increases the
probabilities to very few of the fittest to breed throughout multiple generations and it is
indeed very useful to prevent them from not being selected at all, while the chances of
producing an inbred population is still low. Of course, the size of the elite and number of
consecutive generations a chromosome of the elite can breed need to be carefully
configured.
The second genetic operator that requires careful consideration is crossover. After
selecting the parents, crossover operation is responsible to form offspring chromosomes
by using the genome of the parents. As each chromosome represents a possible solution
22
to the problem, by “mixing” the parents the genetic algorithm tries to create a new, in
some cases even fitter chromosome than its parents. In our genetic algorithm each
chromosome is a binary string, so the crossover operation is as simple as string
concatenation. Of course, there are several different crossover operators regarding to how
the chunks need to be selected to form the new offspring. Our system contains four
implemented operators that can be used: bitwise single-point crossover, minutia-based
single-point crossover, bitwise uniform crossover and minutia-based uniform crossover.
The genetic algorithm is configurable to apply one of the listed crossover operators – they
form the offspring chromosomes quite differently as it is depicted in Figure 7.
Figure 7: Crossover operators supported by our genetic algorithms
Bitwise single-point crossover randomly selects a crossover point, slices the
parents up at that point and then simply forms the first offspring by concatenating the
first substring of parent 1 with the second substring of parent 2, and similarly creates the
second offspring by concatenating second substring of parent 1 with first substring of
parent 2. As the crossover point is randomly selected, genes (minutia-representations) of
23
the parents can be cut, and after combining the substrings together brand new minutiae
might be introduced by this crossover operation.
Minutia-based single-point crossover works similarly except for the crossover
point selection. As it is the multiple of bits used to represent a single minutia, new
minutia cannot be introduced by the operation itself – each minutia of the offspring
chromosomes is originated from their parents.
The disadvantage of single-point crossover comes from its simplicity. Having
long chromosomes and selecting the same parents for breeding multiple times can
decrease diversity, as the same, relatively large substrings are used to form the
chromosomes of the next generation. To overcome this probable and unpleasant feature,
the tournament size has to be carefully defined: it needs to be small enough.
Uniform crossover provides higher diversity due to the large number of crossover
points it applies. Bitwise uniform crossover has been implemented as follows: it takes the
first bit of parent 1’s chromosome and uses it with 50-50% probability to form offspring
1 or offspring 2. If the bit is used for offspring 1, then the first bit of parent 2 will be used
for offspring 2. Similarly, if the first bit of parent 1 is used to form offspring 2, then the
first bit of parent 2 is automatically used for offspring 1. The operator follows the same
logic on each following bit of the parent’s binary representations. Since this crossover
operator is bitwise, the formed offspring chromosomes can contain new minutiae, not
inherited from their parents. In some cases, each minutia of the offspring chromosomes
can be brand new.
Similarly to single-point crossover, we implemented a minutia-based version of
uniform crossover, which is not bitwise but minutia-based. This way, the offspring
24
chromosomes inherit all of their minutiae from their parents. The operator uses each
minutia of the parents with 50-50% probability in offspring 1 or offspring 2. Considering
the parent chromosomes consist of n different minutiae, there are 2n different offspring
chromosomes to be created, so even if the same parents are selected for breeding multiple
times, the diversity of the offspring generation will not be decreased.
While crossover is responsible for exploring a local area (“local hill”) by
combining the existing chromosomes, mutation – the third genetic operator – randomly
changes them by flipping bit(s) to break out from there and to be able to discover a
different area. If the introduced change has beneficial results and helps to create fitter
chromosomes, the genetic algorithm can search for possible solutions globally in the
whole search space. Mutation is a very sensitive operation regarding the overall
performance of the genetic algorithm, so finding a good mutation rate is not trivial. With
a too low mutation rate, the algorithm can be stuck into a local hill and local optima,
while a too high rate can turn the genetic algorithm into a purely random search
algorithm. Researches have been done for decades and many different fixed mutation
rates have been proposed based on experience and experiments [26][27]. Also, some
proposed solutions have been published to define a generally optimal mutation rate
calculated by using the length of the chromosomes [28] and considering the population
size as well [29]. Still, it is very difficult to find an appropriate mutation rate to have an
optimal performance.
The implemented mutation operator used by our genetic algorithm relies on a new
technique called Sequential Mutation Method (SMM) [30]. SMM has been designed to
improve the genetic algorithm overall performance by speeding up its convergence. The
25
basic idea behind SMM is to focus mutation only on a small section of the chromosomes.
In each generation one gene is selected from each chromosome, and the mutation is
applied on the bits of that gene. The bit(s) of the gene to be mutated are selected
randomly. Our solution mutates a configurable number of bits within one gene – the
binary representation of one minutia – in each generation as shown in Figure 8.
Figure 8: Minutia-based SMM
The gene selected for mutation is determined by the generation of the actual
population. In the first generation the first gene is mutated, in the second generation the
second gene and so on. Focusing the mutation on a small section (i.e. 16 bits) of the
whole chromosome provides higher probability to have beneficial results as the outcome
of the mutation operation.
After forming an offspring chromosome by following the genetic process of
selection, crossover and mutation, our genetic algorithm is ready to create the minutiae
template based on the binary string. Our attacking system is designed to synthetize
minutiae templates containing a predefined, configurable number of minutiae. The
outcome of both crossover and mutation operations can be a binary representation
containing the same minutia multiple times. In order to reach the predefined number of
26
minutiae, our system ignores the duplicates and generates new, random minutia instead.
In practice, for each chromosome a grid is created and the algorithm iterates through the
minutiae contained by the binary representation. For each minutia the applicable cell of
the grid is investigated based on its spatial location. If the cell is free meaning that the
actual minutia is unique, then it will be set to be taken. Otherwise, if the cell was already
taken meaning that the actual minutia is a duplicate, it would be replaced by a new,
randomly created minutia pointing to a free cell of the grid which would be then set to
occupied of course. Also, crossover and mutation operators can create chromosomes
containing minutiae with spatial location out of the grid’s targeted area. Obviously, those
minutiae are also ignored and replaced by new, randomly created minutiae with adequate
spatial location. With this technique our attacking system can always synthetize minutiae
templates with a certain number of minutiae.
This chapter has provided an overview of our genetic algorithm’s design, detailed
the implemented genetic operators and other important parameters, emphasized that all of
them is configurable to keep our attacking system as flexible as possible.
CHAPTER 4
TARGETED SYSTEMS AND DATASET
Our attacking system has been designed to attack minutiae-based fingerprint
authentication systems by synthetizing minutiae templates with efficiently high matching
scores by using the genetic algorithm that has been described in the previous chapter. In
this chapter a short overview is provided to describe the systems we have launched
attacks against, and then the dataset is introduced we have used for performance
evaluation during the conducted experiments.
The targeted systems
The following three minutiae-based fingerprint authentication systems have been
attacked by our system: Minutia Cylinder Code (MCC) [20], Protected Minutia Cylinder
Code (PMCC) [21] and BiotopeTM
[31][32].
Since our attacking system has been designed to launch type 4 attacks against any
minutiae-based system, no internal knowledge or any further information about the
targeted systems are necessary. The attacking system is able to launch offline attacks
against MCC and PMCC systems by using Minutia Cylinder-Code Software
Development Kit (SDK) Version 1.4 [25]. Also, for BiotopeTM
a custom interface has
been provided for the experimental attacks. Although knowing the internal structure and
processes of the targeted systems were unnecessary to design and implement our
attacking system, a brief overview is provided here to highlight the basic differences of
MCC, PMCC and BiotopeTM
systems regarding to security and privacy.
28
MCC creates a descriptor – a cylinder – for each minutia-point to describe its
environment with respect to other minutia-points. Each cylinder maps a portion of the
fingerprint image and from the cylinders of the MCC reference template the original
minutiae template can be restored. This means that an adversary having access to the
MCC reference template can reconstruct the original minutiae template to attack and
compromise user’s account. In order to return to a secure state, user has no other option
but start using another finger for authentication – the compromised fingerprint and finger
should not be used anymore.
PMCC is based on MCC and its primary goal is to protect PMCC templates from
being restored to their original minutiae templates. In order to do that, each cylinder
undergoes to a non-invertible transformation and then it is represented by a fixed length
bit-vector – the length of the bit-vector depends on configuration, values are 16, 32, 64
and 128 bits. Longer bit-vectors provide more accuracy, but less privacy as it is shown by
the authors [21]. PMCC with this non-invertible transformation does not provide
protection. Although an adversary may not be able to restore the original minutiae
template, a synthetic target template can be created to produce an efficiently high
matching score against the reference template. Obviously, the shorter the bit-vectors are,
the more cylinders produce the same bit-vector. These “collisions” help the attacker as
they make it easier to synthetize minutiae templates containing cylinders with the same
bit-vector as the reference template. Once the attacker has the synthetic minutiae template
file with sufficiently high matching score, he can gain access to user’s account, so the
legitimate user can be impersonated. PMCC systems cannot be considered as secure, but
by using short bit-vectors (i.e. 16 or 32) privacy is provided.
29
BiotopeTM
couples biometrics with traditional cryptography: fingerprint features
with public key cryptography to create revocable biotokens. Authentication differs from
MCC or PMCC systems as it is not based on matching scores. In other words, the
“similarity” of the target minutiae template and the enrolled reference minutiae template
does not really matter. The system defines an attempt as a “match” – a successful
authentication – if the target template makes the BiotopeTM
-template release the “secret”
from it. Eventually, the matching score does not play any role in the decision. There is no
practical way to recover or reconstruct the original minutiae template from the generated
biotoken. It is possible to have thousands of bipartite biotokens generated from the same
fingerprint in use simultaneously. This way, verification/authentication is possible for
users in different systems without the fear of being identified by an adversary or by “Big
Brother”. Compared to MCC and PMCC, BiotopeTM
is an attractive template technology,
because it provides accuracy, security and privacy as well.
Dataset
The success of the attacks launched by our system can be determined by assessing
its performance with respect to the matching scores produced against targeted reference
templates of certain fingerprint authentication systems. In our conducted experiments we
have used the set of minutiae template files released with Minutia Cylinder-Code SDK
Version 1.4 as reference templates to attack. Those minutiae template files have been
extracted from fingerprint images of Fingerprint Verification Contest (FVC) 2006 [33]
DB2-B database by using an internal minutia extraction algorithm.
FVC is an international competition focusing on fingerprint verification software
assessment. Four disjoint fingerprint image databases have been provided by organizers:
30
DB1 – collected by electric field sensors
DB2 – collected by optical sensors
DB3 – collected by thermal sweeping sensors
DB4 – synthetic fingerprint images
Each database contains fingerprint images of 150 fingers, 12 images or
impressions of each finger – 1800 fingerprint images overall. Furthermore, each database
has been partitioned in two disjoint subsets, A and B:
Subsets DB1-A, DB2-A, DB3-A and DB4-A contain the first 140 fingers
(1680 images) and are used for algorithm evaluation
Subsets DB1-B, DB2-B, DB3-B and DB4-B contain the last 10 fingers
(120 images) and they have been made available to participants as a
development set
Therefore, Minutia Cylinder-Code SDK has been released with 120 minutiae
template files extracted from 12 fingerprint images (12 impressions) of 10 fingers.
Although, this dataset may not be considered as a large one, we have launched
experimental attacks against three systems with different settings. So, due to the large
number of the attacks the task was quite time-consuming overall.
CHAPTER 5
EXPERIMENTS
The ultimate goal of our genetic algorithm is to effectively synthetize minutia
templates with efficiently high matching scores against reference templates of any
minutiae-based authentication systems. The effect of the synthetized templates can be
different on various systems regarding to security and privacy. Worst case scenario, both
security and privacy can be compromised. Some systems can only preserve privacy,
while others can provide both security and privacy.
We have launched offline attacks against three different systems – MCC, PMCC
and BiotopeTM
– to assess the overall performance of our attacking system. First, we
needed to find a close-to-optimal configuration for our genetic algorithm by running
some experimental attacks and evaluating their results to provide an efficiently working
genetic process. The population size has been defined to contain 50 chromosomes in each
generation. Tournament selection with asymmetric tournament sizes for the parent
chromosomes provided the best results regarding to diversity and fitness value
convergence: tournament size has been configured to 4 for parent 1 and 2 for parent 2.
Based on the experiments the best performing crossover operator has been selected,
which is minutia-based uniform crossover. All offspring chromosomes go through
mutation – sequential mutation method has been applied with mutating exactly 1-bit of
each applicable gene (minutia). To balance between diversity and giving higher
probabilities to the best few chromosomes of previous generations, elitism has been
configured to give the best three, younger than 5-generation old chromosomes another
32
chance to be selected for breeding, so they might be part of creating the chromosomes of
multiple populations. This is our base-configuration that has been applied to attack the
three systems. There are only two parameters of our genetic algorithm’s configuration
that vary between the attacks of different systems: the size of the grid’s target area and
the number of minutiae our system synthetizes in each minutiae template. These
parameters have been adjusted to the applicable systems to gain the best possible
performance and will be declared later in this chapter.
Since the dataset we have used is not too large, defining FAR and FRR curves
might not represent a “realistic” threshold value we could aim at in our experimental
attacks. Furthermore, our goal was to design a system that can create minutiae templates
with efficiently high matching scores, so if possible, we have targeted the best genuine
impression’s matching scores of the dataset while attacking a certain reference template
of certain authentication system. Obviously, it is a more challenging task, but reaching
the level of the best genuine impressions ensures that the attacks are successful and
cannot be avoided by slightly increasing the threshold value.
The rest of this chapter details the results of the launched experimental attacks,
assesses the performance of our genetic algorithm by showing examples and analyzes the
effects of the synthetized minutiae templates for each authentication system.
MCC
To effectively attack the reference templates of the MCC system, the size of the
target area and the number of minutiae per synthetized minutiae templates needed to be
estimated. In order to find the close-to-optimal values for these parameters, the reference
templates were attacked with synthetized minutiae templates representing various sizes of
33
the target area containing different number of minutiae. By simply comparing the average
matching scores of the randomly generated initial populations and the first few
generations, the best configuration can be selected for the attack of the whole dataset.
Obviously, a smaller target area with fewer minutiae would reduce the number of
possible solutions and also produce shorter chromosomes, so the ultimate goal of this
process is to find the smallest target area of the grid with as few minutiae as possible.
Surprisingly, placing only 12 minutiae to the highly reduced, centralized area of the grid
have produced the fittest populations. The target area has been defined to be only 16% of
the whole, original grid as its height and width are only 40-40% of the entire grid.
The reference templates of the whole dataset have been attacked with these
settings and the matching scores of the synthetized templates have improved through
populations of the genetic process. The progress of the matching scores during the attack
of reference template 1_12 (twelfth impression of finger one in the dataset) is shown in
Figure 9.
Figure 9: The progress of matching scores (MCC - 1_12)
0.00
0.05
0.10
0.15
0.20
0.25
0 50 100 150 200
Mat
chin
g sc
ore
Generation
Best synthetized
Synthetized Avg
Worst synthetized
Best Genuine
Genuine Avg
Worst Genuine
34
The convergence of the matching score is fast. The best synthetized minutiae
template of generation 41 has already produced higher matching score than the average
of the dataset’s genuine impressions. The highest matching score produced by our genetic
algorithm is 0.209 in generation 198, and that is the second highest score including each
genuine impression of the dataset regarding to 1_12. The matching scores of each
genuine impression and synthetized template can be found in Appendix A.
To summarize the overall results of the attacks against the MCC system, Figure
10 displays the distribution of all matching scores defined by the dataset (genuine and
impostor attempts) and also highlights all matching scores of the synthetic templates
produced by our attacking system. Due to the larger number of impostors in the dataset,
and the fact that their matching scores are limited to a small range ([0.01, 0.025]), the
chart is focused on the curves of genuine and synthetized attempts by limiting the number
of occurrences (vertical axis).
Figure 10: The distribution of matching scores (MCC system)
0
50
100
150
200
0.00 0.25 0.50 0.75 1.00
Nu
mb
er o
f O
ccu
rren
ce
Matching Score
Genuine
Impostor
Synthetized
35
By analyzing the matching score distribution, the MCC system can be considered
very accurate as there is no overlap between the scores of genuine and impostor attempts.
This means, that a threshold can be applied without falsely accepting or rejecting
attempts. MCC templates do not provide protection as the original minutiae template can
be easily restored from them and they are not secure as well. As the result of our attacks
presents, MCC templates can be compromised by synthetizing minutiae templates by
using a genetic algorithm. Our attack cannot be avoided by simply increasing the
threshold to a tolerable FRR, as the majority of the genuine attempts produce lower
scores than the synthetized templates. Furthermore, compromising an MCC template also
means to violate user’s privacy: the original, “private” biometric trait can be restored and
reused by the attacker, and with that the user also becomes traceable through different
systems – wherever that biometric trait is used.
