Increasing data accuracy in biometric authentication systems: An exploratory study using papilio algorithm on fuzzy schemes

Abstract

When taking into consideration user’s authentication technologies, systems can be divided into two main categories: (i) those that use passwords, keys, such as cards and tags and (ii) those that use biometric data, such as signature, fingerprint and voice. In this context, it is well understood that biometric systems, which were building based on biometric authentication technologies, emerge as safer authentication alternatives. In order to guarantee the security and thus the data stored accuracy, protection schemes for biometric authentication, such as the Fuzzy Vault and Fuzzy Commitment, have been adopted. In this work, we performed some improvements in the functioning of two well known fuzzy protection schemes, which are: Fuzzy Vault and Fuzzy Commitment, using the Papilio encryption algorithm. This combination leads to the proposal of new protection schemes called Papilio Fuzzy Vault and Papilio Fuzzy Commitment. We carried out an exploratory study using a suite of well-known biometric datasets. Our findings indicated gains in terms of security when comparing the proposed schemes to the original ones. However, the proposed schemes keep the same accuracy level of the original ones.

Keywords

Biometric fuzzy schemes Papilio Cryptosystem and Security

1. Introduction

As an important part of security, software systems are secured with a strong authentication mechanisms. According to [1], there are mainly two major categories of systems authentication approaches: (i) those where a user can access the system through passwords, logins, tokens, among others and (ii) those where users can access the system using one or more biometric modalities, such as voice and fingerprint. In this context, it is well understood that the use of biometric-based authentications is a synonym of better systems reliability [2].

However, this reliability comes at a cost: investing in system’s security without compromising data stored accuracy. According to [5], from the user’s point of view, an error of accuracy occurs when the system fails to authenticate the identity of a registered person or when the system erroneously authenticates the identity of an intruder.

There are several protection methods applied to sets of biometric or multibiometrics data, such as the Fuzzy Vault [6] and Fuzzy Commitment [7], which are biometric data protection schemes for authenticating systems. These protection methods are applied in other biometrics data, for example, in [3, 4] where the authors use Fuzzy protection Systems to guarantee competitive recognition accuracy while providing protection to the employed biometric data. However, the data storage and security levels provided by these methods and techniques still lead to system’s vulnerability. Thus, the current methods for authentication need to be rethought, facing with the risk of compromising system’s accuracy.

In an initial attempt of the authors, reported in [9], we tried to apply some traditional cryptography algorithms directly in biometric data. The obtained results were drastically affected by these algorithms, decreasing considerably the accuracy of the biometric systems. Nevertheless, this was an expected outcome, since it is well known that the cryptography algorithms were able to break the relationship between the values of each attribute of the original dataset, making classification a very difficult task. For this reason, we decided that the Papilio algorithm should not be used directly in biometric data, but inside the functioning of some transformation functions, aiming to maintain the performance and increase the security of the stored data.

Therefore, in this paper, our goal is to propose two new biometric protection schemes, Papilio Fuzzy Vault (PFV) and Papilio Fuzzy Commitment (PFC), that rely on the integration of the Papilio encryption algorithm with Fuzzy Commitment and Fuzzy Vault protections schemes, respectively. The Papilio’s cryptosystem was submitted to Differential Cryptanalysis and according to [8], the results show that Papilio is as strong as other symmetric algorithms. Thus, the idea is to increase data accuracy and to provide an additional level of security through the integration of the Papilio in biometric-based authentication systems by means of the evolution of these two well-known biometric protection schemes.

In order to assess the use of PFV and PFC schemes, we carried out an exploratory study to analyse accuracy of the proposed methods in different scenarios of biometric authentication systems (original and transformed spaces, one and multibiometric contexts). In this study, we selected two biometric modalities to be used as basis, voice and fingerprint. Our findings indicated that the adoption of PFV and PFC provide similar levels of accuracy when compared to their original versions, while increasing the security of the biometric-based authentication systems.

The rest of this paper is organized as follows. Section 2 introduces the different schemes and techniques for system authentication and data protection. In Section 3 we present the evolved protection schemes. In the Section 4, the methodology and complementary techniques used in study are described. Our findings are discussed in Section 5. Finally, in Section 6 we provided our final remarks.

2. Background

This section presents the target data protection techniques and how they can be applied to biometric systems. More specifically, we will present the Papilio Cryptosystem and Cancellable Techniques in Sections 2.1 and 2.2 respectively. The fuzzy schemes used as the basis for this work are introduced in Section 2.3.

2.1 Papilio cryptosystem

The Papilio algorithm is a symmetric cryptographic cipher [10]. Symmetric algorithms (or cipher) are characterized by using the same key for encryption and decryption process. As other symmetric algorithms, Papilio is based on Feistel structures that define their encryption process round (cycles) and division of the texts in blocks. Each block, called $E_{i}$ (Left Part) or $D_{i}$ (Right Part), is processed over $i$ rounds, where $i=\{1,...,16\}$ . In all rounds, the operation $E_{i+1}=D_{i}$ is processed and the block $D_{i+1}$ is processed together with the output of $F$ function by XOR operation, as $D_{i+1}=E_{i}\oplus F(D_{i},SC_{i})$ . The right part is sent as input to the $F$ function. This $F$ function is described in detail in [10]. A final permutation is made after the last round, aiming to increase the diffusion and confusion level on cipher data.

As a Feistel-based algorithm, Papilio works on the top of a function $F$ , which is computed by the Modified Viterbi algorithm [10], whose parameters are the codification rate $n/s$ , $Q$ , $m$ and the polynomial generator. These algorithms operate with blocks of different sizes (i.e., different number of bits). In addition, the size of their master key is 128 bits; whereas the set of sub-keys ( $SC_{i}$ ) size can vary according to the number of the rounds, which can also vary from zero to sixteen.

The process of Papilio decryption is similar to the encryption process, except for the fact that the sub-keys are employed in reverse order. For both processes, there is a function $F$ for each Papilio’s round. This function $F$ is the same for all rounds and it is considered as the main component of the process. The encryption and decryption processes always begin with the text block division $m/2$ , where $m$ is a number of bits. The right part is used as $F$ function input and the left one is used, along with the output text function $F$ , in a XOR operation. The output of this XOR operation is the input of $F$ function in the next round and so on until the last round.

The size (number of bits) of the resulting encrypted text is the same of the plain text, which is an advantage of the Papilio method as there is no need of increasing the size of the encryption output text. Therefore, it is possible to achieve a chiphertext, an encrypted text, for each completed round with the same size.

2.2 Cancellable techniques

In this paper, we will use two well-known cancellable techniques, which are: BioConvolving [11] and BioHashing [12]. Both techniques will be applied to two biometric datasets (FingerPrint and Voice), as presented in Section 4.2.

The BioConvolving transformation method aims at dividing each original biometric dataset into $W$ non-overlapping segments, according to a randomly selected transformation key $d$ . A general description of BioConvolving is described as follows.

