A NOTE ON BIOMETRICS-BASED AUTHENTICATION WITH

PORTABLE DEVICE

Shinsuke Ohtsuka

†

, Satoshi Kawamoto

‡

, Shigeru Takano

‡

, Kensuke Baba

‡

and Hiroto Yasuura

†

Graduate School/Faculty of Information Science and Electrical Engineering, Kyushu University

Motooka 744, Nishi-ku, Fukuoka, 819-0395, Japan

Keywords:

Biometrics, authentication, mobile system, spooﬁng.

Abstract:

Individual authentication technologies are essential for electronic systems as social infrastructures. Especially,

biometrics-based authentication has been receiving increasing attention and is expected to be implemented on

systems with portable devices such as mobile phones for realizing more useful services. The most important

problem in biometrics-based authentication is to prevent a leakage of biological information. This paper

focuses on the leakage which enables a spooﬁng and consider two cases, a leakage from data stored in a server

for veriﬁcation of biological information and a leakage by a cheating detection. This paper proposes a solution

by applying a function to biological information and shows the properties required for the function to solve

the problem. Moreover, this paper proposes an idea of biometrics-based authentication system with portable

devices which is provided a function to capture biological information.

1 INTRODUCTION

Personal authentication has been one of the most im-

portant and fundamental techniques in our life as per-

sonal identiﬁcation has become more common be-

cause of the requirement of certiﬁcation of ATM

cards, management of entering and leaving room or

buildings, airport security system, and so on. Espe-

cially, as one of the techniques for identifying a per-

son, biometrics-based authentication has attracted at-

tention among many researchers in cryptography and

computer security. This technique identiﬁes a person

by analysis of his/her physical characteristics which

are called “biometric information” and is generally

considered to be able to develop robust system against

counterfeit attack thanks to their uniqueness and per-

manence. Furthermore, by introducing biometric au-

thentication to a system based on mobile terminal de-

vices and the internet, more useful and effective ser-

vices can be rendered to the users for mobile commu-

nications.

One of the most important problem in biometric

authentication is to prevent the leakage of biometric

information. To solve this problem, we have to pay

attention to privacy concerns. Moreover, we need to

be concerned that it is possible to create a counterfeit

of a part of a living body (Matsumoto et al., 2002).

In a certain authentication, a “prover” is the entity

which is to prove that s/he is a particular user and a

“veriﬁer” is the entity which is to verify the proof.

Here we assume that secure communications includ-

ing destination certiﬁcations are available by proper

cryptographic technologies. And then, we do not con-

sider the leakage of biometric information in daily

life which is not concerned with procedure for per-

sonal authentication. And yet, under the above as-

sumptions, it is conceivable that we can easily pro-

duce the leakage of biological information by guess-

ing from veriﬁer’s information or biometric observa-

tion by fake veriﬁer.

We propose the following method for solving the

above problems. First, about the leakage of biometric

information by guessing from veriﬁer’s information,

we can solve it by applying the idea of “cancellable

biometrics (Ratha et al., 2001)”. Now, we assume the

case that the prover registers biometric information,

which is observed in advance, as a “template” to the

veriﬁer. The main idea of cancelable biometrics is

to apply a transformation, which is difﬁcult to recon-

struct the original information, to the observed bio-

99

Ohtsuka S., Kawamoto S., Takanoâ

˘

A ˛a S., Babaâ

˘

A ˛a K. and Yasuuraâ

˘

A

˘

a H. (2008).

A NOTE ON BIOMETRICS-BASED AUTHENTICATION WITH PORTABLE DEVICE.

In Proceedings of the International Conference on Security and Cryptography, pages 99-102

DOI: 10.5220/0001927300990102

Copyright

c

SciTePress

metric information so that the template can be can-

celled. In short, by the transformation, the original

biometric information remains secure even if there is

a leakage of the template by security attacks. How-

ever, by pretending to be the veriﬁer and observing

the living body directly, one can obtain the original

biometric information before the transformation is ap-

plied. This problem can be solved by using a mobile

terminal with an ability for the biometric observation.

If the mobile terminal is managed by a prover and

the malware threat can be prevented, by applying an

irreversible transformation to the observed biometric

information on this terminal, one cannot reconstruct

the original information by using every output of the

terminal.

