Abstract
There have been active discussions on how to derive a consistent cryptographic key from noisy data such as biometric templates, with the help of some extra information called a sketch. It is desirable that the sketch reveals little information about the biometric templates even in the worst case (i.e., the entropy loss should be low). The main difficulty is that many biometric templates are represented as points in continuous domains with unknown distributions, whereas known results either work only in discrete domains, or lack rigorous analysis on the entropy loss. A general approach to handle points in continuous domains is to quantize (discretize) the points and apply a known sketch scheme in the discrete domain. However, it can be difficult to analyze the entropy loss due to quantization and to find the “optimal” quantizer. In this paper, instead of trying to solve these problems directly, we propose to examine the relative entropy loss of any given scheme, which bounds the number of additional bits we could have extracted if we used the optimal parameters. We give a general scheme and show that the relative entropy loss due to suboptimal discretization is at most (nlog3), where n is the number of points, and the bound is tight. We further illustrate how our scheme can be applied to real biometric data by giving a concrete scheme for face biometrics.
Chapter PDF
Similar content being viewed by others
References
Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., Smith, A.: Secure remote authentication using biometric data. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 147–163. Springer, Heidelberg (2005)
Boyen, X.: Reusable cryptographic fuzzy extractors. In: ACM CCS, Washington DC, USA. ACM Press, New York (2004)
Chang, E.-C., Fedyukovych, V., Li, Q.: Secure sketch for multi-set difference. Cryptology ePrint Archive, Report, 2006/090 (2006), http://eprint.iacr.org/
Chang, E.-C., Li, Q.: Small secure sketch for point-set difference. Cryptology ePrint Archive, Report, 2005/145 (2005), http://eprint.iacr.org/
Chang, E.-C., Li, Q.: Hiding secret points amidst chaff. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 59–72. Springer, Heidelberg (2006)
Cheng, Y.-Q.: Human face recognition method based on the statistical model of small sample size. In: SPIE Proc. Intell. Robot and Compu. Vision, pp. 85–95 (1991)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)
Hao, F., Chan, C.W.: Private key generation from on-line handwritten signatures. Information Management and Computer Security 10(2) (2002)
Hao, F., Anderson, R., Daugman, J.: Combining cryptography with biometrics effectively. Technical Report UCAM-CL-TR-640, University of Cambridge (2005)
Hong, Z.: Algebraic feature extraction of image for recognition. Pattern Recognition 24, 211–219 (1991)
Juels, A., Sudan, M.: A fuzzy vault scheme. In: IEEE Intl. Symp. on Information Theory (2002)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: ACM CCS, pp. 28–36 (1999)
Linnartz, J.-P., Tuyls, P.: New shielding functions to enhance privacy and prevent misuse of biometric templates. In: AVBPA 2003, pp. 393–402 (2003)
Maurer, U.M., Wolf, S.: Information-theoretic key agreement: From weak to strong secrecy for free. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, p. 351. Springer, Heidelberg (2000)
Monrose, F., Reiter, M.K., Li, Q., Wetzel, S.: Cryptographic key generation from voice. In: IEEE Symp. on Security and Privacy (2001)
Spacek, L.: The essex faces94 database, http://cswww.essex.ac.uk/mv/allfaces/
Sutcu, Y., Sencar, T., Memon, N.: A secure biometric authentication scheme based on robust hashing. In: ACM MM-SEC Workshop (2005)
Tuyls, P., Akkermans, A.H.M., Kevenaar, T.A.M., Schrijen, G.-J., Bazen, A.M., Veldhuis, R.N.J.: Practical biometric authentication with template protection. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 436–446. Springer, Heidelberg (2005)
Tuyls, P., Goseling, J.: Capacity and examples of template-protecting biometric authentication systems. In: ECCV Workshop BioAW, pp. 158–170 (2004)
Yang, S., Verbauwhede, I.: Automatic secure fingerprint verification system based on fuzzy vault scheme. In: IEEE Intl. Conf. on Acoustics, Speech, and Signal Processing (ICASSP), pp. 609–612 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Li, Q., Sutcu, Y., Memon, N. (2006). Secure Sketch for Biometric Templates. In: Lai, X., Chen, K. (eds) Advances in Cryptology – ASIACRYPT 2006. ASIACRYPT 2006. Lecture Notes in Computer Science, vol 4284. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11935230_7
Download citation
DOI: https://doi.org/10.1007/11935230_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-49475-1
Online ISBN: 978-3-540-49476-8
eBook Packages: Computer ScienceComputer Science (R0)