Abstract
This chapter introduces the main security requirements for the biometric processing pipeline and summarizes general design principles and approaches. General IT security principles are reflected and selected paradigms such as template protection by biometric hashing, fuzzy commitment schemes, and fuzzy extractors are reviewed. Further, we discuss the design principles of biometric matching algorithms that operate in the encrypted domain. The overall algorithm design, implementation, and configuration issues are summarized and discussed in an exemplary manner for the case of face biometrics.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Bianchi T, Piva A, Barni M (2010) Composite signal representation for fast and storage-efficient processing of encrypted signals. IEEE Transactions on Information Forensics and Security 5(1):180–187
Bishop M (2002) Computer Security: Art and Science. Addison–Wesley, Reading
Bishop M (2005) Introduction to Computer Security. Addison–Wesley, Reading
Bringer J, Chabanne H, Kindarji B (2009) Anonymous identification with cancelable biometrics. In: Proceedings of the 6th International Symposium on Image and Signal Processing and Analysis, Salzburg, Austria, pp 494–499
Carls JW (2011) A Framework for Analyzing Biometric Template Aging and Renewal Prediction. ProQuest, UMI Dissertation Publishing, Cambridge
Cox I, Miller M, Bloom J, Fridrich J, Kalker T (2008) Digital Watermarking and Steganography, 2nd edn. Morgan Kaufmann, San Mateo
Dittmann J, Wohlmacher P, Nahrstedt K (2001) Multimedia and security—using cryptographic and watermarking algorithms. IEEE Multimedia 8(4):54–65
Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin C, Camenisch J (eds) Advances in Cryptology—Eurocrypt 2004. Lecture Notes in Computer Science, vol 3027. Springer, Berlin, pp 523–540
Erkin Z, Piva A, Katzenbeisser S, Lagendijk R, Shokrollahi J, Neven G (2007) Protection and retrieval of encrypted multimedia content: when cryptography meets signal processing. EURASIP Journal on Information Security
Erkin Z, Franz M, Guajardo J, Katzenbeisser S, Lagendijk I, Toft T (2009) Privacy-preserving face recognition. In: Privacy Enhancing Technologies Symposium (PET 2009). Lecture Notes in Computer Science, vol 5672, pp 235–253. Springer, Berlin
Failla P, Sutcu Y, Barni M (2010) ESketch: a privacy-preserving fuzzy commitment scheme for authentication using encrypted biometrics In: ACM Workshop on Multimedia Security, MMSect 2010. ACM, New York
Fenker SP, Bowyer KW (2012) Analysis of template aging in iris biometrics. In: Proceedings of IEEE Computer Vision and Pattern Recognition Workshops (CVPRW), pp 45–51
Galbally J, Fiérrez-Aguilar J, Ortega-Garcia J (2007) Bayesian hill-climbing attack and its application to signature verification. ICB 386–395.
Galbally J, Cappelli R, Lumini A, Maltoni D, Fierrez J (2008) Fake fingertip generation from a minutiae template. In: Proc Intl Conf on Pattern Recognition, ICPR, Tampa, USA
Gupta UK, Prakash S (2003) Dermatoglyphics: a study of finger tip patterns in bronchial asthma and its genetic disposition. Kathmandu University Medical Journal 1(4):267–271
Information Technology Security Evaluation Criteria (ITSEC): provisional harmonised criteria. V 1.2, Jun 1991
ISO99 ISO/IEC IS 15408 (1999). http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=50341. Website request 24.5.2013
Juels A, Wattenberg M (1999) A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, CCS’99. ACM, New York, pp 28–36
Kanade SG, Petrovska-Delacrétaz D, Dorizzi B (2012) Enhancing Information Security and Privacy by Combining Biometrics with Cryptography. Morgan & Claypool Publishers, San Rafael
Kiltz S, Lang A, Dittmann J (2007) Taxonomy for computer security incidents. In: Janczewski LJ, Colarik AM (eds) Cyber Warfare and Cyber Terrorism. Information Science Reference (IGI Global), Hershey. ISBN 978-1-59140-991-5
