[go: up one dir, main page]

WO2008069475A1 - Fingerprint data protection and authentication method using 3d fuzzy vault scheme, fingerprint data protection apparatus using 3d fuzzy vault scheme, and fingerprint data authentication system using 3d fuzzy vault scheme - Google Patents

Fingerprint data protection and authentication method using 3d fuzzy vault scheme, fingerprint data protection apparatus using 3d fuzzy vault scheme, and fingerprint data authentication system using 3d fuzzy vault scheme Download PDF

Info

Publication number
WO2008069475A1
WO2008069475A1 PCT/KR2007/005870 KR2007005870W WO2008069475A1 WO 2008069475 A1 WO2008069475 A1 WO 2008069475A1 KR 2007005870 W KR2007005870 W KR 2007005870W WO 2008069475 A1 WO2008069475 A1 WO 2008069475A1
Authority
WO
WIPO (PCT)
Prior art keywords
fingerprint
minutiae
chaff
fingerprint information
polynomial
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2007/005870
Other languages
French (fr)
Inventor
Yong Wha Chung
Seung Hwan Jung
Sung Ju Lee
Dae Sung Moon
Choong Ho Cho
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industry Academy Collaboration Foundation of Korea University
Original Assignee
Industry Academy Collaboration Foundation of Korea University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industry Academy Collaboration Foundation of Korea University filed Critical Industry Academy Collaboration Foundation of Korea University
Publication of WO2008069475A1 publication Critical patent/WO2008069475A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06TIMAGE DATA PROCESSING OR GENERATION, IN GENERAL
    • G06T1/00General purpose image data processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the present invention relates a user authentication system and, in particular, to a fingerprint data protection and authentication method using a 3-dimensional (3D) fuzzy vault, a storage media for storing the method, a fingerprint data protection apparatus using the 3D fuzzy vault, and a fingerprint data authentication system using the 3D fuzzy vault.
  • Fingerprint recognition system is the most widely used biometric authentication and the most cost effective system. Particularly, the fingerprint recognition system is advantageous in that it can be implemented with a compact design so as to be applied to portable devices. Along with the increased concern over the security and privacy, fingerprint recognition is in the limelight as one of the most effective biometric recognition systems. The fingerprint recognition technique is developing from the entrance control system to the remote application systems such as internet banking and electronic government system. The greater a number of chaff minutiae is, the stronger the security level is.
  • the insertion of the chaff minutiae into the fingerprint information is limited to the flat image when using the typical fuzzy vault scheme. This is because the size of the fingerprint is restricted, and in turn, the room for inserting the chaff minutiae is restricted.
  • the present invention has been made in an effort to solve the above problems, and it is an object of the present invention to provide a fingerprint data protection method using a 3D fuzzy vault that is capable of improving security and protecting the fingerprint information from possible hacking attacks while maintaining high recognition rate by increasing amount of fingerprint template information.
  • the fingerprint data protection method includes extracting fingerprint information including positions, angles, and types of minutiae collected from a fingerprint image input through a sensing device; generating a first polynomial with coefficients of the extracted fingerprint information; inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the fingerprint information; and storing the fingerprint information with the first polynomial and the chaff minutiae in the form of a database.
  • the fingerprint data authentication method includes generating a 3 -dimensional input hash table by extracting input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image scanned by a sensing device; generating a 3-dimensional enrollment hash table by receiving a fingerprint image of an authorized user, extracting fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image, generating a first polynomial with coefficients of the extracted fingerprint information, inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random, and transforming the chaff minutiae-inserted fingerprint information geometrically; removing the chaff minutiae from the fingerprint information matched by aligning the 3-dimensional enrollment hash table and 3- dimensional input hash table, using an error correction code; generating a second polynomial with coefficients of the matched fingerprint information; and verifying authentication
  • the fingerprint data protection apparatus includes a fingerprint extractor for extracting fingerprint information including positions, angles, and types of minutiae from a fingerprint image input by a sensing device; a polynomial generator for generating a first polynomial with coefficients of the extracted fingerprint information; a chaff inserter for inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the extracted fingerprint information; and a database for storing the first polynomial and the fingerprint information in which the chaff minutiae are inserted.
  • the fingerprint authentication system includes an input fingerprint extractor for extracting input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image input through a sensing device; an input hash table generator for generating a 3-dimensional input hash table by geometrically transforming the extracted fingerprint information; an enrollment hash table generator for generating a 3-dimensional enrollment hash table by receiving a fingerprint image of an authorized user, extracting fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image, generating a first polynomial with coefficients of the extracted fingerprint information, inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random, and transforming the chaff minutiae-inserted fingerprint information geometrically; a fingerprint aligner for aligning the 3 dimensional enrollment hash table and 3-dimensional input hash table; an error corrector for removing the chaff minutiae
  • the fingerprint data protection method of the present invention uses a 3D fuzzy vault scheme in which more chaff minutiae can be added for concealing the fingerprint data and performs authentication process without releasing the concealed fingerprint information using a polynomial reconstruction, thereby improving security while maintaining the recognition rate.
  • FIG. 1 is a diagram illustrating a fingerprint recognition system according to an exemplary embodiment of the present invention
  • FIG. 2 is a block diagram illustrating a configuration of a fingerprint data authentication system using a 3D fuzzy vault according to an exemplary embodiment of the present invention
  • FIG. 3 is a block diagram illustrating a configuration of a fingerprint data protection apparatus employed to the fingerprint data authentication system of FIG. 2;
  • FIG. 4 is a block diagram illustrating a fingerprint data authentication system using a 3D fuzzy vault according to another exemplary embodiment of the present invention.
  • FIG. 5 is a flowchart illustrating a fingerprint data protection method using a 3D fuzzy vault according to an exemplary embodiment of the present invention
  • FIG. 6 is a flowchart illustrating a fingerprint data authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention
  • FIG. 7 is a diagram illustrating steps of collecting fingerprint information of a fingerprint data authentication method according to an exemplary embodiment of the present invention.
  • FIG. 8 is a diagram illustrating steps of concealing fingerprint information of a fingerprint data authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention.
  • FIG. 9 is a diagram illustrating steps of geometric transformation of fingerprint information in a fingerprint data authentication method according to an exemplary embodiment of the present invention.
  • FIG. 1 is a diagram illustrating a fingerprint recognition system according to an exemplary embodiment of the present invention.
  • the fingerprint recognition system includes a transmission part for extracting fingerprint information from a fingerprint image and a reception part for processing the extracted fingerprint information.
  • the transmission part extracts the fingerprint information such as a position, angle, and type of the fingerprint image input through a sensor of a fingerprint image input device.
  • the fingerprint information is transmitted to the reception part.
  • the authentication process is performed by comparing the extracted fingerprint information to reference fingerprint information stored within a fingerprint information storage.
  • FIG. 2 is a block diagram illustrating a configuration of a fingerprint data authentication system using a 3D fuzzy vault according to an exemplary embodiment of the present invention.
  • the fingerprint data authentication system includes a transmission part 210 and a reception part 220.
  • the transmission part 210 includes an input fingerprint extractor 211 and an input hash table generator 212.
