Fingerprint Shell with impregnable features

Abstract

Authentication based on utilization of fingerprint has become highly popular. Generally, minutiae points information obtained from the fingerprints is stored into the database. Various research works depict that by utilizing minutiae points information, original fingerprints reconstruction is possible. Adversary can obtain the user template through an attack on the database. If minutiae template of a user is compromised, then the adversary can construct original fingerprint of the user. In order to avoid this, it is essential to secure the fingerprint information. To achieve this, a technique called 3-Dimensional Secured Fingerprint Shell has been presented by Ali and Prakash, in this technique they generate a 3-dimensional spiral curve, however, ridge counts between singular and minutiae points are not secure in this technique. In the proposed technique we construct an extremely secure and efficient template for a user, by securing all features of the fingerprint used for template generation. The proposed technique is robust against the effects of rotation as well as translation and meets the essential requirements of an efficient authentication system. We evaluated the proposed technique by utilizing FVC2000, FVC2002, FVC2004, and IIT Kanpur fingerprint databases. The results obtained for the proposed technique are highly encouraging, that shows its robustness.

Keywords

Biometrics template security fingerprint revocability diversity minutiae

1. Introduction

With the advancement in technology, everything around us is becoming automated. All these advancements have resulted in the reduction of human efforts. However, though human life has become highly comfortable and easy, there exist various security issues. Role of automated authentication systems has become extremely crucial, in case if an imposter is recognized as a genuine user, then extreme damages may occur. Traditionally, automated authentication systems use to rely on the token and a secret knowledge for the authentication of a user. Though these authentication systems are highly popular, they have various limitations. A token can get damage or a user can lose it, and the length of passwords is usually very small and social engineering can be applied to it. Apart from this, a user can share his/her credentials like tokens and passwords with others, in such a scenario the authentication system will not be able to differentiate between the genuine user and the one who has the credentials of the genuine user. This may lead to very serious consequences.

In order to deal with such problems, biometrics is an efficient alternative. Biometrics means an automated identification/recognition of an individual depending on his/her behavioral (related to the behavior of a human being) or the physiological (related to the shape of the human body) characteristics. By applying proper sensors the behavioral (such as key-stroke, voice etc.) or the physiological (such as ear, fingerprint etc.) are acquired. Following are the two major steps required for the biometric-based identification system:

Enrollment: By utilizing adequate sensors features of human being are obtained. By utilizing the obtained features, user template is constructed which is saved into the repository.

Verification: As done at the time of enrollment step, in this step also features are extracted from a human being. Utilizing the extracted features a template is constructed, this template is matched to the one present in the repository for computation of the similarity score. Depending on the similarity score a user is accepted or rejected.

Though there are several advantages associated with biometric authentication system it has some limitations. There exist intra-subject variance, when biometric features are captured through sensors. With variance, there also exist noise which degrades the recognition performance. Apart from this, there are various attacks possible on biometric-based authentication system [1, 20]. These attacks have been classified into eight categories by Ratha et al. [29]. Out of these eight type of attacks, the attack on the database is the most destructive one. As by attacking the database, user template might get compromised and from the compromised template original biometric features can be obtained. Biometric features are permanently associated with the human body, so if they are lost then it is a permanent damage as they cannot be changed. This may lead to very serious consequences. There also exists a threat of cross-matching attack, in this attack a user can be traced in different applications if user template is compromised in any one application.

In order to avoid such problems, a biometric authentication system must be robust against such attacks. An ideal biometric system must have the properties of revocability, diversity, security, and performance which are explained below:

Revocability: If a user template gets attacked, then the authentication system must give the liberty to generate another template, by using the same biometric information of a user.

Diversity: No resemblance or linkability must be there between the multiple templates constructed from the same data of a user.

Security: In case if the user template is compromised, then it should be computationally very difficult (almost impossible) to get anything about original biometric data/features.

Performance: By making a biometric authentication system revocable, diverse, and secure, the recognition performance of the authentication system must not degrade.

