Authentication Attacks on Projection-based Cancelable Biometric Schemes

10/28/2021
by   Axel Durbet, et al.
0

Cancelable biometric schemes aim at generating secure biometric templates by combining user specific tokens, such as password, stored secret or salt, along with biometric data. This type of transformation is constructed as a composition of a biometric transformation with a feature extraction algorithm. The security requirements of cancelable biometric schemes concern the irreversibility, unlinkability and revocability of templates, without losing in accuracy of comparison. While several schemes were recently attacked regarding these requirements, full reversibility of such a composition in order to produce colliding biometric characteristics, and specifically presentation attacks, were never demonstrated to the best of our knowledge. In this paper, we formalize these attacks for a traditional cancelable scheme with the help of integer linear programming (ILP) and quadratically constrained quadratic programming (QCQP). Solving these optimization problems allows an adversary to slightly alter its fingerprint image in order to impersonate any individual. Moreover, in an even more severe scenario, it is possible to simultaneously impersonate several individuals.

READ FULL TEXT VIEW PDF
10/03/2019

A Cryptanalysis of Two Cancelable Biometric Schemes based on Index-of-Max Hashing

Cancelable biometric schemes generate secure biometric templates by comb...
07/24/2021

Biometric Masterkeys

Biometric authentication is used to secure digital or physical access. S...
05/21/2021

Random Hash Code Generation for Cancelable Fingerprint Templates using Vector Permutation and Shift-order Process

Cancelable biometric techniques have been used to prevent the compromise...
11/25/2021

OTB-morph: One-Time Biometrics via Morphing applied to Face Templates

Cancelable biometrics refers to a group of techniques in which the biome...
11/14/2017

PassBio: Privacy-Preserving User-Centric Biometric Authentication

The proliferation of online biometric authentication has necessitated se...
03/25/2016

Quadratic Projection Based Feature Extraction with Its Application to Biometric Recognition

This paper presents a novel quadratic projection based feature extractio...
09/28/2018

A Symmetric Keyring Encryption Scheme for Biometric Cryptosystems

In this paper, we propose a novel biometric cryptosystem for vectorial b...

I Introduction

Biometric authentication is more and more used in daily life and are commonly integrated on many smart objects and devices, e.g., computer, smartphone, USB drive, passport. Since biometrics is more convenient and quicker to use, and biometric characteristics cannot be lost or forgotten, biometric authentication solutions are in general preferred over their password or physical token counterparts. Despite their many advantages, biometric solutions are not exempt from vulnerabilities. As biometric-based technologies are deployed at a larger scale, centralized biometric databases and devices become natural targets in cyber attacks. These cyber attacks have the potential to be harmful on the long term if they lead to the theft of biometric data. As a consequence, a biometric data may actually be vulnerable to impersonation attacks and privacy leakage.

Several criteria essential to biometric authentication systems have been identified in ISO/IEC 24745 [8] and ISO/IEC 30136 [9]: Irreversibility, unlinkability, revocability and performance preservation of templates.

  • Irreversibility prevents from finding the original person’s biometric data from the protected template.

  • Unlinkability prevents cross-matching attacks or, in other words, the linkability between two digital identities, i.e., two biometric templates.

  • Revocability requires the scheme to be able to generate new protected templates in case of compromission of the biometric database.

  • The last criteria, performance preservation, stipulates that recognition accuracy of protected templates should not be degraded compared to the original data.

Fulfilling this set of criteria is now necessary to comply with the privacy-by-design and privacy-by-default principles of the GDPR (General Data Protection Regulation [6]).

