In this paper, we propose homomorphic encryption based device owner equality verification (HE-DOEV), a new method to verify whether the owners of two devices are the same. The proposed method is expected to be used for credential sharing among devices owned by the same user. Credential sharing is essential to improve the usability of devices with hardware-assisted trusted environments, such as a secure element (SE) and a trusted execution environment (TEE), for securely storing credentials such as private keys. In the HE-DOEV method, we assume that the owner of every device is associated with a public key infrastructure (PKI) certificate issued by an identity provider (IdP), where a PKI certificate is used to authenticate the owner of a device. In the HE-DOEV method, device owner equality is collaboratively verified by user devices and IdPs that issue PKI certificates to them. The HE-DOEV method verifies device owner equality under the condition where multiple IdPs can issue PKI certificates to user devices. In addition, it can verify the equality of device owners without disclosing to others any privacy-related information such as personally identifiable information and long-lived identifiers managed by an entity. The disclosure of privacy-related information is eliminated by using homomorphic encryption. We evaluated the processing performance of a server needed for an IdP in the HE-DOEV method. The evaluation showed that the HE-DOEV method can provide a DOEV service for 100 million users by using a small-scale system in terms of the number of servers.

To prevent proxy-test taking among examinees in unsynchronized e-Testing, a previous work proposed an online handwriting authentication. That method was limited to applied for end of each answer. For free response tests that needed to authenticate throughout the answer, we used the Bayesian prior information to examine a sequential handwriting authentication procedure. The evaluation results indicate that the accuracy of this procedure is higher than the previous method in examinees authentication during mathematics exam with referring the Chinese character.

Access control and surveillance applications like walking-through security gates and immigration control points have a great demand for convenient and accurate biometric recognition in unconstrained scenarios with low user cooperation. The periocular region, which is a relatively new biometric trait, has been attracting much attention for recognition of an individual in such scenarios. This paper proposes a periocular recognition method that combines Phase-Based Correspondence Matching (PB-CM) with a texture enhancement technique. PB-CM has demonstrated high recognition performance in other biometric traits, e.g., face, palmprint and finger-knuckle-print. However, a major limitation for periocular region is that the performance of PB-CM degrades when the periocular skin has poor texture. We address this problem by applying texture enhancement and found out that variance normalization of texture significantly improves the performance of periocular recognition using PB-CM. Experimental evaluation using three public databases demonstrates the advantage of the proposed method compared with conventional methods.

Biometric authentication, namely using biometric features for authentication is gaining popularity in recent years as further modalities, such as fingerprint, iris, face, voice, gait, and others are exploited. We explore the effectiveness of three simple Electroencephalography (EEG) related biometric authentication tasks, namely resting, thinking about a picture, and moving a single finger. We present details of the data processing steps we exploit for authentication, including extracting features from the frequency power spectrum and MFCC, and training a multilayer perceptron classifier for authentication. For evaluation purposes, we record an EEG dataset of 27 test subjects. We use three setups, baseline, task-agnostic, and task-specific, to investigate whether person-specific features can be detected across different tasks for authentication. We further evaluate, whether different tasks can be distinguished. Our results suggest that tasks are distinguishable, as well as that our authentication approach can work both exploiting features from a specific, fixed, task as well as using features across different tasks.

We propose a method for accurately identifying people using temporal and spatial changes in local movements measured from video sequences of body sway. Existing methods identify people using gait features that mainly represent the large swinging of the limbs. The use of gait features introduces a problem in that the identification performance decreases when people stop walking and maintain an upright posture. To extract informative features, our method measures small swings of the body, referred to as body sway. We extract the power spectral density as a feature from local body sway movements by dividing the body into regions. To evaluate the identification performance using our method, we collected three original video datasets of body sway sequences. The first dataset contained a large number of participants in an upright posture. The second dataset included variation over the long term. The third dataset represented body sway in different postures. The results on the datasets confirmed that our method using local movements measured from body sway can extract informative features for identification.