To achieve the above properties, a transformed template is saved as the secured user template. Suppose we have biometric features α, then using a transformation function σ and user key u, α is transformed to σ (α, u), which is saved into the repository for future verification. For verification, biometrics features β are extracted from the user that are transformed to σ (β, u), comparison of σ (β, u) is done with σ (α, u). Matching score is computed for σ (α, u) and σ (β, u), depending on the score it is decided that he/she is a genuine person or not. If an attacker gets σ (α, u), then the biometric authentication system provides the liberty of changing the user key from u to v, and a revoked template σ (α, v) is produced to replace the compromised one.

Remaining paper is organized as follow. In the next Section, various existing techniques in the field of biometric template protection are given. In Section 3 proposed technique is explained, after which the experimental analysis is discussed in Section 4. In the last section, the paper is concluded.

2. Literature review

Fingerprints are among the most widely used biometric feature of a human for authentication. As there are various attacks possible, so there is a requirement for the protection of user biometric template. Techniques securing biometric template of a user are generally classified as cancelable biometric [29] and biometric cryptosystem [3].

In [4] fuzzy vault is proposed, in this scheme, along with the original data points a large number of chaff points are added. Nandakumar [21] proposed a technique Binary fixed length utilizing Fourier phase spectrum of a minutiae set. In [39] Biotop biotoken is produced as a template for a user. It is constructed by transforming user data through encryption. Nurtantio et al. [6] used image compression based on singular value decomposition for fingerprint classification. Trivandrum et al. [41] utilized local binary patterns and support vector machine for identification. In [14] Kumar et al. utilized k-plets minutia, by combining the hash function.

Gopal et al. [15] proposed a method using novel oriented Gabor gradients for authentication. In [9] a method that relies on minutiae points triplet generation is presented. This method is invariant in terms of alignment issues. In [8] Rui proposed a technique based on the CA algorithm for biometric recognition. In [26] Sandhya and Prasad produced cancelable user template based on fingerprint by using k-closest neighboring structure. For spoof detection in [43], Mohanraj et al. utilized hybrid feature descriptors. Based on normalized cross correlation Global distortion rectification for fingerprint matching has been introduced in [11]. In [16] Gopal et al. used adaptive histogram equalization for the authentication utilizing the local subspace. Based on Delaunay triangles Sandhya et al. in [28] proposed a method for construction of cancelable user template. For overlapped latent fingerprints recognition Jeyanthi et al. [34] introduced an approach relying on neural networks. In [27] Sandhya et al. secured fingerprint by using the fused structures. Trans et al. in [25] proposed an approach for locally matching the minutiae through a hybrid matcher. Haitaoa et al. [33] introduced a technique that relies on parallel local phase quantization for recognition. In [24] Luca et al. used multimodal biometrics using fingerprints for recognition.

In [31] Cappelli et al. presented Minutia Cylinder-Code (MCC), it is a very popular approach. Fingerprint data is not secure in this technique as the original fingerprint features can be obtained in it. To overcome this weakness Ferrara et al. in [22] proposed a technique which is highly secure; however, this technique is not revocable. Ferrara et al. in [23] designed another method similar to [31], this approach overcomes the weakness of [22, 31]. Through

Algorithm 1. Ridge count between two points
Input:Thinned Fingerprint image as binary matrix: thinned,
size of thinned:, points between which ridge
count is to be computed: (a₁, b₁) & (a₂, b₂).
Output:Ridge count: rcount
rcount = 0
m=(b₁– b₂)/(a₁– a₂)
p = b₁ – m a*₁
If \|a₁ – a₂\|>=\|b₁ – b₂\| then
fora = a₁toa₂do
b = int(m a* + p)
ifthinned(a– 1, b– 1) orthinned(a– 1, b) or
thinned(a– 1, b + 1) orthinned(a, b–1) or
thinned(a, b) orthinned(a, b + 1) or
thinned(a + 1, b– 1) orthinned(a + 1, b) or
thinned(a + 1, b + 1)
then
ifonridge==false then
rcount = rcount+1
onridge = true
end if
else
onridge = false
end if
end for
else
forb = b1 tob2 do
a = int((b– p)/m)
ifthinned(a – 1, b– 1) orthinned(a– 1, b) orthinned(a – 1,
b + 1) orthinned(a, b–1) orthinned(a, b) orthinned(a,
b + 1) orthinned(a + 1, b– 1) orthinned(a + 1, b) orthinned
(a + 1, b + 1) then
ifonridge==false then
rcount = rcount + 1
onridge = true
end if
else
onridge = false
end if
end for
end if

the use of l₁ minimization in [12] comparison in a domain which is encrypted is presented for MCC.