Kiltz S, Hildebrandt M, Dittmann J, Vielhauer C, Kraetzer C (2011) Printed fingerprints: a framework and first results towards detection of artificially printed latent fingerprints for forensics. In: Proc of SPIE: Image Quality and System Performance VIII, San Francisco, USA. doi:10.1117/12.872329
Kümmel K, Vielhauer C (2010) Reverse-engineering methods on a biometric hash algorithm for dynamic handwriting. In: Proceedings of the 12th ACM Workshop on Multimedia and Security. ACM, New York, pp 62–72
Kümmel K, Vielhauer C (2011) Biometric Hash algorithm for dynamic handwriting embedded on a Java card. In: Biometrics and ID Managements. Lecture Notes in Computer Science, vol 6583. Springer, Heidelberg, pp 61–72
Matsumoto T, Matsumoto H, Yamada K, Hoshino S (2002) Impact of artificial “Gummy” fingers on fingerprint systems. In: Proceedings of SPIE Conference on Optical Security and Counterfeit Deterrence Techniques IV, vol 4677
Monrose F, Reiter MK, Li Q, Wetzel S (2001) Using voice to generate cryptographic keys. In: Proceedings of Odyssey 2001. Proceedings of the Speaker Verification Workshop
Nagar A, Nandakumar K, Jain AK (2010) Biometric template transformation: a security analysis. In: Proceedigns of SPIE Conference on Media Forensics and Security II, vol 7541. doi:10.1117/12.839976
Oermann A, Dittmann J (2006) Trust in e-technologies. In: Khosrow-Pour M (ed) Encyclopedia of E-Commerce, E-Government and Mobile Commerce, vol 2. Idea Group Reference, Hershey, pp 1101–1108
Osadchy M, Pinkas B, Jarrous A, Moskovich B (2010) SCiFI—a system for secure face identification. In: IEEE Symposium on Security and Privacy 2010. IEEE Press, New York, pp 239–254
Pfitzmann A, Hansen M A terminology for talking about privacy by data minimization: anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management. (Version v0.34, 10 Aug 2010). http://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf. Web request from 15th February 2011
Pfitzmann A, Waidner M (1986) Networks without user observability—design options. In: Pichler F (ed) Advances in Cryptology—EUROCRYPT’85. Lecture Notes in Computer Science, vol 219, pp 245–253
Reiter MK, Rubin AD (1998) Crowds: anonymity for web transactions. ACM Transactions on Information and System Security 1(1):66–92
Sadeghi A, Schneider T, Wehrenberg I (2009) Efficient privacy-preserving face recognition. In: Information, Security and Cryptology—ICISC 2009. Lecture Notes in Computer Science, vol 5984. Springer, Berlin, pp 229–244
Saltzer JH, Schroeder MD (1975) The protection of information in computer systems. Proceedings of the IEEE 63(9):1278–1308
Sutcu Y, Li Q, Memon N (2007) Protecting biometric templates with sketch: theory and practice. IEEE Transactions on Information Forensics and Security 2(3):503–512
Teoh A, Kuan Y, Lee S (2007) Cancelable biometrics and annotations on BioHash. Pattern Recognition 41(6):2034–2044
Uludag U, Pankanti S, Prabhakar S, Jain AK (2004) Biometric cryptosystems: issues and challenges. Proceedings of the IEEE 948–960
Vielhauer C (2006) Biometric User Authentication for IT Security: From Fundamentals to Handwriting. Springer, New York
Vielhauer C, Steinmetz R, Mayerhöfer A (2002) Biometric Hash based on statistical features of online signatures. In: Proceedings of the IEEE International Conference on Pattern Recognition (ICPR), Quebec City, Canada, vol 1, pp 123–126
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag London
About this chapter
Cite this chapter
Vielhauer, C., Dittmann, J., Katzenbeisser, S. (2013). Design Aspects of Secure Biometric Systems and Biometrics in the Encrypted Domain. In: Campisi, P. (eds) Security and Privacy in Biometrics. Springer, London. https://doi.org/10.1007/978-1-4471-5230-9_2
Download citation
DOI: https://doi.org/10.1007/978-1-4471-5230-9_2
Publisher Name: Springer, London
Print ISBN: 978-1-4471-5229-3
Online ISBN: 978-1-4471-5230-9
eBook Packages: Computer ScienceComputer Science (R0)