Faced with the mentioned vulnerabilities and requirements, the community has proposed primitives dedicated to biometrics, so called biometric template protection schemes (BTP). Examples of such primitives include cancelable biometrics (see [11, 23]), biometric cryptosystems (e.g., fuzzy vault [14], fuzzy commitment [13] and fuzzy extractors [2]), keyed biometrics (e.g., homomorphic encryption), and hybrid biometrics [1, 10]. In this paper, we focus on cancelable biometrics (CB) which is an example of BTP scheme claimed to meet the four criterias. For more details on BTP schemes, the reader is referred to two surveys [18] and [19]. In CB, a biometric template is computed through a process where the inputs are biometric data (e.g., biometric image) of a user and a user specific token (e.g., a random key, seed, salt, or password). A CB scheme generally consists of a sequence of processes (an extraction of features followed by a parameterized transformation) that produces the biometric templates, and a matcher to generate a matching score between the templates. With a CB scheme, templates can be revoked, changed, and renewed by changing user specific tokens. Even though user tokens in CB may be considered as secret, the security of a two-factor authentication system should not be reduced to a single factor. Cryptanalysis of CB schemes with strong adversarial models commonly assume that the attacker knows both the biometric template and token of the user. This assumption is plausible in practice because a user token may have low entropy (e.g., a weak password), or it may just have been compromised by an attacker. This stolen-key scenario is also known as the stolen-token scenario [24].

Ratha et al. [21]

were the first to introduce CB in the case of face recognition. Since then, several CB schemes have been proposed, including the popular Biohashing algorithm 

[11]

applied on many modalities such as fingerprints, face, and iris. CB schemes offer several advantages such as efficient implementation, high matching accuracy, and revocability. However, several attacks on a variety of CB schemes have been proposed: attacks against privacy by approximating feature vectors or linking several templates of an individual, and authentication attacks by elevating the false acceptance rate (FAR). We refer the reader to 

[17, 25] for attacks on biohashing type schemes, [20, 16] for attacks using the Attack via Record Multiplicity (ARM) technique, [15, 4]

for attacks using genetic algorithms, as well as attacks using constrained programming on CB schemes built upon ranking based hashing 

[7].

Authentication attacks using genetic algorithms have been proposed in [3, 22]. Their objective is to find the right parameters for generating fingerprint images in order to elevate FAR rates. In the case of fingerprint modality, strategies making use of both hill climbing attacks and genetic algorithms have also been proposed in [5, 27].

Contributions

In this paper, we propose reversibility attacks against some projection-based CB schemes, such as the BioHashing [11]. The particularity of our attacks, as opposed to previous works, is that we reverse the complete sequence of treatments including the feature extraction algorithm. This allows us to construct impostor fingerprint images, thus enabling authentication (or presentation) attacks. In our authentication attacks, an adversary, who already has the knowledge of a user’s specific token, and has at least one fingerprint template of the same user, tries to alter his own fingerprint image such that the adversary can now use its own altered biometrics and the stolen token to be falsely authenticated as a legitimate user. To perform our attacks, we use Integer Linear Programming (ILP) as well as quadratically constrained quadratic programming (QCQP). Constrained optimization with linear programs has been previously used in the cryptanalysis of other schemes; see [7, 25].

Hence, we can state our results as follows:

1) Simple authentication attacks. A complete reversal methodology of some projection-based CB schemes, including the BioHash algorithm, is proposed. The main ideas are to solve an integer linear program and a quadratically constrained quadratic program to reverse both the projection and the feature extraction. The solution provided by a solver (e.g., Gurobi) is a fingerprint image of the attacker whose amount of changes is minimized. Practical resolutions are provided for tiny synthetic images.

2) One fingerprint image for several impersonations. The first attack is extended to produce a fingerprint image that impersonates the identity of several users. Our formalized constrained problems and experimentations on tiny synthetic images show that an adversary can alter its own fingerprint image to be authenticated as any of several legitimate users. To reach this objective, two different attacks are proposed:

  • The first strategy for the attacker is to collect the pairs of (token, template) of the target users to enlarge the set of constraints of a QCQP program. The seeked solution is a single altered fingerprint image of the attacker such that, when combined with the distinct stolen tokens, the generated templates match exactly the stolen templates of the respective users. Impersonating a large number of target users under this approach imposes a due acceptance of a larger amount of changes in the altered fingerprint image of the attacker.