By decomposing the filter in [40] Khan et al. enhanced the fingerprint images by using anisotropic Gaussian. In [42] Si et al. proposed a technique relying on registration of fingerprint which is a dense registration. In [7] Moujahdi et al. proposed a technique called Fingerprint Shell, by using the distances between features of fingerprint a spiral curve is computed as a user template. Template generated by [7] has a weakness that from the user template, the original features used for template generation can get leaked. In [36] and [37], Ali and Prakash proposed the enhanced versions of [7] to overcome its weaknesses. In [38] more fingerprint features are used to generate a cancelable user template. However, all the fingerprint features used for template generation in [38] are not secure, the ridge count used in [38] can easily be compromised in case if adversary gets the user template. The proposed technique overcomes weaknesses of [38] and constructs a user template that is more secure and gives better recognition performance. Template constructed depicts high revocability and diversity. All the fingerprint features used for template generation in the proposed technique are secured and unlike [38] no information about finger-print can be leaked in the proposed technique.

3. Proposed technique

Fingerprints consist of valleys and ridges. Generally, the point where the ridge begins/terminate or bifurcate is called minutia point. Figure 2 shows a fingerprint image illustrating the minutiae and singular point (at singular points, ridges have high curvature). Usually, these features of the fingerprint are used as a user template. However, using fingerprint features directly as user template is not secure because minutiae points information is non-revocable. In such a scenario if the database is attacked by the adversary, then user template cannot be changed and from the minutiae points information original fingerprint can be constructed [1]. Another problem by using fingerprint features directly is the intra-subject variation due to translation, rotation, dirt/sweat on the finger, skin elasticity, and finger pressure on sensors.

To overcome such limitations, we proposed a highly secured technique that utilizes rotational as well as translation invariant features of a fingerprint to generate a highly secured template. The main concept behind generating a template with high security is that, through the utilization of key-set, fingerprint features are transformed and a template is constructed. Even if this template gets compromised, then from it no information regarding the original features will leak. Apart from this, by using different key another user template construction is possible. In the proposed technique a highly secured spiral curve is constructed as a secured template for a user by utilizing the translation/rotation invariant features of a fingerprint are mentioned below:

The distances between the minutiae and the singular points. Suppose there are num number of minutiae points, and dis₁, dis₂,…, and dis_num be the required distances.

The ridge counts (number of ridges) between the singular and the minutiae points, let rc₁, rc₂,…, and rc_num be the obtained ridge counts.

The orientation information of the minutiae points with reference to the lines connecting them to the singular point. Let θ₁, θ₂,…, and θ_num be the required orientations.

Using the above features, a spiral cure is constructed, with the help of the user key-set {p₀, q₀, m₀, r₀}. Flowchart for the proposed technique is given in Figure 1, and the algorithm for template generation is shown in Algorithm 2. In this paper the abscissa axis is denoted as the x-axis, ordinate axis is denoted as the y-axis, and the applicate axis is denoted as the z-axis. The steps involved in the user template generation at the time of enrollment are mentioned below:

Fig. 1

Flowchart for the working of the proposed technique.

3.1. Feature extraction

The minutiae points and the singular points are captured along with the attributes associated to them, as shown in Fig. 2.

Fig. 2

Fingerprint image with minutiae points (green circles are minutiae points and red arrows are their orientations) and singular point (blue square).

3.2. Feature securing

As we know that if the original biometric features are compromised, then it is a permanent damage. Thus it is essential to secure the biometric features. Here instead of directly using distances dis₁, dis₂,…, and dis_num, secured distances mdis₁, mdis₂,…, and mdis_num are used. And in place of using the ridge counts rc₁, rc₂,…, and rc_num, secured ridge counts mrc₁, mrc₂,…, and mrc_num are used, which are generated through the utilization of key {p₀, q₀}. If we consider the i^th minutia point, then secured distance mdis_i and secured ridge count mrc_i are calculated by using orientation θ_i of minutiae point with reference to the line connecting the minutia point and the singular point as shown in Fig. 3. Value of mdis_i can be calculated as given below.

