template security in biometric systems yagiz sutcu
TRANSCRIPT
Template Security inBiometric Systems
Yagiz Sutcu
OutlineOutline
Introduction Biometrics and biometric systems Template security and user privacy Proposed solutions
Feature Transformation for ECC- based Biometric Template Protection Syndrome framework and its requirements for binary data Binarization of minutiae-based fingerprint templates
Protecting Biometric Templates with Secure Sketch Secure sketch framework, issues and limitations Quantization-based secure sketch Randomization Multi-factor setup
Conclusions, discussions and future directions
BiometricsBiometrics
Biometrics is the science and technology of measuring and statistically analyzing biological data.
• Universality - do all people have it ?• Distinctiveness: can people be distinguished based on an identifier ?• Permanence : how permanent is the identifier ?• Collectability : how well can the identifier be captured and quantified ?• Performance : speed and accuracy• Acceptability : willingness of the people to use• Circumvention : foolproof
Adopted from: S. Prabhakar, S. Pankanti, and A. K. Jain, “Biometric Recognition: Security and Privacy Concerns”, IEEE SECURITY & PRIVACY, 2003.
BiometricsBiometrics
Biometric SystemsBiometric Systems
S. Prabhakar, S. Pankanti, and A. K. Jain, “Biometric Recognition: Security and Privacy Concerns”, IEEE SECURITY & PRIVACY, 2003.
Biometric authentication is attractive Closely related to the identity Cannot be forgotten Not easy to forge Have been successfully used for a long time
However … Cannot be exactly reproduced (intra-variability, noise) Once compromised cannot be revoked Entropy may not be sufficient
Objectives Authentication/verification without storing the original biometric Robustness to noisy measurements Best possible tradeoff between
Security (How many bits must an attacker guess?) Accuracy/performance (What is the false reject rate?)
Issues, Challenges and ObjectivesIssues, Challenges and Objectives
Proposed Solutions – Proposed Solutions – Transformation-Based ApproachesTransformation-Based Approaches
Employ one-way transformation E.g., quantization, thresholding, random projections
Properties Non-invertible or hard-to-invert Similarity preserving Cancelable
Technique depends highly on the biometric considered Security not easy to analyze Ratha’01&’07, Savvides’04, Ang’05, Teoh’06, etc.
Applied at the sensor level Signal level Feature level
Security If compromised, a new
distortion
Reusability Different distortions for
different databases
Performance What about false accept and
false reject rates? Requires alignment
RepeatableDistortion
RepeatableDistortion
Match Match
Do not Match
An Example: Cancelable BiometricsAn Example: Cancelable Biometrics
Proposed Solutions – Proposed Solutions – Helper Data-Based ApproachesHelper Data-Based Approaches
Generate user-specific helper data E.g., syndrome, secure sketch
Helper data and generation method are public General ECC-based framework that is applicable to many biometrics
Techniques may vary to optimize performance for different modalities
Security analysis based on information-theory is possible Davida’98, Juels’99&’02, Dodis’04, Martinian’05, Draper’07, etc.
An example: “Fuzzy Commitment”An example: “Fuzzy Commitment”
If the noisy biometric (X’) is close enough to the template (X), decoder successfully corrects the error.