PMCC
PMCC systems can be configured to use different bit-vector sizes to represent
each cylinder in the templates such as 16, 32, 64 or 128 bits. PMCC templates with 128-
bit long bit-vectors are vulnerable regarding to privacy as the original minutiae template
– also the biometric trait – can be restored from them [21]. Since the templates with 128-
bit long bit-vectors do not provide protection – which would be the ultimate goal of
PMCC systems – we have targeted to attack only those PMCC systems using the shorter
bit-vectors.
There is a tradeoff in PMCC systems between accuracy and privacy. The shorter
the bit-vectors are, the more and more different cylinders are represented by the same bit-
vector. This way, the shorter bit-vectors provide a higher level privacy, as the larger
36
number of possible cylinders prevents minutiae from being restored. On the other hand,
short bit-vectors significantly reduce accuracy due to the same fact: a large number of
different cylinders produce the same bit-vector. So, the reference templates of various
minutiae templates mapped to different sets of cylinders can produce high matching
scores against each other in PMCC systems. Due to this behavior of the PMCC systems,
we expected our attacking system to produce synthetic minutiae templates with
efficiently high matching scores faster while attacking reference templates containing
shorter bit-vectors.
After running some experimental attacks against PMCC systems, we configured
our genetic algorithm to use only 30.25% (55-55% of the grid’s width and height) of the
entire grid while synthetizing minutiae templates containing 25 minutiae in each. This
configuration turned to be useful against PMCC systems using 16, 32 and 64 bits long
bit-vectors as well. The progress of the attack’s matching scores against 1_6 reference
template of PMCC system using the shortest bit-vectors is shown in Figure 11.
Figure 11: The progress of matching scores (PMCC - 1_6 with k=16)
0.75
0.80
0.85
0.90
0.95
1.00
0 25 50 75 100
Mat
chin
g sc
ore
Generation
Best synthetized
Synthetized Avg
Worst synthetized
Best Genuine
Genuine Avg
Worst Genuine
37
Our attacking system managed to produce a synthetic minutiae template with
higher matching score than the best genuine impression against 1_6 and the whole attack
required only 100 generations. As expected, the attacks against PMCC reference
templates using the shortest bit-vectors have been faster and produced very high
matching scores compared to genuine attempts. The matching scores of each genuine
impression and synthetized template can be found in Appendix B. Figure 12 depicts the
overall distribution of the matching scores.
Figure 12: The distribution of matching scores (PMCC system with k=16)
First, due to the shortest bit-vectors this PMCC system is the less accurate. There
is a relatively large range where the curves of genuine and impostor attempts overlap
each other. In order to minimize FAR, the threshold needs to be defined relatively high,
which means that some genuine attempts will be falsely rejected. The synthetized
minutiae templates have produced efficiently high matching scores against the reference
templates, so this PMCC system is definitely compromised considering its security. The
0
50
100
150
200
0.00 0.25 0.50 0.75 1.00
Nu
mb
er o
f O
ccu
rren
ce
Matching Score
Genuine
Impostor
Synthetized
38
success of our attack cannot be avoided by slightly increasing the threshold, as that would
make the system useless in practice due to the large FRR.
The attacks against the reference templates of the PMCC system using 32-bit long
bit-vectors needed more generations to produce high matching scores. As there are fewer
cylinders represented by the same bit-vector, the task of finding those “collisions”
becomes more and more difficult for our attacking system. As an example, the progress
of the attack against reference template 1_7 is shown below in Figure 13.
Figure 13: The progress of matching scores (PMCC - 1_7 with k=32)
Our genetic algorithm still managed to synthetize minutiae templates with
matching scores higher than the average of genuine attempts in the dataset, but more
generations were needed for the attack compared to PMCC system using the shortest bit-
vectors. Although, the attacks could not produce templates with similarly high matching
scores as the best genuine attempts in the dataset, reaching the average matching scores
of the genuine impressions is still a good result, because the threshold should be defined
0.70
0.80
0.90
1.00
0 50 100 150 200
Mat
chin
g sc
ore
Generation
Best synthetized
Synthetized Avg
Worst synthetized
Best Genuine
Genuine Avg
Worst Genuine
39
to be lower than that. Otherwise, such a system would be useless in practice. Appendix C
contains the matching scores of each genuine impression and synthetized template.
Figure 14 below shows the overall distribution of matching scores for the PMCC
system using 32-bit long bit-vectors.
Figure 14: The distribution of matching scores (PMCC system with k=32)
As expected, this system is more accurate than the previous. The “best” impostor
template produces a matching score of 0.792. Defining the threshold above that will still
result in falsely rejecting some genuine attempts, but the problem is less serious than
before with the PMCC system using the shortest bit-vectors. Further increasing the
threshold in order to prevent our attack from being successful would make the system
useless, as a large portion of genuine attempts would be falsely rejected. So, the security
of this PMCC system is definitely compromised by our genetic algorithm as well.
To attack the reference templates of the PMCC system using 64-bit long bit-
vectors similarly to the previous attack, we have limited our genetic process to 200
0
50
100
150
200
0.00 0.25 0.50 0.75 1.00
Nu
mb
er o
f O
ccu
rren
ce
Matching Score
Genuine
Impostor
Synthetized
40
generations. Due to the nature of PMCC systems – longer bit-vectors mean fewer
“collisions” – the matching scores of the synthetized templates are lower compared to the
genuine attempts, but they are still efficiently high. For example, the attack against
reference template 1_11 still managed to reach the average level of the genuine attempts
as it is shown in Figure 15.
Figure 15: The progress of matching scores (PMCC - 1_11 with k=64)
Appendix D captures the matching scores of each genuine attempt in the dataset
and the matching scores of all synthetized minutiae templates as well. In general,
producing synthetic templates with matching scores close to the average of the genuine
attempts can be considered high enough. By further adjusting our genetic algorithm or
simply running through more generations than configured, our attacking system can
produce higher scores if necessary. The purpose of applying “only” 200 generations was
simply to limit the time consumption of the attacks. Considering the large number of
attacks, the saved time is not negligible.
0.65
0.75
0.85
0.95
0 50 100 150 200
Mat
chin
g sc
ore
Generation
Best synthetized
Synthetized Avg
Worst synthetized
Best Genuine
Genuine Avg
Worst Genuine
41
The entire matching score distribution of the PMCC system applying bit-vectors
with 64 bits can be seen in Figure 16.
Figure 16: The distribution of matching scores (PMCC system with k=64)
As expected, applying the longer bit-vectors provide more accuracy, so the range
where the curves of genuine and impostor attempts overlap is smaller. This means that
the threshold can be configured to have an acceptable FRR. Our attack can be considered
successful regarding the matching scores of the synthetized templates, so the security of
this PMCC system has been compromised as well.
The privacy of the attacked PMCC systems has not been compromised by our
attacking system, as the privacy of the protected templates has not been broken. After
enrolling the synthetized minutiae templates and the reference templates into MCC
system, matching them against each other, the produced very low matching scores
indicate that they do not originate from the same fingerprint. Due to the previously
discussed nature of PMCC systems, compromising their privacy was not expected.
0
50
100
150
200
0.00 0.25 0.50 0.75 1.00
Nu
mb
er o
f O
ccu
rren
ce
Matching Score
Genuine
Impostor
Synthetized
42
Biotope
To attack BiotopeTM
templates, in most cases the same target area size and
number of minutiae were used as against PMCC templates. Both the height and the width
of the grid were limited to 55-55% and contained 25 minutiae. This configuration needed
to be modified when the reference templates of the third finger were attacked. There was
a huge degradation in the average matching scores of the initial populations compared to
other fingers. By increasing the target area size to 49% of the grid (70-70% of grid’s
height and width) and applying 50 minutiae in the synthetized minutiae templates, the
degradation was eliminated. As a conclusion, the BiotopeTM
system investigates the
number of minutiae contained by the target and reference templates and in case there is a
significant difference between them, it does not give high matching scores. Indeed, the
original minutiae templates of the third finger – the twelve impressions – contain ~100
minutiae, which is extremely high compared to other fingers of the dataset. The progress
of the attack against template 1_9 is shown in Figure 17.
Figure 17: The progress of matching scores (BiotopeTM - 1_9)
0.00
0.25
0.50
0.75
1.00
0 10 20 30 40 50
Mat
chin
g sc
ore
Generation
Best synthetized
Synthetized Avg
Worst synthetized
Best Genuine
Genuine Avg
Worst Genuine
43
Compared to our previous attacks against reference templates of MCC or PMCC
systems, the convergence of the matching score is indeed very fast. Less than 50
generations were needed for our genetic algorithm to produce the highest matching score
against the reference template. Similarly to PMCC systems, there are “collisions” in this
system as well, meaning that the internal representations of multiple, different minutiae
templates are the same. As it was mentioned earlier, unlike the other attacked systems
BiotopeTM
system does not rely on the matching scores to authenticate/verify the users. If
the “secret” is released from the reference template, the user provided the target template
is authenticated, otherwise not. As before, Figure 18 shows the distribution of matching
scores in BiotopeTM
system.
Figure 18: The distribution of matching scores (BiotopeTM)
Since the decision is not based on the matching scores, the curves of the genuine
and impostor attempts are useless to analyze the accuracy of the system. Our synthetized
0
50
100
150
200
0.00 0.25 0.50 0.75 1.00
Nu
mb
er o
f O
ccu
rren
ce
Matching Score
Genuine
Impostor
Synthetized
44
templates have produced efficiently high scores, but neither the security nor the privacy
of the BiotopeTM
system has been successfully compromised by them.
Summary
The ultimate goal of our designed system was to attack minutiae-based fingerprint
authentication systems by synthetizing minutiae templates with efficiently high matching
scores. As it was presented in this chapter, our genetic algorithm managed to achieve the
goal. Our attacking system effectively produced synthetized minutiae templates with
efficiently high matching scores against three different systems. Also, as represented the
effect of the synthetized minutiae templates on various systems can be different regarding
to compromising security and privacy.
CHAPTER 6
FUTURE WORK
The performance of our attacking system based on the described genetic
algorithm relies on a set of manually chosen parameters. The values of those parameters
have been estimated by running some trial-attacks and their results helped us to
determine better and better settings. There is a possibility of course, that the configuration
of our genetic algorithm is not optimal at all. This chapter tries to show different
directions of possible future work to further improve the performance of our attacking
system.
Initial population
The initial population used by our genetic algorithm is randomly generated. As all
chromosomes of consecutive generations are derived from the initial generation, a
generally fit and diverse initial population is very important regarding to the overall
performance of the attacking system. So, ensuring to always start with a good initial
population can be a direction to make some improvement. The randomly generated initial
population could be replaced by a set of minutiae templates extracted from real
fingerprint images. There are several challenges which need to be answered related to this
idea.
Our genetic algorithm synthetizes minutiae templates, each contains a certain,
configurable number of minutiae. This means that the number of minutiae in the real
minutiae templates needs to be adjusted to match the configuration of our genetic
46
algorithm. Since our genetic algorithm works with fewer minutiae than real fingerprints
have, the solution can be as simple as dropping extra minutiae of real templates to form
the chromosomes of the initial population. However, to determine which minutia need to
be kept and which should be dropped is another question which needs to be answered.
Furthermore, our solution uses the rectangular grid and some portion of its
perimeter might be ignored as well depending on configuration. The chromosomes of the
initial population needs to reflect to that, so minutiae extracted from real fingerprints with
inadequate spatial location (out of grid’s targeted area) need to be ignored. Furthermore,
minutiae with adequate spatial location need to be adjusted as their position have to be
the center of a cell in the grid.
Creating an initial population from real minutiae templates might be a bit difficult
as it has been detailed in the previous paragraphs. Another idea is to create chromosomes
randomly with some control in place to keep the population as diverse as possible –
might be called as pseudo-random generation. For example, in case two chromosomes of
the initial population are two similar, then one of them can be dropped and a new one
needs to be generated as a replacement. To estimate their similarity, they can be matched
against each other and the matching score can serve as a similarity score.
The general performance of a genetic algorithm starting with a pseudo-random
initial population or an initial population having chromosomes derived from real
fingerprint might be significantly improved.
Parallel implementations
Our attacking system has been designed and implemented as a standalone
application. With a randomly generated initial population and carefully chosen
47
parameters, the genetic algorithm can still perform relatively badly due to inbred
populations or populations with similar chromosomes. To maintain diversity, having
multiple running instances working together is another possible future work that can
improve the overall performance of the attacking system. This is a well-known area in the
field of genetic algorithms and there are two basic types of parallel implementations:
coarse-grained and fine-grained.
The coarse-grained parallel implementation means to have running instances
simply exchange some chromosomes of the populations among each other. There are
several possible ways to migrate the chromosomes. For example, a running instance can
pass all its randomly selected chromosomes to another instance, and receive
chromosomes from a different one. Another possible way to divide the selected
chromosomes between multiple instances and similarly, receive chromosomes from
multiple running instances as well.
Fine-grained parallel implementation requires instances to work together more
closely as it only allows breeding to chromosomes originating from different running
instances. This way it is very unlikely to end up with an inbred population on any running
instances.
The goal of the parallel implementations – both coarse- and fine-grained – is to
improve the performance of the genetic algorithm by assuring a high level of diversity.
By applying parallel implementations randomly generated initial populations might not
present a problem anymore, as diversity would be maintained by chromosome-migration.
48
Self-adaptive genetic algorithm
The next possible direction of future work we would like to introduce is self-
adaption, which is probably one of the most challenging fields of genetic algorithms.
Since the performance of our genetic algorithm relies on the values of several,
manually configured static parameters, it is indeed very difficult or almost impossible to
find the optimal setting. This process is often called parameter tuning and it is basically
an extensive experiment (in an empirical way) to determine which values give the best
results. Obviously, the more parameters there are, the more difficult parameter tuning
becomes. Even if a suboptimal setting is found, for some parameters a static value does
not provide the best performance throughout multiple generations of the genetic process.
The dynamic adjustment of the parameters can improve the genetic process, and self-
adaptive genetic algorithms do exactly that.
Several research papers have been published to present genetic algorithms self-
adapting their mutation probabilities [34], crossover and mutation rates [35]. A self-
adapting genetic algorithm constantly monitors the outcome of its genetic operators and
automatically responds to that without any external control by adjusting its own
configuration. For example, mutation probability can be increased if genetic diversity of
the latest generation is observed to be lost or gradually degraded. After the desired
diversity is reached, the mutation probability needs to be reduced in order to prevent the
genetic algorithm from turning into a purely random search algorithm. Instead of
parameter tuning, self-adaptive genetic algorithms rely on parameter control, which
requires initial parameter values and carefully designed control strategies to maintain
them throughout the whole genetic process.
49
Our attacking system synthetizes minutiae templates with configurable number of
minutiae placed on an also predefined portion of the grid. Finding the right number of
minutiae and the right size for the target area is also done by launching experimental
attacks. Some degree of self-adaption might be introduced in this process as well. For
example, the system could run some experiments on its own by trying test-populations
with different, predefined target area sizes and with several different, also predefined
numbers of minutiae. After matching them against the target template, based on the
average fitness values of the test-populations the genetic algorithm could select the best
of them as initial population and use its configuration in consecutive generations.
Designing and implementing an effective self-adaptive genetic algorithm is a
difficult task, but such system avoids the necessity of parameter tuning which is also a
non-trivial and time consuming problem.
The design and implementation of parallel implementations with some degree of
self-adaption might be challenging, but they would definitely further improve our genetic
algorithm and the attacking system as well.
Compromising the privacy of PMCC systems
The last possible direction of future work would be a research to analyze the
synthetized minutiae templates and try to compromise the privacy provided by PMCC
systems configured to use bit-vectors with different sizes. As it was mentioned earlier the
privacy provided by PMCC systems relies on a non-invertible transformation followed by
the mapping of cylinders to bit-vectors. Since multiple cylinders are represented by the
same bit-vector, our attacking system failed to compromise privacy as the synthetized
minutiae templates contained minutiae points representing cylinders that are different
50
than the originals while mapped to the same bit-vectors. By attacking one reference
template multiple times and capturing the similarities of those having high matching
scores, it might be possible to partially or maybe entirely restore the original minutiae
template file. Success would mean that the privacy of PMCC systems is compromised.
Of course, using shorter bit-vectors causes more collisions (cylinders mapped to the same
bit-vectors), so this research – in case it is successful – would probably require extensive
experimentations and a large number of synthetized minutiae template files against the
given reference template to produce any results.
REFERENCES
[1] A.K. Jain, R. Bolle, and S. Pankanti, (Eds.), Biometrics: Personal Identification in
Networked Society, Kluwer Academic Publishers, 1999.
[2] A. K. Jain, A. Ross, and S. Prabhakar, An introduction to biometric recognition,
IEEE Trans. on Circuits and Systems for Video Technology, vol. 14, no. 1, pp. 4–
20, 2004.