Firstly, in this paper, we propose a model of

biometric-based authentication for the purpose of

clarifying the above problems. In our proposed

model, to consider the possibility of an unjust ob-

servation of biometric information, “scanner” is ex-

pressly formulated as an entity collecting biometric

information by analyzing human body. To prevent

the leakage of biometric information from the veri-

ﬁer’s information, we have some requirements for the

transformation which is applied to the biometric in-

formation. These requirements are corresponding to

the property of the transformation to realize cance-

lable biometrics in the paper (Ratha et al., 2001). By

applying such a transformation to the biometric infor-

mation under the management of the prover,the effect

is useful clearly for an unjust biometric observation.

This paper shows clearly that our approach can

prevent the leakage of biometric information by using

cancelable biometrics. Then, applying our method to

a biometric-based authentication based on mobile ter-

minal, we also illustrate to have the effect to prevent

another possible type of leakage. Finally, we discuss

the implementation about our method and present the

problems of the biometric-based authentication using

mobile terminal.

2 MODELING

BIOMETRICS-BASED

AUTHENTICATION

In this section, a model of biometrics-based authen-

tication is introduced to bring out the problem we

tackle in this paper. Σ and N denote the alphabet and

the set of nonnegative integers, respectively.

2.1 A Model

In this paper, we consider identiﬁcation of a user as

authentication. Each of the users who can be a tar-

get of authentication is denoted by u

1

, u

2

, . . . ∈ U. In

a trial of authentication, a prover is the entity which

is to prove that the prover is a particular user and a

veriﬁer is the entity which is to verify the proof. We

consider a model with a single veriﬁer in the rest of

this paper. The atomic procedure of authentication is

that the prover submits a string w to the veriﬁer, and

the veriﬁer decides who the prover is in U.

A key feature of our model is that biological infor-

mation as digital sequences is distinguished from the

living body of a target user, which enables us to ex-

amine leakage of biological information from a cheat-

ing scanner which detects biological information. The

following argument does not depend on a kind of the

part of a living body for biometrics-based authentica-

tion, therefore we regarda living body as the user who

has it. A piece of biological information is a string

over Σ and the set of the pieces of biological informa-

tion of u

i

∈ U is B

i

⊂ Σ

∗

. For R ⊆ N, a scanner is a

function f :U × R → Σ

∗

which outputs a piece of bio-

logical information from a living body and a variable.

Intuitively, this is modeling the situation that several

kinds of biological information (in a sense of digital

sequences) can be detected from a single living body.

Then, the protocol of authentication is the following.

Protocol 1. (1) The prover puts u ∈ U on the scanner;

(2) the scanner computes f(u, r) for an r ∈ R;

(3) the scanner sends f (u, r) as w to the veriﬁer;

(4) the veriﬁer regards the prover as u

i

∈ U if and only

if w ∈ B

i

.

In the previous protocol we are considering iden-

tiﬁcation with no “ID”, that is, the veriﬁer does not

know who the prover is (or insists) at the step (4). In

the case where the prover sends his ID ﬁrst, u from

the step (1) to (3) are replaced to u

i

.

Now, we ignore a decline of an accuracy of au-

thentication which is caused by the obscurity of bio-

logical information.

Assumption 1. For any 1 ≤ i, j ≤ |U|, B

i

= { f(u

i

, r) |

r ∈ R} and B

i

∩ B

j

=

/

0 if i 6= j.

In practical systems of biometrics-based authentica-

tion, biological information as purely scanned data is

usually large, and hence it is not practical that the ver-

iﬁer holds the B

i

to examine whether w ∈ B

i

. The

straightforward method to solve this problem is con-

sidering a function g which is deﬁned by an idea of a

distance on strings and a threshold c with respect to

a string t

i

. t

i

is called a template of u

i

. Now, we ig-

nore a decline of an accuracy of authentication which

SECRYPT 2008 - International Conference on Security and Cryptography

100

is caused by deﬁnition of a template and a distance on

strings.

Assumption 2. There exist g : Σ

∗

×Σ

∗

→ N and c ∈ N

such that {b| g(t

i

, b) ≤ c, b ∈ Σ

∗

} = B

i

for any 1 ≤ i ≤

|U|.

2.2 Problems

The problem we consider is a spooﬁng which is

caused by leaked biological information. In fact, in

some practical systems, it is possible to make a fake

or artiﬁcial living-body from a piece of biological in-

formation (Matsumoto et al., 2002). Therefore, we as-

sume the following in terms of the model introduced

in the previous subsection.

Assumption 3. For any 1 ≤ i ≤ |U|, a single b ∈ B

i

enable to make u such that f(u, r) ∈ B

i

for r ∈ R.