The only information stored are and hash(K)
An Example for Helper Data-based An Example for Helper Data-based Biometric Template Protection: Biometric Template Protection:
Syndrome CodingSyndrome Coding
Syndrome Coding FrameworkSyndrome Coding Framework
S cannot be uncompressed by itself and is therefore secure In combination with a noisy second reading Y the original X can be recovered
using a Slepian-Wolf decoder Compare hash of estimate with stored hash to permit access
Encode enrollment biometric
Syndrome Encoding
Store syndrome S and hash of X
Syndrome Decoding
Original enrollment biometric
Noisy biometric probe
Decode w/ probe biometric
BiometricAuthentication
FingerprintChannel
X S
Y
Authenticateonly if hash ofestimate matchesstored hash
System ImplementationSystem Implementation
Alignment and
MinutiaeExtraction
EnrolmentFingerprint
Alignment and
MinutiaeExtraction
ProbeFingerprint
Extractbinary featurevectors
Extractbinary featurevectors
SyndromeEncoding
SyndromeDatabase
SyndromeDecoding
yes
yes
no
no
accessdenied
accessgranted
accessdenied
Overview of Syndrome Encoding/DecodingOverview of Syndrome Encoding/Decoding
STORE
0
1
1
0
1
0
0
1
0
0
0
1
1
0
1
0
0
1
0
0
Original Biometric Feature
(1st Reading)
XOR selected inputs to produce syndrome(very low complexity operation)
Syndrome(Stored)
ACCESS
0
1
0
0
1
0
0
0
1
0
0
1
0
0
Noisy Biometric Feature
(2nd Reading)0 0 1 0
1 0 1 0
0 01
0 0 1 00 0 1 0
1 0 1 01 0 1 0
0 010 01
0
1
1
0
1
0
0
0
1
1
0
1
0
0
Recovered Biometric
Feature
1 0 01 0 0
Syndrome (Stored)
Syndrome Decodingbased on Belief Propagation
(iterative algorithm)
Security = number “missing” bits= original bits – syndrome bitsTranslates into number guessesto identify original biometric w.h.p.
Robustness = false-rejection rateRobustness to variations in biometric readings achieved by syndrome decoding process(syndrome + noisy biometric => original biometric)
Fewer syndrome bits = greater security, but less robustness
Example: Distributed Coding with Joint DecodingExample: Distributed Coding with Joint Decoding
0
1
1
0
1
0
0
Source X Source Y
0
1
0
0
1
0
0
1
0
0
SyndromeBits
Example: Syndrome DecodingExample: Syndrome Decoding
?
?
?
?
?
?
?
Source X Side Info Y
0
1
0
0
1
0
0
1
0
0
SyndromeBits
Use side info Y and syndrome bits toreconstruct X
Example: Syndrome DecodingExample: Syndrome Decoding
0
1
1
0
1
0
0
Source X Guess X
1
0
0
SyndromeBits
1
1
0
0
1
0
0
Flipping 1st bit from 0 to 1 satisfies 1st syndrome butviolates 2nd syndrome
Example: Syndrome DecodingExample: Syndrome Decoding
0
1
1
0
1
0
0
Source X
1
0
0
SyndromeBits
0
0
0
0
1
0
0
Flipping 2nd bit from 1 to 0 satisfies syndrome bits 1 and 2 but violates 3rd syndrome bit
Guess X
Example: Syndrome DecodingExample: Syndrome Decoding
0
1
1
0
1
0
0
Flipping 3rd bit from 0 to 1 satisfies all syndrome bits and recovers X
0
1
1
0
1
0
0
Source X
1
0
0
SyndromeBits
Guess X
Security of Syndrome ApproachSecurity of Syndrome Approach
list of biometrics satisfying linear
constraints
enrollmentbiometric X
secure biometric, S = evaluationof functions (syndrome vector)
F(X), set of linear functions specified by code C
F (F(X))-1 0
0000010
11110010
00010001
10010010
+
+
1
0
0
….