1.
Randomly select a number ( $W-1$ ) of values $d_{j}$ . The selected number have to be between 1 and 99 in an ordered fashion. The selected values are arranged in a vector $d=[d_{0},...,d_{W}]$ , having kept $d_{0}=0$ and $d_{W}=100$ . The vector $d$ represents the key of the employed transformation.
2.
Convert the values $d_{j}$ according to the relation $b_{j}=\textit{round}\left({\left({\frac{d_{j}}{100}}\right)n}\right)$ , $j=0,...,W$ , where $n$ is the number of attributes and round represents the nearest integer,
3.
Divide the original sequence $\Gamma\in R^{n}$ , into $W$ segments $\Gamma(q)$ of length $N_{q}=b_{q}-b_{q-1}$ and which lies in the interval $[b_{q-1},b_{q}]$ ;
4.
Apply the linear convolution of the functions $f(\Gamma(q)),q=1,...,W$ in order to obtain the transformed function

$\displaystyle f=\Gamma(1)...\Gamma(W)$ (1)

As it can be seen in these steps, due to the convolution operation in Eq. (1), the length of the transformed functions is equal to $K=N-W+1$ , being therefore almost the same of the original functions. Other realizations can be obtained from the same original functions, simply varying the size or the values of the parameter key $d$ .

Biohashing* consists of random bits $r$ used as the input factor to be concatenated with a secret key, $k$ . The output is often stored as hash $H(r+k)$ in the dataset. Another definition for BioHashing is given in [13], which describes it as a template protection approach in which the biometric features are transformed using a function defined by a user-specific key or password. It is important to emphasize that transformation is invertible to a large extent and the key needs to be securely stored or remembered by the user and presented during authentication. Therefore, it is necessary additional information to increase the entropy1 of the biometric template and this way it guarantees more difficult to discover the original model. A BioHashing process with mode details can be found in [12]. Basically, the process can be divided in two processes: (i) biometric feature extraction and (ii) discretization. According to [12] the extraction process includes signal acquisition, feature extraction and preprocessing of these data. The second process is the discretization which consists of four steps, namely:

1.
Employ the input token to generate a set of pseudo random vectors, $\{r_{i}\in\Re^{M}$ $|i=1,...,m\}$ based on a seed;
2.
Apply the Gram-Schmidt process to $\{r_{i}\in\Re^{M}|\linebreak i=1,...,m\}$ and thus obtain a TRN (Tokenized Random Numbers), a set of orthonormal vectors $\{p_{i}\in\Re^{M}|i=1,...,m\}$ ;
3.
Calculate the dot product of $v$ , the feature vector obtained from Step $1$ and each orthonormal vector in TRN, $p_{i}$ , such that $\langle v,p_{i}\rangle$ ;
4.
Use a threshold $\tau$ to obtain BioCode, in which $b$ elements is defined as:

$\displaystyle b_{i}=\left\{\begin{array}[]{ll}0&\text{if }\langle v,p_{i}% \rangle\leqslant\tau\\ 1&\text{if }\langle v,p_{i}\rangle>\tau\end{array}\right.$

where $i$ is between 1 and $m$ (dimensionality of $b$ ). In this case,two BioCodes are compared by Hamming distance.

2.3 Fuzzy schemes

This section presents Fuzzy Vault (Section 2.3.1) and Fuzzy Commitment (Section 2.3.2) schemes. Both are used for biometric data protection and authentication.

2.3.1 Fuzzy Vault

The Fuzzy Vault scheme is a protection type based on link key method [6]. It can be understood as a scheme that is able to work with variable data in authentication systems, where it can authenticate a human with biometric data which can vary between themselves. For example, applying Fuzzy Vault scheme, it is possible to accept the same iris at different times and/or ways of collecting. Using fuzzy scheme, it is possible to accept a small user signal distortion in an authentication system. The Fuzzy Vault scheme is conceptually simple and can be implemented using an underlying error correcting code, as shown in [6]. In this case, the authors use the Reed-Solomon method [14].

In [6], there is a reference about a simple case to represent the Fuzzy Vault Scheme. Basically, the essence of Fuzzy Vault can be hypothetically described in the following way: let us suppose that a user called Alice wants to hide a secret $k$ in a given $A$ set. In this case, it can select a polynomial $p$ and a single variable $x$ such that $p$ encodes the secret $k$ in a some way to protect it. This way, Alice must create a set point called chaff points which is composed by different random numbers using the polynomial $p$ . Then the collection of entrance points must contain the original and chaff values. Once Alice has defined a set as collection points $R$ , the set $A$ can be viewed as the identification of points $p$ in $R$ and it is possible to specify $p$ and $k$ .

In the context of authentication process [6], proposes some scenarios, where another user named Bob aims to unlock $k$ , through of a set $B$ . For this reason, if $B$ overlaps $A$ , then $B$ identifies candidate points in $R$ , which contains $p$ . In this case, Bob is able to recover a set of points, which in the best case can be the same amount of points of Alice. However, they may perhaps contain a small amount of noise. In this case, a bug fix can be used by Bob in order to reconstruct $p$ , but not $k$ . On the other hand, if $B$ does not overlap $A$ , this means Bob will not be able to find $k$ , because of the presence of many points without values contained in $A$ .

This security system is the infeasibility of the polynomial reconstruction. In other words, the Fuzzy Vault as well as very suitable for working with set of biometric data. It ensures a level of protection to biometrics. This makes it possible to block an attacker to access user authentication systems with no entries or even authorized users of data belonging to other users.

2.3.2 Fuzzy Commitment

Another protection scheme commonly used in biometric systems is Fuzzy Commitment, that has been proposed in [15] and has been used to protect biometric data [16]. Fuzzy Commitment is described as a biometric encryption scheme that can be used to protect the biometric features represented in the form of binary vectors.

It is possible to propose a biometric template $b^{E}$ which is enrolled (minutiae) in a binary sequence with $N$ bits. There is a uniform key $K_{c}$ which is randomly generated and its size is $L$ ( $L\leqslant N$ ) bits and it is generated using only one index, $N-bit$ , for a keyword $c$ with an error estimated according to correction code [15].

In the enrolment environment, the value to be stored for each user is extracted from the scheme $y_{c}=c\oplus b^{E}$ , where the $\oplus$ indicates the XOR operation. Thus, the scheme $y_{c}$ is stored in the dataset, together with $h(y_{c})$ , where the function $h()$ is a hash function. In an authentication environment, the codeword $c^{*}$ is obtained from the query biometrics $b^{A}$ (user’s biometric) and the scheme $y_{c}$ according to the following equations: $c^{*}=y_{c}\oplus b^{A}=c\oplus(b^{E}\oplus b^{A})$ . In this point, a candidate codeword $c^{*}$ is usually a corrupted version of the original keyword $c$ and it can be decoded to recover the key $k^{*}$ .

Using Fuzzy Commitment scheme, the authentication success is obtained by this scheme $h(k^{*})=h(k)$ . However, if Hamming distance between $b^{E}$ and $b^{A}$ is not greater than the error correction capacity of code $k^{*}$ and $k$ the match will not be successful.

3. Proposed fuzzy schemes

The main goal of our study was to investigate means to increase accuracy of biometric systems. Therefore, a well-known encryption algorithm called Papilio [10] was integrated to the two most popular protection schemes: Fuzzy Commitment (FC) and Fuzzy Vault (FV). This integration originated the Papilio Fuzzy Vault (PFV) and Papilio Fuzzy Commitment (PFC) Schemes presented in Sections 3.2 and 3.3, respectively.

Figure 1.