${mdis}_{i} = \sqrt{{dis}_{i}^{2} + q_{0}^{2} + 2 ({dis}_{i} \times q_{0} \times cos (θ_{i} - p_{0}))}$

As compared to [38], distances generated here have more randomness, which makes them more secure.

Fig. 3

Computation of secured distance and secured ridge count for the i^th minutia point using key p₀ and q₀.

3.3. Spiral curve generation

Secured distances computed between the singular point and minutiae points are arranged in ascending order. Let mdis₁, mdis₂,…, and mdis_num be the distances in ascending order. To all these distances a user key m₀ is added. mdis₁ + m₀, mdis₂ + m₀,…, and mdis_num + m₀ is a new distance set. Using this new secured distance set, a spiral curve is generated where these secured distances form right contiguous triangles. The spiral curve generated is a 2-dimensional curve (as shown in Fig. 4). The algorithm to calculate the ridge count between two points is given in Algorithm 1. Instead of using the ridge counts rc₁, rc₂,…, and rc_num as applicate values for the spiral curve points, the secured ridge counts mrc₁, mrc₂,…, and mrc_num are used as applicate values with the help of a user key r₀.

z_{i} = {mrc}_{i} \times r_{0}

Algorithm 2. Construction of secured user template
Input: distance, angle and ridge count sets (dis1, θ1, mrc1),
(dis2, θ2, mrc2),…, (disnum, θnum, mrcnum) and key-set {p 0,
q0, m0, r0}
Output: Secured user template (SUT)
for i = 1 to num do
/* Computation of secured distances mdis1, mdis2,…, mdisnum
*/
${mdis}_{i} = \sqrt{{dis}_{i}^{2} + q_{0}^{2} + 2 ({dis}_{i} \times q_{0} \times cos (θ_{i} - p_{0}))}$
end for
for i = 1 to num do
/* Hypotenuses of right angle triangles */
mdis $i= mdis i+mo$
if i = =1 then
x $i$ = m0
$y_{i} = \sqrt{{mdis}_{i}^{2} - m_{0}^{2}}$
Ø $i$ =tan^-1 (yi/xi)
end if
if i>1 then
/Angle between hypotenuse and axis of abscissas/
Ø $i=Ø i$ - 1+cos(mdisi - 1 / mdisi)
x $i$ =mdis $i$ ×cos(Ø $i$ )
y $i$ = mdisi×sin(Ø $i$ )
end if
end for
for i = 1 to num do
/* Generating 3-dimensional spiral curve */
z $i$ = mrc $i$ × r0
end for
t0=llcornerp0⌟+llcornerq0⌟×(256)+llcornerm0⌟×(65536)+ llcornerr0⌟×(16777216)
for i = 1 to num do
/* Template Security Enhancement */
$[x_{i} y_{i} z_{i}] = [x_{i} y_{i} z_{i}] (\begin{matrix} \cos (q_{0}) & \sin (q_{0}) & 0 \\ - \sin (q_{0}) & \cos (q_{0}) & 0 \\ 0 & 0 & 1 \end{matrix})$
$(\begin{matrix} \cos (r_{0}) & 0 & - \sin (r_{0}) \\ 0 & 1 & 0 \\ \sin (r_{0}) & 0 & \cos (r_{0}) \end{matrix})$
[xi yi zi] = [t0 × sin (r0) × sin (q0) t0 × cos (r0) t0 × sin (r0)
×cos (q0)] + [xi yi zi]
end for
/* coordinates of the secured user template (3-dimensional
spiral curve) */
SUT={(x $i$ , y $i$ , z $i$ ) \|i = 1 → num}

Thus, we obtain a spiral curve which is 3-dimensional, as shown in Fig. 6a. If the spiral curve generated by the technique proposed by in [38] is compromised, then the original ridge counts can be acquired by the adversary. However, in the case of the proposed technique, original ridge counts cannot be obtained by the adversary as we have used secured ridge counts. Not only this, by changing user key p₀ and q₀, a new set of secured ridge counts can be generated. Thus all the attributes of a fingerprint are secured, leading to higher security as compared to [38].

