KSII Transactions on Internet and Information Systems (TIIS)

  • 제10권11호
  • /
  • Pages.5674-5691
  • /
  • 2016
  • /
  • 1976-7277(pISSN)
  • /
  • 1976-7277(eISSN)
한국인터넷정보학회 (Korean Society for Internet Information)
권호 표지
DOI QR코드

DOI QR Code

A Simple Fingerprint Fuzzy Vault for FIDO

  • 투고 : 2015.04.18
  • 심사 : 2016.10.15
  • 발행 : 2016.11.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Fast IDentity Online(FIDO) supports biometric authentications in an online environment without transmitting biometric templates over the network. For a given FIDO client, the "Fuzzy Vault" securely stores biometric templates, houses additional biometric templates, and unlocks private keys via biometrics. The Fuzzy Vault has been extensively researched and some vulnerabilities have been discovered, such as brute force, correlation, and key inversions attacks. In this paper, we propose a simple fingerprint Fuzzy Vault for FIDO clients. By using the FIDO feature, a simple minutiae alignment, and point-to-point matching, our Fuzzy Vault provides a secure algorithm to combat a variety of attacks, such as brute force, correlation, and key inversions. Using a case study, we verified our Fuzzy Vault by using a publicly available fingerprint database. The results of our experiments show that the Genuine Acceptance Rate and the False Acceptance Rate range from 48.89% to 80% and from 0.02% to 0%, respectively. In addition, our Fuzzy Vault, compared to existing similar technologies, needed fewer attempts.

키워드

참고문헌

  1. HyunJin Kim, JunHoo Park, JangYong Lee and JaeCheol Ryou, "Biometric authentication technology trends in smart device environment," in Proc. of Mobile and Wireless Technology 2015, vol. 310, pp. 199-206, 2015.
  2. fido alliance, https://fidoalliance.org/
  3. B. Tams, P. Mihailescu and A. Munk, "Security Considerations in Minutiae-Based Fuzzy Vaults," IEEE Transactions on Information Forensics and Security, vol. 10, no. 5, pp. 985-998, May. 2015. https://doi.org/10.1109/TIFS.2015.2392559
  4. Ari Juels and Madhu Sudan, "A Fuzzy Vault Scheme," IEEE International Symposium on Information Theory, pp. 408-426, 2002.
  5. Orencik, C., Pedersen, T. B., Savas, E. and Keskinoz, M, "Securing fuzzy vault schemes through biometric hashing," in Proc. of Turkish Journal of Electrical Engineering & Computer Sciences, vol. 18, no. 4, pp. 515-540, 2010.
  6. Walter J. Scheirer and Terrance E. Boult, " Cracking Fuzzy Vaults and Biometric Encryption," in Proc. of Biometrics Symposium, pp. 1-6, Sep. 2007.
  7. P. Mihailescu, "The fuzzy vault for fingerprints is vulnerable to brute force attack," in Proc. of Computer Vision and Pattern Recognition, Oct. 2007.
  8. Benjamin Tams, "Unlinkable Minutiae-Based Fuzzy Vault," in Proc. of IET Biometric, pp. 11-39, Jun. 2015.
  9. Umut Uludag, Sharath Pankanti and Anil K. Jain, "Fuzzy Vault for Fingerprints," in Proc. of Audio- and Video-Based Biometric Person Authentication, vol. 3546, pp. 310-319, 2005.
  10. Karthik Nandakumar, Anil K. Jain and Sharath Pankanti, "Fingerprint-Based Fuzzy Vault : Implementation and Performance," IEEE Transactions on Information Forensics and Security, vol. 2, no. 4, pp. 744-757, Dec. 2007. https://doi.org/10.1109/TIFS.2007.908165
  11. Lu Leng and Andrew Beng Jin Teoh, "Alignment-free row-co-occurrence cancelable palmprint Fuzzy Vault," in Proc. of Pattern Recognition, vol. 48, no. 7, Jul. 2015.
  12. Woo Yong Choi, Yongwha Chung, Jin-Won Park and Dowon Hong, "Fingerprint Template Protection Using One-Time Fuzzy Vault," KSII Transactions on Internet and Information Systems (TIIS), vol. 5, no. 11, pp. 2221-2234, Nov. 2011. https://doi.org/10.3837/tiis.2011.11.020
  13. Qiong Li, Zhaoqing Liu and Xiamu Niu, "Analysis and Problems on Fuzzy Vault Scheme," in Proc. of Intelligent Information Hiding and Multimedia Signal Processing, pp. 244-250, Dec. 2006.
  14. Minh Tan Nguyen, Quang Hai Truong and Tran Khanh Dang, "Enhance fuzzy vault security using nonrandom chaff point generator," in Proc. of Information Processing Letters, vol. 116, no. 1, pp. 53-64, Jan.2016.
  15. Hoi Ting Poon and Ali Miri, "On Efficient Decoding for the Fuzzy Vault scheme," in Proc. of Information Science, Signal Processing and their Applications (ISSPA), pp. 454-459, Jul. 2012.
  16. User's Guide to NIST Biometric Image Software (NBIS), National Institute of Standards and Technology, 2015.
  17. Cai Li and Jiankun Hu, "A Security-Enhanced Alignment-Free Fuzzy Vault-Based Fingerprint Cryptosystem Using Pair-Polar Minutiae Structures," IEEE Transactions on Information Forensics and Security, vol. 11, no. 3, pp. 543-555, Dec. 2015. https://doi.org/10.1109/TIFS.2015.2505630
  18. Karthik Nandakumar and Anil K. Jain, "Local Correlation-based Fingerprint Matching," in Proc. of ICVGIP 2004, pp. 503-508, Dec. 2004.
  19. E.C. Chang, R. Shen and F.W. Teo, "Finding the original point set hidden among chaff," in Proc. of the 2006 ACM Symposium on Information, Computer and Communications Security, pp. 182-188, Mar. 2006.
  20. A. Kholmatov and B. Yanikoglu, "Realization of correlation attack against the fuzzy vault scheme," in Proc. of SPIE, Security, Forensics, Steganography, and Watermarking of Multimedia Contents X, vol. 6819, pp. 1-7, 2008.
  21. Hoi Ting Poon and Ali Miri, "A collusion attack on the fuzzy vault scheme," in Proc. of The ISC, Int. J. Inf. Secur. 1, vol. 1, no. 1, pp. 27-34, Jan. 2009.
  22. Neuro Technology,
  23. Peng Li, Xin Yang, Kai Cao, Xunqiang Tao, Ruifang Wang and Jie Tian, "An alignment-free fingerprint cryptosystem based on fuzzy vault scheme," in Proc. of Journal of Network and Computer Applications 2010, vol. 33, no. 3, pp. 207-220, May. 2010.