Papilio Fuzzy Vault Scheme – Enrollment: a) A User provides a link key $X_{n}$ , where $n$ is the user’s number. b) Each individual biometric data (attribute $(At_{1},At_{2},...,At_{n})$ ) is represented by average of the values for all templates. c) Execute the polynomial projection $P(x)$ on genuine values ( $G$ ). d) Generate Vault points and it is applied the polynomial $F(x)$ . e) Link the two sets of genuine and false values $F$ and $G$ .

3.1 Papilio modifications

In this work, two versions of the Papilio algorithm (Section 2.1) are used. In this case, we will use the modified version of Papilio, called as MP, in Fuzzy Vault (FV) and its original version in Fuzzy Commitment (FC), labelled OP. The main changes included in MP are related to the link key format. The changes in the link key format were necessary because the Papilio algorithm is used in the polynomial generation process of FV and the polynomial indices are represented in the decimal format. In contrast, Papilio was integrated to the Fuzzy Commitment (FC) without requiring any change. In this sense, the Papilio algorithm is used in its original form in FC and it is used to replace the hash function during the processing of FC.

The Fuzzy Vault scheme works with decimal values that represent the original data (biometric data) as well as the set of false values (Vaults). These values are points (coordinates) that are obtained by applying polynomials $P(x)$ of degree $n$ where $x$ is a decimal value (original or false (chaff)). Thus, Papilio was modified in order to produce output in the decimal format.

Let us consider that an user sets a password (considered as a link key) in FV enrolment step as a numerical sequence, 20102014. This password will generate the following standard text output Papilio: “*@RfeTukeJ2k*!swa”. However, its output will be represented by the decimal $n$ , 309372396392428… 9372094293. This decimal output will be applied as input to a CRC function. In this way, the Papilio algorithm output value is concatenated with the output of CRC function. Then, a set of $n+1$ polynomial coefficients $P(x)$ , with degree of $n$ , is obtained. This modification results in a new version of Papilio, called Modified Papilio. The change of the output format was essential since the link keys used by the users remain protected, even in case of being lost or stolen and, in this case, the user does not need to provide a new link key. In the original FV scheme, however, the link keys are unprotected and vulnerable to attacks. Therefore, in this sense, the proposed method should increase the security level of the stored link keys, in comparison with the original FV.

3.2 Papilio Fuzzy Vault

In this section, we will describe the Papilio Fuzzy Vault (PFV) scheme, one of the proposed methods of this paper. The main change that we propose in the Fuzzy Vault (FV) scheme is the use of the modified Papilio algorithm in its functioning. The modified Papilio algorithm (Section 3.1) was integrated to FV scheme to enhance security and thus the accuracy biometric systems. We aim to maintain the same level of accuracy of the original FV scheme in a new and safer setting for the use of biometric data.

Figure 2.

Papilio Fuzzy Vault Scheme – Authentication: The user candidate biometric traits (Biometric Collection) are transformed into the following format $Y={At_{1},At_{2},At_{3},\dots,At_{i}}$ . Calculate the Euclidean distance between each attribute $At_{a}$ and all points of the General set. (Distance Calculated). Apply the (Lagrange) interpolation function (module) individually on all obtained $NP_{a},a=1,...,n$ , $\textit{LAG}(NP_{a})$ and it is possible to find a polynomial $P_{c}(x)$ . (CRC ( $N-6$ coefficients) is applied to verify if the comparison is considered as correct.

Figures 1 and 2 illustrate the PFV implementation, where the black boxes indicate the actions performed during the PFV functioning and the gray ones indicate the output of the corresponding actions. The PFV implementation is described according to the following 1–13 steps and the steps labelled as $\Leftarrow$ were modified from the original FV.

Enrolment. $\Leftarrow$ A User provides a link key $X_{n}$ , where $n$ is the user’s number (see Fig. 1a);

Enrolment. $\Leftarrow$ The encoding procedure of modified Papilio (MP) algorithm is used to encrypt the link key $X_{n}MP_{e}(X_{n})=DX_{n}$ , where $X_{n}$ is the link key provided by user $n$ . The output of MP $DX_{n}$ is provided in a decimal format (see Fig. 1a);

Enrolment. $\Leftarrow$ Then, $DX_{n}$ is used as input to a cyclic redundancy check (CRC) function in order to generate a redundant code, similar to the original Fuzzy Vault scheme. In this case, the $\textit{CRC}(DX_{n})$ output is a decimal of 64-bit size (eight-size decimal values) (see Fig. 1a);

Enrolment. $\Leftarrow$ The polynomial $P(x)$ used in the Enrolment step of FV uses as input the output of $\textit{CRC}(DX_{n})$ as well as the decimal form of the link key $DX_{n}$ . The first step to obtain polynomial $P(x)$ is to concatenate these two parameters, $\textit{CRC}(DX_{n})$ and $DX_{n}$ in one string. Then, divide the polynomial into $N$ parts ( $N$ represents the degree of the obtained polynomial). Each part of the string becomes one index of the obtained polynomial (taking the parts of the string from left to right) (see Fig. 1a);

Enrolment. It is necessary to collect the biometric templates of each individual. In this case, each individual biometric data is represented in the form of vectors $V_{x}={V_{x1},V_{x2},\dots,V_{xi}}$ , where $i$ represents the number of collected attributes for each biometric template. Due to the variability presented in biometric data, each user must provide more than one biometric sample, a fixed amount $W$ of templates. Therefore $x$ represents the number of instances provided by user $n$ , $x={1,2,\dots,W}$ (see Fig. 1b);

Enrolment. For the fuzzy vault processing, we are going to obtain only one instance for each user (user’s average template). It is collected some attribute values (user instance values) which are represented by average of the values (number $W$ of samples for each user) of this attribute for all $W$ user instances (see Fig. 1b). Thus, each user’s average template is defined as $U_{n}={\textit{Atm}_{1},\textit{Atm}_{2},\dots,\textit{Atm}_{i}}$ , where each attribute $\textit{Atm}_{i}$ is the average value of each $V_{xi}$ for all instances of user $n$ . Thus, each attribute $i$ of user $n$ , ${\textit{Atm}_{i}}^{n}$ , is calculated as ${\textit{Atm}_{i}}^{n}=\frac{\sum_{x=1}^{x=W}{V_{xi}}}{W}$ (see Fig. 1c);

Enrolment. Execute the polynomial projection $P(x)$ , in which we are going to apply the polynomial generated in step 4 $P(x)$ in $U_{n}$ (step 7), leading to a image of the original template $U_{Y_{n}}$ . In this way, this image is obtained as $U_{Y_{n}}={\{P(\textit{Atm}_{1}),\dots,P(\textit{Atm}_{i})}\}$ and these data are known as genuine images. Thus, we generate the genuine values combining the user’s average template $U_{n}$ and its corresponding genuine image $U_{Y_{n}}$ in a set of ordered pairs as $UG_{n}=\{(\textit{Atm}_{1},P(\textit{Atm}_{1})),(\textit{Atm}_{2},P(\textit{% Atm}_{2})),\dots,(\textit{Atm}_{i},\linebreak P(\textit{Atm}_{i}))\}$ (see Fig. 1c);

Enrolment. Generate Vault points, i.e. random points (false values points). These points should not be same as the original points. First, it should randomly generate a set of false points $L=L_{1},\linebreak L_{2},\dots,L_{j}$ , where $j>i$ is the amount of points generated. Then, we generate another polynomial $F(x)$ to be used in the Vault points and it is applied to this set $L$ to obtain false images as $L_{Y_{n}}$ . This polynomial $F(x)$ is generated by indices composed random decimal values and $F(x)\neq P(x)$ should be met. Finally, we generate the false values combining $L$ and $L_{Y_{n}}$ , leading to $LG_{n}=\{(L_{1},F(L_{1})),(L_{2},F(L_{2})),\dots,(L_{j},\linebreak F(L_{j}))\}$ (see Fig. 1d);

Enrolment. Link the two sets of genuine and false values to get $\textit{General}_{n}=UG_{n}\bigcup LG_{n}$ , which is stored and is used in the authentication step. Accordingly, the original points may only be discovered if the user inputs the corresponding data values and the return value is close enough to the genuine points (see Fig. 1e);

10.