[3] B. Schneier, The uses and abuses of biometrics, Comm. ACM, vol. 42, no. 8, pp.
136, Aug. 1999.
[4] D. Maltoni, D. Maio, A. K. Jain, and S. Prabhakar, Handbook of Fingerprint
Recognition, Springer, 2003.
[5] N.K. Ratha, J.H. Connell, and R.M. Bolle, An analysis of minutiae matching
strength, Proc. AVBPA 2001, Third International Conference on Audio- and Video-
Based Biometric Person Authentication, pp. 223-228, 2001.
[6] A. K. Jain, A. Ross, and U. Uludag, Biometric template security: Challenges and
solutions, Proc. of 13th European Signal Processing Conference (EUSIPCO),
Antalya, Turkey, 2005.
[7] D. Maio and D. Maltoni, Direct gray-scale minutiae detection in fingerprints, IEEE
Trans. Pattern Anal. Machine Intell., vol. 19, no. 1, pp. 27–40, 1997.
[8] American National Standards Institute, Fingerprint Identification-Data Format for
Information Interchange. New York, 1986.
[9] A. Moenssens, Fingerprint Techniques. London: Chilton Book Company, 1971.
[10] L. Hong, Y. Wan, A. Jain, Fingerprint Image Enhancement: Algorithm and
Performance Evaluation, IEEE Trans. PAMI, Vol. 20, No. 8, Aug. 1998, pp.777-
789.
[11] R. Cappelli, D. Maltoni and F. Turroni, Fingerprint Enhancement using Contextual
Iterative Filtering, in proceedings 5th International Conference on Biometrics
(ICB2012), New Delhi, India, March 2012.
[12] Information Technology—Biometric Data Interchange Formats—Part2: Finger
Minutiae Data, ISO/IEC 19794-2:2005, 2005.
[13] U. Uludag and A. K. Jain, Attacks on biometric systems: A case study in
fingerprints, Proc. SPIE-EI 2004, Security, Steganography and Watermarking of
Multimedia Contents VI, San Jose, CA, pp. 622–633, 2004.
[14] T. Putte and J. Keuning, Biometrical fingerprint recognition: don’t get your fingers
burned, Proc. IFIP TC8/WG8.8, Fourth Working Conf. Smart Card Research and
Adv. App., pp. 289-303, 2000.
52
[15] T. Matsumoto, H. Matsumoto, K. Yamada, and S. Hoshino, Impact of Artificial
Gummy Fingers on Fingerprint Systems, Proc. of SPIE, Optical Security and
Counterfeit Deterrence Techniques IV, vol. 4677, pp. 275-289, 2002.
[16] A. Ross, J. Shah, and A.K. Jain, From Template to Image: Reconstructing
Fingerprints from Minutiae Points, IEEE Trans. Pattern Analysis and Machine
Intelligence, vol. 29, no. 4, pp. 544-560, Apr. 2007.
[17] R. Cappelli, A. Lumini, D. Maio and D. Maltoni, Fingerprint Image Reconstruction
from Standard Templates, IEEE Transactions on Pattern Analysis Machine
Intelligence, vol.29, no.9, pp.1489-1503, September 2007.
[18] Nalini K. Ratha, Jonathan H. Connell, and Ruud M. Bolle. Enhancing security and
privacy in biometrics-based authentication systems. IBM Systems Journal,
40(3):614–634, 2001.
[19] A. Pashalidis. Simulated annealing attack on certain fingerprint authentication
systems, In Proceedings of the Special Interest Group on Biometrics and Electronic
Signatures, Lecture Notes in Informatics (LNI), A. Brömme, and C. Busch (eds.),
Bonner Köllen Verlag, pp. 63-74, 2013.
[20] Raffaele Cappelli, Matteo Ferrara, and Davide Maltoni. Minutia cylinder-code: A
new representation and matching technique for fingerprint recognition. IEEE
Transactions on Pattern Analysis and Machine Intelligence, 32(12):2128–2141,
December 2010.
[21] Matteo Ferrara, Davide Maltoni, and Raffaele Cappelli. Non-invertible Minutia
Cylinder-Code Representation. IEEE Transactions on Information Forensics and
Security, 7(6):1727–1737, December 2012.
[22] R. Cappelli, M. Ferrara, and D. Maltoni, Fingerprint Indexing based on Minutia
Cylinder Code, IEEE Transactions on Pattern Analysis and Machine Intelligence,
vol. 33, no. 5, pp. 1051 - 1057, May 2011.
[23] D. E. Goldberg, Genetic Algorithms in Search, Optimization & Machine Learning,
Addison Wesley, 1989.
[24] J. H. Holland, Adaptation in Natural and Artificial System, University of Michigan
Press, 1975.
[25] Minutia Cylinder-Code SDK. Biometric System Laboratory, DISI – University of
Bologna. 2014. Available: http://biolab.csr.unibo.it
[26] K. A. De Jong, An analysis of the behavior of a class of genetic adaptive systems,
Ph.D. dissertation, University of Michigan, Ann Arbor, MI, 1975.
[27] J. J. Greffenstette, Optimization of Control Parameters for Genetic Algorithms.
IEEE Transaction on System Man and Cybernetic, vol 16(1), pp. 122–128, 1986.
53
[28] H. Mühlenbein, How Genetic Algorithms Really Work I. Mutation and
Hillclimbing. In Proceedings of the 2nd
Conference on Parallel Problem Solving
from Nature, pp. 15–29, 1992.
[29] T. Bäck, Self-Adaptation in Genetic Algorithms. In Proceedings of the 1st
European Conference on Artificial Life, pp. 263–271, 1992.
[30] M. Baradaran Nia, Y. Alipouri. Speeding Up the Genetic Algorithm Convergence
Using Sequential Mutation and Circular Gene Methods. 9th International
Conference on Intelligent Systems Design and Applications, pp. 31-36, 2009.
[31] W. Scheirer and T. Boult, Bipartite Biotokens: Definition, Implementation, and
Analysis, in Proc. of IEEE/IAPR Int. Conf. on Biometrics, 2009, pp. 775–785.
[32] T. E. Boult, W. J. Scheirer, and R.Woodworth, Revocable fingerprint biotokens:
Accuracy and security analysis, in Proc. IEEE Conf. Computer Vision and Pattern
Recognition (CVPR), 2007, pp. 1–8.
[33] R. Cappelli, M. Ferrara, A. Franco and D. Maltoni, Fingerprint verification
competition 2006, Biometric Technology Today, vol.15, no.7-8, pp.7-9, August
2007.
[34] N. Stark, G. Minetti, and C. Salto. A new strategy for adapting the mutation
probability in genetic algorithms. XVIII Congreso Argentino de Ciencias de la
Computación (CACIC 2012), pp. 51–59, 2012.
[35] W.Y. Lin, W.Y. Lee, T.P. Hong, Adapting Crossover and Mutation Rates in
Genetic Algorithm, Journal of Information Science and Engineering, pp. 1-17,
2003.
APPENDIX A
RESULTS OF ATTACKING MCC
This appendix presents the results of the attacking system against MCC. Each table contains the
matching scores of the legitimate impressions. The last two lines show the scores of the best
synthetized minutiae templates against the applicable impression and in parenthesis, in which
generation the minutiae templates have been generated. The highest impostor matching score
in the dataset is 0.025 (1_8 against 2_7).
Imp. 1_1 1_2 1_3 1_4 1_5 1_6 1_7 1_8 1_9 1_10 1_11 1_12
1_1 0.975 0.071 0.057 0.044 0.041 0.123 0.119 0.091 0.134 0.096 0.101 0.071
1_2 0.071 0.997 0.051 0.046 0.058 0.053 0.052 0.063 0.061 0.046 0.046 0.048
1_3 0.057 0.051 0.976 0.060 0.074 0.082 0.067 0.054 0.066 0.058 0.063 0.055
1_4 0.044 0.046 0.060 0.979 0.095 0.055 0.050 0.060 0.051 0.039 0.052 0.064
1_5 0.041 0.058 0.074 0.095 0.967 0.064 0.053 0.072 0.066 0.060 0.069 0.075
1_6 0.123 0.053 0.082 0.055 0.064 0.977 0.181 0.093 0.276 0.132 0.184 0.086
1_7 0.119 0.052 0.067 0.050 0.053 0.181 0.975 0.081 0.320 0.145 0.169 0.071
1_8 0.091 0.063 0.054 0.060 0.072 0.093 0.081 0.997 0.087 0.180 0.153 0.227
1_9 0.134 0.061 0.066 0.051 0.066 0.276 0.320 0.087 0.976 0.140 0.175 0.086
1_10 0.096 0.046 0.058 0.039 0.060 0.132 0.145 0.180 0.140 0.980 0.248 0.195
1_11 0.101 0.046 0.063 0.052 0.069 0.184 0.169 0.153 0.175 0.248 0.980 0.167
1_12 0.071 0.048 0.055 0.064 0.075 0.086 0.071 0.227 0.086 0.195 0.167 0.965
Syn. 0.191 0.228 0.202 0.190 0.206 0.208 0.183 0.186 0.183 0.198 0.206 0.209
(gen) (183) (198) (184) (181) (163) (168) (111) (163) (183) (194) (165) (198)
Imp. 2_1 2_2 2_3 2_4 2_5 2_6 2_7 2_8 2_9 2_10 2_11 2_12
2_1 0.962 0.111 0.148 0.137 0.130 0.139 0.101 0.121 0.123 0.102 0.167 0.104
2_2 0.111 0.976 0.103 0.114 0.072 0.066 0.073 0.061 0.060 0.056 0.068 0.049
2_3 0.148 0.103 0.957 0.103 0.181 0.120 0.162 0.116 0.128 0.079 0.155 0.099
2_4 0.137 0.114 0.103 0.958 0.077 0.104 0.106 0.095 0.078 0.061 0.107 0.083
2_5 0.130 0.072 0.181 0.077 0.859 0.129 0.218 0.088 0.131 0.093 0.164 0.074
2_6 0.139 0.066 0.120 0.104 0.129 0.949 0.163 0.189 0.241 0.210 0.202 0.198
2_7 0.101 0.073 0.162 0.106 0.218 0.163 0.946 0.130 0.191 0.127 0.210 0.126
2_8 0.121 0.061 0.116 0.095 0.088 0.189 0.130 0.945 0.115 0.237 0.133 0.184
2_9 0.123 0.060 0.128 0.078 0.131 0.241 0.191 0.115 0.950 0.164 0.198 0.143
2_10 0.102 0.056 0.079 0.061 0.093 0.210 0.127 0.237 0.164 0.975 0.151 0.205
2_11 0.167 0.068 0.155 0.107 0.164 0.202 0.210 0.133 0.198 0.151 0.950 0.167
2_12 0.104 0.049 0.099 0.083 0.074 0.198 0.126 0.184 0.143 0.205 0.167 0.972
Syn. 0.228 0.231 0.183 0.218 0.224 0.227 0.237 0.201 0.216 0.228 0.208 0.227
(gen) (197) (141) (127) (152) (194) (185) (155) (191) (146) (186) (185) (150)
55
Imp. 3_1 3_2 3_3 3_4 3_5 3_6 3_7 3_8 3_9 3_10 3_11 3_12
3_1 0.933 0.098 0.217 0.121 0.138 0.165 0.118 0.109 0.133 0.132 0.148 0.106
3_2 0.098 0.904 0.065 0.190 0.093 0.156 0.094 0.095 0.110 0.077 0.105 0.153
3_3 0.217 0.065 0.956 0.086 0.142 0.154 0.087 0.100 0.104 0.106 0.107 0.089
3_4 0.121 0.190 0.086 0.937 0.153 0.263 0.126 0.083 0.145 0.135 0.170 0.204
3_5 0.138 0.093 0.142 0.153 0.910 0.111 0.070 0.066 0.100 0.079 0.092 0.112
3_6 0.165 0.156 0.154 0.263 0.111 0.940 0.136 0.123 0.185 0.164 0.194 0.212
3_7 0.118 0.094 0.087 0.126 0.070 0.136 0.913 0.093 0.125 0.209 0.208 0.192
3_8 0.109 0.095 0.100 0.083 0.066 0.123 0.093 0.937 0.106 0.071 0.094 0.096
3_9 0.133 0.110 0.104 0.145 0.100 0.185 0.125 0.106 0.941 0.134 0.157 0.118
3_10 0.132 0.077 0.106 0.135 0.079 0.164 0.209 0.071 0.134 0.955 0.237 0.123
3_11 0.148 0.105 0.107 0.170 0.092 0.194 0.208 0.094 0.157 0.237 0.945 0.154
3_12 0.106 0.153 0.089 0.204 0.112 0.212 0.192 0.096 0.118 0.123 0.154 0.948
Syn. 0.231 0.191 0.216 0.236 0.236 0.230 0.230 0.195 0.190 0.193 0.201 0.193
(gen) (166) (120) (118) (127) (184) (156) (126) (171) (102) (183) (174) (169)
Imp. 4_1 4_2 4_3 4_4 4_5 4_6 4_7 4_8 4_9 4_10 4_11 4_12
4_1 0.997 0.066 0.129 0.092 0.110 0.047 0.155 0.046 0.065 0.085 0.116 0.092
4_2 0.066 0.907 0.108 0.290 0.095 0.205 0.122 0.206 0.151 0.213 0.171 0.117
4_3 0.129 0.108 0.925 0.093 0.186 0.075 0.368 0.097 0.079 0.095 0.106 0.078