+
Previous Approach: Binary Grid RepresentationPrevious Approach: Binary Grid Representation
ProblemsRepresentation is sparse and difficult to modelStatistics of binary string are not well suited for existing codesPoor performance
Solution: Pre-processing!Pre-process fingerprint data to produce a binary string that is
statistically compatible with existing codesSyndrome coding on resulting binary string
0 0 0 1 00 0 0 1 0
1 0 0 1 10 0 0 0 0
0 0 0 0 00 0 0 0 0
0 1 0 0 10 0 0 1 0
0 0 0 0 01 1 0 0 0
0 0 0 0 00 1 0 0 0
0 1 0 1 11 1 0 0 0
0 0 0 0 00 0 0 0 0
0 0 1 0 00 0 1 0 0
0 0 0 0 00 0 1 0 0
0 1 0 1 10 0 0 0 0
1 1 0 0 10 1 1 0 1
0 1 1 1 00 1 1 0 1
0 0 0 1 00 0 0 1 0
1 0 0 1 10 0 0 0 0
0 0 0 0 00 0 0 0 0
0 1 0 0 10 0 0 1 0
0 0 0 0 01 1 0 0 0
0 0 0 0 00 1 0 0 0
0 1 0 1 11 1 0 0 0
0 0 0 0 00 0 0 0 0
0 0 1 0 00 0 1 0 0
0 0 0 0 00 0 1 0 0
0 1 0 1 10 0 0 0 0
1 1 0 0 10 1 1 0 1
0 1 1 1 00 1 1 0 1
Desired Properties of Feature TransformationDesired Properties of Feature Transformation
.
.001011..
Zeros and onesequally likely
.
.001011..
Individual bitsindependent
.
.100110..
User A User B
Independentbit strings
.
.001011..
.
.011011..
User AReading 1
User AReading 2
BSC-p
1
2
34
Extracting Robust Bits from BiometricsExtracting Robust Bits from Biometrics
X
Y
N random cuboids in
minutiae map
# minutiae Bit vector
6
7
9
0
1
1
+++++
+ +
+++
+ ++ + +
+ + +
++++
+
++++ + + ++ +
Medianthresholds
Each cuboid contributes a 0 or 1 bit to the feature vector, if it contains less or more minutia points than the median
Elimination of Overlapping CuboidsElimination of Overlapping Cuboids
Large overlap similar bits easy for attacker to guess
400 cuboids Best 150 cuboids
User-Specific CuboidsUser-Specific Cuboids
Different users have different set of cuboids
Requirements: For each user, choose the cuboids which Are most reliable
Result in equal number of zeros and ones
Have smallest possible pairwise correlation
What is a “reliable” cuboid? # minutiae points far away from the median
0 or 1 bit is likely to remain unchanged over repeated
noisy measurements of fingerprint.
““Reliable” CuboidsReliable” Cuboids
E.g., median = 4
0 1
8 minutiae
9 minutiae
Measurement 1
Measurement 2
3 minutiae
5 minutiae
Measurement 1
Measurement 2
RELIABLEUNRELIABLE
Each user has a different set of reliable cuboids !
User-Specific Reliable CuboidsUser-Specific Reliable Cuboids
0-List 1-List
… …
Sort by reliability
0-List 1-List
… …
N fair coin flips tochoose cuboids
from top of each list…
1 2
34
5
1 2 3 4 5
Unordered list
Distribution of Zeros and OnesDistribution of Zeros and Ones
20 40 60 80 100 120 1400
50
100
150
200
250
Number of 1's in the transformed feature vectors
Nu
mb
er
of
fea
ture
ve
cto
rs
30 40 50 60 70 80 90 100 110 1200
50
100
150
200
250
300
350
400
450
Number of 1's in the transformed feature vectors
Nu
mb
er
of
fea
ture
ve
cto
rs
150 Common Cuboids 150 User-Specific Cuboids
Proprietary database of 1035 users, 15 pre-aligned samples per user
Desired 75 ones Desired 75 ones
Intra-User and Inter-User SeparationIntra-User and Inter-User Separation
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.90
0.02
0.04
0.06
0.08
0.1
0.12
0.14
0.16
0.18
Dis
trib
utio
n o
f th
e N
HD
Normalized Hamming Distance (NHD)
intra-user variation inter-user orattacker variation
0 0.2 0.4 0.6 0.8 10
0.05
0.1
0.15
0.2
0.25
0.3
0.35
Normalized Hamming Distance (NHD)
Dis
trib
utio
n o
f th
e N
HD
attacker stealsuser’s cuboids
inter-user variation
intra-user variation
150 Common Cuboids 150 User-Specific Cuboids
Equal Error RatesEqual Error Rates
0 0.05 0.1 0.15 0.2 0.250
0.05
0.1
0.15
0.2
0.25
Intra-user NHD
Inte
r-u
ser
NH
D
0 0.05 0.1 0.15 0.20
0.02
0.04
0.06
0.08
0.1
0.12
0.14
0.16
0.18
0.2
Intra-user NHD
Inte
r-u
ser
NH
D o
r a
tta
cke
r N
HD
inter-user scenarioattack scenario
0.05 0.027
≈ 0
Common Cuboids User-Specific Cuboids
User-specific cuboids provide lower equal error rate even if the attacker knows everybody’s cuboids.