Authentication. Get access in the authentication system by a User $Y$ . In this case, this user should provide its biometric traits, and it is transformed into the following format $Y={At_{1},At_{2},At_{3},\dots,At_{i}}$ where $i$ represents the number of attributes provided by user $Y$ (see Fig. 2);

11.

Authentication. $\Leftarrow$ Calculate the Euclidean distance between each attribute $At_{a}$ and all points of the General set (see step 9), $NP_{a}=\linebreak\min_{\forall p\in\textit{General}}$ $DE(At_{a},\textit{gen}_{p}),a=1\dots i$ . Thus, for each attribute of the provided biometric $At_{a},\linebreak a=1,..n$ , we obtain the nearest element of General set $\textit{gen}_{p}$ , denoted by $NP_{a}$ (see Fig. 2);

12.

Authentication. Apply the Lagrange interpolation function (module) individually on all obtained $NP_{a},a=1,..n$ , $\textit{LAG}(NP_{a})$ . As a result of the Lagrange function, it is possible to find a polynomial $P_{c}(x)$ ;

13.

Authentication. $\Leftarrow$ Select the $T$ last (designated for the results of the CRC function) polynomial coefficients of $P_{c}(x)$ . In this study, we use $T=8$ since we obtained eight-size decimal values as the result of CRC. Then, apply the RC function on the remaining $(N-T)$ coefficients of $P_{c}(x)$ and the result should be the same as the $T$ last polynomial coefficients of $P_{c}(x)$ . If this comparison is considered as correct, then it is possible to check the identify of the provided data of user $Y$ with PFV. Otherwise, the authentication of user $Y$ can not be checked and the user’s access is denied (see Fig. 2).

Figure 3.

Papilio Fuzzy Commitment Scheme – PFC: In Enrollment step each user characteristic is represented by binary vectors. The Reed-Solomon is uses on link key $S$ to generated the codeword $c$ . Papilio is applied to $S$ $P(S,S)$ and $(P(S,S),w)$ is stored. I Authentication step, the candidate biometric traits is applied by operation XOR and a codeword $c^{\prime}$ is generated. Reed-Solomon is applied on $c^{\prime}$ and it results a $S^{\prime}$ . The Pailio (decoder mode) is applied on $S^{\prime}$ $(DP(S,S),S^{\prime})$ to verify the possible of authentication of the candidate.

3.3 Papilio Fuzzy Commitment

The Fuzzy Commitment scheme (Section 2.3.2) uses a hash function in its protection procedure (Section 2.3.2). Although hash functions are considered safe techniques, they cannot be compared to cryptographic algorithms, in terms of complexity of their respective protection approaches. These functions can be mapped (collision attack2) by attackers, and thus an attacker can find a way to obtain the original data, from a transformed data using hash functions. In this sense, the use of hash function by the authentication systems can also show problems related to collision attack and thus it is possible to discover protected keys. In this case, it is possible to recover the original biometric data more easily. In order to solve the hash function limitations, a new scheme is proposed called Fuzzy Commitment scheme (PFC). PFC uses the Papilio encryption algorithm to replace the hash function. This modification aims at preventing or even reducing the risk of discovery the link key as well as the risk to obtain the original biometric data. Figure 3 illustrates the PFC Enrolment and Authentication scheme. In this figure, the black boxes indicate the actions performed during the PFC functioning and the gray ones indicate the output of the corresponding actions.

The PFC implementation may be described as follows:

1.
Enrolment. The user $n$ biometric characteristics is represented by $V_{n}={V_{n1},V_{n2},\dots,V_{ni}}$ , where $i$ represents the number of collected attributes for each biometric template $V_{n}$ ;
2.
Enrolment. $\Leftarrow$ Since $X$ is a binary representation of $V_{n}$ , we have to do the following steps:

(a)
Enrolment. Ask the user $n$ to provide the user link key;
(b)
Enrolment. Apply the encoding procedure of the original Papilio algorithm, $OP_{e}$ , in the provided link key $S$ , $OP_{e}(S)$ ;
(c)
Enrolment. Apply the encoding procedure of Reed-Solomon method [17] on $S$ , $RS_{e}(S)$ , in order to obtain a codeword $C$ .

3.
Enrolment. Apply the XOR operation between $X$ (Step 2) and $C$ (Step 2c), $W=X$ XOR $C$ , to obtain $W$ ;
4.
Enrolment. Store $(W,OP_{e}(S))$ in the biometric dataset. For this method, we store two types of biometric information, the result of the original Papilio algorithm on the link key $OP_{e}(S)$ and $W$ ;
5.
Authentication. Collect the biometric template as input in the authenticated step and also the biometric template should be represented as binary vector $X^{\prime}$ ;
6.
Authentication. Apply the Xor operation, $X^{\prime}$ XOR $W$ , in order to generate a candidate codeword $C^{\prime}$ ;
7.
Authentication. Apply the decoding procedure of Reed-Solomon on $C^{\prime}$ , $RS_{d}(C^{\prime})$ , in order to obtain $S^{\prime}$ ;
8.
Authentication. $\Leftarrow$ Apply the decoding procedure of Papilio algorithm in $OP_{d}(P(S),S^{\prime})$ to decode the obtained information of the user to be authenticated. If this equality $OP_{d}(OP_{e}(S),S^{\prime})\linebreak==S^{\prime}$ is correct, then it is possible to validate the identity of the provided data of user $Y$ with PFC. Otherwise, the authentication of user $Y$ can not be checked and the user’s access is denied.

4. Experimental study

In this section, we describe how our study was planned. Section 4.1 presents our goal, research question and hypotheses. The adopted methodology is described in Section 4.3. In Section 4.2.3 the used datasets are presented and finally, in Section 4.4, system’s accuracy quantification is discussed.

4.1 Aim, research question and hypotheses

The goal of this study was to evaluate to what extent the integration of traditional protection schemes with cryptographic algorithms are correlated with biometric data storage. In order to achieve this goal, we performed a comparative analysis of how these schemes are correlated with data accuracy (Section 4.4).

Our research aims were twofold. First, we aim at evaluating whether the proposed approach (Section 3), deal with accuracy of authentication systems in a better way when compared to traditional techniques (Section 2). Second, we also aim at discussing some implementation factors that were detrimental to accuracy.