4_4 0.092 0.290 0.093 0.925 0.113 0.227 0.116 0.290 0.175 0.167 0.248 0.171
4_5 0.110 0.095 0.186 0.113 0.928 0.080 0.196 0.098 0.113 0.134 0.107 0.090
4_6 0.047 0.205 0.075 0.227 0.080 0.840 0.087 0.247 0.123 0.152 0.177 0.084
4_7 0.155 0.122 0.368 0.116 0.196 0.087 0.859 0.104 0.092 0.159 0.125 0.087
4_8 0.046 0.206 0.097 0.290 0.098 0.247 0.104 0.819 0.145 0.124 0.227 0.139
4_9 0.065 0.151 0.079 0.175 0.113 0.123 0.092 0.145 0.928 0.136 0.163 0.107
4_10 0.085 0.213 0.095 0.167 0.134 0.152 0.159 0.124 0.136 0.948 0.184 0.120
4_11 0.116 0.171 0.106 0.248 0.107 0.177 0.125 0.227 0.163 0.184 0.882 0.123
4_12 0.092 0.117 0.078 0.171 0.090 0.084 0.087 0.139 0.107 0.120 0.123 0.931
Syn. 0.217 0.242 0.206 0.181 0.186 0.188 0.209 0.184 0.187 0.193 0.180 0.183
(gen) (177) (191) (178) (186) (193) (198) (189) (133) (131) (136) (195) (112)
Imp. 5_1 5_2 5_3 5_4 5_5 5_6 5_7 5_8 5_9 5_10 5_11 5_12
5_1 0.943 0.106 0.081 0.094 0.084 0.094 0.102 0.078 0.071 0.129 0.171 0.147
5_2 0.106 0.907 0.132 0.124 0.105 0.189 0.137 0.167 0.129 0.140 0.119 0.136
5_3 0.081 0.132 0.928 0.158 0.144 0.113 0.251 0.129 0.268 0.182 0.140 0.110
5_4 0.094 0.124 0.158 0.951 0.110 0.114 0.110 0.139 0.113 0.103 0.099 0.071
5_5 0.084 0.105 0.144 0.110 0.904 0.085 0.113 0.104 0.119 0.160 0.122 0.142
5_6 0.094 0.189 0.113 0.114 0.085 0.931 0.113 0.240 0.118 0.136 0.112 0.168
5_7 0.102 0.137 0.251 0.110 0.113 0.113 0.963 0.149 0.312 0.170 0.174 0.125
5_8 0.078 0.167 0.129 0.139 0.104 0.240 0.149 0.886 0.149 0.144 0.094 0.119
5_9 0.071 0.129 0.268 0.113 0.119 0.118 0.312 0.149 0.937 0.150 0.130 0.116
5_10 0.129 0.140 0.182 0.103 0.160 0.136 0.170 0.144 0.150 0.971 0.189 0.207
5_11 0.171 0.120 0.140 0.099 0.122 0.112 0.174 0.094 0.130 0.189 0.930 0.210
5_12 0.147 0.136 0.110 0.071 0.142 0.168 0.125 0.119 0.116 0.207 0.210 0.972
Syn. 0.181 0.185 0.226 0.192 0.185 0.182 0.195 0.188 0.185 0.192 0.200 0.198
(gen) (188) (154) (184) (177) (197) (172) (146) (170) (195) (110) (200) (106)
56
Imp. 6_1 6_2 6_3 6_4 6_5 6_6 6_7 6_8 6_9 6_10 6_11 6_12
6_1 0.921 0.256 0.498 0.246 0.346 0.379 0.361 0.341 0.458 0.391 0.453 0.393
6_2 0.256 0.997 0.214 0.417 0.163 0.352 0.162 0.216 0.311 0.339 0.282 0.351
6_3 0.498 0.214 0.972 0.240 0.408 0.338 0.410 0.309 0.527 0.380 0.530 0.369
6_4 0.246 0.417 0.240 0.974 0.178 0.265 0.163 0.177 0.293 0.290 0.292 0.225
6_5 0.346 0.163 0.408 0.178 0.914 0.205 0.422 0.287 0.227 0.297 0.310 0.264
6_6 0.379 0.352 0.338 0.265 0.205 0.945 0.259 0.273 0.418 0.335 0.365 0.388
6_7 0.361 0.162 0.410 0.163 0.422 0.259 0.903 0.299 0.307 0.251 0.319 0.294
6_8 0.341 0.216 0.309 0.177 0.287 0.273 0.299 0.883 0.256 0.300 0.280 0.262
6_9 0.458 0.311 0.527 0.293 0.227 0.418 0.307 0.256 0.942 0.446 0.511 0.333
6_10 0.391 0.339 0.380 0.290 0.297 0.335 0.251 0.300 0.446 0.949 0.436 0.331
6_11 0.453 0.282 0.530 0.292 0.310 0.365 0.319 0.280 0.511 0.436 0.945 0.379
6_12 0.393 0.351 0.369 0.225 0.264 0.388 0.294 0.262 0.333 0.331 0.379 0.909
Syn. 0.195 0.188 0.181 0.186 0.199 0.225 0.197 0.192 0.181 0.192 0.232 0.188
(gen) (143) (197) (176) (140) (189) (196) (177) (127) (186) (177) (195) (159)
Imp. 7_1 7_2 7_3 7_4 7_5 7_6 7_7 7_8 7_9 7_10 7_11 7_12
7_1 0.952 0.228 0.160 0.159 0.159 0.209 0.074 0.214 0.111 0.230 0.105 0.070
7_2 0.225 0.839 0.146 0.176 0.161 0.330 0.077 0.310 0.134 0.238 0.178 0.134
7_3 0.160 0.146 0.934 0.228 0.384 0.211 0.162 0.237 0.224 0.259 0.133 0.110
7_4 0.159 0.176 0.228 0.974 0.273 0.243 0.174 0.271 0.278 0.218 0.199 0.140
7_5 0.159 0.161 0.384 0.273 0.997 0.254 0.171 0.223 0.313 0.267 0.159 0.120
7_6 0.209 0.330 0.211 0.243 0.254 0.997 0.110 0.433 0.215 0.247 0.205 0.138
7_7 0.074 0.077 0.162 0.174 0.171 0.110 0.933 0.113 0.212 0.110 0.091 0.067
7_8 0.214 0.310 0.237 0.271 0.223 0.433 0.113 0.951 0.193 0.272 0.182 0.129
7_9 0.111 0.134 0.224 0.278 0.313 0.215 0.212 0.193 0.955 0.190 0.142 0.125
7_10 0.230 0.238 0.259 0.218 0.267 0.247 0.110 0.272 0.190 0.997 0.178 0.118
7_11 0.105 0.178 0.133 0.199 0.159 0.205 0.091 0.182 0.142 0.178 0.841 0.311
7_12 0.070 0.134 0.110 0.140 0.120 0.138 0.067 0.129 0.125 0.118 0.311 0.814
Syn. 0.191 0.181 0.212 0.192 0.206 0.196 0.202 0.212 0.296 0.188 0.216 0.218
(gen) (182) (181) (200) (143) (181) (184) (157) (154) (147) (147) (163) (178)
Imp. 8_1 8_2 8_3 8_4 8_5 8_6 8_7 8_8 8_9 8_10 8_11 8_12
8_1 0.906 0.194 0.205 0.211 0.212 0.170 0.131 0.258 0.177 0.282 0.202 0.286
8_2 0.194 0.943 0.245 0.356 0.221 0.201 0.143 0.311 0.179 0.390 0.218 0.202
8_3 0.205 0.245 0.970 0.240 0.267 0.292 0.279 0.204 0.336 0.272 0.297 0.250
8_4 0.211 0.356 0.240 0.938 0.220 0.313 0.147 0.341 0.212 0.337 0.318 0.232
8_5 0.212 0.221 0.267 0.220 0.970 0.166 0.230 0.232 0.353 0.246 0.175 0.201
8_6 0.170 0.201 0.292 0.313 0.166 0.968 0.273 0.291 0.266 0.298 0.435 0.176
8_7 0.131 0.143 0.279 0.147 0.230 0.273 0.940 0.219 0.226 0.169 0.237 0.114
8_8 0.258 0.311 0.204 0.341 0.232 0.291 0.219 0.933 0.197 0.404 0.262 0.219
8_9 0.177 0.179 0.336 0.212 0.353 0.266 0.226 0.197 0.949 0.213 0.265 0.229
8_10 0.282 0.390 0.272 0.337 0.246 0.298 0.169 0.404 0.213 0.948 0.266 0.274
8_11 0.202 0.218 0.297 0.318 0.175 0.435 0.237 0.262 0.265 0.266 0.935 0.269
8_12 0.286 0.202 0.250 0.232 0.201 0.176 0.114 0.219 0.229 0.274 0.269 0.940
Syn. 0.187 0.215 0.187 0.204 0.207 0.189 0.185 0.217 0.230 0.260 0.199 0.187
(gen) (181) (181) (197) (182) (198) (199) (99) (117) (184) (133) (177) (179)
57
Imp. 9_1 9_2 9_3 9_4 9_5 9_6 9_7 9_8 9_9 9_10 9_11 9_12
9_1 0.942 0.207 0.294 0.215 0.297 0.205 0.250 0.221 0.232 0.223 0.240 0.187
9_2 0.207 0.997 0.232 0.213 0.198 0.189 0.238 0.235 0.153 0.224 0.196 0.203
9_3 0.294 0.232 0.976 0.196 0.350 0.165 0.253 0.249 0.183 0.244 0.213 0.157
9_4 0.215 0.213 0.196 0.959 0.150 0.384 0.230 0.289 0.235 0.382 0.223 0.249
9_5 0.297 0.198 0.350 0.150 0.964 0.135 0.254 0.191 0.145 0.180 0.195 0.142
9_6 0.205 0.189 0.165 0.384 0.135 0.997 0.190 0.234 0.217 0.312 0.178 0.195
9_7 0.250 0.238 0.253 0.230 0.254 0.190 0.997 0.166 0.168 0.212 0.191 0.222
9_8 0.221 0.235 0.249 0.289 0.191 0.234 0.166 0.963 0.230 0.269 0.229 0.155
9_9 0.232 0.153 0.183 0.235 0.145 0.217 0.168 0.230 0.948 0.213 0.332 0.181
9_10 0.223 0.224 0.244 0.382 0.180 0.312 0.212 0.269 0.213 0.946 0.229 0.184
9_11 0.240 0.196 0.213 0.223 0.195 0.178 0.191 0.229 0.332 0.229 0.948 0.171
9_12 0.187 0.203 0.157 0.249 0.142 0.195 0.222 0.155 0.181 0.184 0.171 0.981
Syn. 0.226 0.221 0.189 0.214 0.185 0.251 0.193 0.186 0.222 0.256 0.195 0.194
(gen) (144) (190) (188) (178) (184) (157) (133) (168) (144) (187) (179) (182)
Imp. 10_1 10_2 10_3 10_4 10_5 10_6 10_7 10_8 10_9 10_10 10_11 10_12
10_1 0.997 0.161 0.271 0.171 0.183 0.139 0.102 0.087 0.113 0.147 0.226 0.109
10_2 0.161 0.953 0.135 0.287 0.196 0.326 0.166 0.291 0.160 0.270 0.161 0.200
10_3 0.271 0.135 0.974 0.141 0.195 0.132 0.177 0.142 0.170 0.214 0.142 0.238
10_4 0.171 0.287 0.141 0.997 0.201 0.288 0.134 0.216 0.119 0.223 0.148 0.183
10_5 0.183 0.196 0.195 0.201 0.942 0.199 0.154 0.205 0.179 0.208 0.187 0.165
10_6 0.143 0.326 0.132 0.288 0.199 0.942 0.128 0.279 0.148 0.188 0.162 0.163
10_7 0.102 0.166 0.177 0.134 0.154 0.128 0.902 0.189 0.343 0.292 0.062 0.271
10_8 0.087 0.291 0.142 0.216 0.205 0.279 0.189 0.963 0.244 0.230 0.090 0.224
10_9 0.113 0.160 0.170 0.119 0.179 0.148 0.343 0.244 0.954 0.350 0.070 0.339
10_10 0.147 0.270 0.214 0.223 0.208 0.188 0.292 0.230 0.350 0.979 0.109 0.292
10_11 0.226 0.161 0.142 0.148 0.187 0.162 0.062 0.090 0.070 0.109 0.997 0.095
10_12 0.109 0.200 0.238 0.183 0.165 0.163 0.271 0.224 0.339 0.292 0.095 0.997
Syn. 0.270 0.180 0.219 0.202 0.206 0.185 0.187 0.190 0.232 0.191 0.241 0.182
(gen) (158) (191) (147) (200) (111) (162) (184) (120) (196) (194) (192) (182)
APPENDIX B
RESULTS OF ATTACKING PMCC (k=16)
This appendix presents the results of the attacking system against PMCC with k=16. Each table
contains the matching scores of the legitimate impressions. The last two lines show the scores
of the best synthetized minutiae templates against the applicable impression and in parenthesis,
in which generation the minutiae templates have been generated. The highest impostor
matching score in the dataset is 0.884 (2_1 against 3_7).
Imp. 1_1 1_2 1_3 1_4 1_5 1_6 1_7 1_8 1_9 1_10 1_11 1_12
1_1 1.000 0.872 0.859 0.859 0.850 0.863 0.878 0.888 0.869 0.875 0.859 0.869
1_2 0.872 1.000 0.822 0.828 0.841 0.828 0.850 0.850 0.831 0.834 0.838 0.875
1_3 0.859 0.822 1.000 0.863 0.869 0.913 0.875 0.850 0.888 0.872 0.878 0.859
1_4 0.859 0.828 0.863 1.000 0.872 0.869 0.841 0.891 0.853 0.878 0.891 0.881
1_5 0.850 0.841 0.869 0.872 1.000 0.888 0.881 0.878 0.891 0.888 0.906 0.903
1_6 0.863 0.828 0.913 0.869 0.888 1.000 0.934 0.881 0.950 0.928 0.953 0.881
1_7 0.878 0.850 0.875 0.841 0.881 0.934 1.000 0.863 0.975 0.934 0.938 0.881
1_8 0.888 0.850 0.850 0.891 0.878 0.881 0.863 1.000 0.878 0.938 0.941 0.944
1_9 0.869 0.831 0.888 0.853 0.891 0.950 0.975 0.878 1.000 0.931 0.934 0.894
1_10 0.875 0.834 0.872 0.878 0.888 0.928 0.934 0.938 0.931 1.000 0.972 0.953
1_11 0.859 0.838 0.878 0.891 0.906 0.953 0.938 0.941 0.934 0.972 1.000 0.944
1_12 0.869 0.875 0.859 0.881 0.903 0.881 0.881 0.944 0.894 0.953 0.944 1.000
Syn. 0.943 0.960 0.949 0.943 0.977 0.966 0.955 0.949 0.949 0.949 0.949 0.960
(gen) (51) (75) (98) (92) (86) (98) (65) (65) (80) (77) (61) (90)
Imp. 2_1 2_2 2_3 2_4 2_5 2_6 2_7 2_8 2_9 2_10 2_11 2_12
2_1 1.000 0.875 0.941 0.922 0.885 0.897 0.866 0.872 0.866 0.853 0.891 0.869
2_2 0.875 1.000 0.872 0.894 0.914 0.875 0.888 0.813 0.863 0.863 0.869 0.841
2_3 0.941 0.872 1.000 0.928 0.923 0.903 0.897 0.882 0.897 0.881 0.906 0.884
2_4 0.922 0.894 0.928 1.000 0.914 0.881 0.869 0.891 0.866 0.866 0.906 0.872
2_5 0.885 0.914 0.923 0.914 1.000 0.918 0.923 0.885 0.938 0.899 0.947 0.885
2_6 0.897 0.875 0.903 0.881 0.918 1.000 0.900 0.898 0.925 0.931 0.919 0.922
2_7 0.866 0.888 0.897 0.869 0.923 0.900 1.000 0.908 0.931 0.922 0.928 0.897
2_8 0.872 0.813 0.882 0.891 0.885 0.898 0.908 1.000 0.888 0.918 0.905 0.928