Some cases of leakage of biological information

caused by man-made factor (such as, carelessness of

a veriﬁer or a cheating veriﬁer) are out of the scope

of cryptographic technologies. On the assumption of

the secure path by suitable cryptographic technolo-

gies, we focus on the following cases of the leakage:

• leakage of a template at the veriﬁer,

• leakage of a piece of biological information at the

scanner.

In usual systems, a template is obtained by a rea-

sonable feature-extraction based on biology from

scanned biological information or is exactly the infor-

mation. In this situation, biological information can

be estimated from a leaked template and it enables a

spooﬁng as the user of the template.

On our model, the naive method to decide a tem-

plate is expressed by the condition that any element

in B

i

can be t

i

. Moreover, a straightforward feature-

extraction enables an estimation of the deﬁnition of

the distance, that is, we should assume g to be open.

Therefore, the essential point of the former case of the

leakage is that an element of B

i

can be estimated from

t

i

by Assumption 2 even if B

i

cannot be obtained ex-

actly. The latter case is exactly the leakage of b ∈ B

i

.

Thus, by Assumption 3 these cases enable the spoof-

ing.

3 SOLUTIONS

To solve the problems in the previous section, we pro-

pose solutions by modifying biological information.

The modiﬁcation is expressed on the proposed model

as a function from a string to a string with some prop-

erties. Moreover,we consider the entity which should

apply the function to biological information.

3.1 Leakage of Template at Veriﬁer

The problem of a spooﬁng by a leakage of a tem-

plate from the veriﬁer is expressed on the proposed

model as that an element of B

i

can be estimated from

t

i

. In conclusion, this problem is solved by applying

a generalized idea of “cancelable biometrics (Ratha

et al., 2001)”, although the original idea is proposed

to enable changing a template rather than to prevent

a spooﬁng by a template. In fact, the results of this

subsection are obtained by interpreting the argument

in (Ratha et al., 2001) into our model.

We consider to prevent a spooﬁng using t

i

by ap-

plying a function φ : Σ

∗

→ Σ

∗

to biological informa-

tion. Let t

i

= φ(b) for a b ∈ B

i

. The prover (who has

a living body) u

i

submits φ(b

′

) for b

′

∈ B

i

as w to the

veriﬁer. Then, on Assumption 1 and 2, the condition

for realizing identiﬁcation is described as the follow-

ing property of φ.

Condition 1. There exists g

′

such that, for any p, q ∈

Σ

∗

, g

′

(φ(p), φ(q)) ≤ c if and only if g(p, q) ≤ c.

If we consider to add a step for applying φ into

Protocol 1, the possibility is only between the step (2)

and (3). Therefore, we assume that the scanner has a

suitable function for it, that is, the scanner is redeﬁned

to be another function f ◦ φ and whether f (u, r) ∈ B

i

is examined by φ(f(u, r)) on the previous condition.

Protocol 2. (1) The prover puts u ∈ U on the scanner;

(2) the scanner computes φ( f(u, r)) for an r ∈ R;

(3) the scanner sends φ( f(u, r)) as w to the veriﬁer;

(4) the veriﬁer regards the prover as u

i

∈ U if and only

if φ

−1

(w) ∈ B

i

.

Now, we do not assume any conﬁdentiality of g

′

for preventing the spooﬁng. Then, a spooﬁng using t

i

can be prevented if φ has the following property.

Condition 2. For any p ∈ Σ

∗

, it is difﬁcult to ﬁnd q

such that p = φ(q) for p.

On the previous condition, the veriﬁer does not al-

ways have the result of φ

−1

(w) at the step (4) in Pro-

tocol 2. Formally, we have to refer the idea of “com-

putational indistinguishability (Goldreich, 2001)” for

the deﬁnition of the word “difﬁcult”. However, in

some practical systems the properties of Condition 1

and 2 are not required strictly. The former guaran-

tees the property of a kind of “collision-free” and the

latter is the property of “one-way”. On Condition 1,

if a simple idea of distance is used as g

′

, then an at-

tack based on “hill-climbing” successes. Namely, in a

search of q such that p = φ(q) for a given p ∈ Σ

∗

, it is

possible to have an r such that g(q, r) < g(q, r

′

) by

considering whether g

′

(φ(q), φ(r)) < g

′

(φ(q), φ(r

′

))

recursively. This situation contradicts to Condition 2

in a strict sense. One of the solutions for this problem

A NOTE ON BIOMETRICS-BASED AUTHENTICATION WITH PORTABLE DEVICE

101

is to use a complex function as g

′

. To ﬁnd a suitable φ

with g

′

is one of the difﬁculties for realizing a practi-

cal system based on the idea of cancelable biometrics.