Syndrome Coding ResultsSyndrome Coding Results
Conclusions/DiscussionsConclusions/Discussions
Random cuboids enable robust bit extraction with desired
properties User-specific (reliable) features require more computation and storage,
but give better separation between intra-user and inter-user feature vectors and provide higher security than common feature vectors
However… Fast method for eliminating correlated bit-pairs from user-specific
cuboids Extending feature transformation to use ridge data which is provided
along with minutiae mapObserving effect of alignment inconsistencies on overall performance
Protecting Biometric TemplatesProtecting Biometric Templateswith Secure Sketch:with Secure Sketch:Theory and PracticeTheory and Practice
Secure SketchSecure Sketch
Noise
Sketch
Generate password/key
Sketch should not reveal too much information about the original biometric
Enrollment Verification
ENCODER DECODER
randomness
P
Entropy-loss(min-entropy of X)
(average min-entropy of X given P)
Secure SketchSecure Sketch
Secure SketchSecure Sketch
Security of secure sketch is defined in terms of entropy loss, L Suppose original biometric data X have min-entropy H(X)
The strength of the key we can extract from X given sketch P is at least H(X) – L
L can be easily bounded by the size of the sketch P
L is an upper bound of information leakage for all distributions of X
However…However…
Known secure sketch schemes have limitationsOnly deal with discrete dataBut real world biometric features are mostly in continuous domain
One general solutionQuantize/discretize the data and apply known schemes in the
quantized domain
Quantization-based Secure SketchQuantization-based Secure Sketch
X is original data, 0 < X < 1 and under noise, X can be shifted by at most 0.1
A Simple ExampleA Simple Example
1 1
Problems Remain...Problems Remain...
For different quantization methods Min-entropy of quantized data could be different Entropy loss could also be different
How to define the security? Using entropy loss in the quantized domain? Could be misleading
Using scalar quantizer: Case 1:
step size 0.1 entropy loss = log 3
Case 2: step size 0.01 entropy loss = log 11
Which one is better? It depends on distribution of X
If X is uniform:Case 1: H(X) = log(100), H(X) – L = log (100/3) = 5.06Case 2: H(X) = log(1000), H(X) – L = log(1000/11) = 6.51Case 2 yields a stronger key
However, there exists a distribution of X such that for both case 1 and 2:H(X) is the sameL is the actual information leakageCase 1 yields a stronger key
Different QuantizersDifferent Quantizers
How to Compare?How to Compare?
Or, how to define the ``optimal'' quantization for all distributions of X?
It is difficult
Might be impossible
Instead, we propose to look at relative entropy loss, in addition to entropy loss
Essentially, we ask questions differently:
Given a family of quantizers (say, scalar quantizers with different quantization steps), for any one of them (say, Q), how many bits more that we could extract from X if another quantizer Q' was used?
How to bound the number of additional bits that can be extracted for any Q' (compared with Q)?