  • the input fingerprint extractor 211 extracts fingerprint information composed of the positions, angles, and types of minutiae points from the fingerprint image detected by a sensor.
  • the sensor is a fingerprint scanner.
  • the minutiae point type means a bifurcation and a ridge ending.
  • the input hash table generator 212 generates a 3D hash table by geometrically transforming the extracted fingerprint information.
  • the reception part 220 includes a database 221 , an enrollment hash table generator 222, a fingerprint aligner 223, an error corrector 224, a polynomial reconstructor 225, and a user authenticator 226.
  • the enrollment hash table generator 222 reads concealed fingerprint information from the database 221 and generates the 3D hash table by geometrically transforming the concealed fingerprint information.
  • the concealed fingerprint information is generated by receiving a fingerprint image of a user using a sensing device, extracting the fingerprint information including the positions, angles and types of the minutiae points of the fingerprint image, generating a first polynomial of coefficients obtained from the extracted fingerprint information, inserting a plurality of fingerprint templates composed of randomly generated positions, angles, and types of features points into the extracted fingerprint information.
  • the fingerprint information generated in such a manner is stored within the database 221.
  • the degree of the polynomial can be determined by a security system designer in consideration of the target security level.
  • An authorized user means a user allowed for an entrance control system, internet banking, remote application system of an electronic government system, etc. employing the fingerprint authentication according to an embodiment of the present invention.
  • the fingerprint information aligner 223 aligns the 3D enrollment hash table and the input 3D hash table.
  • the fingerprint information alignment is performed for adjusting the offset which can occur when extracting the fingerprint of the user for protecting the minutiae point mismatch between the input fingerprint information and the reference fingerprint information.
  • the error corrector 224 matches the fingerprint information using the aligned enrolled 3D hash table and input 3D hash table and then removes the fake minutiae points from the matched fingerprint information using an error correction code (ECC). Matching the fingerprint information is performed by finding the minutiae points in a threshold range of a predetermined boundary in the enrolled 3D hash table and the input 3D hash table.
  • ECC error correction code
  • the polynomial reconstructor 225 generates a second polynomial of coefficients of the matched fingerprint information.
  • the second polynomial is of the fingerprint information of an authentication target.
  • Equation 1 Equation 1
  • the user authenticator 226 verifies the user authentication result by comparing the first and second polynomials. In a case that the degree of the second polynomial is less than that of the first polynomial, the user authenticator 226 judges that the number of the minutiae points extracted from the input fingerprint information is less than that of the reference fingerprint information, thereby determining the first and second polynomials are not identical with each other. If the first and second polynomials are identical with each other, the user authenticator 226 determines that the polynomial is successfully reconstructed. In this case, the user authenticator 226 may output the successful user authentication result.
  • FIG. 3 is a block diagram illustrating a configuration of a fingerprint data protection apparatus employed to the fingerprint data authentication system of FIG. 2.
  • the fingerprint data protection apparatus 300 includes a fingerprint information extractor 320, a polynomial generator 330, a chaff inserter 340, and a database 350.
  • the fingerprint information extractor 320 receives the fingerprint image of a user scanned by a sensor and extracts fingerprint information composed of positions, angles and types of minutiae points from the fingerprint image.
  • the polynomial generator 330 generates a first polynomial with coefficients of the extracted fingerprint information.
  • the chaff inserter 340 generates a plurality of chaff minutiae composed of minutiae points with different positions, angels, and types and inserts the chaff minutiae into the extracted fingerprint information. Since the chaff minutiae are generated with randomly selected positions, angles, and types, the chaff minutiae are indistinguishable from the legitimate minutiae. The chaff minutiae are inserted into the genuine fingerprint information in consideration of the positions and angles of the previously inserted ones.
  • the database 350 stores the first polynomial and the fingerprint information in which the chaff minutiae are inserted.
  • the database 350 can be implemented within a nonvolatile memory device, a volatile memory device, a hard disc drive, or an optical storage media.
  • FIG. 4 is a block diagram illustrating a fingerprint data authentication system using a 3D fuzzy vault according to another exemplary embodiment of the present invention.
  • the fingerprint data authentication system includes a transmission part 410, a reception part 420, and a fingerprint data protection unit 430.
  • the transmission part 410 includes an input fingerprint information extractor 411 and an input hash table generator 412.
  • the input fingerprint information extractor 411 extracts the input fingerprint information composed of the positions, angles, and types of the minutiae points from the fingerprint image of the user.
  • the input hash table generator 412 generates a 3D hash table by geometrically transforming the extracted fingerprint information.
  • the reception part 420 includes an enrollment hash table generator 422, a fingerprint information aligner 423, an error corrector 424, a polynomial reconstructor 425, and a user authenticator 426.
  • the enrollment hash table generator 422 reads the concealed fingerprint information from the database 435 and generates a 3D enrollment hash table by geometrically transforming the read fingerprint information.
  • Equation 2 The input 3D hash table and the 3D enrollment hash table can be generated by equation 2. Equation 2
  • nx is the reference point.
  • the minutiae points are acquired from the fingerprint of the user at a minutiae point collection stage.
  • the angle ⁇ is used for obtaining a coordinate value on the z axis for the 3D table.
  • the fingerprint information can be represented by a set of minutiae points.
  • the 3D enrollment minutiae table is generated from L.
  • the 3D enrollment table is generated in the enrollment minutiae table generation stage. Each step in the enrollment minutiae table generation stage is explained in detail in the following. First, in a reference point selection step, a first minutia w/ is selected from the enrollment minutiae set L.
  • Next step is a minutiae transform step.
  • the other remaining minutiae m 2 , m 3 ,..., m n are aligned with respect to the first minutia mj.
  • m,(l) is the transformed minutiae, i.e., the result of the transform of the j th minutia with respect to m
  • Equation 2 represents the translation and rotation such that features(x / , y ⁇ , zj, ⁇ ,i, ti) of mi are translated and rotated into (7, 1, 1, 1, //).
  • TR m, j ⁇ ) denotes the minutia translated and rotated from theyth minutia with respect to mi.
  • the first and second steps are repeated for all the remaining minutiae.
  • the reference point selection step and the minutiae transform step performed with respect to mi are repeatedly performed with respect to the other minutiae /w ⁇ , m 3 ,...,m n such that the 3D enrollment minutiae table is generated.
  • the fingerprint aligner 423 aligns the 3D enrollment hash table and the 3D input hash table.
  • the error corrector 424 matches the fingerprint information using the aligned 3D enrollment hash table and input hash table and then removes the chaff minutiae from the matched fingerprint information using an error correction code.
  • the polynomial reconstructor 425 generates a second polynomial with coefficients of the matched fingerprint information.
  • the second polynomial is of the fingerprint information of the authentication target.
  • the user authenticator 426 verifies the user authentication result by comparing the first and second polynomials to each other. In the case that the polynomial is successfully reconstructed, the user authenticator 426 may output the user authentication result.
  • the fingerprint data protection unit 430 includes a fingerprint extractor 432, a polynomial generator 433, a chaff minutiae inserter 434, and a database 435.
  • the fingerprint extractor 432 receives a fingerprint image of a user scanned by a sensor and extracts fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image.
  • the polynomial generator 433 generates a first polynomial with coefficients obtained from the extracted fingerprint information.
  • the chaff minutiae inserter 434 generates a plurality of chaff minutiae composed of positions, angles, and types and inserts the chaff minutiae into the extracted fingerprint information.