3.2 Leakage of Biological Information

at Scanner

As mentioned in Subsection 2.2, the same problem as

the case of a leakage of a template is caused by a leak-

age of a piece of biological information at the scanner.

Applying a function which has the properties of Con-

dition 1 and 2 can preventa spooﬁng using a template.

However, if we consider a leakage of a piece of bio-

logical information at the scanner, we can not have

the effect of this solution in systems of a naive imple-

mentation of this idea. We have to analyze the pro-

tocol from the viewpoint of the entity which should

apply the function to biological information.

In practical systems with biometrics-based au-

thentication such as a door access control system or

an ATM, the scanner is usually managed by the prover

as a part of the system. The prover cannot avoid a risk

of the leakage of his biological information as long as

he has to put his living body on a scanner which is not

trustworthy.

A simple solution is that the prover manages the

scanner and the function. In this case, the prover out-

puts only the result of φ( f(u, r)) and hence f(u, r)

cannot be obtained from it by Condition 2. Therefore,

a system based on this idea can prevent a leakage of

b ∈ B

i

which enables a spooﬁng as u

i

. A difﬁculty of

this solution is how to implement a system with this

idea. It is natural to consider a PDA or a mobile phone

as the scanner which is managed by the prover since

the devices have suitable functions for the computa-

tion of the functions, the scan of biological informa-

tion, and the communication with other entity. Thus,

it is useful in preventing spooﬁng in biometrics-based

authentication systems to implement the functions to

scan some kinds of living bodies on portable devices

besides a camera and a microphone.

The assumption that the prover manages f and φ

yields another problem by “duplicated packet” or a

kind of “replay attack”. Namely, in the step (3) in Pro-

tocol 2, the private scanner can send an old φ(f(u, r))

as w. A simple solution for this problem is that the

veriﬁer adds w which was accepted once into a neg-

ative list for the examination of w ∈ B

i

. The essen-

tial solution is to recognize information which is in-

trinsic to living bodies, which is realized by using

a special part of biological information such as in-

formation of a reﬂex action or applying the idea of

“zero-knowledge (Goldreich, 2001)” into the detec-

tion at a scanner. To realize a function to recognize

living bodies is one of the most important problems

for biometrics-based authentication. Besides to ﬁnd

a part of a living body which contains information to

enable the recognition of living body, it is also useful

to apply the idea of “challenge and response (Delfs

and Kneble, 2002)” into scanners on portable devices,

for example, a camera with a special kind of ﬂash.

Note that this realizes authentication by the veriﬁer of

the prover instead of his portable device.

4 CONCLUSIONS AND FUTURE

WORK

We introduced a model of biometrics-based authen-

tication and made the problem of spooﬁng by using

leaked biological information clear. We proposed a

solution to apply a function to biological information

and showed the properties required for the function to

solve the problem. Moreover, we proposed an idea

of biometrics-based authentication system with a mo-

bile device which has a function to detect biological

information.

By the analysis of an implementation of the sys-

tem, we can extract the following results: biometrics-

based authentication which is secure against a spoof-

ing can be realized by applying the idea of cancelable

biometrics into a system with portable devices; and

therefore, it is meaningful to implement functions to

capture biological information on portable devices.

ACKNOWLEDGEMENTS

This work has been supported by the Grant-in-Aid for

Scientiﬁc Research (A) No. 19200004 of the Ministry

of Education, Culture, Sports, Science and Technol-

ogy (MEXT) from 2007 to 2009.

REFERENCES

Delfs, H. and Kneble, H. (2002). Introduction to Cryptog-

raphy - Principles and Applications. Springer.

Goldreich, O. (2001). Foundation of Cryptography - Basic

Tools. Cambridge University Press.

Matsumoto, T., Matsumoto, H., Yamada, K., and Hoshino,

S. (2002). Impact of artiﬁcial ”gummy” ﬁngers on ﬁn-

gerprint systems. In Proc. SPIE, Optical Security and

Counterfeit Deterrence Techniques IV, volume 4677,

pages 275–289.

Ratha, N. K., Connell, J. H., and Bolle, R. M. (2001). En-

hancing security and privacy in biometrics-based au-

thentication system. IBM System Journal, 40(3).

SECRYPT 2008 - International Conference on Security and Cryptography

102