2_9 0.866 0.863 0.897 0.866 0.938 0.925 0.931 0.888 1.000 0.919 0.931 0.900
2_10 0.853 0.863 0.881 0.866 0.899 0.931 0.922 0.918 0.919 1.000 0.894 0.900
2_11 0.891 0.869 0.906 0.906 0.947 0.919 0.928 0.905 0.931 0.894 1.000 0.913
2_12 0.869 0.841 0.884 0.872 0.885 0.922 0.897 0.928 0.900 0.900 0.913 1.000
Syn. 0.955 0.960 0.943 0.966 0.949 0.943 0.943 0.949 0.943 0.960 0.943 0.949
(gen) (100) (91) (81) (46) (84) (91) (82) (97) (98) (71) (93) (98)
59
Imp. 3_1 3_2 3_3 3_4 3_5 3_6 3_7 3_8 3_9 3_10 3_11 3_12
3_1 1.000 0.944 0.984 0.922 0.966 0.944 0.956 0.928 0.956 0.969 0.963 0.938
3_2 0.944 1.000 0.947 0.969 0.922 0.975 0.953 0.919 0.969 0.959 0.963 0.963
3_3 0.984 0.947 1.000 0.925 0.944 0.966 0.916 0.959 0.950 0.919 0.956 0.928
3_4 0.922 0.969 0.925 1.000 0.934 0.959 0.941 0.900 0.953 0.953 0.956 0.950
3_5 0.966 0.922 0.944 0.934 1.000 0.906 0.916 0.884 0.903 0.916 0.925 0.919
3_6 0.944 0.975 0.966 0.959 0.906 1.000 0.966 0.931 0.988 0.978 0.981 0.941
3_7 0.956 0.953 0.916 0.941 0.916 0.966 1.000 0.919 0.944 0.984 0.975 0.969
3_8 0.928 0.919 0.959 0.900 0.884 0.931 0.919 1.000 0.931 0.906 0.931 0.913
3_9 0.956 0.969 0.950 0.953 0.903 0.988 0.944 0.931 1.000 0.969 0.972 0.941
3_10 0.969 0.959 0.919 0.953 0.916 0.978 0.984 0.906 0.969 1.000 0.981 0.934
3_11 0.963 0.963 0.956 0.956 0.925 0.981 0.975 0.931 0.972 0.981 1.000 0.975
3_12 0.938 0.963 0.928 0.950 0.919 0.941 0.969 0.913 0.941 0.934 0.975 1.000
Syn. 0.960 0.960 0.977 0.955 0.943 0.949 0.955 0.966 0.955 0.960 0.955 0.949
(gen) (60) (97) (58) (100) (100) (63) (70) (87) (55) (86) (86) (52)
Imp. 4_1 4_2 4_3 4_4 4_5 4_6 4_7 4_8 4_9 4_10 4_11 4_12
4_1 1.000 0.860 0.890 0.882 0.882 0.860 0.901 0.875 0.871 0.875 0.871 0.886
4_2 0.860 1.000 0.922 0.947 0.919 0.941 0.913 0.950 0.931 0.941 0.928 0.928
4_3 0.890 0.922 1.000 0.913 0.934 0.941 0.969 0.950 0.928 0.944 0.906 0.897
4_4 0.882 0.947 0.913 1.000 0.925 0.954 0.925 0.959 0.944 0.925 0.959 0.966
4_5 0.882 0.919 0.934 0.925 1.000 0.915 0.941 0.925 0.947 0.913 0.931 0.897
4_6 0.860 0.941 0.941 0.954 0.915 1.000 0.915 0.970 0.951 0.931 0.938 0.934
4_7 0.901 0.913 0.969 0.925 0.941 0.915 1.000 0.909 0.916 0.944 0.916 0.903
4_8 0.875 0.950 0.950 0.959 0.925 0.970 0.909 1.000 0.966 0.938 0.950 0.947
4_9 0.871 0.931 0.928 0.944 0.947 0.951 0.916 0.966 1.000 0.925 0.953 0.916
4_10 0.875 0.941 0.944 0.925 0.913 0.931 0.944 0.938 0.925 1.000 0.916 0.928
4_11 0.871 0.928 0.906 0.959 0.931 0.938 0.916 0.950 0.953 0.916 1.000 0.934
4_12 0.886 0.928 0.897 0.966 0.897 0.934 0.903 0.947 0.916 0.928 0.934 1.000
Syn. 0.943 0.955 0.943 0.955 0.949 0.960 0.955 0.949 0.972 0.949 0.955 0.966
(gen) (74) (99) (63) (94) (64) (75) (69) (97) (87) (69) (72) (94)
Imp. 5_1 5_2 5_3 5_4 5_5 5_6 5_7 5_8 5_9 5_10 5_11 5_12
5_1 1.000 0.895 0.891 0.885 0.911 0.891 0.872 0.882 0.878 0.895 0.905 0.931
5_2 0.895 1.000 0.906 0.909 0.925 0.931 0.909 0.891 0.909 0.895 0.928 0.909
5_3 0.891 0.906 1.000 0.906 0.928 0.903 0.972 0.915 0.975 0.905 0.938 0.881
5_4 0.885 0.909 0.906 1.000 0.903 0.906 0.888 0.915 0.878 0.901 0.894 0.875
5_5 0.911 0.925 0.928 0.903 1.000 0.928 0.922 0.911 0.938 0.905 0.916 0.909
5_6 0.891 0.931 0.903 0.906 0.928 1.000 0.897 0.928 0.894 0.901 0.934 0.947
5_7 0.872 0.909 0.972 0.888 0.922 0.897 1.000 0.901 0.972 0.882 0.903 0.856
5_8 0.882 0.891 0.915 0.915 0.911 0.928 0.901 1.000 0.898 0.915 0.898 0.898
5_9 0.878 0.909 0.975 0.878 0.938 0.894 0.972 0.898 1.000 0.891 0.906 0.875
5_10 0.895 0.895 0.905 0.901 0.905 0.901 0.882 0.915 0.891 1.000 0.918 0.918
5_11 0.905 0.928 0.938 0.894 0.916 0.934 0.903 0.898 0.906 0.918 1.000 0.928
5_12 0.931 0.909 0.881 0.875 0.909 0.947 0.856 0.898 0.875 0.918 0.928 1.000
Syn. 0.955 0.955 0.943 0.960 0.966 0.960 0.960 0.966 0.949 0.955 0.949 0.949
(gen) (93) (95) (92) (98) (52) (71) (70) (99) (77) (94) (66) (74)
60
Imp. 6_1 6_2 6_3 6_4 6_5 6_6 6_7 6_8 6_9 6_10 6_11 6_12
6_1 1.000 0.928 0.984 0.922 0.944 0.964 0.969 0.938 0.974 0.969 0.987 0.969
6_2 0.928 1.000 0.916 0.966 0.895 0.928 0.888 0.896 0.954 0.950 0.941 0.924
6_3 0.984 0.916 1.000 0.944 0.924 0.947 0.969 0.920 0.977 0.972 0.980 0.951
6_4 0.922 0.966 0.944 1.000 0.895 0.905 0.916 0.882 0.938 0.941 0.931 0.903
6_5 0.944 0.895 0.924 0.895 1.000 0.895 0.947 0.934 0.905 0.931 0.941 0.941
6_6 0.964 0.928 0.947 0.905 0.895 1.000 0.944 0.934 0.961 0.957 0.957 0.948
6_7 0.969 0.888 0.969 0.916 0.947 0.944 1.000 0.910 0.931 0.934 0.951 0.944
6_8 0.938 0.896 0.920 0.882 0.934 0.934 0.910 1.000 0.899 0.920 0.920 0.927
6_9 0.974 0.954 0.977 0.938 0.905 0.961 0.931 0.899 1.000 0.984 0.984 0.951
6_10 0.969 0.950 0.972 0.941 0.931 0.957 0.934 0.920 0.984 1.000 0.974 0.951
6_11 0.987 0.941 0.980 0.931 0.941 0.957 0.951 0.920 0.984 0.974 1.000 0.965
6_12 0.969 0.924 0.951 0.903 0.941 0.948 0.944 0.927 0.951 0.951 0.965 1.000
Syn. 0.949 0.943 0.960 0.955 0.943 0.966 0.966 0.955 0.943 0.955 0.943 0.955
(gen) (77) (84) (94) (85) (89) (96) (99) (81) (76) (93) (84) (92)
Imp. 7_1 7_2 7_3 7_4 7_5 7_6 7_7 7_8 7_9 7_10 7_11 7_12
7_1 1.000 0.944 0.934 0.928 0.922 0.922 0.894 0.947 0.897 0.928 0.906 0.915
7_2 0.944 1.000 0.938 0.916 0.941 0.966 0.875 0.959 0.934 0.941 0.926 0.944
7_3 0.934 0.938 1.000 0.959 0.981 0.944 0.916 0.944 0.963 0.938 0.898 0.938
7_4 0.928 0.916 0.959 1.000 0.944 0.919 0.909 0.941 0.953 0.928 0.918 0.915
7_5 0.922 0.941 0.981 0.944 1.000 0.931 0.900 0.944 0.969 0.944 0.902 0.928
7_6 0.922 0.966 0.944 0.919 0.931 1.000 0.881 0.972 0.928 0.956 0.930 0.924
7_7 0.894 0.875 0.916 0.909 0.900 0.881 1.000 0.888 0.931 0.878 0.895 0.872
7_8 0.947 0.959 0.944 0.941 0.944 0.972 0.888 1.000 0.931 0.978 0.926 0.915
7_9 0.897 0.934 0.963 0.953 0.969 0.928 0.931 0.931 1.000 0.916 0.918 0.915
7_10 0.928 0.941 0.938 0.928 0.944 0.956 0.878 0.978 0.916 1.000 0.938 0.941
7_11 0.906 0.926 0.898 0.918 0.902 0.930 0.895 0.926 0.918 0.938 1.000 0.961
7_12 0.915 0.944 0.938 0.915 0.928 0.924 0.872 0.915 0.915 0.941 0.961 1.000
Syn. 0.977 0.966 0.960 0.955 0.943 0.972 0.955 0.972 0.960 0.955 0.966 0.960
(gen) (86) (56) (92) (92) (98) (77) (75) (86) (98) (53) (96) (84)
Imp. 8_1 8_2 8_3 8_4 8_5 8_6 8_7 8_8 8_9 8_10 8_11 8_12
8_1 1.000 0.949 0.938 0.938 0.930 0.908 0.930 0.946 0.893 0.949 0.922 0.938
8_2 0.949 1.000 0.921 0.955 0.944 0.924 0.931 0.979 0.901 0.961 0.918 0.948
8_3 0.938 0.921 1.000 0.951 0.921 0.955 0.910 0.933 0.938 0.931 0.953 0.944
8_4 0.938 0.955 0.951 1.000 0.955 0.941 0.906 0.925 0.920 0.962 0.945 0.955
8_5 0.930 0.944 0.921 0.955 1.000 0.920 0.927 0.958 0.924 0.951 0.918 0.920
8_6 0.908 0.924 0.955 0.941 0.920 1.000 0.955 0.946 0.938 0.931 0.981 0.920
8_7 0.930 0.931 0.910 0.906 0.927 0.955 1.000 0.946 0.903 0.951 0.938 0.885
8_8 0.946 0.979 0.933 0.925 0.958 0.946 0.946 1.000 0.892 0.971 0.946 0.925
8_9 0.893 0.901 0.938 0.920 0.924 0.938 0.903 0.892 1.000 0.934 0.934 0.948
8_10 0.949 0.961 0.931 0.962 0.951 0.931 0.951 0.971 0.934 1.000 0.934 0.948
8_11 0.922 0.918 0.953 0.945 0.918 0.981 0.938 0.946 0.934 0.934 1.000 0.941
8_12 0.938 0.948 0.944 0.955 0.920 0.920 0.885 0.925 0.948 0.948 0.941 1.000
Syn. 0.960 0.943 0.943 0.949 0.949 0.943 0.955 0.955 0.955 0.949 0.972 0.943
(gen) (100) (97) (57) (82) (84) (93) (67) (80) (96) (96) (85) (98)
61
Imp. 9_1 9_2 9_3 9_4 9_5 9_6 9_7 9_8 9_9 9_10 9_11 9_12
9_1 1.000 0.969 0.959 0.975 0.966 0.963 0.969 0.950 0.972 0.966 0.972 0.963
9_2 0.969 1.000 0.956 0.975 0.963 0.966 0.975 0.931 0.953 0.963 0.947 0.972
9_3 0.959 0.956 1.000 0.953 0.969 0.931 0.944 0.931 0.941 0.953 0.928 0.944
9_4 0.975 0.975 0.953 1.000 0.944 0.997 0.978 0.966 0.972 0.969 0.972 0.975
9_5 0.966 0.963 0.969 0.944 1.000 0.944 0.956 0.947 0.944 0.953 0.959 0.956
9_6 0.963 0.966 0.931 0.997 0.944 1.000 0.969 0.959 0.975 0.981 0.959 0.959
9_7 0.969 0.975 0.944 0.978 0.956 0.969 1.000 0.938 0.953 0.963 0.941 0.969
9_8 0.950 0.931 0.931 0.966 0.947 0.959 0.938 1.000 0.969 0.959 0.956 0.963
9_9 0.972 0.953 0.941 0.972 0.944 0.975 0.953 0.969 1.000 0.972 0.978 0.966
9_10 0.966 0.963 0.953 0.969 0.953 0.981 0.963 0.959 0.972 1.000 0.953 0.959
9_11 0.972 0.947 0.928 0.972 0.959 0.959 0.941 0.956 0.978 0.953 1.000 0.947
9_12 0.963 0.972 0.944 0.975 0.956 0.959 0.969 0.963 0.966 0.959 0.947 1.000
Syn. 0.949 0.966 0.955 0.943 0.949 0.955 0.955 0.955 0.949 0.960 0.943 0.972
(gen) (69) (98) (95) (81) (98) (63) (82) (61) (98) (93) (74) (85)
Imp. 10_1 10_2 10_3 10_4 10_5 10_6 10_7 10_8 10_9 10_10 10_11 10_12
10_1 1.000 0.922 0.903 0.888 0.928 0.963 0.878 0.881 0.888 0.909 0.953 0.906
10_2 0.922 1.000 0.897 0.922 0.891 0.928 0.906 0.934 0.909 0.941 0.906 0.922
10_3 0.903 0.897 1.000 0.881 0.947 0.903 0.913 0.897 0.953 0.925 0.856 0.972
10_4 0.888 0.922 0.881 1.000 0.909 0.925 0.894 0.913 0.878 0.913 0.866 0.900
10_5 0.928 0.891 0.947 0.909 1.000 0.909 0.941 0.919 0.928 0.941 0.897 0.938
10_6 0.963 0.928 0.903 0.925 0.909 1.000 0.881 0.916 0.884 0.900 0.931 0.891
10_7 0.878 0.906 0.913 0.894 0.941 0.881 1.000 0.941 0.963 0.947 0.847 0.972
10_8 0.881 0.934 0.897 0.913 0.919 0.916 0.941 1.000 0.931 0.931 0.866 0.950
10_9 0.888 0.909 0.953 0.878 0.928 0.884 0.963 0.931 1.000 0.947 0.850 0.975
10_10 0.909 0.941 0.925 0.913 0.941 0.900 0.947 0.931 0.947 1.000 0.866 0.963
10_11 0.953 0.906 0.856 0.866 0.897 0.931 0.847 0.866 0.850 0.866 1.000 0.859
10_12 0.906 0.922 0.972 0.900 0.938 0.891 0.972 0.950 0.975 0.963 0.859 1.000
Syn. 0.966 0.955 0.943 0.949 0.949 0.949 0.949 0.955 0.966 0.955 0.949 0.966
(gen) (75) (100) (87) (100) (92) (57) (71) (59) (94) (83) (58) (91)
APPENDIX C
RESULTS OF ATTACKING PMCC (k=32)
This appendix presents the results of the attacking system against PMCC with k=32. Each table
contains the matching scores of the legitimate impressions. The last two lines show the scores
of the best synthetized minutiae templates against the applicable impression and in parenthesis,
in which generation the minutiae templates have been generated. The highest impostor
matching score in the dataset is 0.792 (1_5 against 3_10).