  • the database 435 stores the fingerprint information in which the chaff minutiae are inserted together with the first polynomial.
  • the database 435 can be provided in the form of a nonvolatile memory device, a volatile memory device, a hard disk drive, or an optical storage media.
  • FIG. 5 is a flowchart illustrating a fingerprint data protection method using a
  • 3D fuzzy vault according to an exemplary embodiment of the present invention.
  • a fingerprint data protection apparatus extracts fingerprint information composed of positions, angles, and types of minutiae (S510). After extracting the fingerprint information, the fingerprint data protection apparatus generates a first polynomial with coefficients of the extracted fingerprint information (S 520).
  • the fingerprint data protection apparatus generates a plurality of chaff minutiae having respective positions, angles, and types and then inserts the chaff minutiae into the fingerprint information (S530).
  • each chaff minutia of the fingerprint information is a 3D coordinate composed of (x, y, z), z being obtained using the angle.
  • the chaff minutia which differs from the real minutia in position and angle by more than a predetermined threshold value is inserted into the fingerprint information.
  • the threshold value can be determined in consideration of the fingerprint recognition rate and security level to be applicable by those skilled in the art.
  • the fingerprint data protection apparatus stores the fingerprint information with the first polynomial and the chaff minutiae in the form of a database
  • FIG. 6 is a flowchart illustrating a fingerprint data authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention.
  • the fingerprint data authentication apparatus extracts input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image input through a sensing device and generates a 3D input hash table by geometrically transforming the input fingerprint information (S610).
  • the fingerprint data authentication apparatus generates a 3D enrollment hash table by geometrically transforming the protection fingerprint information read out from the database (S620).
  • the fingerprint data authentication apparatus matches the fingerprint information by aligning the 3D input hash table and the 3D enrollment hash table and then removes the chaff minutiae from the matched fingerprint information using an error correction code (S630).
  • the fingerprint data authentication apparatus generates a second polynomial with coefficients of the matched fingerprint information (S640). After generating the second polynomial, the fingerprint data authentication apparatus compares the first and second polynomials and determines whether the polynomial is successfully reconstructed on the basis of the comparison result (S650). If the first and second polynomials are identical with each other, it is determined that the polynomial is successfully reconstructed.
  • the fingerprint data authentication apparatus determines that the authentication is successful (S651) and, otherwise, the authentication fails (S652). In the case that the polynomial is successfully reconstructed, an announcement message informing of the successful authentication result can be output.
  • FIG. 7 is a diagram illustrating steps of collecting fingerprint information of a fingerprint data authentication method according to an exemplary embodiment of the present invention.
  • a fingerprint image 710 is obtained by a sensing device such as a fingerprint scanner. From the fingerprint image 710, fingerprint information 720 composed of positions, angles, and types of minutiae is extracted. In FIG. 7, the real minutiae are presented as circles. Next, a plurality of chaff minutiae is added to the fingerprint information to generate a template 730. The chaff minutiae are added such that the distance between the real and chaff minutiae is not too close and angles between the minutiae become large. The chaff minutiae are added in consideration of the distances and angles of previously added chaff minutiae.
  • FIG. 8 is a diagram illustrating steps of concealing fingerprint information of a fingerprint authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention.
  • the fingerprint information is modified so as to be expanded into a 3D space 820 by utilizing the angles of the minutiae as z-axis values, whereby more chaff minutiae can be inserted into the fingerprint information.
  • FIG. 9 is a diagram illustrating steps of geometric transformation of fingerprint information in a fingerprint authentication method according to an exemplary embodiment of the present invention.
  • a minutia is selected as a reference point (see 910).
  • the minutia is positioned at the origin of coordinate of x-y plane, aligned such that the angle of the minutia is 0 with respect to the x-axis, and then other minutiae are aligned with respect to the first minutia (see 920).
  • the first minutia is positioned at the origin of the coordinate of 3D space and the other minutiae are aligned with respect to the first minutia (see 930).
  • Table 1 shows a performance comparison between the conventional 2D based- fingerprint authentication method and the 3D based-fingerprint authentication method according to the present invention, particularly, in terms of false acceptance rate (FAR) and false rejection rate (FRR).
  • FAR and FRR are parameters for evaluating the performance of the biometric verification technique that identifies a person by fingerprint, iris, or face.
  • the FAR is a measure of the likelihood that the authentication system will wrongly recognize the biometric information. That is, the false acceptance is a biometric security error as it gives unauthorized users access to the system.
  • a FAR of 0.001 means that the authentication system wrongly recognizes 1 out of 1000 biometric recognitions.
  • the FRR is a percentage of times the system produces a false rejection by misrecognition of a person. With a high FRR, the system is likely to reject an access by an authorized person, and thus the system is useless even though the system guarantees a high security level.
  • the FARs and FRRs are shown when the 2D hash table and 3D hash table are used. If a polynomial is correctly reconstructed from the protected template, the user can obtain the secret key. For example, if the secret key is enrolled using a 10-degree polynomial with 11 coefficients, 11 unique minutiae are required for reconstructing the 10-degree polynomial.
  • the fingerprint recognition rate was measured while varying the degree of polynomial and the number of chaff minutiae.
  • the FAR was nearly 0%.
  • the FAR with the polynomials of 8, 9, and 10 degrees were 0%.
  • Table 2 shows another performance comparison between the conventional 2D hash table-based fingerprint authentication method and the 3D hash table-based fingerprint authentication method of the present invention in terms of security.
  • Chaff Minutiae 400 1 ,000 10-degree polynomial 3.974xlO 12 5.833xlO 16 12-degree polynomial 1.193xlO 15 1.02xl0 20
  • Table 3 shows a performance comparison between the conventional password- based authentication method, the conventional 2D hash table-based fingerprint authentication method, and the 3D hash table-based fingerprint data authentication method according to the present invention.
  • the 3D hash table-based fingerprint authentication according to the present invention was implemented with 1000 chaff minutiae, and the conventional 2D hash table-based fingerprint authentication method was implemented with 200 chaff minutiae.
  • the 3D hash table-based fingerprint authentication method is superior to both the conventional password-based authentication method and the conventional 2D hash table-based fingerprint authentication method in terms of security.
  • the 3D fuzzy vault-based fingerprint data protection method can be provided in the form of a program recorded in a computer-readable storage media.
  • the 3D fuzzy vault-based fingerprint data protection method can be executed in the form of software which is composed of code segments executing required tasks.
  • the code segments or programs can be stored within a processor readable storage media or transmission carrier or can be transmitted over a carrier wave in the form of a computer data signal.
  • the computer-readable storage media includes all kinds of media of which recorded data can be read by a computer system.
  • the computer-readable storage media includes a Read Only Memory (ROM), Compact Disk ROM (CD ROM), Digital
  • Video Disk ROM DVD ROM
  • DVD-RAM Compact Disc ROM
  • magnetic tape floppy disk
  • hard disk drive optical data storage
  • computer-readable storage media can be located in a distributed computer network so as to be transmitted to any computer in the form of computer-readable codes.
  • the fingerprint data protection method of the present invention can be applied as a biometric user authentication part of systems such as entrance control system, network and computer access system, and mobile devices.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Evolutionary Computation (AREA)
  • Evolutionary Biology (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • Artificial Intelligence (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • Collating Specific Patterns (AREA)