  • The second proposed strategy does not require the knowledge of the tokens and consists in generating a template which is an average (barycentric) template of the target users. Then, the attacker formalizes a set of contraints using this template and her token, and then solve it to find a fingerprint image as close as her own fingerprint image. If the target templates lie in a ball of radius two times the decision threshold (in the template space), her altered fingeprint image enables an authentication attack for multiple users at the same time. In other words, her altered image is a “master print” for these target users.

Outline

The rest of this paper is organized as follows. We provide some background information and the adversarial models in Section II. In Section III, we present our simple authentication attacks. In Section IV, we give an attack where we do not need the victim password. For this we modify the image of the attacker in order to attack at the same time several victims. This is possible only if the victim templates are close. In Section V, we attack several users with different passwords. Finally, experimental evaluations and future works are discussed in Section VII.

Ii Background

Cancelable biometric schemes generate secure biometric templates by combining user specific tokens such as password with his biometric data such as fingerprint. The goal is to create templates meeting the four aforementioned criteria, i.e., irreversible, unlinkable, and revocable templates, with high accuracy of comparison. Biometric templates in CB schemes are constructed in two steps:

  1. Feature extraction: A feature vector is derived from a biometric image;

  2. Transformation: A user specific token is used to transform the user’s feature vector to a template.

In this paper, we focus on CB schemes built upon uniform random projection (URP) and a feature extractor such as Sobel or Gabor filter.

In the following, we let , and be three metric spaces, where , and represent the fingerprint image space, the feature space and the template space, respectively; and , and are the respective distance functions. Note that and are instantiated with the Euclidean distance, while is instantiated with the Hamming distance.

Ii-a Feature Extraction with Sobel Filtering

Let be the set of users of the biometric system. We identify a user with its biometric characteristic, and define a function that takes a biometric characteristic as input, and outputs a digital representation of biometric data ; for instance, the scan image of a fingerprint. Note that for two different computations of and (e.g., at different times, or different devices), we may have due to the inherent noise in the measurement of biometric data.

Definition II.1.

A biometric feature extraction scheme is a pair of deterministic polynomial time algorithms , where:

  • is the feature extractor of the system, that takes biometric data as input, and returns a feature vector .

  • is the verifier of the system, that takes two feature vectors , , and a threshold as input, and returns if , and returns if .

Sobel Filter. An example of feature extraction is the Sobel filtering [26]. Sobel Filter is usually used for edge detection. The resulting image is obtained by computing two convolutions given by the following matrices:

and

We denote by the operator of convolution and by the matrix of the image in shades of gray. Note that pixels at the edges of the image are ignored and their values are set to in the corresponding matrix . The horizontal and vertical gradients, and , are computed as follows and . Then, the matrix of the output image is computed as where denotes the Euclidean norm. However, the norm does not apply in the usual way. In fact, in this case it applies coordinate by coordinate. For example, the first coordinate of is . Figure 1 shows an example of fingerprint input with its corresponding output by the filter.

Fig. 1: Left : Fingerprint image. Right : Resulting image after Sobel filter.

Ii-B Generation of Templates with URP

Definition II.2.

Let be the token (seed) space, representing the set of tokens to be assigned to users. A cancelable biometric scheme is a pair of deterministic polynomial time algorithms , where:

  • is the transformation of the system, that takes a feature vector and the token parameter as input, and returns a biometric template .

  • is the verifier of the system, that takes two biometric templates = , , and a threshold as input; and returns if , and returns if .

The attacked CB instantiation, described in Algorithm 1, is based on a uniform random projection (URP). Such a projection serves as an embedding of a high-dimensional space into a space of much lower dimension while preserving approximately the distances between any two points. This type of dimensionality reduction is characterized by the Johnson–Lindenstrauss lemma [12] and is well suited for biometrics. Algorithm 1 assumes the second factor, i.e., the token, is a password and output a Biometric Compressed Vector (BCV).

