Abstract
Biometric Certificate (BC) is a kind of data structure that binds user identity and biometric template, which is able to be applied to access control and identity authentication for various applications like electronic transactions in network environment. A critical issue in biometric system is that may be suffered from biometric template attack, such as “cross-matching attack”, “hill climbing attacks” etc. Hence, it is extremely important to provide high security and privacy for biometric template in BC. This paper implemented a biometric template protection scheme in BC using fuzzy fingerprint vault and fingerprint-based pseudo random number generator (FBPRNG) technique. First, the fingerprint keys are derived from fingerprint template through FBPRG and fingerprint template is encrypted by fingerprint keys to keep it secret. Second, the fingerprint keys are hidden using the fingerprint-based fuzzy vault scheme, and then storing encrypted fingerprint template and fuzzy vault into BC. Finally, this scheme is implemented on open source CA software called EJBCA. The result of experiment shows that the scheme can not only generate the self-certified fingerprint keys, but also effectively secure fingerprint template.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Jain, A.K., Nandakumar, K., Nagar, A.: Template Security. EURASIP Journal on Advances in Signal Processing 2008, 17 (2008)
Jain, A.K., Ross, A., Pankanti, S.: Biometrics: A Tool for Information Security. IEEE Transactions on Information Forensics and Security 1(2), 125–143 (2006)
Scheirer, W., Boult, T.: Cracking fuzzy vaults and biometric encryption. In: Biometric Symposium, Baltimore, MD, USA, pp. 1–6 (September 2007)
Clancy, T., Kiyavash, N., Lin, D.: Secure smartcard-based fingerprint authentication. In: Proc. ACM SIGMM Workshop on Biometrics Methods and Applications, California, pp. 45–52 (2003)
Sanchez-Reillo, R., Mengibar-Pozo, L.: Microprocessor Smart Cards with Fingerprint User Authentication. IEEE AESS Systems Magazine 18(3), 22–24 (2003)
Sun, H.W., Lam, K.Y., Gu, M., Sun, J.G.: Improved fingerprint-based remote user authentication. In: Communications, Circuits and Systems, ICCCAS 2007, pp. 472–475 (2007)
Jun, E.-A., Kim, J.G., Jung, S.W., Lee, D.H.: Extended Fingerprint-based User Authentication Scheme Using Smart Cards in Education IPTV. In: Information Science and Applications, ICISA, pp. 1–8 (2011)
Moon, D., Chae, S.H., Kim, J.N.: A Secure fingerprint template generation algorithm for smart card. In: 2011 IEEE International Conference on Consumer Electronics (ICCE), pp. 719–720 (2011)
Chung, Y., Moon, K.: Biometric Certificate based Biometric Digital Key Generation with Protection Mechanism. In: Frontiers in the Convergence of Bioscience and Information Technologies, pp. 709–714 (2007)
Jo, J.-G., Seo, J.-W., Lee, H.-W.: Biometric Digital Signature Key Generation and Cryptography Communication Based on Fingerprint. In: Preparata, F.P., Fang, Q. (eds.) FAW 2007. LNCS, vol. 4613, pp. 38–49. Springer, Heidelberg (2007)
Li, C., Xing, Y., Niu, X.X., Yang, Y.X.: Identity Authentication Scheme Based on Biometric Certificate. Computer Engineering 33(20), 159–161 (2007)
Ejbca-design (2013), http://sourceforge.net/projects/ejbca/
Ejbca (2013), http://www.ejbca.com
Zhang, L.Y., Liu, Q.H., Liu, M.: Research and application of EJBCA based on J2EE. In: Wang, W., Li, Y., Duan, Z., Yan, L., Li, H., Yang, X. (eds.) Integration and Innovation Orient to E-Society. IFIP, vol. 251, pp. 337–345. Springer, Boston (2007)
Xu, D.C., Li, B.L.: A Pseudo-random Sequence Fingerprint Key Algorithm Based on Fuzzy Vault. In: Proceedings ofthe 2009 IEEE International Conference on Mechatronics and Automation, China, Changchun, pp. 2421–2425 (2009)
Shamir, A.: How to share a secret. Communications of the ACM 22(11), 612–613 (1979)
Pankanti, S., Prabhakar, S., Jain, A.K.: On the individuality of fingerprint. IEEE Transactions on Pattern Analysis and Machine Intelligence 24(8), 1010–1025 (2002)
Jules, A., Sudan, M.: A Fuzzy vault scheme. In: Proc. IEEE Int. Symp. on Information Theory, Lausanne, Switzerland, pp. 408–408 (2002)
Uludag, U., Pankanti, S., Jain, A.K.: Fuzzy vault for fingerprints. In: Kanade, T., Jain, A., Ratha, N.K. (eds.) AVBPA 2005. LNCS, vol. 3546, pp. 310–319. Springer, Heidelberg (2005)
Uludag, U., Jain, A.: Securing fingerprint template: Fuzzy Vault with Helper Data. In: Proceedings of CVPR Workshop on Private Research in Vision, USA, pp. 163–169 (2006)
Tan, T.Z., Zhang, H.Y.: Improved Fuzzy Vault fingerprint encryption scheme. Application Research of Computers 29(6), 2208–2210 (2012)
Moon, K.Y., Moon, D., Yoo, J.H., Cho, H.S.: Biometrics Information Protection using Fuzzy Vault Scheme. In: 2012 Eighth International Conference on Signal Image Technology and Internet Based Systems, pp. 124–128 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, W., Lu, Y., Fang, Z. (2013). Biometric Template Protection Based on Biometric Certificate and Fuzzy Fingerprint Vault. In: Motoda, H., Wu, Z., Cao, L., Zaiane, O., Yao, M., Wang, W. (eds) Advanced Data Mining and Applications. ADMA 2013. Lecture Notes in Computer Science(), vol 8346. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-53914-5_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-53914-5_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-53913-8
Online ISBN: 978-3-642-53914-5
eBook Packages: Computer ScienceComputer Science (R0)