Individuals can be identified by features extracted from an electrocardiogram (ECG). However, irregular palpitations due to stress or exercise decrease the identification accuracy due to distortion of the ECG waveforms. In this letter, we propose a human identification scheme based on the frequency spectrums of an ECG, which can successfully extract features and thus identify individuals even while exercising. For the proposed scheme, we demonstrate an accuracy rate of 99.8% in a controlled experiment with exercising subjects. This level of accuracy is achieved by determining the significant features of individuals with a random forest classifier. In addition, the effectiveness of the proposed scheme is verified using a publicly available ECG database. We show that the proposed scheme also achieves a high accuracy with this public database.

Advances in fingerprint authentication technology have led to it being used in a growing range of personal devices such as PCs and smartphones. However, they have also made it possible to capture fingerprints remotely with a digital camera, putting the target person at risk of illegal log-ins and identity theft. This article shows how fingerprint captured in this manner can be authenticated and how people can protect their fingerprints against surreptitious photography. First we show that photographed fingerprints have enough information to spoof fingerprint authentication systems by demonstrating with “fake fingers” made from such photographs. Then we present a method that defeats the use of surreptitious photography without preventing the use of legitimate fingerprint authentication devices. Finally, we demonstrate that an implementation of the proposed method called “BiometricJammer,” a wearable device put on a fingertip, can effectively prevent the illegal acquisition of fingerprints by surreptitious photography while still enabling contact-based fingerprint sensors to respond normally.

With the rapid spread of smart devices, such as smartphones and tablet PCs, user authentication is becoming increasingly important because various kinds of data concerning user privacy are processed within them. At present, in the case of smart devices, password-based authentication is frequently used; however, biometric authentication has attracted more attention as a user authentication technology. A smart device is equipped with various sensors, such as cameras, microphones, and touch panels, many of which enable biometric information to be obtained. While the function of biometric authentication is available in many smart devices, there remain some problems to be addressed for more secure and convenient user authentication. In this paper, we summarize the current problems with user authentication on smart devices and propose a novel user authentication system based on the concept of context awareness to resolve these problems. We also present our evaluation of the performance of the system by using biometric information that was acquired from smart devices. The evaluation demonstrates the effectiveness of our system.

IDMs are getting more effective and secure with biometric recognition and more privacy-preserving with advanced cryptosystems. In order to meet privacy and security needs of an IDM, the cryptographic background should rely on reliable random number generation. In this study, a Biometric Random Number Generator (BRNG) is proposed which plays a crucial role in a typical cryptosystem. The proposed novel approach extracts the high-frequency information in biometric signal which is associated with uncertainty existing in nature of biometrics. This bio-uncertainty, utilized as an entropy source, may be caused by sensory noise, environmental changes, position of the biometric trait, accessories worn, etc. The filtered nondeterministic information is then utilized by a postprocessing technique to obtain a random number set fulfilling the NIST 800-22 statistical randomness criteria. The proposed technique presents random number sequences without need of an additional hardware.

Automated biometrics identification using finger vein images has increasingly generated interest among researchers with emerging applications in human biometrics. The traditional feature-level fusion strategy is limited and expensive. To solve the problem, this paper investigates the possible use of infrared hybrid finger patterns on the back side of a finger, which includes both the information of finger vein and finger dorsal textures in original image, and a database using the proposed hybrid pattern is established. Accordingly, an Intersection enhanced Gabor based Direction Coding (IGDC) method is proposed. The Experiment achieves a recognition ratio of 98.4127% and an equal error rate of 0.00819 on our newly established database, which is fairly competitive.

We focus on the feature transform approach as one methodology for biometric template protection, where the template consists of the features extracted from the biometric trait. This study considers some properties of the unitary (including orthogonal) transform-based template protection in particular. It is known that the Euclidean distance between the templates protected by a unitary transform is the same as that between original (non-protected) ones as a property. In this study, moreover, it is shown that it provides the same results in l2-norm minimization problems as those of original templates. This means that there is no degradation of recognition performance in authentication systems using l2-norm minimization. Therefore, the protected templates can be reissued multiple times without original templates. In addition, a DFT-based template protection scheme is proposed as an unitary transform-based one. The proposed scheme enables to efficiently generate protected templates by the FFT, in addition to the useful properties. It is also applied to face recognition experiments to evaluate the effectiveness.