Abstract

Disclosed are a fingerprint data protection and authentication method using a 3-dimensional (3D) fuzzy vault, a fingerprint data protection apparatus using the 3D fuzzy vault, and a fingerprint data authentication system using the 3D fuzzy vault. The fingerprint data protection method using a 3-dimensional fuzzy vault scheme according to the present invention includes extracting fingerprint information including positions, angles, and types of minutiae collected from a fingerprint image input through a sensing device; generating a first polynomial with coefficients of the extracted fingerprint information; inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the fingerprint information; and storing the fingerprint information with the first polynomial and the chaff minutiae in the form of a database. The fingerprint data protection method of the present invention uses a 3D fuzzy vault scheme in which more chaff minutiae can be added for concealing the fingerprint data and performs authentication process without releasing the concealed fingerprint information using a polynomial reconstruction, thereby improving security while maintaining a high recognition rate.

Description

[ DESCRIPTION] [ Invention Title]
FINGERPRINT DATA PROTECTION AND AUTHENTICATION METHOD USING 3D FUZZY VAULT SCHEME, FINGERPRINT DATA PROTECTION APPARATUS USING 3D FUZZY VAULT SCHEME, AND FINGERPRINT DATA AUTHENTICATION SYSTEM USING 3D FUZZY VAULT SCHEME
[ Technical Field]
The present invention relates a user authentication system and, in particular, to a fingerprint data protection and authentication method using a 3-dimensional (3D) fuzzy vault, a storage media for storing the method, a fingerprint data protection apparatus using the 3D fuzzy vault, and a fingerprint data authentication system using the 3D fuzzy vault.
[B ackground Art ]
Along with rapid advances of information and internet technologies, electronic commerce (eCommerce)-based businesses such as online banking have become widespread, whereby user authentication has become an essential security element for secure information transactions. Typically, password and pin code-based authentication techniques are widely used for eCommerce applications. However, such techniques have a drawback in that the password and pin code are likely to be exposed to others or forgotten. In order to overcome these problems, biometrics authentication is a very attractive option to replace the password and pin code.
However, since the change of enrolled biometric information is impossible or very limited unlike the password and pin code, eavesdropping may cause very significant problems. In order to prevent eavesdropping of the biometric information, various researches have been done with encryption, water marking, and steganography.
Fingerprint recognition system is the most widely used biometric authentication and the most cost effective system. Particularly, the fingerprint recognition system is advantageous in that it can be implemented with a compact design so as to be applied to portable devices. Along with the increased concern over the security and privacy, fingerprint recognition is in the limelight as one of the most effective biometric recognition systems. The fingerprint recognition technique is developing from the entrance control system to the remote application systems such as internet banking and electronic government system. The greater a number of chaff minutiae is, the stronger the security level is.
Accordingly, in a case of fingerprint information protection using a fuzzy vault scheme, the insertion of the chaff minutiae into the fingerprint information is limited to the flat image when using the typical fuzzy vault scheme. This is because the size of the fingerprint is restricted, and in turn, the room for inserting the chaff minutiae is restricted.
Accordingly, conventional fingerprint data protection and authentication methods are limited to improve the security level. In order to solve this problem, it can be considered to insert the chaff minutiae into an enlarged fingerprint image larger than the actual fingerprint image. In this case, however, the fingerprint information is widely distributed, resulting in deterioration of fingerprint recognition rate.
[Disclosure] [Technical Problem] The present invention has been made in an effort to solve the above problems, and it is an object of the present invention to provide a fingerprint data protection method using a 3D fuzzy vault that is capable of improving security and protecting the fingerprint information from possible hacking attacks while maintaining high recognition rate by increasing amount of fingerprint template information.
It is another object of the present invention to provide a fingerprint data authentication method using a 3D fuzzy vault that is capable of improving security and protecting the fingerprint information from possible hacking attacks by performing authentication process without recovering concealed fingerprint information.
It is another object of the present invention to provide a fingerprint data protection apparatus using a 3D fuzzy vault that is capable of improving security and protecting the fingerprint information from possible hacking attacks while maintaining high recognition rate.
It is still another object of the present invention to provide a fingerprint data authentication system using a 3D fuzzy vault that is capable of improving security and protecting the fingerprint information from possible hacking attacks while maintaining high recognition rate.
[Technical Solution]
In accordance with an aspect of the present invention, the above and other objects are accomplished by a fingerprint data protection method using a 3- dimensional fuzzy vault scheme. The fingerprint data protection method includes extracting fingerprint information including positions, angles, and types of minutiae collected from a fingerprint image input through a sensing device; generating a first polynomial with coefficients of the extracted fingerprint information; inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the fingerprint information; and storing the fingerprint information with the first polynomial and the chaff minutiae in the form of a database.
In accordance with another aspect of the present invention, the above and other objects are accomplished by a fingerprint data authentication method using a 3- dimensional fuzzy vault scheme. The fingerprint data authentication method includes generating a 3 -dimensional input hash table by extracting input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image scanned by a sensing device; generating a 3-dimensional enrollment hash table by receiving a fingerprint image of an authorized user, extracting fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image, generating a first polynomial with coefficients of the extracted fingerprint information, inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random, and transforming the chaff minutiae-inserted fingerprint information geometrically; removing the chaff minutiae from the fingerprint information matched by aligning the 3-dimensional enrollment hash table and 3- dimensional input hash table, using an error correction code; generating a second polynomial with coefficients of the matched fingerprint information; and verifying authentication result by comparing the first and second polynomials.
In accordance with another aspect of the present invention, the above and other objects are accomplished by a fingerprint data protection apparatus using a 3- dimensional fuzzy vault scheme. The fingerprint data protection apparatus includes a fingerprint extractor for extracting fingerprint information including positions, angles, and types of minutiae from a fingerprint image input by a sensing device; a polynomial generator for generating a first polynomial with coefficients of the extracted fingerprint information; a chaff inserter for inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the extracted fingerprint information; and a database for storing the first polynomial and the fingerprint information in which the chaff minutiae are inserted.
In accordance with another aspect of the present invention, the above and other objects are accomplished by a fingerprint data authentication system using a 3- dimensional fuzzy vault scheme. The fingerprint authentication system includes an input fingerprint extractor for extracting input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image input through a sensing device; an input hash table generator for generating a 3-dimensional input hash table by geometrically transforming the extracted fingerprint information; an enrollment hash table generator for generating a 3-dimensional enrollment hash table by receiving a fingerprint image of an authorized user, extracting fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image, generating a first polynomial with coefficients of the extracted fingerprint information, inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random, and transforming the chaff minutiae-inserted fingerprint information geometrically; a fingerprint aligner for aligning the 3 dimensional enrollment hash table and 3-dimensional input hash table; an error corrector for removing the chaff minutiae from the fingerprint information matched by aligning the 3-dimensional enrollment hash table and 3-dimensional input hash table, using an error correction code; a polynomial reconstructor for generating a second polynomial with coefficients of the matched fingerprint information; and a user authenticator for verifying authentication result by comparing the first and second polynomials.
[Advantageous Effects]
The fingerprint data protection method of the present invention uses a 3D fuzzy vault scheme in which more chaff minutiae can be added for concealing the fingerprint data and performs authentication process without releasing the concealed fingerprint information using a polynomial reconstruction, thereby improving security while maintaining the recognition rate.
[Description of Drawings] FIG. 1 is a diagram illustrating a fingerprint recognition system according to an exemplary embodiment of the present invention;
FIG. 2 is a block diagram illustrating a configuration of a fingerprint data authentication system using a 3D fuzzy vault according to an exemplary embodiment of the present invention;
FIG. 3 is a block diagram illustrating a configuration of a fingerprint data protection apparatus employed to the fingerprint data authentication system of FIG. 2;
FIG. 4 is a block diagram illustrating a fingerprint data authentication system using a 3D fuzzy vault according to another exemplary embodiment of the present invention;
FIG. 5 is a flowchart illustrating a fingerprint data protection method using a 3D fuzzy vault according to an exemplary embodiment of the present invention;
FIG. 6 is a flowchart illustrating a fingerprint data authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention;
FIG. 7 is a diagram illustrating steps of collecting fingerprint information of a fingerprint data authentication method according to an exemplary embodiment of the present invention;
FIG. 8 is a diagram illustrating steps of concealing fingerprint information of a fingerprint data authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention; and
FIG. 9 is a diagram illustrating steps of geometric transformation of fingerprint information in a fingerprint data authentication method according to an exemplary embodiment of the present invention.
[Mode for Invention]
Exemplary embodiments of the present invention are described with reference to the accompanying drawings in detail. The same reference numbers are used throughout the drawings to refer to the same or like parts. Detailed descriptions of well-known functions and structures incorporated herein may be omitted to avoid obscuring the subject matter of the present invention. FIG. 1 is a diagram illustrating a fingerprint recognition system according to an exemplary embodiment of the present invention.