Fig. 4

Generating 2-dimensional spiral curve by utilizing key m₀ and distances mdis_i(i = 1 to num).

Fig. 5

Generating key t₀ by utilizing integral values of p₀, q₀, m₀, and r₀.

Fig. 6

3-dimensional template (a) Initial 3-dimensional user template, green line display applicate value obtained utilizing the secured ridge count mrc_i and r₀ (user key). (b) Final 3-dimensional user template obtained after transformation.

3.4. Security enhancement

The security enhancement of spiral curve constructed through the above steps is done by translating the 3-dimensional curve using keys p₀, q₀, m₀, and r₀. Where t₀ is a 32 bits integer, generated by concatenation of an integral part of the keys p₀, q₀, m₀, and r₀. First 8 bits of t₀ from most significant bit (MSB) is an integral part of the user key p₀, next 8 bits are the integral part of the user key q₀, next 8 bits are an integral part of the user key m₀ and last 8 bits from MSB are an integral part of the user key r₀, as illustrated in Fig. 5. The initial 3-dimensional curve is rotated by using user keys q₀ and r₀ and the translated using the keys q₀, r₀, and t₀, as depicted in Fig. 7. Figure 6b depicts the final obtained user template, which is saved into the database. As a fingerprint may have more than one singular point, so corresponding to every singular point, a secured template is constructed which is stored into the database.

Fig. 7

Template security enhancement (a) Template before security enhancement. (b) Template obtained after security enhancement by utilizing the keys q₀, r₀, and t₀.

Proposed technique provides the liberty to generate multiple user templates from the same fingerprint through the utilization of different key values, as depicted in Fig. 8.

Fig. 8

Different spiral curves constructed by utilizing the same biometric data and different user keys.

3.5. Matching

To match templates (secured 3-dimensional spiral curve), Hausdorff Distance (HD) [2] has been used. It is extensively used for shape comparison. HD used for the calculation of the similarity between cloud/set of points G and W is given below. $HD (G, W) = max [hd (G, W), hd (W, G)]$ $hd (G, W) = max min (DM (g, w))_{g \in G w \in W}$

Here DM(g, w) is a distance metric, for example, Euclidean distance. If HD value obtained is less, then it means better matching. At the time of authentication, if multiple singular points are there in fingerprint image of a user, then only one template is constructed with respect to the singular point which is closest to the middle point of the captured image of the fingerprint. During authentication, user template is matched to all the templates that are there in the database corresponding to a particular user. The similarity score is calculated by using HD, and if the score is less than a particular threshold value then it means that the user is genuine, else a fake person.

4. Experimental analysis

Experiments are performed on IIT Kanpur, FVC2004, FVC2002, and FVC2000 fingerprint databases. 1-vs-1 protocol [22] and Fingerprint Verification Competition (FVC) protocol [10] are used for experimental analysis.

4.1. Experimental setup

To obtain minutiae points from fingerprints VeriFinger SDK (trial version) [30] is used. Technique given in [17] is utilized to obtain arch type singular points. To obtain core and delta type singular points, the method given in [13] has been utilized.

Details of the databases used for experiments are given in Table 3. All the databases except IIT Kanpur database consist of 800 fingerprints collected from 100 subjects (8 fingerprint samples per subject). IIT Kanpur database is a large database which contains 5512 fingerprint images obtained from 1378 subjects (4 fingerprint samples per subject).

To evaluate the proposed technique following terms are calculated [18, 19]:

False Rejection Rate (FRR): It is the percentage of instances when authentication system considers a genuine user as an imposter.

False Acceptance Rate (FAR): It is the percentage of instances when an imposter is recognized as a genuine user by the authentication system.

Equal Error Rate (EER): It is the value of FRR/FAR when they have the same value.

Genuine Acceptance (GAR): Percentage of instances when authentication system correctly recognizes an authentic user.

