A survey on biometric cryptosystems and cancelable biometrics
- PDF / 641,072 Bytes
- 25 Pages / 595.28 x 793.7 pts Page_size
- 110 Downloads / 213 Views
RESEARCH
Open Access
A survey on biometric cryptosystems and cancelable biometrics Christian Rathgeb* and Andreas Uhl
Abstract Form a privacy perspective most concerns against the common use of biometrics arise from the storage and misuse of biometric data. Biometric cryptosystems and cancelable biometrics represent emerging technologies of biometric template protection addressing these concerns and improving public confidence and acceptance of biometrics. In addition, biometric cryptosystems provide mechanisms for biometric-dependent key-release. In the last years a significant amount of approaches to both technologies have been published. A comprehensive survey of biometric cryptosystems and cancelable biometrics is presented. State-of-the-art approaches are reviewed based on which an in-depth discussion and an outlook to future prospects are given. Keywords: biometrics, cryptography, biometric cryptosystems, cancelable biometrics, biometric template protection
1. Introduction The term biometrics is defined as “automated recognition of individuals based on their behavioral and biological characteristics“ (ISO/IEC JTC1 SC37). Physiological as well as behavioral biometric characteristics are acquired applying adequate sensors and distinctive features are extracted to form a biometric template in an enrollment process. At the time of verification or identification (identification can be handled as a sequence of verifications and screenings) the system processes another biometric input which is compared against the stored template, yielding acceptance or rejection [1]. It is generally conceded that a substitute to biometrics for positive identification in integrated security applications is non-existent. While the industry has long claimed that one of the primary benefits of biometric templates is that original biometric signals acquired to enroll a data subject cannot be reconstructed from stored templates, several approaches [2,3] have proven this claim wrong. Since biometric characteristics are largely immutable, a compromise of biometric templates results in permanent loss of a subject’s biometrics. Standard encryption algorithms do not support a comparison of biometric templates in encrypted domain and, thus, leave biometric templates exposed during every * Correspondence: [email protected] Multimedia Signal Processing and Security Lab (Wavelab), Department of Computer Sciences, University of Salzburg, A-5020 Salzburg, Austria
authentication attempt [4] (homomorphic and asymmetric encryption, e.g., in [5-7], which enable a biometric comparison in encrypted domain represent exceptions). Conventional cryptosystems provide numerous algorithms to secure any kind of crucial information. While user authentication is based on possession of secret keys, key management is performed introducing a second layer of authentication (e.g., passwords) [8]. As a consequence, encrypted data inherit the security of according passwords applied to release correct decrypting keys. Biometric template protection schemes which
Data Loading...