The fingerprint recognition system includes a transmission part for extracting fingerprint information from a fingerprint image and a reception part for processing the extracted fingerprint information. The transmission part extracts the fingerprint information such as a position, angle, and type of the fingerprint image input through a sensor of a fingerprint image input device. The fingerprint information is transmitted to the reception part. The authentication process is performed by comparing the extracted fingerprint information to reference fingerprint information stored within a fingerprint information storage.
FIG. 2 is a block diagram illustrating a configuration of a fingerprint data authentication system using a 3D fuzzy vault according to an exemplary embodiment of the present invention.
As shown in FIG. 2, the fingerprint data authentication system includes a transmission part 210 and a reception part 220.
The transmission part 210 includes an input fingerprint extractor 211 and an input hash table generator 212.
The input fingerprint extractor 211 extracts fingerprint information composed of the positions, angles, and types of minutiae points from the fingerprint image detected by a sensor. Preferably, the sensor is a fingerprint scanner. The minutiae point type means a bifurcation and a ridge ending.
The input hash table generator 212 generates a 3D hash table by geometrically transforming the extracted fingerprint information.
The reception part 220 includes a database 221 , an enrollment hash table generator 222, a fingerprint aligner 223, an error corrector 224, a polynomial reconstructor 225, and a user authenticator 226. The enrollment hash table generator 222 reads concealed fingerprint information from the database 221 and generates the 3D hash table by geometrically transforming the concealed fingerprint information.
The concealed fingerprint information is generated by receiving a fingerprint image of a user using a sensing device, extracting the fingerprint information including the positions, angles and types of the minutiae points of the fingerprint image, generating a first polynomial of coefficients obtained from the extracted fingerprint information, inserting a plurality of fingerprint templates composed of randomly generated positions, angles, and types of features points into the extracted fingerprint information. The fingerprint information generated in such a manner is stored within the database 221.
The degree of the polynomial can be determined by a security system designer in consideration of the target security level.
An authorized user means a user allowed for an entrance control system, internet banking, remote application system of an electronic government system, etc. employing the fingerprint authentication according to an embodiment of the present invention.
The fingerprint information aligner 223 aligns the 3D enrollment hash table and the input 3D hash table. The fingerprint information alignment is performed for adjusting the offset which can occur when extracting the fingerprint of the user for protecting the minutiae point mismatch between the input fingerprint information and the reference fingerprint information.
The error corrector 224 matches the fingerprint information using the aligned enrolled 3D hash table and input 3D hash table and then removes the fake minutiae points from the matched fingerprint information using an error correction code (ECC). Matching the fingerprint information is performed by finding the minutiae points in a threshold range of a predetermined boundary in the enrolled 3D hash table and the input 3D hash table.
The polynomial reconstructor 225 generates a second polynomial of coefficients of the matched fingerprint information. The second polynomial is of the fingerprint information of an authentication target.
Both the first and second polynomials can be expressed as equation 1. Equation 1
p = (X1X6 + a6x5 + (X5X4 + aAx3 + (X3X2 + Ct2X1 + α,x° a, :/'A fingerprint information
The user authenticator 226 verifies the user authentication result by comparing the first and second polynomials. In a case that the degree of the second polynomial is less than that of the first polynomial, the user authenticator 226 judges that the number of the minutiae points extracted from the input fingerprint information is less than that of the reference fingerprint information, thereby determining the first and second polynomials are not identical with each other. If the first and second polynomials are identical with each other, the user authenticator 226 determines that the polynomial is successfully reconstructed. In this case, the user authenticator 226 may output the successful user authentication result.
FIG. 3 is a block diagram illustrating a configuration of a fingerprint data protection apparatus employed to the fingerprint data authentication system of FIG. 2.
As shown in FIG. 3, the fingerprint data protection apparatus 300 includes a fingerprint information extractor 320, a polynomial generator 330, a chaff inserter 340, and a database 350.
The fingerprint information extractor 320 receives the fingerprint image of a user scanned by a sensor and extracts fingerprint information composed of positions, angles and types of minutiae points from the fingerprint image.
The polynomial generator 330 generates a first polynomial with coefficients of the extracted fingerprint information. The chaff inserter 340 generates a plurality of chaff minutiae composed of minutiae points with different positions, angels, and types and inserts the chaff minutiae into the extracted fingerprint information. Since the chaff minutiae are generated with randomly selected positions, angles, and types, the chaff minutiae are indistinguishable from the legitimate minutiae. The chaff minutiae are inserted into the genuine fingerprint information in consideration of the positions and angles of the previously inserted ones.
The database 350 stores the first polynomial and the fingerprint information in which the chaff minutiae are inserted. The database 350 can be implemented within a nonvolatile memory device, a volatile memory device, a hard disc drive, or an optical storage media.
FIG. 4 is a block diagram illustrating a fingerprint data authentication system using a 3D fuzzy vault according to another exemplary embodiment of the present invention.
As shown in FIG. 4, the fingerprint data authentication system includes a transmission part 410, a reception part 420, and a fingerprint data protection unit 430.
The transmission part 410 includes an input fingerprint information extractor 411 and an input hash table generator 412.
The input fingerprint information extractor 411 extracts the input fingerprint information composed of the positions, angles, and types of the minutiae points from the fingerprint image of the user.
The input hash table generator 412 generates a 3D hash table by geometrically transforming the extracted fingerprint information. The reception part 420 includes an enrollment hash table generator 422, a fingerprint information aligner 423, an error corrector 424, a polynomial reconstructor 425, and a user authenticator 426.
The enrollment hash table generator 422 reads the concealed fingerprint information from the database 435 and generates a 3D enrollment hash table by geometrically transforming the read fingerprint information.
The input 3D hash table and the 3D enrollment hash table can be generated by equation 2. Equation 2
TR Ht 1 ( D =
Figure imgf000013_0001
Figure imgf000013_0002
where nx, is the reference point. The minutiae points are acquired from the fingerprint of the user at a minutiae point collection stage. Each fingerprint minutia is represented by m, = (x,, y,, θ,, t,) composed of coordinates, angle, and type. The angle θ, is used for obtaining a coordinate value on the z axis for the 3D table.
The fingerprint information can be represented by a set of minutiae points. A locking set containing the chaff minutiae points and the real minutiae points can be expressed as L = {m, | 1 < / < «} . In the locking set L, the real and chaff minutiae can be represented by G = {m, \ 1 < / < n) and C = {m, | n+1 < i < r}, respectively. Note that, the 3D enrollment minutiae table is generated from L. The 3D enrollment table is generated in the enrollment minutiae table generation stage. Each step in the enrollment minutiae table generation stage is explained in detail in the following. First, in a reference point selection step, a first minutia w/ is selected from the enrollment minutiae set L.
Next step is a minutiae transform step. Here, the other remaining minutiae m2, m3,..., mn are aligned with respect to the first minutia mj. Assuming that m,(l) is the transformed minutiae, i.e., the result of the transform of the jth minutia with respect to m,, and Ti is a set of the transformed minutiae m,(\), i.e., T]={ /wy(l) = x,j(l), y,j(l),
Zy(I), 0y(l), t,j(l) I 1 < j < r), and Tj is called the /wy-transformed minutiae set. The z- coordinate can be obtained using θ. Equation 2 represents the translation and rotation such that features(x/, yι, zj, θ,i, ti) of mi are translated and rotated into (7, 1, 1, 1, //). TRm,j{\) denotes the minutia translated and rotated from theyth minutia with respect to mi.
In the next step, i.e., a repeat step, the first and second steps are repeated for all the remaining minutiae. The reference point selection step and the minutiae transform step performed with respect to mi are repeatedly performed with respect to the other minutiae /w^, m3,...,mn such that the 3D enrollment minutiae table is generated.
The fingerprint aligner 423 aligns the 3D enrollment hash table and the 3D input hash table.
The error corrector 424 matches the fingerprint information using the aligned 3D enrollment hash table and input hash table and then removes the chaff minutiae from the matched fingerprint information using an error correction code.
The polynomial reconstructor 425 generates a second polynomial with coefficients of the matched fingerprint information. The second polynomial is of the fingerprint information of the authentication target.
The user authenticator 426 verifies the user authentication result by comparing the first and second polynomials to each other. In the case that the polynomial is successfully reconstructed, the user authenticator 426 may output the user authentication result. The fingerprint data protection unit 430 includes a fingerprint extractor 432, a polynomial generator 433, a chaff minutiae inserter 434, and a database 435.
The fingerprint extractor 432 receives a fingerprint image of a user scanned by a sensor and extracts fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image.
The polynomial generator 433 generates a first polynomial with coefficients obtained from the extracted fingerprint information.
The chaff minutiae inserter 434 generates a plurality of chaff minutiae composed of positions, angles, and types and inserts the chaff minutiae into the extracted fingerprint information.
The database 435 stores the fingerprint information in which the chaff minutiae are inserted together with the first polynomial. The database 435 can be provided in the form of a nonvolatile memory device, a volatile memory device, a hard disk drive, or an optical storage media. FIG. 5 is a flowchart illustrating a fingerprint data protection method using a
3D fuzzy vault according to an exemplary embodiment of the present invention.
If a fingerprint image is received through a sensing device such as fingerprint scanner, a fingerprint data protection apparatus extracts fingerprint information composed of positions, angles, and types of minutiae (S510). After extracting the fingerprint information, the fingerprint data protection apparatus generates a first polynomial with coefficients of the extracted fingerprint information (S 520).
