Vulnerabilities in biometric encryption systems Andy Adler School of

Document Sample
Vulnerabilities in biometric encryption systems Andy Adler School of Powered By Docstoc
					             Vulnerabilities in biometric
                encryption systems



                                   Andy Adler
                    School of Information Technology and Engineering
                                   University of Ottawa


AVBPA 2005 (Jul 19-21, 2005)                                           1
Traditional Biometric Verification

  Biometric
  “Enrolled             Feature
   Image”              Extraction
                                       Template   Biometric     Match   Threshold
                                                  Compare       Score   Compare

                                                                        Decision


                                                                        Release
   Biometric               Feature                                       Code
                                       Template
 “Live Image”             Extraction                          Code




AVBPA 2005 (Jul 19-21, 2005)                                                        2
Traditional Biometric Verification
Issues
  Templates and Tokens must be available
  unencrypted, somewhere
  Crack of biometric system will allow release of
  Tokens
  Biometric cannot be directly used as a password
  replacement
  Privacy Issue: system admin will have access to
  biometric templates

AVBPA 2005 (Jul 19-21, 2005)                        3
Biometric Encryption Systems

  Biometric
  “Enrolled             Feature        Compute
   Image”              Extraction      Template
                                                  Template

                                       Token /
                                        Code

                                                   Biometric
                                                  Encryption   Release
   Biometric               Feature                Comparison    Code
 “Live Image”             Extraction




AVBPA 2005 (Jul 19-21, 2005)                                             4
Biometric Encryption Systems
Advantages
  Token is bound to biometric
  Neither template nor token are available
  unencrypted
  Improved Privacy and Security
Disadvantages
  Biometric Feature variability
  Reduced FAR/FRR performance


AVBPA 2005 (Jul 19-21, 2005)                 5
Algorithm: Soutar et al. (1998)
                                         Enrolled Image
Original algorithm for fingerprints
  (modified for face)
  Average pre-aligned enrolled
   image (f0)
  Calculate template from Wiener filter
      H0 = F*R0* / ( F*F + N² )           Template Image
  where R0 has phase ± /2, ampl = 1
  Each bit of secret is linked to several
  bits of H0 with same phase


AVBPA 2005 (Jul 19-21, 2005)                              6
Algorithm: Clancy et al.(2003)
                                               Minutiae
Enrollment
• Add ‘chaff’                                  Chaff
  to minutiae in
  template
• Encode token using Fuzzy Vault Scheme
Decryption
• Using live fingerprint, estimate correct minutiae
• Given enough correct minutiae (and few chaff),
  Fuzzy Vault will decrypt token
AVBPA 2005 (Jul 19-21, 2005)                           7
            Traditional             Biometric
            Encryption              Encryption


                 Key                Biometric
                Space                 Space


               Valid                   Genuine
                Key                   Biometric


     Valid Key is a single     Genuine Biometric is a
     point in Key Space        region is Biometric Space

AVBPA 2005 (Jul 19-21, 2005)                               8
Biometric encryption:
Attack concept
                               Ideal Case    Real Case


   Biometric
     Space


               Genuine
              Biometric



                               Information   Information
                                 Available     Available
AVBPA 2005 (Jul 19-21, 2005)                               9
 Hill-Climbing
      If biometric comparison releases
      information on partial match, then “Hill-
      climbing” is possible
      Concept (iterate over steps):
             Take a step (ie. Modify Biometric Image)
             If step climbs hill (more info) stay there
             If step goes down (less info) step back


AVBPA 2005 (Jul 19-21, 2005)                              10
 Why sloping sides to match curve?
      Very difficult to design ideal algorithm
             Since images vary
              Enrolled image +   => release key
             However
              Enrolled image +   + => no release
      Current schemes based on Error Correcting
      Codes (ECC’s)
             Hamming Distances (Soutar et al.)
             Reed-Solomon ECC (Clancy et al.)
      ECC’s inherently give a measure of the distance
      to the nearest code point -> which is a match
      score

AVBPA 2005 (Jul 19-21, 2005)                            11
 Hill-climbing for quantized data
                                Until MS           Keep image
                                reduces by one     With largest
                                quantized level    MS
                               +                  +
                                                                  IMi+1


       IMi
                                                             Biometric
                                                                ‘sums’
                                                                image

                               RN                 EFk
AVBPA 2005 (Jul 19-21, 2005)                                              12
 Example attack: algorithm of Soutar et
 al. (Modified for face)
      Construct match-score from number of matching
      elements in link table
      Use quantized hill climber




                                             enrolled
         matched
         Percent




AVBPA 2005 (Jul 19-21, 2005)   iteration                13
                               Initial Image
 Results                       #1


   Enrolled
   Image
                               Initial Image
                               #2




                     Match Score versus Iteration Number




AVBPA 2005 (Jul 19-21, 2005)                               14
 Summary
      Biometric Encryption schemes show significant promise
      to address security and privacy issues
      Little work has been done to attack these schemes
      This paper shows one general attack scheme based on
      Hill-Climbing

      There is a tendency to use results from cryptography in
      biometrics security; however, biometrics images are not
      random data
      Such correlations may be exploitable in many biometric
      encryption systems


AVBPA 2005 (Jul 19-21, 2005)                                    15

				
DOCUMENT INFO
Shared By:
Categories:
Stats:
views:36
posted:5/20/2009
language:English
pages:15