1:procedure URP()
2:     Extract biometric features with Sobel filter to produce an -sized feature vector : .
3:     With the password, generate a family of pseudorandom vectors of size according to a uniform law .
4:     Using , create a pseudorandom matrix of size .
5:     Compute .
6:     for  in  do
7:         if  then
8:              
9:         else
10:              
11:         end if
12:     end for
13:     return as BCV (Biometric Compressed Vector).
14:end procedure
Algorithm 1 [URP-Sobel]
Remark Ii-B.1.

Biohashing instantiation [11] is based on the same type of projection, except that an additional step of orthonormalization of the family by Gram-Schmidt is performed. This skipped step affects neither the recognition accuracy nor the feasibility of the attacks. However, their running times are reduced.

Over FVC-2002-DB1, BCV scheme based on URP, we have a decision threshold at for an EER equal to . However, for Biohashing we have a decision threshold at for an EER equal to . Therefore, the result are pretty similar if BCV or Biohash was used.

Ii-C Attacks Models and Objectives

We perform an authentication attack and we are able to get access to this system in the name of the targeted person.

To perform this attack some information are needed:

  • The password of our target.

  • The original biohash of the target.

  • Knowledge over the attacked system :

    • How to get the matrix from the password.

    • The value of that was used to create the BCV.

We show that anybody can be authenticated instead of another if he knows this informations.

The informal definitions of [7] are tailored for the rest of the paper. Let be a fingerprint image, and let be the template generated from and the secret parameter . In our authentication attack, an adversary is given , , and a threshold value , and the adversary tries to find a fingerprint image such that for , is exactly the same as , or is close to with respect to the distance function over and the threshold value . In this case, we say that is a -nearby-template preimage (or simply a nearby-template preimage, when is clear from the context) of the template .

A strategy for the adversary having the knowledge of the stolen parameter is to alter her fingerprint image such that along with her extracted feature vector enable the generation of the exact template . This motivates the notion of template fingerprint preimage defined below.

Definition II.3 (Template fingerprint preimage).

Let be a fingerprint image, and for some secret parameter . A template preimage of with respect to is a fingerprint image such that .

Another authentication attack consists in generating a fingerprint image that yields the exact templates of two distinct users with their corresponding stolen tokens. More formally, we have the following definition:

Definition II.4 (Two-template fingerprint preimage).

Let and be two fingerprint images of distinct users, and two templates and for distinct secret parameters and . A two-template preimage of the pair with respect to the pair is a fingerprint image such that and .

To capture the case of multi-collisions, this last definition can be generalized to a notion of a -template fingerprint preimage.

Iii Simple Authentication Attack Description

A descriptive analysis shows that biometrics feature are not uniformly distributed. We propose to exploit this non uniformity to modify an attacker image in such a way that it allows authentication.

Iii-a Overview

There are two ways to perform this attack. The first approach works in two steps. We start by generating the attacker features vector. Then we add the filter constraints in order to compute the attacker’s image in order authenticate instead of the victim. The second approach consists in generating all constraints at once and directly generating attacker’s image.

Iii-A1 First Approach

The attack takes as input the following parameters:

  • The target’s password ().

  • The target’s template ().

  • The attacker’s image ().

This attack computes and uses following informations:

  1. Attacker’s feature ().

  2. Modified attacker’s feature ().

The output is a modified attacker’s image () which matches the target template.

First, the attacker uses to compute using filter. Then, with and , the attacker modifies image’s feature to match the target template . As described in part III-B1, it is done by solving an under-constraint linear system and seeking the nearest modified feature which matches the target template. After that, using and , the attacker modify its image to match the modified feature. As describe in Section III-B2, it is done by solving an under-constraint quadratic system and seeking the nearest modified image which matches the feature.

