Skip to main content
Log in

Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Authentication systems using gait captured from inertial sensors have been recently developed to enhance the limitation of existing mechanisms on mobile devices and achieved promising results. However, most these systems employed pattern recognition and machine learning techniques in which biometric templates are stored insecurely, which could leave critical security and user privacy issues. Specifically, a compromise of original gait templates could result in everlasting forfeiture. In this paper, two main results will be presented. Firstly, we propose a novel gait authentication system on mobile devices in which the security and privacy are preserved by employing a fuzzy commitment scheme. Instead of storing original gait templates for user verification like in conventional approaches, we verify the user via a stored key which is biometrically encrypted by gait templates collected from a mobile accelerometer. Secondly, the discriminability of sensor-based gait templates are investigated to determine appropriate parameter values to construct an effective gait-based biometric cryptosystem. The performance of our proposed system is evaluated on the dataset including gait signals of 34 volunteers. We achieved the zeroFAR and the False Rejection Rate of approximately 16.18 % corresponding to the key length, as well as the system security level of 139 bits. The results from our experiment show that accelerometer-based gait could be further investigated to construct a biometric cryptosystem, as effective as other biometric traits such as iris, fingerprint, voice, and signature.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Notes

  1. Gait cycle is defined as the time interval between two successive occurrences of one of the repetitive events during walking, as illustrated in Fig. 2b

References

  1. Jain, A.K., Flynn, P.J., Ross, A.A. (eds.): Handbook of Biometrics. Springer, Berlin (2008). doi:10.1007/978-0-387-71041-9

    Google Scholar 

  2. Galbally, J., Cappelli, R., Lumini, A., Gonzalez-de-Rivera, G., Maltoni, D., Fierrez, J., Ortega-Garcia, J., Maio, D.: An evaluation of direct attacks using fake fingers generated from ISO templates. Pattern Recognit. Lett. 31(8), 725–732 (2010). doi:10.1016/j.patrec.2009.09.032

    Article  Google Scholar 

  3. Ngo, T.T., Makihara, Y., Nagahara, H., Mukaigawa, Y., Yagi, Y.: The largest inertial sensor-based gait database and performance evaluation of gait-based personal authentication. Pattern Recognit. 47(1), 228–237 (2014). doi:10.1016/j.patcog.2013.06.028

    Article  Google Scholar 

  4. Yun, J.: User identification using gait patterns on UbiFloorII. Sensors 11(3), 2611–2639 (2011). doi:10.1007/11596448_141

    Article  Google Scholar 

  5. Tam, L., Glassman, M., Vandenwauver, M.: The psychology of password management: a tradeoff between security and convenience. Behav. Inf. Technol. 29(3), 233–244 (2010). doi:10.1080/01449290903121386

    Article  Google Scholar 

  6. Frank, J., Mannor, S., Precup, D.: Activity and gait recognition with time-delay embeddings. In: AAAI, pp 1581–1586 (2010)

  7. Hoang, T., Choi, D., Vo, V., Nguyen, A., Nguyen, T.: A lightweight gait authentication on mobile phone regardless of installation error. In: Security and Privacy Protection in Information Processing Systems, pp. 83–101. Springer, Berlin (2013). doi:10.1007/978-3-642-39218-4_7

  8. Lu, H., Huang, J., Saha, T., Nachman, L.: Unobtrusive gait verification for mobile phones. In: Proceedings of the 2014 ACM International Symposium on Wearable Computers, pp. 91–98. ACM (2014). doi:10.1145/2634317.2642868

  9. Derawi, M., Bours, P.: Gait and activity recognition using commercial phones. Comput. Secur. 39, 137–144 (2013). doi:10.1016/j.cose.2013.07.004

    Article  Google Scholar 

  10. Mjaaland, B. B., Bours, P., Gligoroski, D.: Walk the walk: attacking gait biometrics by imitation. In: Information Security (pp. 361–380). Springer, Berlin, Heidelberg (2011). doi:10.1007/978-3-642-18178-8_31

  11. Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 28–36. ACM (1999). doi:10.1145/319709.319714

