• Journal of Korea Multimedia Society
• /
• v.13 no.6
• /
• pp.875-883
• /
• 2010

In this paper, we present a secure biometric hashing scheme for face recognition by random fusion of global and local features. The Fourier-Mellin transform and Radon transform are adopted respectively to form specialized representation of global and local features, due to their invariance to geometric operations. The final biometric hash is securely generated by random weighting sum of both feature sets. A fourfold key is involved in our algorithm to ensure the security and privacy of biometric templates. The proposed biometric hash can be revocable and replaced by using a new key. Moreover, the attacker cannot obtain any information about the original biometric template without knowing the secret key. The experimental results confirm that our scheme has a satisfactory accuracy performance in terms of EER.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.3
• /
• pp.565-577
• /
• 2019

In recent years, biometric authentication has been used for various applications. Since biometric features are unchangeable and cannot be revoked unlike other personal information, there is increasing concern about leakage of biometric information. Recently, Jin et al. proposed a new cancelable biometric scheme, called "Index-of-Max" (IoM) to protect fingerprint template. The authors presented two realizations, namely, Gaussian random projection-based and uniformly random permutation-based hashing schemes. They also showed that their schemes can provide high accuracy, guarantee the security against recently presented privacy attacks, and satisfy some criteria of cancelable biometrics. However, the authors did not provide experimental results for other biometric features (e.g. finger-vein, iris). In this paper, we present the results of applying Jin et al.'s scheme to iris data. To do this, we propose a new method for processing iris data into a suitable form applicable to the Jin et al.'s scheme. Our experimental results show that it can guarantee favorable accuracy performance compared to the previous schemes. We also show that our scheme satisfies cancelable biometrics criteria and robustness to security and privacy attacks demonstrated in the Jin et al.'s work.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.18 no.4
• /
• pp.437-444
• /
• 2008

This paper deals with the biometric template protection in the biometric system which has been widely used for personal authentication. First, we consider the structure of the biometric system and the function of its sub-systems and define the biometric template and identification(ID) information. And then, we describe the biometric template attack points of a biometric system and attack examples and provide their countermeasures. From this, we classify the vulnerability which can be protected by encryption and hashing techniques. For more detail investigation of these at real operating situations, we analyze them and suggest several protection methods for the typical application scheme of biometric systems such as local model, download model, attached model, and center model. Finally, we also handle the privacy problem which is most controversy issue related to the biometric systems and suggest some guidances of safeguarding procedures on establishing privacy sympathy biometric systems.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.11-21
• /
• 2008

Biometrics-based user authentication has several advantages over traditional password-based systems for standalone authentication applications. This is also true for new authentication architectures known as crypto-biometric systems, where cryptography and biometrics are merged to achieve high security and user convenience at the same time. Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems. This construct aims to secure critical data(e.g., secret key) with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint, and some implementations results for fingerprint have been reported. However, the previous results had some limitation of the provided security due to the limited numbers of chaff data fer hiding real fingerprint data. In this paper, we propose an approach to provide both the automatic alignment of fingerprint data and higher security by using a 3D geometric hash table. Based on the experimental results, we confirm that the proposed approach of using the 3D geometric hash table with the idea of the fuzzy vault can perform the fingerprint verification securely even with more chaff data included.

• ETRI Journal
• /
• v.41 no.5
• /
• pp.599-607
• /
• 2019

Although iris recognition verification is considered to be the safest method of biometric verification, studies have shown that iris features may be illegally used. To protect iris features and further improve the security of iris recognition and verification, this study applies the Gaussian and Laplacian mechanisms and to hide iris features by differentiating privacy. The efficiency of the algorithm and evaluation of the image quality by the image hashing algorithm are selected as indicators to evaluate these mechanisms. The experimental results indicate that the security of an iris image can be significantly improved using differential privacy protection.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.19 no.1
• /
• pp.63-70
• /
• 2009

Recently, in the security token based authentication system, there is an increasing trend of using fingerprint for the token holder verification, instead of passwords. However, the security of the fingerprint data is particularly important as the possible compromise of the data will be permanent. In this paper, we propose an approach for secure fingerprint verification by distributing both the secret and the computation based on the fuzzy vault(a cryptographic construct which has been proposed for crypto-biometric systems). That is, a user fingerprint template which is applied to the fuzzy vault is divided into two parts, and each part is stored into a security token and a server, respectively. At distributing the fingerprint template, we consider both the security level and the verification accuracy. Then, the geometric hashing technique is applied to solve the fingerprint alignment problem, and this computation is also distributed over the combination of the security token and the server in the form of the challenge-response. Finally, the polynomial can be reconstructed from the accumulated real points from both the security token and the server. Based on the experimental results, we confirm that our proposed approach can perform the fuzzy vault-based fingerprint verification more securely on a combination of a security token and a server without significant degradation of the verification accuracy.