FMR₁₀₀₀: Value of FRR when FAR is 0.001%.

Zero_FMR: Minimum value obtained for FRR, when the value of FAR is 0.0%.

Kolmogorov-Smirnov (KS) test: It depicts the separation between the imposter and the genuine score distribution, its range is between zero to one. A value closer to one shows better separation [32].

The protocols used for the evaluation of the proposed technique are explained below:

FVC protocol: To calculate FRR, user templates computed from all the biometric samples of the same subject are matched with each other [38]. To calculate FAR, template computed by the utilization of the first biometric sample of a subject is matched to the templates computed from the first biometric sample of the other remaining subjects.

1-vs-1 protocol: To calculate FRR, user template computed by using the first sample of a user/subject is matched to the template that is computed by utilizing the second biometric sample of same subject [35]. To calculate FAR, template computed with the help of the first biometric sample of a subject is matched to templates computed by utilizing the first biometric sample of the other remaining subjects.

4.2. Results and discussion

Analysis of the proposed technique is done with respect to the essential parameters of any efficient authentication system, which comprises of revocability, diversity, security, and performance.

4.2.1. Revocability and diversity

As cyber-attacks and breaches are increasing day by day. So in case if a biometric authentication system is compromised then it must be ensured that multiple templates generation by utilizing the same data of a user must be possible, which means that the authentication technique must be revocable. There must not be any correspondence between the multiple templates computed from the same data, which means that authentication system must exhibit diversity. To achieve this, the proposed technique provides the liberty to generate multiple user templates (which are different from each other) from same data given by the user, by changing the user key-sets {p₀, q₀, m₀, r₀}. It can be observed from Fig. 8 that both the templates belong to the same user and are constructed by utilizing the same biometric features/data, however, they are very different from each other.

As discussed above, the proposed technique shows good revocability and diversity. Further analysis of revocability and diversity strength of the proposed technique has been done by testing the proposed technique for revoked template attack [23]. Here the attacker has the old template of the user that was stolen by the adversary by attacking the database, after the attack, the compromised user template is replaced with a new revoked template. Now the adversary tries to authenticate itself using the old compromised user template it has. Now there are following two scenarios possible in this attack which are explained below:

Scenario-I: Adversary has the old user template obtained from the repository, a new template is computed and saved into the repository, by using the same fingerprint sample of a user. Through the utilization of different user key-set.

Scenario-II: Adversary has the old user template obtained from the repository, a new template is computed and saved into the database, by using different fingerprint sample of the same finger of a user. Through the utilization of different user key-set.

Once a compromised template is revoked by changing the user key-set then there must not be any resemblance between the revoked template and the old compromised template must be there. To guarantee this in the proposed technique, we tested its robustness by giving different mutually exclusive key-set values to the users (with more than a thousand different sets) and compared them. The results obtained for the above two scenarios are shown in Table 5. Results obtained are highly encouraging and depicts the effectiveness of our technique. Clearly, from the obtained results, it can be observed that there lies no linkability between the compromised templates and the revoked templates, which means that the templates generated are highly different. Analyzing revocability and diversity also depicts the resistance of the proposed technique for the cross-match attack. Suppose if a user has been utilizing the same biometric features to construct user templates among various applications, then in cross match attack [38] by compromising the user template present in the database of any one application, adversary attempts to authenticate itself in another application using the compromised template of a user. The proposed technique shows high resistance to the cross-match attack also. Hence it is highly robust with respect to revocability as well as diversity.

4.2.2. Security

The authentication system using some sort of transformation for user template computation (from their biometric features) must ensure that from the transformed template, original biometric features cannot be obtained. This is essential because biometric features are permanently associated with the human body, so compromising of the biometric feature is a big damage. Hence security of biometric features is essential.

In the proposed technique instead of directly using the fingerprint features, we have utilized the modified features using the user key-set. It can be observed that the orientation information of the minutiae points θ_i (ivaries from 1 to num) with respect to a line connecting them to the singular point, is not saved anywhere in the proposed technique. Due to this even if an adversary gets the user template then unlike [38], no information of original features of the fingerprint will leak. The only information that can leak is modified features, which can be changed by changing user keys.