Imp. 1_1 1_2 1_3 1_4 1_5 1_6 1_7 1_8 1_9 1_10 1_11 1_12
1_1 1.000 0.813 0.789 0.777 0.763 0.816 0.823 0.833 0.827 0.814 0.808 0.825
1_2 0.813 1.000 0.766 0.769 0.783 0.769 0.764 0.789 0.756 0.756 0.756 0.805
1_3 0.789 0.766 1.000 0.759 0.775 0.847 0.808 0.789 0.830 0.775 0.792 0.794
1_4 0.777 0.769 0.759 1.000 0.816 0.794 0.767 0.806 0.792 0.786 0.794 0.817
1_5 0.763 0.783 0.775 0.816 1.000 0.825 0.795 0.813 0.816 0.842 0.842 0.831
1_6 0.816 0.769 0.847 0.794 0.825 1.000 0.900 0.839 0.922 0.895 0.920 0.856
1_7 0.823 0.764 0.808 0.767 0.795 0.900 1.000 0.813 0.947 0.884 0.906 0.834
1_8 0.833 0.789 0.789 0.806 0.813 0.839 0.813 1.000 0.830 0.900 0.892 0.909
1_9 0.827 0.756 0.830 0.792 0.816 0.922 0.947 0.830 1.000 0.903 0.919 0.845
1_10 0.814 0.756 0.775 0.786 0.842 0.895 0.884 0.900 0.903 1.000 0.936 0.914
1_11 0.808 0.756 0.792 0.794 0.842 0.920 0.906 0.892 0.919 0.936 1.000 0.898
1_12 0.825 0.805 0.794 0.817 0.831 0.856 0.834 0.909 0.845 0.914 0.898 1.000
Syn. 0.884 0.875 0.895 0.884 0.878 0.892 0.895 0.886 0.886 0.872 0.875 0.892
(gen) (166) (183) (167) (113) (149) (176) (187) (195) (129) (180) (200) (164)
Imp. 2_1 2_2 2_3 2_4 2_5 2_6 2_7 2_8 2_9 2_10 2_11 2_12
2_1 1.000 0.819 0.895 0.875 0.829 0.841 0.813 0.832 0.808 0.813 0.841 0.806
2_2 0.819 1.000 0.825 0.836 0.798 0.802 0.822 0.755 0.797 0.781 0.806 0.748
2_3 0.895 0.825 1.000 0.883 0.853 0.859 0.844 0.817 0.842 0.814 0.870 0.809
2_4 0.875 0.836 0.883 1.000 0.825 0.819 0.828 0.817 0.817 0.802 0.853 0.798
2_5 0.829 0.798 0.853 0.825 1.000 0.844 0.885 0.810 0.877 0.808 0.880 0.801
2_6 0.841 0.802 0.859 0.819 0.844 1.000 0.850 0.860 0.903 0.909 0.881 0.908
2_7 0.813 0.822 0.844 0.828 0.885 0.850 1.000 0.847 0.895 0.847 0.895 0.823
2_8 0.832 0.755 0.817 0.817 0.810 0.860 0.847 1.000 0.844 0.873 0.855 0.910
2_9 0.808 0.797 0.842 0.817 0.877 0.903 0.895 0.844 1.000 0.873 0.911 0.875
2_10 0.813 0.781 0.814 0.802 0.808 0.909 0.847 0.873 0.873 1.000 0.853 0.888
2_11 0.841 0.806 0.870 0.853 0.880 0.881 0.895 0.855 0.911 0.853 1.000 0.858
2_12 0.806 0.748 0.809 0.798 0.801 0.908 0.823 0.910 0.875 0.888 0.858 1.000
Syn. 0.884 0.875 0.878 0.875 0.872 0.872 0.898 0.884 0.878 0.875 0.886 0.872
(gen) (199) (190) (189) (171) (173) (141) (200) (156) (198) (168) (151) (135)
63
Imp. 3_1 3_2 3_3 3_4 3_5 3_6 3_7 3_8 3_9 3_10 3_11 3_12
3_1 1.000 0.911 0.945 0.884 0.919 0.883 0.925 0.881 0.903 0.919 0.911 0.891
3_2 0.911 1.000 0.900 0.933 0.870 0.934 0.916 0.886 0.925 0.905 0.900 0.931
3_3 0.945 0.900 1.000 0.878 0.892 0.916 0.867 0.906 0.905 0.891 0.891 0.859
3_4 0.884 0.933 0.878 1.000 0.884 0.916 0.917 0.839 0.923 0.908 0.945 0.909
3_5 0.919 0.870 0.892 0.884 1.000 0.870 0.844 0.816 0.844 0.883 0.864 0.867
3_6 0.883 0.934 0.916 0.916 0.870 1.000 0.908 0.883 0.947 0.911 0.931 0.895
3_7 0.925 0.916 0.867 0.917 0.844 0.908 1.000 0.870 0.917 0.930 0.955 0.944
3_8 0.881 0.886 0.906 0.839 0.816 0.883 0.870 1.000 0.873 0.864 0.875 0.870
3_9 0.903 0.925 0.905 0.923 0.844 0.947 0.917 0.873 1.000 0.927 0.919 0.883
3_10 0.919 0.905 0.891 0.908 0.883 0.911 0.930 0.864 0.927 1.000 0.936 0.897
3_11 0.911 0.900 0.891 0.945 0.864 0.931 0.955 0.875 0.919 0.936 1.000 0.928
3_12 0.891 0.931 0.859 0.909 0.867 0.895 0.944 0.870 0.883 0.897 0.928 1.000
Syn. 0.881 0.875 0.903 0.881 0.872 0.872 0.884 0.881 0.875 0.875 0.881 0.892
(gen) (200) (196) (196) (173) (183) (139) (174) (200) (152) (183) (168) (191)
Imp. 4_1 4_2 4_3 4_4 4_5 4_6 4_7 4_8 4_9 4_10 4_11 4_12
4_1 1.000 0.805 0.831 0.835 0.862 0.811 0.875 0.825 0.838 0.842 0.840 0.816
4_2 0.805 1.000 0.873 0.917 0.883 0.911 0.884 0.903 0.894 0.891 0.900 0.873
4_3 0.831 0.873 1.000 0.872 0.902 0.880 0.942 0.916 0.867 0.898 0.861 0.838
4_4 0.835 0.917 0.872 1.000 0.898 0.911 0.900 0.944 0.906 0.897 0.928 0.916
4_5 0.862 0.883 0.902 0.898 1.000 0.878 0.936 0.898 0.906 0.886 0.900 0.866
4_6 0.811 0.911 0.880 0.911 0.878 1.000 0.867 0.931 0.916 0.885 0.911 0.900
4_7 0.875 0.884 0.942 0.900 0.936 0.867 1.000 0.886 0.878 0.909 0.886 0.848
4_8 0.825 0.903 0.916 0.944 0.898 0.931 0.886 1.000 0.942 0.906 0.942 0.898
4_9 0.838 0.894 0.867 0.906 0.906 0.916 0.878 0.942 1.000 0.888 0.936 0.875
4_10 0.842 0.891 0.898 0.897 0.886 0.885 0.909 0.906 0.888 1.000 0.880 0.861
4_11 0.840 0.900 0.861 0.928 0.900 0.911 0.886 0.942 0.936 0.880 1.000 0.892
4_12 0.816 0.873 0.838 0.916 0.866 0.900 0.848 0.898 0.875 0.861 0.892 1.000
Syn. 0.881 0.886 0.881 0.875 0.895 0.872 0.872 0.875 0.892 0.884 0.884 0.881
(gen) (142) (169) (186) (153) (171) (166) (176) (156) (177) (64) (199) (183)
Imp. 5_1 5_2 5_3 5_4 5_5 5_6 5_7 5_8 5_9 5_10 5_11 5_12
5_1 1.000 0.852 0.829 0.841 0.839 0.836 0.826 0.834 0.816 0.865 0.870 0.888
5_2 0.852 1.000 0.870 0.864 0.872 0.886 0.858 0.855 0.858 0.850 0.900 0.861
5_3 0.829 0.870 1.000 0.864 0.906 0.861 0.953 0.867 0.950 0.867 0.906 0.834
5_4 0.841 0.864 0.864 1.000 0.864 0.872 0.863 0.890 0.841 0.880 0.873 0.833
5_5 0.839 0.872 0.906 0.864 1.000 0.903 0.897 0.875 0.906 0.875 0.888 0.884
5_6 0.836 0.886 0.861 0.872 0.903 1.000 0.863 0.908 0.858 0.862 0.898 0.906
5_7 0.826 0.858 0.953 0.863 0.897 0.863 1.000 0.877 0.947 0.850 0.878 0.825
5_8 0.834 0.855 0.867 0.890 0.875 0.908 0.877 1.000 0.854 0.883 0.878 0.859
5_9 0.816 0.858 0.950 0.841 0.906 0.858 0.947 0.854 1.000 0.859 0.869 0.831
5_10 0.865 0.850 0.867 0.880 0.875 0.862 0.850 0.883 0.859 1.000 0.891 0.882
5_11 0.870 0.900 0.906 0.873 0.888 0.898 0.878 0.878 0.869 0.891 1.000 0.897
5_12 0.888 0.861 0.834 0.833 0.884 0.906 0.825 0.859 0.831 0.882 0.897 1.000
Syn. 0.886 0.881 0.875 0.875 0.884 0.889 0.895 0.884 0.872 0.889 0.872 0.889
(gen) (181) (195) (130) (170) (118) (166) (178) (85) (163) (189) (184) (163)
64
Imp. 6_1 6_2 6_3 6_4 6_5 6_6 6_7 6_8 6_9 6_10 6_11 6_12
6_1 1.000 0.898 0.958 0.889 0.929 0.938 0.948 0.908 0.939 0.955 0.949 0.936
6_2 0.898 1.000 0.884 0.942 0.841 0.905 0.859 0.854 0.903 0.925 0.882 0.892
6_3 0.958 0.884 1.000 0.903 0.901 0.915 0.952 0.892 0.942 0.936 0.939 0.917
6_4 0.889 0.942 0.903 1.000 0.824 0.867 0.883 0.826 0.878 0.906 0.888 0.872
6_5 0.929 0.841 0.901 0.824 1.000 0.859 0.923 0.915 0.862 0.893 0.916 0.901
6_6 0.938 0.905 0.915 0.867 0.859 1.000 0.913 0.908 0.921 0.924 0.926 0.924
6_7 0.948 0.859 0.952 0.883 0.923 0.913 1.000 0.889 0.911 0.920 0.928 0.913
6_8 0.908 0.854 0.892 0.826 0.915 0.908 0.889 1.000 0.858 0.880 0.896 0.924
6_9 0.939 0.903 0.942 0.878 0.862 0.921 0.911 0.858 1.000 0.941 0.951 0.910
6_10 0.955 0.925 0.936 0.906 0.893 0.924 0.920 0.880 0.941 1.000 0.947 0.925
6_11 0.949 0.882 0.939 0.888 0.916 0.926 0.928 0.896 0.951 0.947 1.000 0.915
6_12 0.936 0.892 0.917 0.872 0.901 0.924 0.913 0.924 0.910 0.925 0.915 1.000
Syn. 0.886 0.875 0.889 0.881 0.884 0.881 0.886 0.878 0.884 0.878 0.872 0.881
(gen) (180) (179) (174) (136) (199) (158) (196) (183) (151) (184) (196) (181)
Imp. 7_1 7_2 7_3 7_4 7_5 7_6 7_7 7_8 7_9 7_10 7_11 7_12
7_1 1.000 0.922 0.902 0.898 0.895 0.897 0.842 0.916 0.861 0.909 0.867 0.860
7_2 0.922 1.000 0.908 0.895 0.900 0.939 0.845 0.939 0.878 0.917 0.885 0.913
7_3 0.902 0.908 1.000 0.931 0.970 0.927 0.892 0.906 0.939 0.917 0.887 0.905
7_4 0.898 0.895 0.931 1.000 0.923 0.914 0.909 0.923 0.922 0.897 0.902 0.890
7_5 0.895 0.900 0.970 0.923 1.000 0.914 0.870 0.916 0.944 0.913 0.879 0.898
7_6 0.897 0.939 0.927 0.914 0.914 1.000 0.859 0.953 0.908 0.939 0.920 0.905
7_7 0.842 0.845 0.892 0.909 0.870 0.859 1.000 0.864 0.889 0.859 0.840 0.819
7_8 0.916 0.939 0.906 0.923 0.916 0.953 0.864 1.000 0.892 0.934 0.898 0.888
7_9 0.861 0.878 0.939 0.922 0.944 0.908 0.889 0.892 1.000 0.895 0.891 0.875
7_10 0.909 0.917 0.917 0.897 0.913 0.939 0.859 0.934 0.895 1.000 0.904 0.895
7_11 0.867 0.885 0.887 0.902 0.879 0.920 0.840 0.898 0.891 0.904 1.000 0.938
7_12 0.860 0.913 0.905 0.890 0.898 0.905 0.819 0.888 0.875 0.895 0.938 1.000
Syn. 0.901 0.878 0.886 0.881 0.878 0.872 0.872 0.872 0.875 0.884 0.903 0.886
(gen) (176) (182) (181) (189) (144) (196) (100) (179) (163) (195) (176) (155)
Imp. 8_1 8_2 8_3 8_4 8_5 8_6 8_7 8_8 8_9 8_10 8_11 8_12
8_1 1.000 0.910 0.881 0.904 0.910 0.871 0.882 0.915 0.864 0.941 0.883 0.914
8_2 0.910 1.000 0.878 0.917 0.911 0.870 0.879 0.940 0.850 0.933 0.875 0.920
8_3 0.881 0.878 1.000 0.906 0.887 0.918 0.889 0.900 0.908 0.891 0.924 0.905
8_4 0.904 0.917 0.906 1.000 0.925 0.901 0.868 0.910 0.873 0.924 0.918 0.901
8_5 0.910 0.911 0.887 0.925 1.000 0.856 0.891 0.935 0.882 0.933 0.873 0.891
8_6 0.871 0.870 0.918 0.901 0.856 1.000 0.912 0.904 0.913 0.899 0.947 0.884
8_7 0.882 0.879 0.889 0.868 0.891 0.912 1.000 0.921 0.861 0.905 0.908 0.858
8_8 0.915 0.940 0.900 0.910 0.935 0.904 0.921 1.000 0.867 0.956 0.902 0.894
8_9 0.864 0.850 0.908 0.873 0.882 0.913 0.861 0.867 1.000 0.898 0.916 0.887
8_10 0.941 0.933 0.891 0.924 0.933 0.899 0.905 0.956 0.898 1.000 0.910 0.910
8_11 0.883 0.875 0.924 0.918 0.873 0.947 0.908 0.902 0.916 0.910 1.000 0.897
8_12 0.914 0.920 0.905 0.901 0.891 0.884 0.858 0.894 0.887 0.910 0.897 1.000
Syn. 0.875 0.872 0.872 0.886 0.875 0.872 0.884 0.878 0.895 0.878 0.886 0.878
(gen) (89) (153) (122) (175) (194) (130) (134) (191) (144) (197) (134) (198)
65
Imp. 9_1 9_2 9_3 9_4 9_5 9_6 9_7 9_8 9_9 9_10 9_11 9_12
9_1 1.000 0.922 0.913 0.923 0.923 0.917 0.933 0.913 0.925 0.914 0.925 0.923
9_2 0.922 1.000 0.919 0.931 0.914 0.923 0.925 0.909 0.916 0.931 0.905 0.941
9_3 0.913 0.919 1.000 0.920 0.925 0.891 0.891 0.902 0.895 0.909 0.902 0.902
9_4 0.923 0.931 0.920 1.000 0.908 0.969 0.933 0.928 0.920 0.950 0.914 0.931
9_5 0.923 0.914 0.925 0.908 1.000 0.895 0.906 0.911 0.891 0.902 0.913 0.909
9_6 0.917 0.923 0.891 0.969 0.895 1.000 0.923 0.931 0.930 0.959 0.895 0.922
9_7 0.933 0.925 0.891 0.933 0.906 0.923 1.000 0.886 0.888 0.925 0.884 0.934
9_8 0.913 0.909 0.902 0.928 0.911 0.931 0.886 1.000 0.934 0.922 0.916 0.911
9_9 0.925 0.916 0.895 0.920 0.891 0.930 0.888 0.934 1.000 0.931 0.948 0.909
9_10 0.914 0.931 0.909 0.950 0.902 0.959 0.925 0.922 0.931 1.000 0.905 0.923
9_11 0.925 0.905 0.902 0.914 0.913 0.895 0.884 0.916 0.948 0.905 1.000 0.881
9_12 0.923 0.941 0.902 0.931 0.909 0.922 0.934 0.911 0.909 0.923 0.881 1.000
Syn. 0.901 0.875 0.875 0.881 0.878 0.878 0.884 0.878 0.872 0.872 0.875 0.872
(gen) (188) (199) (98) (187) (133) (185) (193) (196) (125) (154) (100) (198)
Imp. 10_1 10_2 10_3 10_4 10_5 10_6 10_7 10_8 10_9 10_10 10_11 10_12
10_1 1.000 0.872 0.875 0.847 0.898 0.905 0.859 0.823 0.859 0.864 0.900 0.875
10_2 0.872 1.000 0.856 0.916 0.842 0.911 0.869 0.906 0.858 0.897 0.861 0.877
10_3 0.875 0.856 1.000 0.827 0.913 0.864 0.895 0.842 0.903 0.880 0.813 0.923
10_4 0.847 0.916 0.827 1.000 0.844 0.916 0.845 0.877 0.848 0.878 0.844 0.845
10_5 0.898 0.842 0.913 0.844 1.000 0.867 0.892 0.863 0.883 0.878 0.844 0.894
10_6 0.905 0.911 0.864 0.916 0.867 1.000 0.844 0.891 0.844 0.830 0.889 0.836
10_7 0.859 0.869 0.895 0.845 0.892 0.844 1.000 0.898 0.934 0.917 0.805 0.947
10_8 0.823 0.906 0.842 0.877 0.863 0.891 0.898 1.000 0.884 0.886 0.822 0.889
10_9 0.859 0.858 0.903 0.848 0.883 0.844 0.934 0.884 1.000 0.922 0.791 0.931
10_10 0.864 0.897 0.880 0.878 0.878 0.830 0.917 0.886 0.922 1.000 0.814 0.938
10_11 0.900 0.861 0.813 0.844 0.844 0.889 0.805 0.822 0.791 0.814 1.000 0.797
10_12 0.875 0.877 0.923 0.845 0.894 0.836 0.947 0.889 0.931 0.938 0.797 1.000
Syn. 0.881 0.884 0.881 0.875 0.878 0.875 0.886 0.875 0.886 0.884 0.875 0.881
(gen) (191) (167) (188) (172) (189) (96) (184) (177) (185) (184) (176) (132)
APPENDIX D
RESULTS OF ATTACKING PMCC (k=64)
This appendix presents the results of the attacking system against PMCC with k=64. Each table
contains the matching scores of the legitimate impressions. The last two lines show the scores
of the best synthetized minutiae templates against the applicable impression and in parenthesis,
in which generation the minutiae templates have been generated. The highest impostor
matching score in the dataset is 0.711 (3_8 against 5_6).
