Privacy protection of biometric templates...Technology used in 2011 only: ! Encrypted ﬁngerprint...

Welcome

Privacy protection of biometric templates

Fraunhofer Forum, Berlin 27. November 2012 Moazzam Butt, Olaf Henniger, Alexander Nouak [email protected] www.igd.fraunhofer.de/idb

© 2012 Fraunhofer IGD International Conference of the PRESCIENT Project – 27. November 2012 – Moazzam Butt

Overview

!  Introduction to biometrics

! Risks in biometric systems

! Biometric template protection

!  ISO/IEC 24745 – Biometric information protection

! Example of biometric system

!  Software demonstration


Introduction to Biometrics

! Biometrics are techniques that can automatically recognize a person with his/her physiological or behavioral information.

!  In comparison with the token or password based authentication, biometrics are strongly linked to persons, cannot be forgotten or handed on.

! Userfriendliness

http://www.brighthub.com http://www.iconnica.com


Risks in Biometric Systems Sensitive Private Information

!  Disease:

!  Free floating cyst of iris*

!  About 75% transverse palmar crease in case of trisomy 21 or trisomy 13 syndrome**

!  The information is irrelevant to authentication

!  Genetic information, gender, race …

!  Hill climbing attack

*www.eyecancerinfo.com/photogallery/8_47.jpg

** Julia Seidel, �Zusatzinformationen in Fingerbildern�, Hochschule Darmstadt, 2006


Risks in Biometric Systems Cross Matching

International Conference of the PRESCIENT Project – 27. November 2012 – Moazzam Butt © 2012 Fraunhofer IGD

Risks in Biometric Systems Identity Theft


Risks in Biometric Systems Invariability


!  The biometric characteristics are not replaceable

Template Protection Protection of Biometric References


Template Protection

! Similar to UNIX-Password authentication

! Plaintext: etc/password

! id:<login_name>:hash(password)

! Authentication

! hash(input) =?= hash(password)

h(*) x h(x)

easy to encrypt

hard to reverse


Template Protection Challenge

! Difference between Passwords and biometric data

! Biometric acquisition is subject to variations (intra-class variation + noise)

! Cryptographic one-way function is highly sensitive to small changes in input data,

! Error Correction Coding – ECC

h(01000101) ≠ h(01010101)


Template Protection An Overview ! It converts biometric data into multiple independent references, from which it is

infeasible and hard to retrieve the original information.

! Biometric template protection is a very important supplement to improve security and enhance privacy protection of biometric systems.

! Irreversibility

! Diversity

! Unlinkability

! Revocability


Solution Privacy enhancing authentication systems

Fuzzy Commitment Scheme


Template Protection Techniques

! Template Protection: generates different and independent secure reference templates from a biometric sample

Template Protection

Biometric Crypto Systems

Feature Transformation

Biometric Salting non-invertible Transformation

Biometric Encryption

Biohashing

Cancelable Biometrics

Ordered Features: Fuzzy

Commitment, Shielding Function

Non-ordered

Features: Fuzzy Vault


Template Protection Framework Unified Architecture

! Standard

! ISO/IEC 24745 (SC27)

! Information technology – Security techniques – Biometric information protection

! Published in 2011


Template Protection Framework Architecture for renewable biometric references


Renewable Biometric References Elements in the architecture

! Auxiliary Data – AD ! subject-dependent data, that is part of a renewable biometric reference and may be

required to reconstruct pseudonymous identifiers during verification, or for verification in general

! Pseudonymous Identifier – PI ! part of a renewable biometric reference that represents an individual or data subject

within a certain domain by means of a protected identity that can be verified by means of a captured biometric sample and the auxiliary data (if any)

! Renewable biometric reference ! revocable / renewable identifier that represents an individual or data subject within a

certain domain by means of a protected binary identity (re)constructed from the captured biometric sample


Biometric Crypto Systems Review

! Biometric Crypto Systems combine Cryptography with error correcting codes

! PI is the secret hash,

! Auxiliary data must be saved additionally

! Comparison on basis of exact match

! Suitable for all biometric modalities

! 2D- and 3D-Face recognition

! Iris recognition

! Fingerprint recognition

! Hand palm vein recognition

! Ear recognition



Access control to public outdoor pool in Bad Orb (Germany)

! Technology used in 2011 only:

! Encrypted fingerprint template stored in RFID chip card (Mifare)

! Fingerprint comparison in access control terminal

! Purpose:

! To save access-control staff and

! To bind season tickets to their holder

! Voluntary participation: Users signed declaration of consent.



! Complaint of provincial data protection authority

! after petitions from citizens who do not accept fingerprinting

! Use of fingerprints considered objectionable because of

! Lack of equivalent alternative: Holders of season tickets without fingerprint had to wait for the pool attendant to open the entrance door.

! “Disproportionality” of using fingerprints in local-government services for the public

! Alternative solution:

! No more season tickets (allowing any number of entries during a season),

! RFID chip cards used as rechargeable payment cards at unstaffed access-control terminal instead.



! Lessons learnt:

! Local-government services for the public:

! Fingerprints will probably not be used.

! Private-sector recreation facilities (fitness clubs etc.):

! On a voluntary basis, fingerprints may be used, with properly protected templates.

! There should be an equivalent alternative for people who do not accept fingerprinting.


Thank You

Privacy protection of biometric templates...Technology used in 2011 only: ! Encrypted ﬁngerprint...

Documents

Transcript of Privacy protection of biometric templates...Technology used in 2011 only: ! Encrypted ﬁngerprint...