Secure Biometrics
Current methods of using biometrics are often insecure since they store the biometric in the clear, compromising security and enabling identity theft. Our method obtains security by transforming the biometric into a syndrome (a compressed and scrambled bit stream that contains less information than the original biometric). Since only the syndrome and not the original biometric is stored, an attacker that learns the syndrome cannot determine the original biometric and therefore cannot impersonate the user.
Background & Objective: Biometrics such as fingerprints, irises, and faces are increasingly prevalent in authentication, encryption and access control. Biometrics are slightly different each time they are measured. Therefore they cannot be stored in encrypted form as passwords are because the encrypted form of the original biometric and the encrypted form of a later measurement of the same biometric would not match. Consequently, most systems store biometrics in the clear. For biometrics to be broadly accepted, we need a way to store biometrics in a secure form that cannot be used by an attacker to impersonate a valid user. At the same time the authentication method needs to be robust to the natural measurement variation of the biometric.
Technical Discussion: Our method obtains security by transforming the biometric into a binary vector which is then multiplied by the parity check matrix of a publicly known low density parity check code. The output is the biometric's syndrome, a compressed and scrambled version of the original biometric with two essential features. First, the syndrome contains less information than the original. If only the syndrome is stored, and not the original biometric itself, an attacker that learns the syndrome cannot recover the original biometric. Second, when the syndrome is combined with another measurement of the same biometric, it is possible to correct the measurement noise and exactly recover the original biometric through belief propagation decoding. The original biometric can therefore serve as a shared secret. The original biometric can be used, e.g., as a secret password or a cryptographic key, using standard techniques.
Contacts:
Anthony Vetro
Shantanu Rane
Jonathan Yedidia
| Technical Reports: | |
| Secure Storage of Fingerprint Biometrics Using Slepian-Wolf Codes | |
| Using Distributed Source Coding to Secure Fingerprint Biometrics | |
| Secure Biometrics Via Syndromes | |
Technology Areas:
Multimedia
Computer Vision
Imaging
Modification Date: March 12, 2008