In this sense, we aim at answering the follow research question: Does the integration of different protection techniques promote an increase in system’s data accuracy? This investigation relies on the analysis of three hypotheses (H1, H2 and H3), whose null (0) and alternative (1) definitions are as follows:

•
H10: Data accuracy variation does not depend on protection technique used.
•
H11: Data accuracy variation depend on protection technique used.
•
H20: The use of Papilio Fuzzy Vault scheme does not promote gains in terms of data accuracy when compared to Fuzzy Vault.
•
H21: The use of Papilio Fuzzy Vault scheme promotes gains in terms of data accuracy when compared to Fuzzy Vault.
•
H30: The use of Papilio Fuzzy Commitment scheme does not promote gains in terms of data accuracy when compared to Fuzzy Commitment.
•
H31: The use of Papilio Fuzzy Commitment scheme promotes gains in terms of data accuracy when compared to Fuzzy Commitment.

4.2 Materials

In this section, it is discussed the nature of the datasets used in this work. We grouped datasets into two categories: original and transformed. The first category consists of well-known datasets, while transformed datasets refers to those that were generated from the original sets (see Sections 4.2.1, 4.2.2 and 4.2.3). In both groups, we are considering unibiometric and multibiometric datasets. According to [18], unibiometric datasets rely on the evidence of a single source of information for authentication (e.g., single fingerprint and face). On the other hand, multibiometrics datasets denote the fusion of different types of information (e.g., fingerprint and face of the same person, or fingerprints from two different fingers of a person) [18].

4.2.1 Original datasets

The original biometric dataset includes voice and fingerprint data. The voice dataset used in this work was found in TIMIT dataset [19]. According to [20], this voice biometric dataset was represented by two energy spectra representation by two algorithms (MFCC – Mel-Frequency Cepstral Coefficients and LPCC – Linear Prediction Cepstral Coefficients), thus constituting two separate datasets: MFCC and LPCC. [20] also verified that MFCC is more stable and widely used in other studies than LPCC voice biometric dataset, when the ensembles are used on it.

Due to the large number of attributes, it was decided to apply a pre-processing filter supported by WEKA tool in MFCC dataset. This way, it was created a biometric dataset using only 33 attributes. The attribute selection criteria was based on the results acquired through the same tool, using classifiers such as IBK (Knn) [21].

According to [20], fingerprint biometric dataset was collected in the verification competition fingerprints, in 2004. The target dataset contains 800 images of fingerprints, divided into 100 classes (users). The fingerprint features were extracted using the NFIS2 (NIST Fingerprint Image Software 2). The set of features is formed by coordinate values $x$ and $y$ , guidance, feature, type minutia, type identifier, among other attributes. Thus, this biometric dataset is composed by 800 instances. Each instance is composed by attribute values. This dataset include 8 instances for each user and the and the total number of users is 100.

In this study, the multibiometric datasets were created using the combination by column and line combinations. In the column combination,we put together all attributes of both datasets in one instance. Therefore, we will have the same number of instances and the sum of attributes of both datasets. On the other hand, in the line combination, we put together all instances of both datasets (in case of different number of attributes, the smallest number of attributes is considered). As all considered attributes were normalized real numbers, we could put together all instances. In this combination, we will have the same number of attributes and the sum of instances of both datasets.

4.2.2 Transformed datasets

Original voice dataset (Section 4.2.1) was transformed by applying the Cancellable technique BioHashing described in Section 2.2. Original FingerPrint dataset 4.2.1 was transformed by applying the technique of BioConvolving showed in Section 2.2. Table 1 summarizes the configuration of each voice and fingerprint dataset. Using the Weka Tools and applying the technique of pre-processing (Selecting or Filtering Attributes), it was generated a transformed biometric dataset, which has from 100 to 800 users with 50 selected attributes in the Voice dataset.

The original and transformed fingerprint dataset have 71 and 50 attributes, respectively. The columns # Attributes and # Classes represents number of attributes and number of classes for each biometric dataset respectively.

Table 1
Setup – Dataset – Voice – FingerPrint

Dataset	# Attributes	# Classes
Original Voice	360	100
Original Pre-Processed Voice	33	100
Transformed Voice	60	100
Original FingerPrint	71	100
Transformed FingerPrint	50	100

4.2.3 Original and transformed multibiometric datasets

The configuration of the original and transformed multibiometric dataset used in this study is presented in Table 2.

Table 2
Multibiometrics dataset – original and transformed data

Dataset	# Attributes	# Classes
FVCO	65	100
VFCO	65	100
FVLO	33	100
VFLO	33	100
FVCT	101	100
VFCT	101	100
FVLT	51	100
VFLT	51	100

For the original dataset were developed four datasets: (1) [FVCO – Finger Voice Original Column], (2) [VFCO – Voice and Finger Column Original], (3) [FVLO – Finger Voice Line Original] and (4) [VFLO – Voice and Finger original Line]. These acronyms represent the data combination conducted to create the multibiometric datasets (see Section 4.2.1). The dataset FVCO contains, for instance, uses Fingerprint and Voice, using the Column combination in the Original dataset. On the other hand, VFCO uses Voice and Fingerprint, using the Column combination in the Original dataset.

We also generated 4 transformed datasets, which are (1) [FVCT – Finger Voice Column processed], (2) [VFCT – Voice and Finger Column Transform], (3) [FVLT – Finger Voice Line Transform] and (4) [VFLT – Voice and Finger (printing) Line Transform]. Once again, each abbreviation refers to the the combination technique of each multibiometric transformed dataset. For example, FVLT dataset is composed by the line combination of the transformed fingerprint and voice datasets.

Figure 4 illustrates the acronym assignment of all multibiometric datasets, for both original and transformed scenarios.

Figure 4.

Multibiometric architecture of the multibiometric scenarios, according to Tables 1 and 2.

Figure 5.

Architecture of our study, which is composed by fuzzy schemes which are applied to biometric and multibiometric datasets.

4.3 Methodology

The analysis structure is illustrated in Fig. 5. The original and modified fuzzy schemes were applied to twelve biometric datasets (6 for the original scenario and 6 for the transformed scenario). Thus, we run 48 experiments. For each case, we collected accuracy and standard deviation of each scheme for their respective biometric dataset.

The methodology of the experiments conducted in this work will be described in the following steps.

1.
To modify the Papilio algorithm to be applied in the Papilio Fuzzy Vault scheme, according to Section 3.1;
2.
To implement the Papilio Fuzzy Commitment (PFC) and Papilio Fuzzy Vault (PFV) schemes;
3.
To use biometric dataset Voice and Fingerprint together with the cancellable techniques in order to generate the processed datasets;
4.
To generate multibiometric datasets from voice and fingerprints biometric datasets;
5.
To apply the schemes FC and FV on all 12 biometric datasets, as described in Section 4.2;
6.
To apply the modified schemes PFC and PFV on all 12 biometrics datasets;
7.
To quantifify the accuracy of each scheme applied on all biometric datasets;
8.
To apply statistical tests and compare the result of the schemes (FC, FV, PFC, PFV);
9.
To analyze the results (accuracy level) as well as comparisons between fuzzy schemes and Papilio Fuzzy Shcemes proposed in this work.

4.4 Accuracy quantification

The data accuracy of each protection scheme (Sections 2 and 3) is calculated by dividing the number of correctly classified patterns by the total of biometric data patterns. Let us consider that a given dataset contains biometric data for $n$ users. The biometric identification of each user is stored in $y$ different instances, where $y=8$ or $y=16$ . Thus, a dataset representation for $n=100$ users, with $y=8$ , encompasses 800 instances.