  12. Van Der Veen, M., Kevenaar, T., Schrijen, G. J., Akkermans, T. H., Zuo, F.: Face biometrics with renewable templates. In: Proceedings of SPIE (vol. 6072, No. 1, p. 60720J) (2006). doi:10.1117/12.643176

  13. Morelos-Zaragoza, R.H.: The Art of Error Correcting Coding. Wiley, New York (2006)

    Book  Google Scholar 

  14. Feng, Y.C., Yuen, P.C.: Binary discriminant analysis for generating binary face template. IEEE Trans. Inf. Forensics Secur. 7(2), 613–624 (2012). doi:10.1109/TIFS.2011.2170422

    Article  Google Scholar 

  15. Li, P., Yang, X., Qiao, H., Cao, K., Liu, E., Tian, J.: An effective biometric cryptosystem combining fingerprints with error correction codes. Expert Syst. Appl. 39(7), 6562–6574 (2012). doi:10.1016/j.eswa.2011.12.048

    Article  Google Scholar 

  16. lvarez Mario, R., Hernndez lvarez, F., Hernndez Encinas, L.: A crypto-biometric scheme based on iris-templates with fuzzy extractors. Inf. Sci. 195, 91–102 (2012). doi:10.1016/j.ins.2012.01.042

    Article  Google Scholar 

  17. Hao, F., Anderson, R., Daugman, J.: Combining crypto with biometrics effectively. IEEE Trans. Comput. 55(9), 1081–1088 (2006). doi:10.1109/TC.2006.138

    Article  Google Scholar 

  18. Maiorana, E.: Biometric cryptosystem using function based on-line signature recognition. Expert Syst. Appl. 37(4), 3454–3461 (2010). doi:10.1016/j.eswa.2009.10.043

    Article  Google Scholar 

  19. Carrara, B., Adams, C.: You are the key: generating cryptographic keys from voice biometrics. In: 2010 Eighth Annual International Conference on Privacy Security and Trust (PST) (pp. 213–222). IEEE (2010). doi:10.1109/PST.2010.5593251

  20. Inthavisas, K., Lopresti, D.: Secure speech biometric templates for user authentication. IET Biom. 1(1), 46–54 (2012). doi:10.1049/iet-bmt.2011.0008

    Article  Google Scholar 

  21. Argyropoulos, S., Tzovaras, D., Ioannidis, D., Strintzis, M.G.: A channel coding approach for human authentication from gait sequences. IEEE Trans. Inf. Forensics Secur. 4(3), 428–440 (2009). doi:10.1109/TIFS.2009.2025858

    Article  Google Scholar 

  22. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Washington (2010)

    Google Scholar 

  23. Rathgeb, C., Uhl, A.: A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Inf. Secur. 2011(1), 1–25 (2011). doi:10.1186/1687-417X-2011-3

    Article  Google Scholar 

  24. Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237–257 (2006). doi:10.1007/s10623-005-6343-z

    Article  MATH  MathSciNet  Google Scholar 

  25. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in Cryptology-Eurocrypt 2004, pp. 523–540. Springer, Berlin, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_31

  26. Li, Q., Sutcu, Y., Memon, N.: Secure sketch for biometric templates. In: Advances in CryptologyASIACRYPT 2006, pp. 99–113. Springer, Berlin, Heidelberg (2006). doi:10.1007/11935230_7

  27. Chin, Y.J., Ong, T.S., Teoh, A.B.J., Goh, K.O.M.: Integrated biometrics template protection technique based on fingerprint and palmprint feature-level fusion. Inf. Fusion 18, 161–174 (2014). doi:10.1016/j.inffus.2013.09.001

    Article  Google Scholar 

  28. Nagar, A., Nandakumar, K., Jain, A.K.: Multibiometric cryptosystems based on feature-level fusion. IEEE Trans. Inf. Forensics Secur. 7(1), 255–268 (2012). doi:10.1109/TIFS.2011.2166545

    Article  Google Scholar 

Download references

Acknowledgments

This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2012R1A1A2007014). This research was also supported by 2012-18-02TD VNU-HCMC Project.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Deokjai Choi.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hoang, T., Choi, D. & Nguyen, T. Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme. Int. J. Inf. Secur. 14, 549–560 (2015). https://doi.org/10.1007/s10207-015-0273-1

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-015-0273-1

Keywords

Navigation