Next, the fingerprint data protection apparatus generates a plurality of chaff minutiae having respective positions, angles, and types and then inserts the chaff minutiae into the fingerprint information (S530). Preferably, each chaff minutia of the fingerprint information is a 3D coordinate composed of (x, y, z), z being obtained using the angle. Preferably, the chaff minutia which differs from the real minutia in position and angle by more than a predetermined threshold value is inserted into the fingerprint information. The threshold value can be determined in consideration of the fingerprint recognition rate and security level to be applicable by those skilled in the art. Finally, the fingerprint data protection apparatus stores the fingerprint information with the first polynomial and the chaff minutiae in the form of a database
(S540).
FIG. 6 is a flowchart illustrating a fingerprint data authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention.
In FIG. 6, the fingerprint data authentication apparatus extracts input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image input through a sensing device and generates a 3D input hash table by geometrically transforming the input fingerprint information (S610). Next, the fingerprint data authentication apparatus generates a 3D enrollment hash table by geometrically transforming the protection fingerprint information read out from the database (S620).
Once the 3D input hash table and the 3D enrollment hash table are generated, the fingerprint data authentication apparatus matches the fingerprint information by aligning the 3D input hash table and the 3D enrollment hash table and then removes the chaff minutiae from the matched fingerprint information using an error correction code (S630).
Next, the fingerprint data authentication apparatus generates a second polynomial with coefficients of the matched fingerprint information (S640). After generating the second polynomial, the fingerprint data authentication apparatus compares the first and second polynomials and determines whether the polynomial is successfully reconstructed on the basis of the comparison result (S650). If the first and second polynomials are identical with each other, it is determined that the polynomial is successfully reconstructed.
If the polynomial is successfully reconstructed, the fingerprint data authentication apparatus determines that the authentication is successful (S651) and, otherwise, the authentication fails (S652). In the case that the polynomial is successfully reconstructed, an announcement message informing of the successful authentication result can be output.
In this case, there is no need to decrypt the concealed fingerprint information into the original fingerprint information. FIG. 7 is a diagram illustrating steps of collecting fingerprint information of a fingerprint data authentication method according to an exemplary embodiment of the present invention.
A fingerprint image 710 is obtained by a sensing device such as a fingerprint scanner. From the fingerprint image 710, fingerprint information 720 composed of positions, angles, and types of minutiae is extracted. In FIG. 7, the real minutiae are presented as circles. Next, a plurality of chaff minutiae is added to the fingerprint information to generate a template 730. The chaff minutiae are added such that the distance between the real and chaff minutiae is not too close and angles between the minutiae become large. The chaff minutiae are added in consideration of the distances and angles of previously added chaff minutiae.
FIG. 8 is a diagram illustrating steps of concealing fingerprint information of a fingerprint authentication method using 3D fuzzy vault scheme according to an exemplary embodiment of the present invention.
Since the size of the fingerprint image is limited in a 2D plane 810, insertion of the chaff minutiae into the fingerprint information is restricted. In the present invention, however, the fingerprint information is modified so as to be expanded into a 3D space 820 by utilizing the angles of the minutiae as z-axis values, whereby more chaff minutiae can be inserted into the fingerprint information.
FIG. 9 is a diagram illustrating steps of geometric transformation of fingerprint information in a fingerprint authentication method according to an exemplary embodiment of the present invention. In FIG. 9, a minutia is selected as a reference point (see 910). Next, the minutia is positioned at the origin of coordinate of x-y plane, aligned such that the angle of the minutia is 0 with respect to the x-axis, and then other minutiae are aligned with respect to the first minutia (see 920). In the same manner, the first minutia is positioned at the origin of the coordinate of 3D space and the other minutiae are aligned with respect to the first minutia (see 930).
Table 1 shows a performance comparison between the conventional 2D based- fingerprint authentication method and the 3D based-fingerprint authentication method according to the present invention, particularly, in terms of false acceptance rate (FAR) and false rejection rate (FRR). The FAR and FRR are parameters for evaluating the performance of the biometric verification technique that identifies a person by fingerprint, iris, or face.
The FAR is a measure of the likelihood that the authentication system will wrongly recognize the biometric information. That is, the false acceptance is a biometric security error as it gives unauthorized users access to the system. A FAR of 0.001 means that the authentication system wrongly recognizes 1 out of 1000 biometric recognitions.
Although a high matching level decreases the false recognition rate if the system performance is determined only by the FAR, it increases the rejection rate and, in turn, is likely to increase problems of system utilization. For this reason, the FRR is always used with the FAR.
The FRR is a percentage of times the system produces a false rejection by misrecognition of a person. With a high FRR, the system is likely to reject an access by an authorized person, and thus the system is useless even though the system guarantees a high security level.
In order to compare the fingerprint recognition rates of the fuzzy vaults using the 2D and 3D hash tables, another simulation has been performed in association with the degrees of the polynomials generated using the number of chaff minutiae and secret keys inserted into the fingerprint template. TABLE 1
Degree of Based on 2D Hash Table Based on 3D Hash Table
Polynomial 100 Chaff 200 Chaff 400 Chaff 100 Chaff 400 Chaff 1000 Chaff
Minutiae Minutiae Minutiae Minutiae Minutiae Minutiae FRR FAR FRR FAR FRR FAR FRR FAR FRR FAR FRR FAR
8 0.065 0.006 0.070 0.009 0.101 0.011 0.011 0.025 0.024 0.018 0.066 0.005
9 0.098 0.003 0.104 0.004 0.131 0.006 0.019 0.015 0.033 0.010 0.075 0.003
10 0.144 0.002 0.151 0.002 0.174 0.004 0.031 0.010 0.048 0.006 0.091 0.001
In Table 1 , the FARs and FRRs are shown when the 2D hash table and 3D hash table are used. If a polynomial is correctly reconstructed from the protected template, the user can obtain the secret key. For example, if the secret key is enrolled using a 10-degree polynomial with 11 coefficients, 11 unique minutiae are required for reconstructing the 10-degree polynomial.
As shown in Table 1 , when a secret key is generated using a 10-degree polynomial with 1000 chaff minutiae from a genuine user, 4364 of the 4800 attempts were able to successfully reconstruct the secret key in the 10-degree and 1000 chaff minutiae and 409 attempts failed to reconstruct the secret key. In this case, the FRR was 0.091 and the Genuine Acceptance Rate (GAR) was 0.909.
As for imposter matching, the fingerprint recognition rate was measured while varying the degree of polynomial and the number of chaff minutiae. As a result of the imposter matching test with 1 genuine user and 399 imposters, the FAR was nearly 0%. Also, the FAR with the polynomials of 8, 9, and 10 degrees were 0%.
From Table 1 , it is possible to check the FARs and FRRs of the fuzzy vault schemes using the respective 2D and 3D hash tables. The conventional method with 200 chaff minutiae aligned manually shows a FRR of 15% which is greater than a FRR of 9% acquired by the method of the present invention which uses 1000 chaff minutiae aligned automatically.
Table 2 shows another performance comparison between the conventional 2D hash table-based fingerprint authentication method and the 3D hash table-based fingerprint authentication method of the present invention in terms of security.
TABLE 2
2D hash table 3D hash table
No. of Chaff Minutiae 400 1 ,000 10-degree polynomial 3.974xlO12 5.833xlO16 12-degree polynomial 1.193xlO15 1.02xl020
In the case of using a 3D hash table, if a 10-degree polynomial with 11 coefficients is used, the attacker needs at least 11 minutiae to construct the correct polynomial. The vault has 1,036 minutiae (36 of them are real, the remaining 1,000 are chaff); hence there are a total of C(1036,l l) = 3.504x l025 combinations with 11 elements. Only C(36,l l) ~ 6.008x l08 of these combinations will reveal the secret (i.e., unlock the vault). On the other hand, in the case of using a 2D hash table, if the 10 degree polynomial is used and the vault has 436 minutiae (36 of them are real, the remaining 400 are chaff), an average of C(436,l l)/C(36,l l) = 3.974x l012 evaluations is needed for an attacker to crack the vault.
Table 3 shows a performance comparison between the conventional password- based authentication method, the conventional 2D hash table-based fingerprint authentication method, and the 3D hash table-based fingerprint data authentication method according to the present invention.
TABLE 3
8-digit password 2D fuzzy vault 3D fuzzy vault (200 chaff minutiae) (1000 chaff minutiae)
22i 2" 2bb
The 3D hash table-based fingerprint authentication according to the present invention was implemented with 1000 chaff minutiae, and the conventional 2D hash table-based fingerprint authentication method was implemented with 200 chaff minutiae. In Table 3, a number of the 8-digit passwords is — 108 ^ - (23)8 = 223 , and the security of the 3D hash table-based fingerprint authentication method is represented by 1.02χ 1020 ^ 266 when a 12-degree polynomial is used and 1000 chaff minutiae are added.
In tables 2 and 3, the larger the measured value is, the higher the security is. Accordingly, the 3D hash table-based fingerprint authentication method is superior to both the conventional password-based authentication method and the conventional 2D hash table-based fingerprint authentication method in terms of security.
Preferably, the 3D fuzzy vault-based fingerprint data protection method can be provided in the form of a program recorded in a computer-readable storage media.
The 3D fuzzy vault-based fingerprint data protection method can be executed in the form of software which is composed of code segments executing required tasks. The code segments or programs can be stored within a processor readable storage media or transmission carrier or can be transmitted over a carrier wave in the form of a computer data signal.
The computer-readable storage media includes all kinds of media of which recorded data can be read by a computer system. The computer-readable storage media includes a Read Only Memory (ROM), Compact Disk ROM (CD ROM), Digital
Video Disk ROM (DVD ROM), DVD-RAM, magnetic tape, floppy disk, hard disk drive, optical data storage, and their equivalents. Also, the computer-readable storage media can be located in a distributed computer network so as to be transmitted to any computer in the form of computer-readable codes. Although exemplary embodiments of the present invention have been described in detail hereinabove, it should be clearly understood that many variations and/or modifications of the basic inventive concepts taught herein which may appear to those skilled in the present art will still fall within the spirit and scope of the present invention, as defined in the appended claims.
[ Industrial Applicability]
The fingerprint data protection method of the present invention can be applied as a biometric user authentication part of systems such as entrance control system, network and computer access system, and mobile devices.