The security of biometric authentication systems against impersonation attack is usually evaluated by the false accept rate, FAR. The false accept rate FAR is a metric for zero-effort impersonation attack assuming that the attacker attempts to impersonate a user by presenting his own biometric sample to the system. However, when the attacker has some information about algorithms in the biometric authentication system, he might be able to find a “strange” sample (called a wolf) which shows high similarity to many templates and attempt to impersonate a user by presenting a wolf. Une, Otsuka, Imai [22],[23] formulated such a stronger impersonation attack (called it wolf attack), defined a new security metric (called wolf attack probability, WAP), and showed that WAP is extremely higher than FAR in a fingerprint-minutiae matching algorithm proposed by Ratha et al. [19] and in a finger-vein-patterns matching algorithm proposed by Miura et al. [15]. Previously, we constructed secure matching algorithms based on a feature-dependent threshold approach [8] and showed that if the score distribution is perfectly estimated for each input feature data, then the proposed algorithms can lower WAP to a small value almost the same as FAR. In this paper, in addition to reintroducing the results of our previous work [8], we show that the proposed matching algorithm can keep the false reject rate (FRR) low enough without degrading security, if the score distribution is normal for each feature data.

Proving the security of cancelable biometrics and other template protection techniques is a key prerequisite for the widespread deployment of biometric technologies. BioEncoding is a cancelable biometrics scheme that has been proposed recently to protect biometric templates represented as binary strings like iris codes. Unlike other template protection schemes, BioEncoding does not require user-specific keys or tokens. Moreover, it satisfies the requirements of untraceable biometrics without sacrificing the matching accuracy. However, the security of BioEncoding against smart attacks, such as correlation and optimization-based attacks, has to be proved before recommending it for practical deployment. In this paper, the security of BioEncopding, in terms of both non-invertibility and privacy protection, is analyzed. First, resistance of protected templates generated using BioEncoding against brute-force search attacks is revisited rigorously. Then, vulnerabilities of BioEncoding with respect to correlation attacks and optimization based attacks are identified and explained. Furthermore, an important modification to the BioEncoding algorithm is proposed to enhance its security against correlation attacks. The effect of integrating this modification into BioEncoding is validated and its impact on the matching accuracy is investigated empirically using CASIA-IrisV3-Interval dataset. Experimental results confirm the efficacy of the proposed modification and show that it has no negative impact on the matching accuracy.

It is theoretically impossible to restore the original fingerprint image from a sequence of line images captured by a line sensor. However, in this paper we propose a unique fingerprint-image-generation algorithm, which derives fingerprint images from sequences of line images captured at different swipe speeds by the line sensor. A continuous image representation, called trajectory, is used in modeling distortion of raw fingerprint images. Sequences of line images captured from the same finger are considered as sequences of points, which are sampled on the same trajectory in N-dimensional vector space. The key point here is not to reconstruct the original image, but to generate identical images from the trajectory, which are independent of the swipe speed of the finger. The method for applying the algorithm in a practical application is also presented. Experimental results on a raw fingerprint image database from a line sensor show that the generated fingerprint images are independent of swipe speed, and can achieve remarkable matching performance with a conventional minutiae matcher.

Biometric authentication has attracted attention because of its high security and convenience. However, biometric feature such as fingerprint can not be revoked like passwords. Thus once the biometric data of a user stored in the system has been compromised, it can not be used for authentication securely for his/her whole life long. To address this issue, an authentication scheme called cancelable biometrics has been studied. However, there remains a major challenge to achieve both strong security and practical accuracy. In this paper, we propose a novel and fundamental algorithm for cancelable biometrics called correlation-invariant random filtering (CIRF) with provable security. Then we construct a method for generating cancelable fingerprint templates based on the chip matching algorithm and the CIRF. Experimental evaluation shows that our method has almost the same accuracy as the conventional fingerprint verification based on the chip matching algorithm.