The schemes proposed in Sections 2 and 3 are applied to our datasets (Section 4.2). The accuracy for each user in the dataset is calculated following the equation $A_{U_{j}}=\frac{\sum_{i=1}^{y}{N_{A_{i}}}}{y_{j}}$ , where $j$ and $i$ represents the number of instances and number of users, respectively.

Based on this equation and considering that Fig. 6 contains the storage biometric data for a given user, we can say that the accuracy for each user is calculating dividing the number of hits (The user successfully authentication is labelled as – “Macth”) by the total of instances related to the user (number of user instances). In the case, where the user is not successfully authenticated is associated the “Not Macth”.

Generalizing this reasoning, the dataset accuracy for all users can be calculated by sum from each user accuracy and described by the equation $A^{S}_{B}=\sum_{j=1}^{N}A_{U_{j}}$ .

Figure 6.

Accuracy Measurement Illustration: The user authentication step output is labelled by “match” and “not match”.

5. Analysis and discussion

In this section, we present and discuss our findings using the modified versions of the template protect schemes presented in Section 3. Given the need of establishing a reliable statistical basis for our discussion, we applied a statistical test (see Section 5.1) to the obtained results from the Papilio Fuzzy Vault (see Section 5.2) and Papilio Fuzzy Commitment (see Section 5.3) schemes. In these sections the accuracy levels of the modified versions of the template protected schemes are compared to the original ones. Finally, in Section 5.4 we summarize our findings.

5.1 Statistical tests

For the statistical tests performed in Sections 5.2 and 5.3, we used the BioEstat 5.0 tool [22]. This tool is widely used in the literature. It has numerous statistical test implementations and it provides effective assistance in the results analysis (Sections 5.2 and 5.3). We applied the Wilcoxon test [23] and the goal was to obtain evidence about the superiority. We define $H0$ (Null Hypothesis) as there is no difference in accuracy between FC and PFC and the alternative hypothesis ( $H1$ ) as there is difference in accuracy between FC and PFC. We used bi-caudal test with a confidence level of 95% ( $\alpha=0.05$ ). In other words, we considered two-tailed p-value equals to 0.05. The applied Wilcoxon test uses all accuracy values as input to the analysis, which were obtained by 100 runs for each scheme used in this paper.

5.2 Papilio Fuzzy Vault performance

We applied the PFV scheme to all 12 biometric datasets, as described in Section 4.2. In Table 3, we illustrate the results obtained of PFV, in terms of data accuracy (third column) along with its corresponding standard deviation. Other columns (first, second and fourth) respectively represent the biometric dataset name, the number of attributes of each biometric dataset and standard deviation for each biometric dataset.

Table 3
Results – Papilio Fuzzy Vault

Scheme: Papilio Fuzzy Vault
Dataset	# Attributes	Accuracy	S.D
Original Voice	33	100.00%	0.00%
Original FingerPrint	71	100.00%	0.00%
Trans. Voice.	60	99.00%	9.90%
Trans. Finger.	51	100.00%	0.00%
FVCO	65	100.00%	0.00%
VFCO	65	100.00%	0.00%
FVLO	33	98.00%	14.60%
VFLO	33	97.00%	17.05%
FVCT	101	100.00%	0.00%
VFCT	101	100.00%	0.00%
FVLT	51	100.00%	0.00%
VFLT	51	100.00%	0.00%

Comparing the results of the original datasets with the transformed ones (Table 3), it is possible to observe that the accuracy level among the attribute values was maintained in the transformed scenarios. This happens because the fuzzy schemes have achieved a similar performance for both scenarios. On the other hand, the use of multibiometric datasets (the last 8 lines of Table 3) did not promote accuracy improvement when compared to mono biometric datasets’ best results. Nevertheless, the voice dataset achieve $100\%$ of accuracy level, which is the best possible result.

As illustrated in Table 3 the accuracy levels of both schemes were quite similar. This is an expected result because PFV and PFC schemes apply similar protection techniques during their processing (enrolment and authentication phases). The only difference between these two schemes is related to the encryption of the link key and the formulation of the polynomial used on the stored biometric data. As discussed in Section 3, the link key is encrypted in a parallel process in the PFV scheme (different from Fuzzy Vault Scheme). This difference implies that the link key is not an understandable sequence in the PFV scheme’s inner process. In contrast, it is an understandable sequence in the FV scheme. Therefore, if it is lost or stolen, the attacker will not understand the information stored on it. Even if the used polynomial equation is discovered, the key link is still protected by Papilio algorithm, which was used at the initial stage of the PFV. In this sense, the proposed PFV scheme maintains the accuracy results, while increasing the security of the biometric data.

As both fuzzy schemes obtained the same accuracy levels, we did not apply the statistical test since it is clear that there is no improvement, in terms of accuracy, from a statistical point of view. The obtained results had an expected pattern of behaviour. As mentioned previously, the Papilio Fuzzy Vault and Fuzzy Vault schemes obtained similar results. This occurs because the changes on PFV are related solely to the scope of protection and these changes do not affect the PFV level of accuracy. In other words, there is no difference in the matching process. However we applied the Papilio algorithm in order to increase protection technique used on biometric dataset by diffusion and confusion characteristics into Papilio process. In this sense, the security levels of stored biometric data are increased.

5.3 Papilio Fuzzy Commitment performance

Similar to PFV, we apply the PFC scheme to the same 12 datasets previously mentioned (see Section 5.2). In Table 4, we illustrate the results of PFV in terms of accuracy (third column), along with its corresponding standard deviation.

Table 4
Results – Papilio Fuzzy Commitment

Papilio Fuzzy Commitment
Dataset	# Attributes	Accuracy	S.D
Original Voice	33	96.97%	0.13%
Original Finger	71	98.42%	0.18%
Trans. Voice	60	95.91%	0.09%
Trans. Finger	51	100.00%	0.00%
FVCO	65	97.00%	0.03%
VFCO	65	96.96%	0.04%
FVLO	33	96.98%	0.08%
VFLO	33	97.02%	0.06%
FVCT	101	96.91%	0.07%
VFCT	101	96.91%	0.06%
FVLT	51	97.00%	0.10%
VFLT	51	96.97%	0.09%

When comparing the performance of the original and transformed dataset in Table 4, we can observe that fuzzy schemes on Transformed Voice Dataset accuracy decreased when compared to the Original Voice Dataset. However, the opposite behaviour was observed in the Fingerprint dataset results, in which the use of a transformation function caused an increase in the accuracy. In the multibiometric datasets, the original multibiometric datasets had slightly higher accuracy than the corresponding original ones. When analysing the effect of the multibiometric datasets, we can also observe that the results on multibiometric datasets had a similar behaviour to FV, in which its use did not cause improvement of the accuracy level, when compared with the best individual biometric datasets.

