Browse Theses

With the proliferation of biometric recognition systems, an attacker's benefit in staging a system compromise is also increasing and thus is the need to ensure system security and integrity. This dissertation provides a thorough analysis of the vulnerabilities of a biometric recognition system with emphasis on the vulnerabilities related to the information stored in biometric systems in the form of biometric templates. To motivate the development of techniques to protect biometric templates, we show that fingerprint image can be recovered from a well known fingerprint representation, called the Minutiae Cylinder Codes, with high accuracy. The recovered fingerprint image can in turn be used to create spoof fingers and compromise the systems in which the finger is enrolled.

The techniques to safeguard the biometric templates are categorized into two main groups: biometric cryptosystems and template transformation techniques. While biometric cryptosystems allow binding a secure key to the biometric data to obtain a so called secure sketch from which no information regarding the biometric data or the key can be recovered, template transformation techniques non-invertibly transform the biometric template with the user's password. To analyze and improve the biometric cryptosystems, we study its two main examples: fuzzy vault and fuzzy commitment. Fuzzy vault is used to secure templates represented in the form of a set of points whereas fuzzy commitment is used to secure templates represented as binary vectors. An improved security analysis is provided that takes into account the non-uniform distribution of biometric features. A framework to effectively combine multiple biometric representations is also proposed. We identify two limitations of a typical biometric cryptosystem, namely, i) linkability i.e. possibility to identify two secure biometric templates generated using the same biometric, and ii) utilization of only simple biometric representations, and develop techniques to overcome them in the context of fuzzy vault.

Various template transformation techniques proposed in literature are studied and the amount of security they impart is evaluated using a comprehensive set of metrics. The analysis of difficulty of template inversion i.e. recovery of the original template given a transformed template is an important element of its security analysis. We develop the template inversion techniques and analyze security imparted by two different transformed templates; one based on point set representation and the other based on binary vector representation. The analysis presented indicates that the two techniques, although generally considered secure, are vulnerable to inversion attacks.

Protection of biometric templates is critical for public acceptability in light of the potential compromise of system security and user's privacy. Equally critical is a rigorous analysis of the security imparted by the techniques developed to protect the biometric templates. We believe that the security analysis presented in this dissertation will streamline the development of new techniques and help in finding a robust solution for protecting biometric data.