Figure 2 gives an overview of this first method step by step, where inputs are in circles and different steps in boxes.

Target’s template

Password

Initialize the linear system to obtain a good output for the filter

Random attacker filtred image

Modified filtred image

Initialize quadratic system to find a preimage of our modified output of the filter

Return an image for authentication

DB

Random attacker original image

Set objective

Solve

Solve

Set objective
Fig. 2: Principle of the attack’s first approach.

Iii-A2 Second Approach

The attack takes as input the following parameters:

  • The target’s password ().

  • The target’s template ().

  • The attacker’s image ().

The output is a modified attacker’s image () which matches the target template.

The main idea is to merge both steps describes in Section III-A1 and solve an unique system. As described in Section III-C, it is done by solving a quadratic equations system under constraint and seek the nearest modified image which match the template. We present an overview over this approach in Figure 3.

Target’s template

Password

Initialize the quadratic system

Random attacker image

Return an image for authentication

DB

Set objective

Solve
Fig. 3: Principle of the attack’s second approach.

Iii-B First Approach

As explained we proceed in two steps.

Iii-B1 Getting a Correct Output for the Filter

For this part, we assume that we are after the filter. We see how to inverse the filter later.

We want to reverse target’s template by using the password. To do that, let , the projection matrix derivated from target’s password and the function which takes to create a template.

We know the projection matrix and the image we need to get for the target client. Thus, one can seek to calculate a pre-image of the projected vector by solving a system under constraints.

Remark Iii-B.1.

This attack works for many projections system such as Biohash.

Let’s write it formally. Let the biometric feature, the size of BCV and

Let be all indices where the template is equal to and all other indices.

So, we search a solution to the following system:

(1)

With the -th column of . We illustrate our attack by the following example.

Example

Let a random target’s feature be and

Hence the projected vector is . Then we obtain the following BCV: . With the template and , we can define the following system:

For example, is a solution. Just by doing that, the solution looks like most of time to a noisy vector. To avoid this, we add a function to minimize as following.

Let be the feature vector owned by the attacker. The corresponding template is , which is not the original target template. From now on, denote the attacker vector without some information. With the original template, and , we can define the following problem:

Minimize: such that:

So, by solving this system, an attacker can find:

This solution is near () but the template is now .

As seen in the example above, we seek to minimize the distance between and . By doing so, the attacker can be authenticated by modifying the smallest amount of information of his own biometric feature vector.

This part of the attack solves the following problem. By taking the attacker’s biometric feature, the projection matrix we have:

  • Minimize:

  • Under the following constraints:

    (2)

With the -th column of .

Iii-B2 Get a Preimage to Avoid Filter Effect

The filter leads to a loss of information. But, we can write a quadratic system to create a collision and get a correct preimage. Let the image matrix be

Applying the filter to that formal matrix yields a new matrix which has quadratic components. But, we know that must be equal to . Thus, we can solve a quadratic system with equations and variable to find a preimage.

Let denote the attacker’s original image, its modified feature, the modified original image and its augmented form. We consider the augmented form as the original matrix where zeroes are added all around the matrix to compute the convolution without overflowing.

In the case of Sobel filter, we solve the following problem:

  • Minimize:

  • Subject to the following constraints:

    (3)

Using the notations of Section II.1, we obtain:

  • Minimize:

  • Under the following constraints:

    (4)

Iii-C Second Approach: Merge Both Steps

Yet another method is to merge both systems to create a new quadratic system. In this case, we avoid some problems such as having an intermediate feature vector which is not in the range of the filter function.

Assume that the attacker’s original image, the modified original image and its augmented form. We consider the augmented form as the original matrix where zeroes are added all around the matrix to compute the convolution without overflowing. Let be all indices where the template is equal to and all other indices. Let be the projection matrix. Let be the flattened form of the matrix where rows are concatenated in a single vector.

Thus, using the notations from the sections III-A1 and III-A2 we define the following problem for Sobel filter:

  • Minimize:

  • Under the following constraints:

    (5)

With the coordinate by coordinate square, not the usual one.