Despite their usability advantages over traditional authentication systems, biometrics-based authentication systems suffer from inherent privacy violation and non-revocability issues. In order to address these issues, the concept of cancelable biometrics was introduced as a means of generating multiple, revocable, and noninvertible identities from true biometric templates. Apart from BioHashing, which is a two-factor cancelable biometrics technique based on mixing a set of tokenized user-specific random numbers with biometric features, cancelable biometrics techniques usually cannot preserve the recognition accuracy achieved using the unprotected biometric systems. However, as the employed token can be lost, shared, or stolen, BioHashing suffers from the same issues associated with token-based authentication systems. In this paper, a reliable tokenless cancelable biometrics scheme, referred to as BioEncoding, for protecting IrisCodes is presented. Unlike BioHashing, BioEncoding can be used as a one-factor authentication scheme that relies only on sole IrisCodes. A unique noninvertible compact bit-string, referred to as BioCode, is randomly derived from a true IrisCode. Rather than the true IrisCode, the derived BioCode can be used efficiently to verify the user identity without degrading the recognition accuracy obtained using original IrisCodes. Additionally, BioEncoding satisfies all the requirements of the cancelable biometrics construct. The performance of BioEncoding is compared with the performance of BioHashing in the stolen-token scenario and the experimental results show the superiority of the proposed method over BioHashing-based techniques.

Cancelable approaches for biometric person authentication have been studied to protect enrolled biometric data, and several algorithms have been proposed. One drawback of cancelable approaches is that the performance is inferior to that of non-cancelable approaches. In this paper, we propose a scheme to improve the performance of a cancelable approach for online signature verification. Our scheme generates two cancelable dataset from one raw dataset and uses them for verification. Preliminary experiments were performed using a distance-based online signature verification algorithm. The experimental results show that our proposed scheme is promising.

Attacks using hill-climbing methods have been reported as a vulnerability of biometric authentication systems. In this paper, we propose a robust online signature verification algorithm against such attacks. Specifically, the attack considered in this paper is a hill-climbing forged data attack. Artificial forgeries are generated offline by using the hill-climbing method, and the forgeries are input to a target system to be attacked. In this paper, we analyze the menace of hill-climbing forged data attacks using six types of hill-climbing forged data and propose a robust algorithm by incorporating the hill-climbing method into an online signature verification algorithm. Experiments to evaluate the proposed system were performed using a public online signature database. The proposed algorithm showed improved performance against this kind of attack.

This paper proposes an efficient fingerprint recognition algorithm combining phase-based image matching and feature-based matching. In our previous work, we have already proposed an efficient fingerprint recognition algorithm using Phase-Only Correlation (POC), and developed commercial fingerprint verification units for access control applications. The use of Fourier phase information of fingerprint images makes it possible to achieve robust recognition for weakly impressed, low-quality fingerprint images. This paper presents an idea of improving the performance of POC-based fingerprint matching by combining it with feature-based matching, where feature-based matching is introduced in order to improve recognition efficiency for images with nonlinear distortion. Experimental evaluation using two different types of fingerprint image databases demonstrates efficient recognition performance of the combination of the POC-based algorithm and the feature-based algorithm.

The recognition performance of the conventional 3D face recognition algorithm using ICP (Iterative Closest Point) is degraded for the 3D face data with expression changes. Addressing this problem, we consider the use of the expression-invariant local regions of a face. We find the expression-invariant regions through the distance analysis between 3D face data with the neutral expression and smile, and propose a robust 3D face recognition algorithm using passive stereo vision. We demonstrate efficient recognition performance of the proposed algorithm compared with the conventional ICP-based algorithm through the experiment using a stereo face image database which includes the face images with expression changes.