Imp. 1_1 1_2 1_3 1_4 1_5 1_6 1_7 1_8 1_9 1_10 1_11 1_12
1_1 1.000 0.774 0.728 0.709 0.724 0.777 0.781 0.804 0.789 0.777 0.774 0.790
1_2 0.774 1.000 0.698 0.706 0.722 0.723 0.717 0.752 0.721 0.714 0.724 0.766
1_3 0.728 0.698 1.000 0.706 0.716 0.795 0.768 0.748 0.778 0.741 0.748 0.760
1_4 0.709 0.706 0.706 1.000 0.766 0.745 0.702 0.755 0.731 0.728 0.746 0.759
1_5 0.724 0.722 0.716 0.766 1.000 0.763 0.749 0.771 0.765 0.781 0.789 0.777
1_6 0.777 0.723 0.795 0.745 0.763 1.000 0.869 0.800 0.888 0.861 0.889 0.825
1_7 0.781 0.717 0.768 0.702 0.749 0.869 1.000 0.773 0.923 0.852 0.884 0.795
1_8 0.804 0.752 0.748 0.755 0.771 0.800 0.773 1.000 0.777 0.874 0.846 0.881
1_9 0.789 0.721 0.778 0.731 0.765 0.888 0.923 0.777 1.000 0.863 0.891 0.792
1_10 0.777 0.714 0.741 0.728 0.781 0.861 0.852 0.874 0.863 1.000 0.899 0.876
1_11 0.774 0.724 0.748 0.746 0.789 0.889 0.884 0.846 0.891 0.899 1.000 0.864
1_12 0.790 0.766 0.760 0.759 0.777 0.825 0.795 0.881 0.792 0.876 0.864 1.000
Syn. 0.805 0.811 0.813 0.801 0.801 0.841 0.814 0.818 0.820 0.818 0.822 0.805
(gen) (199) (168) (184) (200) (199) (163) (173) (180) (198) (183) (196) (156)
Imp. 2_1 2_2 2_3 2_4 2_5 2_6 2_7 2_8 2_9 2_10 2_11 2_12
2_1 1.000 0.784 0.857 0.845 0.790 0.810 0.780 0.795 0.773 0.788 0.823 0.760
2_2 0.784 1.000 0.770 0.793 0.760 0.744 0.759 0.701 0.738 0.728 0.746 0.691
2_3 0.857 0.770 1.000 0.843 0.809 0.830 0.813 0.794 0.804 0.772 0.852 0.783
2_4 0.845 0.793 0.843 1.000 0.808 0.789 0.777 0.782 0.783 0.759 0.831 0.766
2_5 0.790 0.760 0.809 0.808 1.000 0.821 0.869 0.784 0.831 0.776 0.856 0.758
2_6 0.810 0.744 0.830 0.789 0.821 1.000 0.816 0.831 0.868 0.881 0.854 0.871
2_7 0.780 0.759 0.813 0.777 0.869 0.816 1.000 0.820 0.857 0.802 0.866 0.778
2_8 0.795 0.701 0.794 0.782 0.784 0.831 0.820 1.000 0.807 0.848 0.833 0.880
2_9 0.773 0.738 0.804 0.783 0.831 0.868 0.857 0.807 1.000 0.841 0.868 0.832
2_10 0.788 0.728 0.772 0.759 0.776 0.881 0.802 0.848 0.841 1.000 0.828 0.852
2_11 0.823 0.746 0.852 0.831 0.856 0.854 0.866 0.833 0.868 0.828 1.000 0.824
2_12 0.760 0.691 0.783 0.766 0.758 0.871 0.778 0.880 0.832 0.852 0.824 1.000
Syn. 0.804 0.803 0.803 0.821 0.810 0.808 0.801 0.803 0.804 0.804 0.807 0.808
(gen) (199) (196) (98) (176) (197) (141) (122) (165) (138) (196) (145) (182)
67
Imp. 3_1 3_2 3_3 3_4 3_5 3_6 3_7 3_8 3_9 3_10 3_11 3_12
3_1 1.000 0.858 0.906 0.835 0.879 0.848 0.880 0.831 0.850 0.864 0.866 0.857
3_2 0.858 1.000 0.838 0.901 0.820 0.896 0.865 0.844 0.880 0.856 0.850 0.911
3_3 0.906 0.838 1.000 0.833 0.856 0.875 0.827 0.859 0.856 0.822 0.841 0.824
3_4 0.835 0.901 0.833 1.000 0.836 0.898 0.873 0.790 0.881 0.865 0.901 0.889
3_5 0.879 0.820 0.856 0.836 1.000 0.807 0.803 0.786 0.810 0.851 0.825 0.830
3_6 0.848 0.896 0.875 0.898 0.807 1.000 0.852 0.837 0.901 0.881 0.894 0.876
3_7 0.880 0.865 0.827 0.873 0.803 0.852 1.000 0.827 0.874 0.881 0.915 0.902
3_8 0.831 0.844 0.859 0.790 0.786 0.837 0.827 1.000 0.827 0.796 0.823 0.827
3_9 0.850 0.880 0.856 0.881 0.810 0.901 0.874 0.827 1.000 0.877 0.891 0.842
3_10 0.864 0.856 0.822 0.865 0.851 0.881 0.881 0.796 0.877 1.000 0.891 0.859
3_11 0.866 0.850 0.841 0.901 0.825 0.894 0.915 0.823 0.891 0.891 1.000 0.891
3_12 0.857 0.911 0.824 0.889 0.830 0.876 0.902 0.827 0.842 0.859 0.891 1.000
Syn. 0.807 0.801 0.801 0.821 0.810 0.803 0.814 0.810 0.815 0.803 0.801 0.801
(gen) (155) (199) (166) (198) (143) (138) (182) (198) (198) (196) (151) (181)
Imp. 4_1 4_2 4_3 4_4 4_5 4_6 4_7 4_8 4_9 4_10 4_11 4_12
4_1 1.000 0.781 0.805 0.814 0.845 0.798 0.847 0.798 0.803 0.816 0.821 0.785
4_2 0.781 1.000 0.848 0.900 0.863 0.881 0.856 0.880 0.872 0.879 0.869 0.840
4_3 0.805 0.848 1.000 0.841 0.873 0.845 0.920 0.876 0.823 0.866 0.834 0.808
4_4 0.814 0.900 0.841 1.000 0.877 0.877 0.861 0.913 0.881 0.873 0.897 0.883
4_5 0.845 0.863 0.873 0.877 1.000 0.842 0.901 0.873 0.870 0.863 0.866 0.838
4_6 0.798 0.881 0.845 0.877 0.842 1.000 0.835 0.894 0.871 0.854 0.864 0.855
4_7 0.847 0.856 0.920 0.861 0.901 0.835 1.000 0.841 0.834 0.880 0.859 0.806
4_8 0.798 0.880 0.876 0.913 0.873 0.894 0.841 1.000 0.896 0.875 0.897 0.861
4_9 0.803 0.872 0.823 0.881 0.870 0.871 0.834 0.896 1.000 0.852 0.907 0.837
4_10 0.816 0.879 0.866 0.873 0.863 0.854 0.880 0.875 0.852 1.000 0.863 0.817
4_11 0.821 0.869 0.834 0.897 0.866 0.864 0.859 0.897 0.907 0.863 1.000 0.852
4_12 0.785 0.840 0.808 0.883 0.838 0.855 0.806 0.861 0.837 0.817 0.852 1.000
Syn. 0.845 0.824 0.817 0.807 0.803 0.818 0.803 0.815 0.811 0.804 0.803 0.805
(gen) (129) (192) (178) (71) (174) (174) (188) (188) (180) (158) (197) (147)
Imp. 5_1 5_2 5_3 5_4 5_5 5_6 5_7 5_8 5_9 5_10 5_11 5_12
5_1 1.000 0.817 0.801 0.819 0.807 0.816 0.811 0.805 0.789 0.842 0.841 0.856
5_2 0.817 1.000 0.835 0.833 0.834 0.843 0.827 0.813 0.826 0.831 0.869 0.831
5_3 0.801 0.835 1.000 0.820 0.881 0.823 0.933 0.827 0.924 0.838 0.868 0.809
5_4 0.819 0.833 0.820 1.000 0.818 0.836 0.813 0.859 0.801 0.848 0.841 0.810
5_5 0.807 0.834 0.881 0.818 1.000 0.853 0.873 0.822 0.876 0.839 0.848 0.850
5_6 0.816 0.843 0.823 0.836 0.853 1.000 0.835 0.870 0.819 0.851 0.856 0.878
5_7 0.811 0.827 0.933 0.813 0.873 0.835 1.000 0.841 0.909 0.841 0.852 0.814
5_8 0.805 0.813 0.827 0.859 0.822 0.870 0.841 1.000 0.810 0.845 0.854 0.828
5_9 0.789 0.826 0.924 0.801 0.876 0.819 0.909 0.810 1.000 0.832 0.841 0.803
5_10 0.842 0.831 0.838 0.848 0.839 0.851 0.841 0.845 0.832 1.000 0.864 0.868
5_11 0.841 0.869 0.868 0.841 0.848 0.856 0.852 0.854 0.841 0.864 1.000 0.866
5_12 0.856 0.831 0.809 0.810 0.850 0.878 0.814 0.828 0.803 0.868 0.866 1.000
Syn. 0.801 0.805 0.811 0.811 0.810 0.814 0.813 0.818 0.808 0.831 0.817 0.807
(gen) (168) (174) (195) (156) (200) (124) (197) (164) (191) (197) (196) (186)
68
Imp. 6_1 6_2 6_3 6_4 6_5 6_6 6_7 6_8 6_9 6_10 6_11 6_12
6_1 1.000 0.883 0.938 0.864 0.910 0.916 0.919 0.899 0.930 0.932 0.935 0.912
6_2 0.883 1.000 0.859 0.907 0.832 0.889 0.838 0.844 0.883 0.898 0.871 0.870
6_3 0.938 0.859 1.000 0.885 0.905 0.893 0.940 0.889 0.928 0.917 0.934 0.896
6_4 0.864 0.907 0.885 1.000 0.826 0.850 0.855 0.818 0.865 0.877 0.879 0.846
6_5 0.910 0.832 0.905 0.826 1.000 0.853 0.908 0.898 0.854 0.882 0.901 0.884
6_6 0.916 0.889 0.893 0.850 0.853 1.000 0.889 0.893 0.913 0.908 0.907 0.906
6_7 0.919 0.838 0.940 0.855 0.908 0.889 1.000 0.881 0.893 0.899 0.904 0.886
6_8 0.899 0.844 0.889 0.818 0.898 0.893 0.881 1.000 0.865 0.871 0.892 0.900
6_9 0.930 0.883 0.928 0.865 0.854 0.913 0.893 0.865 1.000 0.917 0.945 0.899
6_10 0.932 0.898 0.917 0.877 0.882 0.908 0.899 0.871 0.917 1.000 0.933 0.899
6_11 0.935 0.871 0.934 0.879 0.901 0.907 0.904 0.892 0.945 0.933 1.000 0.904
6_12 0.912 0.870 0.896 0.846 0.884 0.906 0.886 0.900 0.899 0.899 0.904 1.000
Syn. 0.807 0.818 0.831 0.811 0.807 0.814 0.807 0.801 0.813 0.813 0.821 0.835
(gen) (172) (191) (142) (181) (192) (180) (171) (181) (198) (164) (189) (192)
Imp. 7_1 7_2 7_3 7_4 7_5 7_6 7_7 7_8 7_9 7_10 7_11 7_12
7_1 1.000 0.897 0.859 0.845 0.834 0.861 0.804 0.884 0.820 0.884 0.830 0.820
7_2 0.897 1.000 0.870 0.870 0.870 0.917 0.815 0.922 0.855 0.899 0.874 0.878
7_3 0.859 0.870 1.000 0.888 0.936 0.870 0.857 0.869 0.909 0.877 0.848 0.862
7_4 0.845 0.870 0.888 1.000 0.888 0.872 0.856 0.882 0.884 0.856 0.873 0.868
7_5 0.834 0.870 0.936 0.888 1.000 0.874 0.839 0.871 0.923 0.887 0.847 0.857
7_6 0.861 0.917 0.870 0.872 0.874 1.000 0.817 0.926 0.876 0.902 0.893 0.892
7_7 0.804 0.815 0.857 0.856 0.839 0.817 1.000 0.831 0.866 0.818 0.812 0.785
7_8 0.884 0.922 0.869 0.882 0.871 0.926 0.831 1.000 0.864 0.895 0.870 0.854
7_9 0.820 0.855 0.909 0.884 0.923 0.876 0.866 0.864 1.000 0.872 0.843 0.845
7_10 0.884 0.899 0.877 0.856 0.887 0.902 0.818 0.895 0.872 1.000 0.879 0.864
7_11 0.830 0.874 0.848 0.873 0.847 0.893 0.812 0.870 0.843 0.879 1.000 0.913
7_12 0.820 0.878 0.862 0.868 0.857 0.892 0.785 0.854 0.845 0.864 0.913 1.000
Syn. 0.830 0.828 0.840 0.810 0.820 0.822 0.807 0.825 0.821 0.815 0.822 0.820
(gen) (190) (186) (194) (177) (146) (167) (200) (190) (180) (126) (193) (173)
Imp. 8_1 8_2 8_3 8_4 8_5 8_6 8_7 8_8 8_9 8_10 8_11 8_12
8_1 1.000 0.878 0.856 0.871 0.883 0.838 0.855 0.898 0.840 0.896 0.868 0.873
8_2 0.878 1.000 0.855 0.890 0.887 0.846 0.846 0.915 0.835 0.923 0.862 0.881
8_3 0.856 0.855 1.000 0.870 0.871 0.899 0.877 0.870 0.881 0.868 0.917 0.872
8_4 0.871 0.890 0.870 1.000 0.899 0.870 0.852 0.898 0.837 0.895 0.887 0.866
8_5 0.883 0.887 0.871 0.899 1.000 0.838 0.878 0.899 0.868 0.899 0.856 0.866
8_6 0.838 0.846 0.899 0.870 0.838 1.000 0.885 0.884 0.884 0.879 0.930 0.841
8_7 0.855 0.846 0.877 0.852 0.878 0.885 1.000 0.882 0.846 0.872 0.892 0.826
8_8 0.898 0.915 0.870 0.898 0.899 0.884 0.882 1.000 0.831 0.930 0.881 0.847
8_9 0.840 0.835 0.881 0.837 0.868 0.884 0.846 0.831 1.000 0.859 0.892 0.864
8_10 0.896 0.923 0.868 0.895 0.899 0.879 0.872 0.930 0.859 1.000 0.881 0.884
8_11 0.868 0.862 0.917 0.887 0.856 0.930 0.892 0.881 0.892 0.881 1.000 0.869
8_12 0.873 0.881 0.872 0.866 0.866 0.841 0.826 0.847 0.864 0.884 0.869 1.000
Syn. 0.817 0.811 0.814 0.828 0.822 0.805 0.804 0.815 0.849 0.810 0.813 0.834
(gen) (178) (200) (170) (197) (194) (108) (178) (192) (187) (195) (193) (195)
69
Imp. 9_1 9_2 9_3 9_4 9_5 9_6 9_7 9_8 9_9 9_10 9_11 9_12
9_1 1.000 0.877 0.888 0.888 0.897 0.888 0.890 0.888 0.895 0.884 0.899 0.882
9_2 0.877 1.000 0.876 0.904 0.870 0.881 0.897 0.877 0.886 0.909 0.873 0.906
9_3 0.888 0.876 1.000 0.884 0.888 0.855 0.857 0.877 0.866 0.882 0.867 0.864
9_4 0.888 0.904 0.884 1.000 0.863 0.942 0.889 0.899 0.895 0.925 0.870 0.892
9_5 0.897 0.870 0.888 0.863 1.000 0.866 0.882 0.874 0.863 0.866 0.891 0.878
9_6 0.888 0.881 0.855 0.942 0.866 1.000 0.888 0.906 0.899 0.923 0.868 0.884
9_7 0.890 0.897 0.857 0.889 0.882 0.888 1.000 0.862 0.862 0.906 0.849 0.902
9_8 0.888 0.877 0.877 0.899 0.874 0.906 0.862 1.000 0.910 0.907 0.885 0.873
9_9 0.895 0.886 0.866 0.895 0.863 0.899 0.862 0.910 1.000 0.904 0.927 0.877
9_10 0.884 0.909 0.882 0.925 0.866 0.923 0.906 0.907 0.904 1.000 0.871 0.891
9_11 0.899 0.873 0.867 0.870 0.891 0.868 0.849 0.885 0.927 0.871 1.000 0.863
9_12 0.882 0.906 0.864 0.892 0.878 0.884 0.902 0.873 0.877 0.891 0.863 1.000
Syn. 0.801 0.827 0.807 0.821 0.828 0.808 0.810 0.810 0.803 0.805 0.821 0.807
(gen) (184) (184) (180) (194) (198) (197) (164) (157) (172) (134) (185) (167)
Imp. 10_1 10_2 10_3 10_4 10_5 10_6 10_7 10_8 10_9 10_10 10_11 10_12
10_1 1.000 0.847 0.843 0.835 0.879 0.875 0.828 0.798 0.828 0.835 0.878 0.845
10_2 0.847 1.000 0.809 0.894 0.820 0.890 0.822 0.866 0.808 0.851 0.821 0.817
10_3 0.843 0.809 1.000 0.781 0.891 0.833 0.873 0.831 0.867 0.844 0.788 0.900
10_4 0.835 0.894 0.781 1.000 0.800 0.889 0.818 0.844 0.808 0.849 0.805 0.807
10_5 0.879 0.820 0.891 0.800 1.000 0.836 0.881 0.836 0.864 0.864 0.814 0.852
10_6 0.875 0.890 0.833 0.889 0.836 1.000 0.816 0.851 0.813 0.814 0.854 0.815
10_7 0.828 0.822 0.873 0.818 0.881 0.816 1.000 0.860 0.911 0.884 0.763 0.911
10_8 0.798 0.866 0.831 0.844 0.836 0.851 0.860 1.000 0.852 0.854 0.777 0.853
10_9 0.828 0.808 0.867 0.808 0.864 0.813 0.911 0.852 1.000 0.899 0.741 0.908
10_10 0.835 0.851 0.844 0.849 0.864 0.814 0.884 0.854 0.899 1.000 0.790 0.897
10_11 0.878 0.821 0.788 0.805 0.814 0.854 0.763 0.777 0.741 0.790 1.000 0.751
10_12 0.845 0.817 0.900 0.807 0.852 0.815 0.911 0.853 0.908 0.897 0.751 1.000
Syn. 0.810 0.820 0.805 0.824 0.807 0.807 0.825 0.818 0.813 0.807 0.804 0.811
(gen) (197) (193) (161) (192) (149) (170) (194) (190) (174) (138) (188) (188)
APPENDIX E
RESULTS OF ATTACKING BIOTOPETM
This appendix presents the results of the attacking system against the BiotopeTM system. Each
table contains the matching scores of the legitimate impressions. The last two lines show the
scores of the best synthetized minutiae templates against the applicable impression and in
parenthesis, in which generation the minutiae templates have been generated. The highest
impostor matching score in the dataset is 0.496 (1_6 against 2_10).