The resolution of this system by Gurobi runs in the order of days for an image of size and a template of size .

Iv Multiple Authentication Attack Description

The idea is that the attacker looks for an image that satisfy all the victims images at the same time. For this he is computing the image that is a kind of the barycenter of all the templates of the target clients that he has. This is possible only if all the templates are not too far according to a threshold. Moreover in this situation the attacker does not need to know the passwords of the victims.

Iv-a Overview

The attack takes as input the following parameters:

  1. The target’s templates .

  2. The attacker’s image ().

  3. The attacker’s password ().

  4. The value of the decision threshold.

For this part, we assume that all the templates of the target clients that he has are two by two no further than .

The output is a modified attacker’s image () which matches the modified template template.

First, with all , we search a template such that are in a ball centered at and of radius . Looking for such that: . Thus is the barycenter of all .

Then, a quadratic system and a function to minimize can be build as explained in Section IV-B. Thus, solving this problem gives us the modified image for multiple authentication with the same password. We present an overview over this attack in Figure 4.

Target’s templates

Compute the center template.

Attacker’s Password

Initialize the quadratic system

Random attacker image

Return an image for authentication

DB

Set objective

Solve
Fig. 4: Principle of the multiple authentication attack.

Iv-B Multiple Authentication system

Let be the projection matrix and the template at the center of the ball as defined in Section IV-A. Assume that is the list of all indices where is equal to and the remaining indices. The others notations are the same as III-C. The problem can be defined like this:

  • Minimize:

  • Under the following constraints where is the -th column of :

    (6)

V Multiple Collisions Attack

In this attack, the attacker knows the templates and passwords of the victims. Then his goal is to use all these informations to generate an image that allows him to authenticate with the same image instead of all the victims using their own password.

V-a Overview

The attack takes as input the following parameters:

  1. The target’s templates .

  2. The attacker’s image ().

  3. The target’s passwords .

The output is a modified attacker’s image () which matches all templates for the corresponding password.

We define a quadratic system and a function to minimize as explained in Section V-B. Thus, solving this problem gives us the modified image for multiple authentication for each password.

We show an overview over this attack in Figure 5.

Targets’s templates

Passwords

Initialize the quadratic system

Random attacker image

Return an image for authentication

DB

Set objective

Solve
Fig. 5: Principle of the attack’s second approach.

V-B Multiple Collisions Definition

Let be the projection matrix for the -th user. Assume that is the list of all indices where is equal to and all other indices. The others notations are the same as III-C. The problem can be defined like this:

  • Minimize:

  • Under the following constraints where is the -th column of :

    (7)

As matrices

are fully random, the probability of them forming an indexed family of linearly dependent vectors is negligible, thus making the system solvable. Assume that

is the event that

is an indexed family of linearly independent vectors, with

the size of vector and the number of precision bits for our numbers. It can be shown that

Since this probability is near , the usurpation of persons, with the size of the template, is a likely event.

Vi Reservesibility Attack Evaluation

We present some practical evaluations of our simple authentication attack with the second approach. We only present our practical evaluation results for this attack because if this attack works, all the other work as well. To mount our attack, we use Python and Gurobi to solve the formalized linear and quadratically constrained programs, with the following libraries: cv2, numpy, skimage, hashlib, tqdm, gurobipy, random and time. The specifications of the VM are logical cores running at GHz and GB of DDR RAM. The OS is Linux Ubuntu .

We have launched resolutions of the constrained programs formalized in the subsection III-C. Table I shows the running times of different settings along with the amount of changes done in the attacker fingerprint (by computing the Euclidian distance).

Size of image Size of template Euclidean distance Time (s)
TABLE I: Summary of the experiments.

