Secure biometric template generation for multi-factor authentication

TLDR: The results prove that the proposed framework does not undermine the discriminating features of genuine and forged signatures and the verification performance is comparable to that of the state-of-the-art benchmark results.

About: This article is published in Pattern Recognition.The article was published on 2015-02-01 and is currently open access. It has received 93 citations till now. The article focuses on the topics: Multi-factor authentication & Challenge–response authentication.

Figures

Figure 8: ROC results for the SVC’04, SUSIG’07 and SigComp’11 datasets

Figure 4: The MSE Distribution for Three Signature Datasets (SVC’04, SUSig’07 and SigComp’11). We compare Gaussian distributions fitted over data (shown in red) with the respective histograms (shown in black). The error is measured after the normalization and re-scaling to match height and width of signals and to remove any DC component.

Table 2: Global Features: They capture holistic information of handwritten signature signals. Each box contain a single feature definition.

Figure 6: Matching Module

Figure 5: Obfuscation of original signature data through Random Projection

Figure 1: KRP-AH Scheme for Secure Template Generation

Frequently asked questions

Q1. What contributions have the authors mentioned in the paper "Secure biometric template generation for multi-factor authentication" ?

To solve this problem, the authors present a novel framework that applies random projections to biometric data ( inherence factor ), using secure keys derived from passwords ( knowledge factor ), to generate inherently secure, efficient and revocable/renewable biometric templates for users ’ verification. The authors also undertake a case study of deploying the proposed framework in a two-factor authentication setup that uses users ’ passwords and dynamic handwritten signatures. The authors have evaluated the performance of the framework on three publicly available signatures datasets. 

Q2. Why is a decrease in system efficiency expected after arithmetic hashing?

Due to the trade-off between security and performance levels, a decrease in system efficiency is expected after the arithmetic hashing. 

Q3. What is the sparsest solution of an under-determined system of linear equations?

When RIP is satisfied, minimum `1 norm solution of an under-determined system of linear equations is also the sparsest solution [9]:α̂ = argmin α ‖ α ‖1Algorithms like greedy search and convex relaxation techniques are usually used to solve such problems. 

Q4. What is the function Fsec(.) used to model the probability distribution of different biometric?

Biometrics of different users can be modeled as statistically independent variables such that given data of two users - D1 and D2 - joint probability can be expressed as pD1,D2 (D1,D2) = pD1 (D1)pD2 (D2). 

Q5. What are the three types of factors used for authentication of a user’s identity?

The three different types of elements (known as factors) can be used for authentication of a user’s identity are the ownership, knowledge and inherence factors. 

Q6. What is the reason why AH function is useful in increasing the discrimination ability of signals?

in the fact that signals do not loose discrimination ability when their rate of change is calculated, rather such a calculation is often helpful in increasing the discriminating ability of signals. 

Q7. What is the main reason why performance remains unaffected?

The main reason why performance remains unaffected is the distance preserving transformation (Section 3.2.1) followed by the differential and decimation (low-pass) filters which keep the distinctive features of time-varying signals. 

Q8. What is the t-sparse solution given by 1 :x?

This t-sparse solution is given by 1 :x̂ = argmin Rz=u ‖ z ‖1`1 minimization is a convex optimization problem and can be efficiently solved using linear programming methods. 

Q9. What is the probability of a matrix R satisfying a concentration inequality?

2. It can be shown that if the matrix R satisfies concentration inequality for JL-Lemma then it is highly probable that it would also satisfy (t, )-RIP for t < c′ 2k/log(d) [5]. 

Q10. What is the way to protect the privacy of a genuine subject?

A successful security mechanism will protect the privacy of a genuine subject by concealing its original biometric data from an intruder as well as the verification server. 

Q11. What is the way to solve the security issues with biometric templates?

To solve the above mentioned security issues with biometric templates, the authors have employed an ‘easy to compute’ and ‘difficult to invert’ one way funtion.