Claims

[ CLAIMS ] [ Claim 1 ]
A fingerprint data protection method using a 3 -dimensional fuzzy vault scheme, comprising: extracting fingerprint information including positions, angles, and types of minutiae collected from a fingerprint image input through a sensing device; generating a first polynomial with coefficients of the extracted fingerprint information; inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the fingerprint information; and storing the fingerprint information with the first polynomial and the chaff minutiae in the form of a database.
[ Claim 2] The fingerprint data protection method of claim 1 , wherein the chaff minutiae- inserted fingerprint information comprises 3-dimensional information defined by coordinates, each of which has one element obtained from the angle.
[ Claim 3 ] The fingerprint data protection method of claim 1 , wherein inserting a plurality of chaff minutiae comprises generating a chaff minutia repeatedly such that a difference between the position and angle of previously inserted chaff minutia is greater than a predetermined threshold value.
[ Claim 4]
A fingerprint data authentication method using a 3-dimensional fuzzy vault scheme, comprising: generating a 3 -dimensional input hash table by extracting input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image scanned by a sensing device; generating a 3-dimensional enrollment hash table by receiving a fingerprint image of an authorized user, extracting fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image, generating a first polynomial with coefficients of the extracted fingerprint information, inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random, and transforming the chaff minutiae-inserted fingerprint information geometrically; removing the chaff minutiae from the fingerprint information matched by aligning the 3-dimensional enrollment hash table and 3-dimensional input hash table, using an error correction code; generating a second polynomial with coefficients of the matched fingerprint information; and verifying authentication result by comparing the first and second polynomials.
[Claim 5 ]
The fingerprint data authentication method of claim 4, wherein the 3- dimensional enrollment hash table comprises 3-dimensional information defined by coordinates, each of which has one element obtained from the angle.
[ Claim 6]
The fingerprint data authentication method of claim 4, wherein inserting a plurality of chaff minutiae comprises generating a chaff minutia repeatedly such that a difference between the position and angle of previously inserted chaff minutia is greater than a predetermined threshold value.
[ Claim 7]
A fingerprint data protection apparatus using a 3-dimensional fuzzy vault scheme, comprising: a fingerprint extractor for extracting fingerprint information including positions, angles, and types of minutiae from a fingerprint image input by a sensing device; a polynomial generator for generating a first polynomial with coefficients of the extracted fingerprint information; a chaff inserter for inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random into the extracted fingerprint information; and a database for storing the first polynomial and the fingerprint information in which the chaff minutiae are inserted.
[Claim 8]
The fingerprint data protection apparatus of claim 7, wherein the chaff inserter generates a chaff minutia repeatedly such that a difference between the position and angle of previously inserted chaff minutia is greater than a predetermined threshold value.
[ Claim 9]
A fingerprint data authentication system using a 3-dimensional fuzzy vault, comprising: an input fingerprint extractor for extracting input fingerprint information composed of positions, angles, and types of minutiae from a fingerprint image input through a sensing device; an input hash table generator for generating a 3-dimensional input hash table by geometrically transforming the extracted fingerprint information; an enrollment hash table generator for generating a 3- dimensional enrollment hash table by receiving a fingerprint image of an authorized user, extracting fingerprint information composed of positions, angles, and types of minutiae from the fingerprint image, generating a first polynomial with coefficients of the extracted fingerprint information, inserting a plurality of chaff minutiae composed of positions, angles, and types generated at random, and transforming the chaff minutiae-inserted fingerprint information geometrically; a fingerprint aligner for aligning the 3-dimensional enrollment hash table and
3-dimensional input hash table; an error corrector for removing the chaff minutiae from the fingerprint information matched by aligning the 3-dimensional enrollment hash table and 3- dimensional input hash table, using an error correction code; a polynomial reconstructor for generating a second polynomial with coefficients of the matched fingerprint information; and a user authenticator for verifying authentication result by comparing the first and second polynomials.
PCT/KR2007/005870 2006-12-07 2007-11-21 Fingerprint data protection and authentication method using 3d fuzzy vault scheme, fingerprint data protection apparatus using 3d fuzzy vault scheme, and fingerprint data authentication system using 3d fuzzy vault scheme Ceased WO2008069475A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020060123481A KR100824733B1 (en) 2006-12-07 2006-12-07 Fingerprint data hiding method using 3D fuzzy bolt, fingerprint data authentication method using 3D fuzzy bolt, fingerprint data hiding device using 3D fuzzy bolt and fingerprint data authentication system using 3D fuzzy bolt
KR10-2006-0123481 2006-12-07

Publications (1)

Publication Number Publication Date
WO2008069475A1 true WO2008069475A1 (en) 2008-06-12