The results demonstrate that our attacks are practical. We observe that the time to solve our systems in order to mount our attacks is not linear in the size of the images. However, what is interesting is the Euclidean distance slowly rises and stay small compared to the size of the images. Thus, the modifications induced on the image are minimal and could be invisible to the naked eye.

Vii Conclusion

In this paper, we present several authentication attacks on projection-based CB schemes in the stolen token scenario. Their particularity is to completely reverse a CB scheme, thus allowing the slight modification of the attacker fingerprint to impersonate any or several users. The proposed methodology is to formalize the attacks as constrained optimization problems. In fact, as long as the attacker has access to one or several template(s) with the corresponding password(s), our attacks can be performed. In addition, we propose two ways to authenticate an attacker on behalf of several legitimate persons. We also propose a variant that uses only the template of the target(s). Our practical experiments show that the modification of the attacker’s image is minimal over small images. The next step is to perform these attacks on larger images and look for the limit of the number of people that can be impersonated at the same time.

References

  • [1] J. Bringer, H. Chabanne, and B. Kindarji (2008) The best of both worlds: applying secure sketches to cancelable biometrics. Sci. Comput. Program. 74 (1-2), pp. 43–51. External Links: Link, Document Cited by: §I.
  • [2] Y. Dodis, L. Reyzin, and A. Smith (2004) Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In Advances in Cryptology - EUROCRYPT 2004, C. Cachin and J. L. Camenisch (Eds.), Berlin, Heidelberg, pp. 523–540. Cited by: §I.
  • [3] X. Dong, Z. Jin, and A. T. B. Jin (2019) A genetic algorithm enabled similarity-based attack on cancellable biometrics. CoRR abs/1905.03021. External Links: Link, 1905.03021 Cited by: §I.
  • [4] X. Dong, Z. Jin, and A. T. B. Jin (2019) A genetic algorithm enabled similarity-based attack on cancellable biometrics. In 2019 IEEE 10th International Conference on Biometrics Theory, Applications and Systems (BTAS), Vol. , pp. 1–8. Cited by: §I.
  • [5] X. Dong, Z. Jin, A. B. J. Teoh, M. Tistarelli, and K. Wong (2019) On the reliability of cancelable biometrics: revisit the irreversibility. CoRR abs/1910.07770. External Links: Link, 1910.07770 Cited by: §I.
  • [6] (Website) External Links: Link Cited by: §I.
  • [7] L. Ghammam, K. Karabina, P. Lacharme, and K. Thiry-Atighehchi (2020-03) A cryptanalysis of two cancelable biometric schemes based on index-of-max hashing. IEEE Transactions on Information Forensics and Security PP, pp. 1–12. Cited by: §I, §I, §II-C.
  • [8] (2011) ISO/IEC24745:2011: Information technology – Security techniques – Biometric information protection. Standard International Organization for Standardization. Cited by: §I.
  • [9] (2018) ISO/IEC30136:2018(E): Information technology – Performance testing of biometrictemplate protection scheme. Standard International Organization for Standardization. Cited by: §I.
  • [10] A. K. Jain and K. Nandakumar (2012) Biometric authentication: system security and user privacy. Computer 45, pp. 87–92. Cited by: §I.
  • [11] A. T. B. Jin, D. N. C. Ling, and A. Goh (2004) Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recognition 37 (11), pp. 2245–2255. Cited by: §I, §I, §I, Remark II-B.1.
  • [12] W. Johnson (1984) Extensions of lipschitz mappings into hilbert space. Contemporary mathematics 26, pp. 189–206. Cited by: §II-B.
  • [13] A. Juels and M. Wattenberg (1999) A fuzzy commitment scheme. In Proceedings of the 6th ACM Conference on Computer and Communications Security, CCS ’99, New York, NY, USA, pp. 28–36. External Links: ISBN 1581131488 Cited by: §I.
  • [14] A. Juels (2006-02) A fuzzy vault scheme. Designs, Codes and Cryptography 38, pp. 237–257. Cited by: §I.
  • [15] P. Lacharme, E. Cherrier, and C. Rosenberger (2013) Preimage attack on biohashing. In 2013 International Conference on Security and Cryptography (SECRYPT), Vol. , pp. 1–8. External Links: Document Cited by: §I.
  • [16] C. Li and J. Hu (2014) Attacks via record multiplicity on cancelable biometrics templates. Concurrency Computation: Practice and Experience, pp. 1593–1605. Cited by: §I.
  • [17] A. Nagar, K. Nandakumar, and A. K. Jain (2010) Biometric template transformation: a security analysis.. In Media Forensics and Security, N. D. Memon, J. Dittmann, A. M. Alattar, and E. J. Delp (Eds.), SPIE Proceedings, Vol. 7541, pp. 75410O. Cited by: §I.
  • [18] K. Nandakumar and A. K. Jain (2015) Biometric template protection: Bridging the performance gap between theory and practice. IEEE Signal Processing Magazine 32, pp. 88–100. Cited by: §I.
  • [19] I. Natgunanathan, A. Mehmood, Y. Xiang, G. Beliakov, and J. Yearwood (2016) Protection of privacy in biometric data. IEEE Access 4, pp. 880–892. Cited by: §I.
  • [20] F. Quan, S. Fei, C. Anni, and Z. Feifei (2008-12) Cracking cancelable fingerprint template of ratha. In 2008 International Symposium on Computer Science and Computational Technology, Vol. 2, pp. 572–575. Cited by: §I.
  • [21] N. K. Ratha, J. H. Connell, and R. M. Bolle (2001) Enhancing security and privacy in biometrics-based authentication system. IBM Systems J. 37 (11), pp. 2245–2255. Cited by: §I.
  • [22] A. Rozsa, A. E. Glock, and T. E. Boult (2015-06) Genetic algorithm attack on minutiae-based fingerprint authentication and protected template fingerprint systems. In

    Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR) Workshops

    ,
    Cited by: §I.
  • [23] Y. Sutcu, H. T. Sencar, and N. Memon (2005) A secure biometric authentication scheme based on robust hashing. In Proceedings of the 7th Workshop on Multimedia and Security, New York, NY, USA, pp. 111–116. Cited by: §I.
  • [24] A. B. J. Teoh, W. K. Yip, and S. Lee (2008) Cancellable biometrics and annotations on BioHash. Pattern Recognition 41 (6), pp. 2034–2044. Cited by: §I.
  • [25] B. Topcu, C. Karabat, M. Azadmanesh, and H. Erdogan (2016-09) Practical security and privacy attacks against biometric hashing using sparse recovery. EURASIP Journal on Advances in Signal Processing 2016 (1), pp. 100. Cited by: §I, §I.
  • [26] O. Vincent and O. Folorunso (2009-01) A descriptive algorithm for sobel image edge detection. pp. . External Links: Document Cited by: §II-A.
  • [27] H. Wang, X. Dong, Z. Jin, A. B. J. Teoh, and M. Tistarelli (2021-01) Interpretable security analysis of cancellable biometrics using constrained-optimized similarity-based attack. In Proceedings - 2021 IEEE Winter Conference on Applications of Computer Vision Workshops, WACVW 2021, Proceedings - 2021 IEEE Winter Conference on Applications of Computer Vision Workshops, WACVW 2021, United States, pp. 70–77 (English). Note: Funding Information: This work has been partially supported by the European Union COST Action CA16101, University of Sassari fondo di Ateneo per la ricerca 2020, Italian Ministry for Research special research project SPADA, Fundamental Research Grant Scheme (FRGS/1/2018/ICT02/MUSM/03/3) and NVIDIA Corporation donation of the Titan Xp GPU. Publisher Copyright: © 2021 IEEE.; 2021 IEEE Winter Conference on Applications of Computer Vision Workshops, WACVW 2021 ; Conference date: 05-01-2021 Through 09-01-2021 External Links: Document Cited by: §I.