This paper proposes a novel secure biometric authentication scheme. The scheme deals with fingerprint minutiae as the biometric feature and the matching is checked by a widely used technique. To discuss security, we formalize the model of secure biometric authentication scheme by abstracting the related and proposed schemes. The schemes which satisfy all the proposed security requirements are guaranteed to prevent leakage of biometric information and impersonation. In particular, the definition captures well-known and practical attacks including replay attacks and hill-climbing attacks. We prove that the proposed scheme achieves all the requirements if the additive homomorphic encryption scheme used in the scheme satisfies some additional properties. As far as we know, the proposed scheme is the first one that satisfies all the requirements. Also, we show that modified Elgamal cryptosystem satisfies all the properties under the decisional Diffie-Hellman assumption.

The likelihood-ratio based score level fusion (LR-based fusion) scheme has attracted much attention, since it maximizes accuracy if a log-likelihood ratio (LLR) is accurately estimated. In reality, it can happen that a user cannot input some query samples due to temporary physical conditions such as injuries and illness. It can also happen that some modalities tend to cause false rejection (i.e. the user is a “goat” for these modalities). The LR-based fusion scheme can handle these situations by setting LLRs corresponding to missing query samples to 0. In this paper, we refer to such a mode as a “modality selection mode”, and address an issue of accuracy in this mode. Specifically, we provide the following contributions: (1) We firstly propose a “modality selection attack”, in which an impostor inputs only query samples whose LLRs are more than 0 (i.e. takes an optimal strategy) to impersonate others. We also show that the impostor can perform this attack against the SPRT (Sequential Probability Ratio Test)-based fusion scheme, which is an extension of the LR-based fusion scheme to a sequential fusion scenario. (2) We secondly consider the case when both genuine users and impostors take this optimal strategy, and show that the overall accuracy in this case is “worse” than the case when they input all query samples. More specifically, we prove that the KL (Kullback-Leibler) divergence between a genuine distribution of integrated scores and an impostor's one, which can be compared with password entropy, is smaller in the former case. We also show to what extent the KL divergence losses for each modality. (3) We finally evaluate to what extent the overall accuracy becomes worse using the NIST BSSR1 Set 2 and Set 3 datasets, and discuss directions of multibiometric applications based on the experimental results.

Gait-based owner authentication using accelerometers has recently been extensively studied owing to the development of wearable electronic devices. An actual gait signal is always subject to change due to many factors including variation of sensor attachment. In this research, we tackle to the practical sensor-orientation inconsistency, for which signal sequences are captured at different sensor orientations. We present an iterative signal matching algorithm based on phase-registration technique to simultaneously estimate relative sensor-orientation and register the 3D acceleration signals. The iterative framework is initialized by using 1D orientation-invariant resultant signals which are computed from 3D signals. As a result, the matching algorithm is robust to any initial sensor-orientation. This matching algorithm is used to match a probe and a gallery signals in the proposed owner authentication method. Experiments using actual gait signals under various conditions such as different days, sensors, weights being carried, and sensor orientations show that our authentication method achieves positive results.

Despite their usability advantages over traditional authentication systems, biometrics-based authentication systems suffer from inherent privacy violation and non-revocability issues. In order to address these issues, the concept of cancelable biometrics was introduced as a means of generating multiple, revocable, and noninvertible identities from true biometric templates. Apart from BioHashing, which is a two-factor cancelable biometrics technique based on mixing a set of tokenized user-specific random numbers with biometric features, cancelable biometrics techniques usually cannot preserve the recognition accuracy achieved using the unprotected biometric systems. However, as the employed token can be lost, shared, or stolen, BioHashing suffers from the same issues associated with token-based authentication systems. In this paper, a reliable tokenless cancelable biometrics scheme, referred to as BioEncoding, for protecting IrisCodes is presented. Unlike BioHashing, BioEncoding can be used as a one-factor authentication scheme that relies only on sole IrisCodes. A unique noninvertible compact bit-string, referred to as BioCode, is randomly derived from a true IrisCode. Rather than the true IrisCode, the derived BioCode can be used efficiently to verify the user identity without degrading the recognition accuracy obtained using original IrisCodes. Additionally, BioEncoding satisfies all the requirements of the cancelable biometrics construct. The performance of BioEncoding is compared with the performance of BioHashing in the stolen-token scenario and the experimental results show the superiority of the proposed method over BioHashing-based techniques.

This paper will propose a wolf attack probability (WAP) as a new measure for evaluating security of biometric authentication systems. The wolf attack is an attempt to impersonate a victim by feeding "wolves" into the system to be attacked. The "wolf" means an input value which can be falsely accepted as a match with multiple templates. WAP is defined as a maximum success probability of the wolf attack with one wolf sample. In this paper, we give a rigorous definition of the new security measure which gives strength estimation of an individual biometric authentication system against impersonation attacks. We show that if one reestimates using our WAP measure, a typical fingerprint algorithm turns out to be much weaker than theoretically estimated by Ratha et al. Moreover, we apply the wolf attack to a finger-vein-pattern based algorithm. Surprisingly, we show that there exists an extremely strong wolf which falsely matches all templates for any threshold value.

This paper describes a biometric-based key generation method and its application to a secure communication system. In the proposed method, a personal key which is unique to each user is generated by extracting his/her biometric information. Using the generated personal key, a secure communication system which has the functions of confidentiality and user authentication is realized. As an example of the proposed method, we introduce a personal key generation method based on one's handwriting, and a secure telewriting system which enables the encryption of handwriting information as well as the authentication of a writer. Some simulation results indicate the possibility of realizing the above functions by using a writer's personal key.