Table 5

Comparative Fuzzy Commitment and Papilio Fuzzy Commitment – Voice, FingerPrint and Multibiometrics

Papilio Fuzzy Commitment Scheme
Dataset	FC	PFC
Original Voice	97.07 $\pm$ 0.32	96.97 $\pm$ 0.13
Original Finger	98.40 $\pm$ 0.32	98.42 $\pm$ 0.18
Trans. Voice	95.99 $\pm$ 0.27	95.91 $\pm$ 0.09
Trans. Finger	99.77 $\pm$ 0.03	100.00 $\pm$ 0.00
FVCO	97.00 $\pm$ 0.29	97.00 $\pm$ 0.03
VFCO	96.99 $\pm$ 0.39	96.96 $\pm$ 0.04
FVLO	96.97 $\pm$ 0.21	96.98 $\pm$ 0.08
VFLO	97.16 $\pm$ 0.34	97.02 $\pm$ 0.69
FVCT	97.02 $\pm$ 0.22	96.91 $\pm$ 0.07
VFCT	96.71 $\pm$ 0.34	96.91 $\pm$ 0.06
FVLT	96.87 $\pm$ 0.23	97.00 $\pm$ 0.10
VFLT	96.94 $\pm$ 0.18	96.97 $\pm$ 0.10

Table 5 shows the comparison between PFC and FC, for all datasets. Based on the obtained results, it is possible to see that FC managed to provide slightly higher accuracy level than FC, for almost all datasets. Therefore, it is possible to conclude that FC was slightly better that PFC, in terms of accuracy.

When we compare these schemes (FC and PFC) in each dataset, we can see that the PFC scheme obtained a slightly higher accuracy when applied to only one transformed biometric dataset (Trans. Finger). For the other datasets, including the one in the multibiometric context (the last 8 lines of Table 5), FC provided slightly higher accuracy levels in all 8 multibiometric datasets. It is possible show that the proposed scheme (PFC) cause a slightly decrease in the accuracy levels of the original fuzzy scheme. However, the caused decrease is very small and this occurs because the PFC was not strongly modified in its matching process, when compared to FC. In this way, it is possible to identify the existing relationships almost in the same way as FC. In addition, PFC increased security of the stored data by replacing the hash algorithm by the Papilio algorithm. Therefore, we can state that the obtained results showed a good performance of the proposed scheme.

Table 5 also illustrates the results of the statistical tests. The best result (highest accuracy level) achieved by the fuzzy schemes is highlighted in the shaded cells. In addition, the bold numbers correspond to the best results that are statistically significant, as a result of the application of the Wilcoxon test with a significance level of 0.05.

According to results of Table 5, we can observe that in only one case, the difference in accuracy of both fuzzy schemes proved to be statistically significant. The interesting fact is that this only case happened when PFC had higher accuracy level than FC. Therefore, we can state that although the use of PFC caused a decrease in the accuracy level of FC, this decrease is not to be statistically significant (both accuracies are nearly identical). When PFC caused a increase in the accuracy level, this improvement was proved to be significant, from a statistical point of view.

In summary, the modifications proposed and implemented in the Fuzzy Commitment scheme aimed to increase security in the original systems, while maintaining their respective accuracy. After an analysis of the obtained results, it was possible to state this aim was achieved since PFC maintained the accuracy level of original scheme, while inserting a layer of security in its processing (using the Papilio algorithm).

5.4 Summary

In general, the obtained results indicate that both proposed fuzzy schemes achieved similar accuracy levels, for all analysed biometric datasets. Based on the results we can state that hypothesis H11 was accepted in relation to the transformed datasets, since it was possible to apply protection schemes directly into biometric data without incurring a significant decrease in the accuracy of these systems. Thus, based on the obtained results, we can state that it is possible to use a protected biometric dataset into authentication system. In addition, hypotheses H20 and H30 were accepted, because the obtained results showed that the changes made in the proposed PFV and PFC were not able to promote gains in the accuracy of the original schemes. However, they also did not promote loss in the accuracy levels, since they provided similar accuracy levels, when compared to the original ones.

When analysing the multibiometric context, we had to do some adjustments made in each dataset, such as: match the same number of attributes for FVCO dataset and VFCO, as well as FVCT and VFCT. Then, we observed the same level of accuracy presented on the original individual datasets (Original Voice and Original Fingerprint). However, the accuracy level decreased slightly, when compared to the best individual datasets.

5.4.1 PFC and PFV Advantages

The addition of the safety level presented some advantages for the proposed methods. First, as the original methods, it is possible to store biometric data in a protected way. In this case, if the dataset was stolen, some malicious individuals fail to understand the stolen information and, in this way, the process to create a new biometric template will be easier. Second, unlike the original fuzzy schemes, the proposed schemes (PFC and PFV) offer greater complexity in the pre-processing of biometric data, making the stored data templates safer as well as the protection schemes more reliable. In increasing the protection of the stored data, it is more difficult for a template protection method to suffer different types of attacks. Third, when compared to the original FV, in the PFV method, an extra layer of protection has been added, using the Papilio algorithm to decrypt the user link key. In this sense, in case of being lost or stolen, the user’s link key can not be recovered, making the system more secure. Finally, when analysing the replacement of a hash function for the Papilio algorithm in the Fuzzy Commitment scheme (FC), it makes the system more difficult for attackers, since it eliminates the possibility of correlation attacks in FC, which is one known disadvantage of hash functions. In this way, it consequently reduces the possibility of obtaining the original data from the stored (encrypted) data.

5.4.2 PFC and PFV Disadvantage

Despite the changes in both fuzzy schemes improved the safety level in relation to the original ones, the main disadvantage of the use of the Papilio algorithm is related to the increase in the time processing of the the fuzzy schemes. The Papilio algorithm causes the addition of one more component in the processing of the fuzzy schemes, increasing the processing time of the proposed fuzzy schemes.

6. Conclusion

In this work, we proposed two templates protection methods based on Fuzzy Vault and Fuzzy Commitment schemes. The first one, called PFV (Papilio Fuzzy Vault), was modified in order to use the Papilio algorithm to protect a user link key and biometric traits, and to generate polynomial terms to be used in the original Fuzzy Vault scheme. Thus, the link key of the protected data is preserved in the enrolment step. In case of finding the generator polynomial by brute-force attack methods, the binding key remains unknown by the attacker. The second proposed method, called PFC (Papilio Fuzzy Commitment), also applies the Papilio algorithm in a data protection method (Fuzzy Commitment), but it is applied twice. Firstly, the Papilio algorithm is applied to protect the user’s link key which is inserted in the application environment and, subsequently, in the registration and the authentication environment.

The Papilio algorithm is also applied to replace a hash function in order to decode the returned value of detector and error correction code (Reed-Solomon). This change reduces the risk of mapping input and output values, that exist in a hash function.

In order to assess the use of PFV and PFC schemes, we carried out an exploratory study to analyse accuracy of voice and fingerprint datasets. We also used the multibiometric context, which was obtained by the parallel use of two or more biometric modalities and aimed to increase the reliability of a biometric authentication system. This exploratory study aimed to evaluate the impact of using the proposed fuzzy schemes, in comparison with the original ones.

The obtained results showed that it was possible to increase an extra layer of security in fuzzy schemes, while still maintaining a satisfactory performance at the same level of the original schemes. Similarly, the inclusion of Papilio solved the problem of the link key protection in Fuzzy Vault as well as fixed the problem in the use of existing hashes functions in Fuzzy Commitment. Therefore, the development of these proposed schemes increased the security for an user in biometric-based authentication systems.