Family

ID=39492301

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2007/005870 Ceased WO2008069475A1 (en) 2006-12-07 2007-11-21 Fingerprint data protection and authentication method using 3d fuzzy vault scheme, fingerprint data protection apparatus using 3d fuzzy vault scheme, and fingerprint data authentication system using 3d fuzzy vault scheme

Country Status (2)

Country Link
KR (1) KR100824733B1 (en)
WO (1) WO2008069475A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090262990A1 (en) * 2008-04-17 2009-10-22 Electronics And Telecommunications Research Institute Apparatus and method for polynomial reconstruction in fuzzy vault system
US20110037563A1 (en) * 2009-08-17 2011-02-17 Electronics And Telecommunictions Research Institute Apparatus and method for biometric registration and authentication
CN101552776B (en) * 2009-04-14 2011-12-07 西安电子科技大学 Fuzzy Vault encrypting method based on secrete sharing
CN103873253A (en) * 2014-03-03 2014-06-18 杭州电子科技大学 Method for generating human fingerprint biometric key
CN106851638A (en) * 2015-12-04 2017-06-13 中移(杭州)信息技术有限公司 The method for authenticating and device of a kind of client identification module card
US9992171B2 (en) 2014-11-03 2018-06-05 Sony Corporation Method and system for digital rights management of encrypted digital content
US11303435B2 (en) * 2015-10-26 2022-04-12 Visa International Service Association Wireless biometric authentication system and method
US11321445B2 (en) 2019-10-01 2022-05-03 Visa International Service Association Delegated biometric authentication

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101094358B1 (en) * 2008-11-21 2011-12-15 고려대학교 산학협력단 Fingerprint information registration system and method, user authentication system and method using fingerprint information
KR101077975B1 (en) 2009-12-09 2011-10-31 고려대학교 산학협력단 Method of generating fuzzy vault based on biometric information and verifying user's indentification using fuzzy vault
KR101275590B1 (en) 2012-03-28 2013-06-17 충북대학교 산학협력단 Rn-ecc based real fuzzy vault for protecting biometric template
KR101268500B1 (en) 2012-03-30 2013-06-04 이화여자대학교 산학협력단 Method and system for secret key sharing based on key binding by using confidence intervals
WO2018156068A1 (en) * 2017-02-22 2018-08-30 Fingerprint Cards Ab Biometrics-based remote login
US10698704B1 (en) 2019-06-10 2020-06-30 Captial One Services, Llc User interface common components and scalable integrable reusable isolated user interface
US10846436B1 (en) 2019-11-19 2020-11-24 Capital One Services, Llc Swappable double layer barcode
US10664941B1 (en) 2019-12-24 2020-05-26 Capital One Services, Llc Steganographic image encoding of biometric template information on a card
CN112926422B (en) * 2021-02-08 2024-02-27 西安电子科技大学 Template protection method capable of revocating binary features based on OPH

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US20060123241A1 (en) * 2004-12-07 2006-06-08 Emin Martinian Biometric based user authentication and data encryption

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02148182A (en) * 1988-11-29 1990-06-07 Nippondenso Co Ltd Fingerprint collating device
JPH03208181A (en) * 1990-01-09 1991-09-11 Omron Corp Fingerprint collation fuzzy control device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US20060123241A1 (en) * 2004-12-07 2006-06-08 Emin Martinian Biometric based user authentication and data encryption

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
SHENGLIN YANG ET AL.: "Secury fuzzy vault based fingerprint verification system", IEEE IN SIGNALS, SYSTEMS AND COMPUTERS, 2004. CONFERENCE RECORD OF THE THIRTY-EIGHTH ASILOMAR CONFERENCE, vol. 1, 7 November 2004 (2004-11-07) - 10 November 2004 (2004-11-10), pages 577 - 581 *
UMUT ULUDAG ET AL.: "Fuzzy vault for fingerprints", PROC. AUDIO- AND VIDEO-BASED BIOMETRIC PERSON AUTHENTICATION, RYE TOWN, NY, July 2005 (2005-07-01), pages 310 - 319 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090262990A1 (en) * 2008-04-17 2009-10-22 Electronics And Telecommunications Research Institute Apparatus and method for polynomial reconstruction in fuzzy vault system
US8290221B2 (en) * 2008-04-17 2012-10-16 Electronics And Telecommunications Research Institute Apparatus and method for polynomial reconstruction in fuzzy vault system
CN101552776B (en) * 2009-04-14 2011-12-07 西安电子科技大学 Fuzzy Vault encrypting method based on secrete sharing
US20110037563A1 (en) * 2009-08-17 2011-02-17 Electronics And Telecommunictions Research Institute Apparatus and method for biometric registration and authentication
US8472680B2 (en) * 2009-08-17 2013-06-25 Electronics And Telecommunications Research Institute Apparatus and method for biometric registration and authentication
CN103873253B (en) * 2014-03-03 2017-02-08 杭州电子科技大学 Method for generating human fingerprint biometric key
CN103873253A (en) * 2014-03-03 2014-06-18 杭州电子科技大学 Method for generating human fingerprint biometric key
US9992171B2 (en) 2014-11-03 2018-06-05 Sony Corporation Method and system for digital rights management of encrypted digital content
US11303435B2 (en) * 2015-10-26 2022-04-12 Visa International Service Association Wireless biometric authentication system and method
US11847652B2 (en) 2015-10-26 2023-12-19 Visa International Service Association Wireless biometric authentication system and method
CN106851638A (en) * 2015-12-04 2017-06-13 中移(杭州)信息技术有限公司 The method for authenticating and device of a kind of client identification module card
US11321445B2 (en) 2019-10-01 2022-05-03 Visa International Service Association Delegated biometric authentication
US12282539B2 (en) 2019-10-01 2025-04-22 Visa International Service Association Delegated biometric authentication

Also Published As

Publication number Publication date
KR100824733B1 (en) 2008-04-28

Similar Documents

Publication Publication Date Title
WO2008069475A1 (en) Fingerprint data protection and authentication method using 3d fuzzy vault scheme, fingerprint data protection apparatus using 3d fuzzy vault scheme, and fingerprint data authentication system using 3d fuzzy vault scheme
KR100714303B1 (en) Fingerprint recognition method concealing feature points and apparatus therefor
Lee et al. Biometric key binding: Fuzzy vault based on iris images
Chung et al. Automatic alignment of fingerprint features for fuzzy fingerprint vault
Ahmad et al. Pair-polar coordinate-based cancelable fingerprint templates
Rathgeb et al. A survey on biometric cryptosystems and cancelable biometrics
Hao et al. Combining crypto with biometrics effectively
KR101527711B1 (en) Defining classification thresholds in template protection systems
US20120087550A1 (en) Robust biometric feature extraction with and without reference point
Wu et al. Transforming a pattern identifier into biometric key generators
JP2008512760A (en) Feature extraction algorithm for automatic ear reconstruction
Hu Mobile fingerprint template protection: Progress and open issues
Nair et al. An approach to improve the match-on-card fingerprint authentication system security
Moon et al. Fingerprint template protection using fuzzy vault
Li et al. Security-enhanced fuzzy fingerprint vault based on minutiae’s local ridge information
Patel et al. Hybrid feature level approach for multi-biometric cryptosystem
Ahmad Global and local feature-based transformations for fingerprint data protection
Frassen et al. Fuzzy vault for 3D face recognition systems
EP2159759B1 (en) Shaping classification boundaries in template protection systems
KR100919486B1 (en) Method for aligning concealed fingerprint data using partial geometric hashing, Method for authenticating fingerprint data using partial geometric hashing, Apparatus and System thereof
Cimato et al. Biometrics and privacy
Argyropoulos et al. Biometric template protection in multimodal authentication systems based on error correcting codes
Hidano et al. On biometric encryption using fingerprint and it's security evaluation
KR100954580B1 (en) Smart card-based fingerprint data protection method, system and computer-readable storage medium recording the same
Zhou et al. Enhanced template protection with passwords for fingerprint recognition

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07834176

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07834176

Country of ref document: EP

Kind code of ref document: A1