Imp. 1_1 1_2 1_3 1_4 1_5 1_6 1_7 1_8 1_9 1_10 1_11 1_12
1_1 1.000 0.138 0.895 0.562 0.368 0.280 0.235 1.000 0.461 0.207 0.910 0.677
1_2 0.356 1.000 0.382 0.507 0.382 0.450 0.080 0.799 0.253 0.439 0.452 0.345
1_3 0.841 0.669 1.000 0.873 0.611 0.181 0.236 0.872 0.279 0.393 0.319 0.757
1_4 0.659 0.507 0.528 1.000 0.415 0.602 0.268 0.153 0.267 0.280 0.462 0.463
1_5 0.406 0.631 0.678 0.428 1.000 0.267 0.306 0.603 0.517 0.332 0.541 0.320
1_6 0.909 0.659 0.917 0.731 0.506 1.000 0.988 0.864 1.000 0.382 0.902 0.406
1_7 0.194 0.268 0.960 0.651 0.370 1.000 1.000 0.268 1.000 0.382 0.918 0.809
1_8 0.358 0.790 0.403 0.417 0.319 0.281 0.237 1.000 0.281 0.815 0.902 0.195
1_9 1.000 0.687 0.959 0.676 0.474 1.000 0.910 1.000 1.000 0.281 0.997 0.849
1_10 0.660 0.450 0.495 0.332 0.429 0.294 0.357 0.856 0.268 1.000 0.612 0.474
1_11 0.938 0.612 0.960 0.810 0.552 1.000 0.370 0.925 1.000 0.639 1.000 0.917
1_12 0.705 0.686 0.678 0.622 0.319 0.209 0.319 1.000 0.462 0.473 0.694 1.000
Syn. 1.000 0.869 0.895 0.948 0.801 0.970 1.000 0.918 1.000 0.955 0.956 0.887
(gen) (27) (48) (49) (50) (41) (49) (37) (50) (48) (48) (47) (41)
Imp. 2_1 2_2 2_3 2_4 2_5 2_6 2_7 2_8 2_9 2_10 2_11 2_12
2_1 1.000 0.236 0.880 0.612 0.728 0.766 0.826 0.801 0.774 0.268 0.241 0.726
2_2 0.429 1.000 0.924 0.427 0.605 0.406 0.592 0.266 0.640 0.368 0.138 0.462
2_3 0.507 0.841 1.000 0.380 0.683 0.748 0.850 0.863 0.452 0.841 0.368 0.785
2_4 0.602 0.267 0.266 1.000 0.503 0.254 0.293 0.562 0.222 0.234 0.793 0.225
2_5 0.199 0.407 0.127 0.113 1.000 0.932 1.000 0.669 0.939 0.728 1.000 0.694
2_6 0.332 0.474 0.602 0.429 0.939 1.000 1.000 1.000 1.000 1.000 1.000 1.000
2_7 0.268 0.548 0.841 0.485 1.000 1.000 1.000 1.000 1.000 1.000 0.393 1.000
2_8 0.356 0.213 0.358 0.622 0.817 1.000 1.000 1.000 1.000 1.000 0.241 1.000
2_9 0.206 0.381 0.549 0.268 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
2_10 0.254 0.208 0.687 0.320 0.754 1.000 1.000 1.000 1.000 1.000 0.280 1.000
2_11 0.268 0.622 0.909 0.167 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
2_12 0.268 0.344 0.485 0.227 0.687 1.000 1.000 1.000 1.000 1.000 0.913 1.000
Syn. 0.893 0.965 0.857 0.967 0.937 0.969 1.000 1.000 1.000 1.000 1.000 0.997
(gen) (49) (50) (46) (50) (47) (49) (47) (25) (46) (40) (47) (50)
71
Imp. 3_1 3_2 3_3 3_4 3_5 3_6 3_7 3_8 3_9 3_10 3_11 3_12
3_1 1.000 0.705 1.000 0.895 0.974 0.895 0.669 0.696 0.925 0.694 0.267 0.841
3_2 0.678 1.000 0.521 0.909 0.641 0.916 0.611 0.293 0.783 0.713 0.640 0.872
3_3 1.000 0.280 1.000 0.685 1.000 0.872 0.452 0.721 0.641 0.582 0.485 0.641
3_4 0.894 1.000 0.696 1.000 0.887 1.000 0.485 0.781 0.774 0.195 0.417 0.995
3_5 0.981 0.209 0.988 0.873 1.000 0.621 0.428 0.517 0.677 0.208 0.195 0.622
3_6 0.939 0.917 0.841 1.000 0.222 1.000 0.841 0.207 1.000 0.517 0.825 1.000
3_7 0.686 0.602 0.485 0.393 0.440 0.639 1.000 0.417 0.611 0.668 1.000 0.840
3_8 0.611 0.755 0.696 0.825 0.266 0.496 0.417 1.000 0.562 0.581 0.254 0.660
3_9 0.925 0.280 0.650 0.696 0.268 1.000 0.695 0.602 1.000 0.209 0.888 0.849
3_10 0.474 0.705 0.582 0.293 0.356 0.790 0.917 0.428 0.223 1.000 1.000 0.731
3_11 0.331 0.548 0.678 0.669 0.281 0.841 0.939 0.381 0.849 1.000 1.000 0.687
3_12 0.840 0.880 0.530 0.981 0.559 1.000 0.602 0.592 0.849 0.740 0.807 1.000
Syn. 0.990 0.968 0.873 1.000 0.880 0.924 1.000 0.938 0.938 0.960 0.925 1.000
(gen) (89) (99) (96) (88) (78) (98) (91) (98) (100) (96) (98) (97)
Imp. 4_1 4_2 4_3 4_4 4_5 4_6 4_7 4_8 4_9 4_10 4_11 4_12
4_1 1.000 0.217 0.993 0.861 0.897 0.665 1.000 0.627 0.466 0.534 0.176 0.785
4_2 0.531 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
4_3 0.993 1.000 1.000 1.000 1.000 0.927 1.000 0.934 0.902 1.000 1.000 0.825
4_4 0.852 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
4_5 0.897 1.000 1.000 1.000 1.000 0.918 1.000 0.547 1.000 1.000 1.000 0.895
4_6 0.678 1.000 0.934 1.000 0.927 1.000 1.000 1.000 0.569 0.972 0.967 1.000
4_7 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
4_8 0.628 1.000 0.933 1.000 0.617 1.000 1.000 1.000 0.658 0.785 0.967 1.000
4_9 0.647 1.000 0.910 1.000 1.000 0.567 1.000 0.272 1.000 1.000 1.000 0.880
4_10 0.535 1.000 1.000 1.000 1.000 0.971 1.000 0.686 1.000 1.000 1.000 0.832
4_11 0.860 1.000 1.000 1.000 1.000 0.951 1.000 0.950 1.000 1.000 1.000 0.992
4_12 0.783 1.000 0.270 1.000 1.000 0.889 0.902 1.000 0.871 0.912 1.000 1.000
Syn. 0.944 1.000 0.999 1.000 0.912 0.979 1.000 1.000 0.952 0.929 1.000 0.946
(gen) (50) (43) (49) (45) (44) (48) (49) (45) (50) (50) (47) (47)
Imp. 5_1 5_2 5_3 5_4 5_5 5_6 5_7 5_8 5_9 5_10 5_11 5_12
5_1 1.000 0.938 0.711 0.989 0.465 0.720 0.595 0.687 0.409 0.963 0.893 1.000
5_2 0.938 1.000 0.848 1.000 0.896 1.000 0.621 0.909 0.742 0.967 0.899 1.000
5_3 0.737 0.848 1.000 0.912 1.000 0.842 1.000 0.753 1.000 0.851 1.000 0.890
5_4 0.988 1.000 1.000 1.000 0.997 0.992 0.849 0.887 0.841 1.000 0.896 0.900
5_5 0.409 0.841 1.000 0.991 1.000 1.000 1.000 0.914 1.000 0.913 1.000 1.000
5_6 0.790 1.000 0.990 1.000 1.000 1.000 0.897 1.000 0.777 0.869 1.000 1.000
5_7 0.455 0.680 1.000 0.856 1.000 0.875 1.000 0.606 1.000 0.761 1.000 0.836
5_8 0.445 1.000 0.779 0.923 0.787 1.000 0.838 1.000 0.819 1.000 0.926 0.934
5_9 0.510 0.783 1.000 0.851 0.997 0.793 1.000 0.821 1.000 0.778 0.978 0.803
5_10 0.912 0.869 0.852 0.878 0.862 1.000 0.761 0.994 0.779 1.000 1.000 1.000
5_11 0.981 0.875 0.882 0.874 1.000 0.875 1.000 0.920 0.979 1.000 1.000 1.000
5_12 1.000 1.000 0.920 0.900 1.000 1.000 0.956 0.934 0.811 1.000 1.000 1.000
Syn. 0.977 0.995 0.949 0.982 1.000 0.931 0.941 1.000 0.899 0.958 0.910 0.932
(gen) (48) (48) (50) (50) (50) (45) (49) (45) (49) (48) (47) (45)
72
Imp. 6_1 6_2 6_3 6_4 6_5 6_6 6_7 6_8 6_9 6_10 6_11 6_12
6_1 1.000 0.929 1.000 0.929 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
6_2 1.000 1.000 1.000 0.292 0.988 1.000 0.937 1.000 1.000 1.000 1.000 1.000
6_3 1.000 0.294 1.000 0.583 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
6_4 1.000 1.000 1.000 1.000 0.869 1.000 0.852 1.000 0.939 1.000 1.000 0.925
6_5 1.000 0.839 1.000 0.280 1.000 0.675 0.862 1.000 0.879 0.268 1.000 0.897
6_6 1.000 0.671 1.000 0.294 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
6_7 1.000 0.489 1.000 0.357 1.000 1.000 1.000 1.000 1.000 0.382 1.000 1.000
6_8 1.000 0.831 1.000 0.279 1.000 1.000 1.000 1.000 1.000 0.938 0.773 1.000
6_9 1.000 0.946 1.000 0.349 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
6_10 1.000 1.000 1.000 0.726 1.000 1.000 1.000 1.000 1.000 1.000 0.157 1.000
6_11 1.000 0.720 1.000 0.397 1.000 1.000 1.000 0.927 1.000 0.320 1.000 1.000
6_12 1.000 0.909 1.000 0.268 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
Syn. 1.000 1.000 0.952 1.000 0.998 0.987 0.990 1.000 1.000 0.979 0.986 0.992
(gen) (36) (42) (50) (43) (48) (50) (48) (36) (50) (50) (50) (50)
Imp. 7_1 7_2 7_3 7_4 7_5 7_6 7_7 7_8 7_9 7_10 7_11 7_12
7_1 1.000 1.000 1.000 1.000 1.000 1.000 0.945 1.000 1.000 1.000 0.919 0.991
7_2 1.000 1.000 1.000 0.892 1.000 1.000 0.953 1.000 0.958 1.000 1.000 1.000
7_3 1.000 0.862 1.000 1.000 1.000 1.000 1.000 1.000 0.934 1.000 0.910 1.000
7_4 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
7_5 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.932 0.932 0.963
7_6 1.000 1.000 1.000 1.000 1.000 1.000 0.953 1.000 1.000 1.000 1.000 1.000
7_7 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.907 0.927
7_8 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
7_9 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.989 0.880
7_10 1.000 1.000 1.000 1.000 1.000 1.000 0.915 1.000 1.000 1.000 1.000 1.000
7_11 0.919 1.000 0.910 1.000 0.922 1.000 0.716 1.000 0.988 1.000 1.000 1.000
7_12 0.938 1.000 1.000 1.000 1.000 1.000 0.927 1.000 1.000 0.976 1.000 1.000
Syn. 0.995 0.944 0.902 1.000 0.917 0.941 0.921 0.895 0.930 0.975 0.900 0.897
(gen) (50) (50) (49) (45) (46) (50) (50) (45) (50) (50) (50) (50)
Imp. 8_1 8_2 8_3 8_4 8_5 8_6 8_7 8_8 8_9 8_10 8_11 8_12
8_1 1.000 1.000 1.000 1.000 1.000 0.954 0.951 0.895 1.000 1.000 0.925 1.000
8_2 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.869 1.000 1.000 0.887 1.000
8_3 1.000 1.000 1.000 1.000 1.000 0.937 1.000 1.000 0.979 1.000 0.877 1.000
8_4 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.919 0.861 0.960 1.000 1.000
8_5 1.000 1.000 1.000 1.000 1.000 0.869 1.000 0.917 1.000 1.000 1.000 1.000
8_6 1.000 0.876 0.972 1.000 1.000 1.000 1.000 0.954 0.888 0.965 1.000 0.932
8_7 0.988 1.000 1.000 0.869 1.000 1.000 1.000 1.000 0.859 0.345 1.000 0.711
8_8 0.895 0.880 0.880 0.927 0.925 0.946 1.000 1.000 0.915 0.877 1.000 0.879
8_9 1.000 1.000 1.000 0.870 1.000 1.000 0.889 0.914 1.000 1.000 0.892 1.000
8_10 1.000 1.000 1.000 1.000 1.000 0.937 0.882 0.885 1.000 1.000 1.000 1.000
8_11 0.901 0.870 0.937 0.887 1.000 1.000 0.965 1.000 0.929 0.586 1.000 0.983
8_12 1.000 1.000 1.000 1.000 1.000 0.960 0.928 0.887 1.000 1.000 0.961 1.000
Syn. 0.995 0.944 1.000 1.000 0.995 1.000 0.944 0.948 0.991 0.975 0.921 0.969
(gen) (49) (44) (33) (35) (49) (35) (49) (50) (50) (49) (49) (49)
73
Imp. 9_1 9_2 9_3 9_4 9_5 9_6 9_7 9_8 9_9 9_10 9_11 9_12
9_1 1.000 0.538 1.000 1.000 1.000 1.000 0.208 1.000 1.000 1.000 1.000 0.124
9_2 1.000 1.000 1.000 0.895 1.000 0.974 1.000 1.000 0.879 1.000 1.000 1.000
9_3 1.000 0.848 1.000 1.000 1.000 0.307 0.151 1.000 0.872 0.195 0.864 0.163
9_4 1.000 0.880 1.000 1.000 1.000 1.000 0.485 1.000 1.000 0.538 0.924 1.000
9_5 1.000 0.849 1.000 1.000 1.000 1.000 0.506 1.000 0.864 1.000 1.000 1.000
9_6 1.000 0.842 0.895 1.000 0.953 1.000 0.713 1.000 1.000 0.082 1.000 1.000
9_7 1.000 1.000 0.995 1.000 1.000 0.857 1.000 1.000 1.000 0.517 1.000 1.000
9_8 1.000 0.068 1.000 1.000 1.000 1.000 0.474 1.000 1.000 0.865 1.000 1.000
9_9 1.000 0.938 0.902 1.000 0.856 1.000 0.474 1.000 1.000 0.872 1.000 1.000
9_10 1.000 0.484 1.000 1.000 1.000 1.000 0.440 1.000 1.000 1.000 0.925 0.806
9_11 1.000 1.000 1.000 0.946 1.000 1.000 1.000 1.000 1.000 0.841 1.000 0.841
9_12 0.893 1.000 0.902 1.000 1.000 1.000 1.000 0.946 1.000 0.548 0.960 1.000
Syn. 0.932 0.948 0.995 0.955 0.880 0.895 0.892 0.862 0.910 0.909 0.902 0.949
(gen) (46) (50) (49) (49) (49) (50) (49) (50) (50) (46) (48) (50)
Imp. 10_1 10_2 10_3 10_4 10_5 10_6 10_7 10_8 10_9 10_10 10_11 10_12
10_1 1.000 1.000 1.000 1.000 1.000 1.000 0.910 1.000 1.000 1.000 0.924 1.000
10_2 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.941 1.000
10_3 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.979 1.000
10_4 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.970 1.000 0.956 1.000
10_5 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000
10_6 1.000 1.000 1.000 1.000 0.967 1.000 1.000 1.000 1.000 1.000 1.000 1.000
10_7 0.902 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 0.542 1.000
10_8 0.997 1.000 1.000 1.000 1.000 1.000 0.880 1.000 1.000 1.000 0.865 1.000
10_9 1.000 1.000 1.000 0.969 1.000 1.000 1.000 1.000 1.000 1.000 0.707 1.000
10_10 1.000 1.000 1.000 1.000 1.000 0.848 1.000 1.000 1.000 1.000 0.785 1.000
10_11 1.000 0.867 1.000 0.935 0.953 1.000 0.622 0.872 0.640 0.856 1.000 0.842
10_12 0.977 1.000 1.000 0.990 0.973 0.872 0.840 0.878 1.000 1.000 0.801 1.000
Syn. 0.972 0.958 0.988 0.951 0.997 0.900 0.977 0.909 0.894 0.946 0.912 0.949
(gen) (50) (49) (49) (50) (50) (49) (49) (48) (49) (50) (50) (49)