As future work, it is possible to use other cryptographic algorithms and propose different changes according to the type of biometric traits. In this sense, it is interesting to have a scenario where the protection schemes provide higher levels of protection, as well as provide greater reliability in terms of accuracy for the validation of the biometric characteristics of the users. According to the results presented in this work, we can achieve better rates of (i) security and (ii) accuracy when we using more robust cryptographic algorithms to increases the protection on stored dataset. in order to better schemes accuracy indices, it is necessary to improve the treatment (pre-proceeding) applied to the biometric datasets. Thus, we need to find a better way to numerically represent the biometric characteristics of a user. Another possibility would be to work with multibiometric systems (three or more biometric characteristics).

Therefore, these new scenarios, and the possibility of future changes settings, figures used alternative biometric data, among others, show that there is still a long way to find an ideal scheme, that is safe and efficient regardless of the biometric modality used.

Footnotes

Entropy of a biometric template that can be understood as a measure of the number of different identities that are distinguishable by a biometric system.

Attempt to find two inputs that produce the same hash value.

References

Jain

A.K.

Hong

Pankanti

and Bolle

, An identity-authentication system using fingerprints, Proceedings of the IEEE 85(9) (1997), 1365–1388.

Wayman

J.L.

, Fundamentals of biometric authentication technologies, Int. J. Image Graphics (2001).

Iida

Kobayashi

and Kiya

, Secure identification based on Fuzzy Commitment scheme for JPEG XR images, in: 2016 24th European Signal Processing Conference (EUSIPCO), Budapest, 2016, pp. 968–972. doi: 10.1109/EUSIPCO.2016.7760392.

Argones Rua

Maiorana

Alba Castro

J.L.

and Campisi

, Biometric Template Protection Using Universal Background Models: An Application to Online Signature, IEEE Transactions on Information Forensics and Security 7(1) (February 2012), 269–282. doi: 10.1109/TIFS.2011.2168213.

Yang

and Niu

, Biometric-based personal identity-authentication system and security analysis, The Journal of China Universities of Posts and Telecommunications 13(4) (December 2006), 43–47. ISSN 1005-8885.

Juels

and Sudan

, A Fuzzy Vault Scheme, Des. Codes Cryptography 38(2) (February 2006), 237–257. doi: 10.1007/s10623-005-6343-z.

Juels

and Wattenberg

, A Fuzzy Commitment scheme, in: Proc. Sixth ACM Conference on Computer and Communications Security, Lausanne, Switzerland, 2008, pp. 1–17.

de Lima Filho

. Differential Cryptanalysis of the Papílio Msc. thesis, Departamento de Informática e Matemática Aplicada, Natal, Universidade Federal do Rio Grande do Norte, 2010.

Oliveira Filho

I.L.

Bedregal

B.R.C.

and Canuto

A.M.

, A comparative analysis of cryptographic algorithms and transformation functions for biometric data, in: 12th International Conference on Machine Learning and Applications, ICMLA 2013, Miami, FL, USA, December 4–7, 2013, Vol. 2, 2013, pp. 255–260. doi: 10.1109/ICMLA.2013.132.

10.

Araújo

F.S.

Ramos

K.D.N.

Bedregal

B.R.C.

and Silva

I.S.

, Papílio cryptography algorithm, in: Proceedings of the First international conference on Computational and Information Science, CIS’04, Springer-Verlag, Berlin, Heidelberg, 2004, pp. 928–933.

11.

Maiorana

Martinez-Diaz

Campisi

Ortega-Garcia

and Neri

, Template protection for hmm-based on-line signature authentication, in: IEEE Conference on Computer Vision and Pattern Recognition Workshops, CVPRW, 2008, pp. 1–6. doi: 10.1109/CVPRW.2008.4563114.

12.

Kong

Cheung

K.-H.

Zhang

Kamel

and You

, An analysis of biohashing and its variants, Pattern Recogn 39(7) (2006), 1359–1368. doi: 10.1016/j.patcog.2005.10.025.

13.

Rathgeb

and Uhl

, A survey on biometric cryptosystems and cancelable biometrics, EURASIP J. Information Security 2011 (2011).

14.

Plank

J.S.

, A tutorial on reed-solomon coding for fault-tolerance in raid-like systems, Softw. Pract. Exper. 27(9) (1997), 995–1012. doi>10.1002/(SICI)1097-024X(199709) 27:9<995::AID-SPE111>3.3.CO;2-Y.

15.

Nagar

Nandakumar

and Jain

A.K.

, Multibiometric cryptosystems based on feature-level fusion, IEEE Transactions on Information Forensics and Security 7(1) (2012), 255–268.

16.

Rua

E.A.

Maiorana

Castro

J.L.A.

and Campisi

, Biometric Template Protection Using Universal Background Models: An Application to Online Signature, IEEE Transactions on Information Forensics and Security 7(1) (2012), 269–282.

17.

Reed

and Solomon

, Polynomial codes over certain finite fields, SIAM Journal of Applied Math 8 (1960), 300–304.

18.

Almahafzah

and Alrwashdeh

M.Z.

, A survey of multibiometric systems, International Journal of Computer Applications 43(15) (2012), 36–43.

19.

Garofolo

J.S.

Lamel

L.F.

Fisher

W.M.

Fiscus

J.G.

Pallett

D.S.

and Dahlgren

N.L.

, DARPA TIMIT acoustic phonetic continuous speech corpus CDROM, 1993.

20.

Pintro

, Comitês de classificadores para o reconhecimento multibiométrico em dados biométricos revogáveis, Ph.D. thesis, Departamento de Informática e Matemática Aplicada, Natal, Universidade Federal do Rio Grande do Norte, 2013.

21.

Cover

and Hart

, Nearest neighbor pattern classification, IEEE Trans. Inf. Theor. 13(1) (September 2006), 21–27. doi: 10.1109/TIT.1967.1053964.

22.

Ayres

M.A.

Ayres

D.L.

and de Assis Santos dos Santos

, BioEstat: aplicações estatísticas nas áreas das ciências bio-médicas, Sociedade Civil Mamirauá: MCT: IOEPA, 2005.

23.

Wilcoxon

, Individual Comparisons by Ranking Methods, Biometrics Bulletin 1(6) (1945), 80–83. doi: 10.2307/3001968.

Increasing data accuracy in biometric authentication systems: An exploratory study using papilio algorithm on fuzzy schemes

Abstract

Keywords

1. Introduction

2. Background

2.1 Papilio cryptosystem

2.2 Cancellable techniques

2.3.1 Fuzzy Vault

2.3.2 Fuzzy Commitment

3. Proposed fuzzy schemes

3.2 Papilio Fuzzy Vault

4.1 Aim, research question and hypotheses

4.2.1 Original datasets

4.2.2 Transformed datasets

Table 1 Setup – Dataset – Voice – FingerPrint

Table 2 Multibiometrics dataset – original and transformed data

5.1 Statistical tests

5.2 Papilio Fuzzy Vault performance

Table 3 Results – Papilio Fuzzy Vault

Table 4 Results – Papilio Fuzzy Commitment

5.4.1 PFC and PFV Advantages

5.4.2 PFC and PFV Disadvantage

6. Conclusion

Footnotes

References

Table 1
Setup – Dataset – Voice – FingerPrint

Table 2
Multibiometrics dataset – original and transformed data

Table 3
Results – Papilio Fuzzy Vault

Table 4
Results – Papilio Fuzzy Commitment