If we can bound it by B, then the ``best'' quantizer in the family cannot be better than Q by more than B bits
Main ResultsMain Results
For any well-formed quantizer family, we can always bound the relative entropy losswell-formed: no quantizer in the family loses too much
information (say, having too large a quantization step) The safest way to quantize data is to use a quantization
step same as the error ratesafest: relative entropy loss is the smallest
This result is consistent with intuitionuseful to guide practical designs
However…However…
Known secure sketch schemes have limitations Only deal with discrete data But real world biometric features are mostly in continuous domain
One general solution Quantize/discretize the data and apply known schemes in the quantized domain Measure security using entropy loss in the quantized domain
For different quantization methods Min-entropy/entropy could be different
How to define the security? Using min-entropy alone could be misleading
Improve performance?How about cancelability/reusability?Better feature selection?
Enrollment Verification
X
XR
Q(XR)
ENCODER
randomization
quantization
Y
YR
Q(YR)
DECODERPX
sketch
templatenoisy
biometric
Q(XR)
Randomized Quantization-based Secure SketchRandomized Quantization-based Secure Sketch
ResultsResults
ORL Face database - 40 different individual and 10 samples per individual 7 for training and 3 for testing PCA features (eigenfaces) considered Range-based similarity measure User-specific random (uniform) matrices
0 50 100 150 200 2500.06
0.08
0.1
0.12
0.14
0.16
0.18
0.2
0.22
Dimensionality after PCA
Equ
al E
rror
Rat
e (E
ER
)
EER w/o randomization
EER with randomization
0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 1.8 2 2.20
0.05
0.1
0.15
0.2
0.25
EE
R
EER of non-randomized secure sketch
EER of randomized secure sketch
0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.40
0.05
0.1
0.15
0.2
0.25
0.3
0.35
0.4
FAR
FR
R
ROC of non-randomized secure sketch
ROC of randomized secure sketch
ResultsResults
randomization quantization
0 50 100 150 200 250 300 350 4000
0.02
0.04
0.06
0.08
0.1
0.12
0.14
0.16
0.18
0.2
Principal Components (PCs) of PCA
% v
aria
nce
expl
aine
d
0 50 100 150 200 250 300 350 400
0.5
1
1.5
2
2.5
3
3.5
4
4.5
5
Principal Components (PCs) of PCA
Bits
min-entropy
entropy
ResultsResults
Min-entropyAverage
sketch-sizeLeft-over entropy
PCA-based selection 59.91 40.35 19.56
Min-entropy
based
selection61.95 43.46 18.49
PCA-based selection 132.52 98.88 33.64
Min-entropy
based
selection139.95 106.55 33.40
n=20
n=50
Conclusions/DiscussionsConclusions/Discussions
Randomization Improve performanceCancelability/reusability
Feature selectionSimilar security with better average sketch-size estimation
However… How to measure biometric information?
Entropy estimationMatching algorithm
How to define/find the “Optimal” quantization?Given the input distributionGiven practical constraints (size of sketch and/or templates)Different quantization strategies
Overview of Future DirectionsOverview of Future Directions
Threats/Attack VectorsThreats/Attack Vectors
Chris Roberts, “Biometric attack vectors and defences”, Computers & Security 26(1): 14-25 (2007)
Feature extraction/matching with robustness to noise and other variations; Finding new/better features
Pattern RecognitionPattern Recognition
CryptographyCryptographySignal ProcessingSignal Processing
Secure BiometricSystems
Secure BiometricSystems
Recovery of original data from noisy or corrupt data; Better transformations
Protect/scramble biometricdata against malicious attacks;Analysis of security levelsoffered by various techniques.
Secure Biometric Systems: Secure Biometric Systems: A Blend of Multiple DisciplinesA Blend of Multiple Disciplines
Open Issues/Research OpportunitiesOpen Issues/Research Opportunities
Improving robustness vs. security trade-off Reliable measurements of biometric information
Inherent entropy of biometrics
Connection between template security and system security Remote vs. local Two-party vs. multi-party Multi-biometrics Multi-factor
User privacy Standardization
Terminology Format
ThanksThanks