Diagnostic Category Leakage in Helper Data Schemes for Biometric Authentication

Joep de Groot, Boris Skoric, Niels de Vreede, Jean-Paul Linnartz

2013

Abstract

A helper data scheme (HDS) is a cryptographic primitive that extracts a high-entropy noise-free secret string from noisy data, such as biometrics. A well-known problem is to ensure that the storage of a user-specific helper data string in a database does not reveal any information about the secret. Although Zero Leakage Systems (ZSL) have been proposed, an attacker with a priori knowledge about the enrolled user can still exploit the helper data. In this paper we introduce diagnostic category leakage (DCL), which quantifies what an attacker can infer from helper data about, for instance, a particular medical indication of the enrolled user, her gender, etc. The DCL often is non-zero. Though small per dimension, it can be problematic in high-dimensional biometric authentication systems. Furthermore, partial a priori knowledge on of medical diagnosis of the prover can leak about the secret.

References

  1. Agrafioti, F. and Hatzinakos, D. (2008). ECG based recognition using second order statistics. In Communication Networks and Services Research Conference, 2008. CNSR 2008. 6th Annual, pages 82 -87.
  2. Chen, C., Veldhuis, R., Kevenaar, T., and Akkermans, A. (2007). Multi-bits biometric string generation based on the likelihood ratio. In Proc. IEEE Int. Conf. on Biometrics: Theory, Applications, and Systems.
  3. de Groot, J. and Linnartz, J.-P. (2011). Zero leakage quantization scheme for biometric verification. In Proc. IEEE Int. Conf. Acoust., Speech, Signal Process.
  4. de Groot, J. and Linnartz, J.-P. (2012). Optimized helper data scheme for biometric verification under zero leakage constraint. In Proc of the 33st Symp on Inf Theory in the Benelux.
  5. Dodis, Y., Reyzin, L., and Smith, A. (2004). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In LNCS. Springer.
  6. Ignatenko, T. and Willems, F. (2009). Biometric systems: Privacy and secrecy aspects. Information Forensics and Security, IEEE Transactions on, 4(4):956 -973.
  7. Jain, A. K., Ross, A., and Uludag, U. (2005). Biometric template security: Challenges and solutions. In Proceedings of European Signal Processing Conference, pages 1-4.
  8. Juels, A. and Sudan, M. (2006). A fuzzy vault scheme. Des. Codes Cryptogr., 38:237-257.
  9. Juels, A. and Wattenberg, M. (1999). A fuzzy commitment scheme. In CCS 7899: Proceedings of the 6th ACM conf on Comp and comm security.
  10. Labati, R. D., Piuri, V., and Scotti, F. (2012). Biometric privacy protection: Guidelines and technologies. In E-Business and Telecommunications, pages 3-19. Springer.
  11. Linnartz, J.-P. and Tuyls, P. (2003). New shielding functions to enhance privacy and prevent misuse of biometric templates. In Audio- and Video-Based Biometric Person Authentication. Springer.
  12. Matsumoto, T., Matsumoto, H., Yamada, K., and Hoshino, S. (2002). Impact of artificial ”gummy” fingers on fingerprint systems. Optical Security and Counterfeit Deterrence Techniques, 4677:275-289.
  13. Verbitskiy, E. A., Tuyls, P., Obi, C., Schoenmakers, B., and S?koric, B. (2010). Key extraction from general nondiscrete signals. Information Forensics and Security, IEEE Transactions on, 5(2):269 -279.
Download


Paper Citation


in Harvard Style

de Groot J., Skoric B., de Vreede N. and Linnartz J. (2013). Diagnostic Category Leakage in Helper Data Schemes for Biometric Authentication . In Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013) ISBN 978-989-8565-73-0, pages 506-511. DOI: 10.5220/0004524205060511


in Bibtex Style

@conference{secrypt13,
author={Joep de Groot and Boris Skoric and Niels de Vreede and Jean-Paul Linnartz},
title={Diagnostic Category Leakage in Helper Data Schemes for Biometric Authentication},
booktitle={Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)},
year={2013},
pages={506-511},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004524205060511},
isbn={978-989-8565-73-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)
TI - Diagnostic Category Leakage in Helper Data Schemes for Biometric Authentication
SN - 978-989-8565-73-0
AU - de Groot J.
AU - Skoric B.
AU - de Vreede N.
AU - Linnartz J.
PY - 2013
SP - 506
EP - 511
DO - 10.5220/0004524205060511