Abstract:

We describe a method to encode fingerprint biometrics securely for use, e.g., in encryption or access control. The system is secure because the stored data suffices to validate a probe fingerprint but not to recreate the original fingerprint biometric. Therefore, a breach in database security does not lead to the loss of biometric data. We present a model for a secure biometric system for which we can make strong encryption-like security guarantees. We derive a fundamental trade off between system security and the robustness of authentication. The trade off is quantified for simple statistical models. We outline an implementation and report the effectiveness of our method as tested on a data base consisting of 579 datasets, each containing roughly 15 measurements of a single finger.