Further security of the proposed technique is tested by generating pseudo minutiae template. Pseudo minutiae template is generated by randomly generating minutiae points with random locations, orientations, and ridge counts with respect to the line joining them to the singular point (location of the singular point is kept origin). Total 100 pseudo minutiae templates are generated randomly. By utilizing these pseudo minutiae points spiral curves are generated (using randomly generated key-sets) and then matched with the spiral curves generated with genuine fingerprints. Table 6 shows the successful attacks on various databases through pseudo minutiae template attack. It can be observed that the proposed technique demonstrate high resistance towards pseudo minutiae template attack. Hence the proposed technique provides high security to data of a user and is completely secure.

4.2.3. Performance

For the evaluation of the genuine/imposter recognition performance of the proposed technique, we generated user key-set value randomly. The range of p₀∈ [0, 100], q₀∈ [0, 30], m₀∈ [0, 100], and r₀∈ [0, 50] are used for experimentation. The results obtained for the FVC protocol are shown in Table 1 and that obtained for the 1-vs-1 protocol are shown in Table 2. It can be observed that we have obtained a perfect EER of 0.00%, which means the 100% recognition accuracy. Figure 9 depicts the ROC curve obtained by implementing the proposed technique on FVC2002 and IIT Kanpur databases. Proposed technique out performance the other techniques mentioned except [38] (similar results are obtained with respect to [38]), however, as far as security is concerned, the proposed technique is better than [38], as we have utilized the secured modified features, that makes the original biometric fea-tures impregnable. KS test values obtained for FVC2002 (DB1, DB2, and DB3) and IIT Kanpur databases are reported in Table 4, values obtained depicts the high accuracy of the proposed technique for the recognition of a user.

Table 1
EER values comparison by utilizing FVC protocol (values given in percentage)

Various techniques FVC2000 DB1 FVC2000 DB2 FVC2002 DB1 FVC2002 DB2 FVC2002 DB3 FVC2002 DB4 FVC2004 DB1 FVC2004 DB2 IIT Kanpur (Large database)

EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR EER FMR₁₀₀₀ ZeroFMR

Ali and Prakash [36] (2015) – – – – – – – – – – – – – – – – – – – – – – – – 0.001 – –

Cappelli et al. [31] (2010) – – – – – – 1.00 1.64 3.18 0.49 0.68 0.89 3.14 7.18 8.96 3.00 5.75 7.46 – – – – – – – – –

Ferrara et al. [22] (2012) – – – – – – 1.88 3.14 5.07 0.99 1.43 2.54 5.24 10.04 12.43 4.84 9.75 11.89 – – – – – – – – –

Ferrara et al. [23] (2014) – – – – – – 2.0 3.1 4.3 1.1 1.3 1.4 4.4 8.4 11.8 3.1 5.0 6.6 3.0 6.8 9.1 – – – – – –

Moujahdi et al. [7] (2014) – – – – – – 2.03 4.18 6.36 1.01 1.39 2.21 – – – – – – – – – – – – – – –

Boult et al. [39] (2007) 2.9 – – 2.5 – – 2.1 – – 1.2 – – – – – – – – 8.6 – – 7.5 – – – – –

Derman and Keskinoz [11] – – – – – – 6 – – 6 – – 14 – – 7 – – – – – – – – – – –

(2016)

Tran et al. [25] (2017) – – – – – – – – – 0.49 0.67 – – – – – – – – – – – – – – – –

Ahn et al. [9] (2008) – – – – – – 7.18 – – 3.61 – – 11.80 – – 11.46 – – – – – – – – – – –

Ali and Prakash [37] (2017) – – – – – – – – – – – – – – – – – – – – – – – – 0.001 – –

Khan et al. [40] (2017) – – – – – – – – – – – – – – – – – – 9.03 – – 9.71 – – – – –

Kumar et al. [14] (2010) – – – – – – – – – 4.98 – – – – – – – – – – – – – – – – –

Si et al. [42] (2017) – – – – – – – – – – – – – – – – – – – – – 0.89 1.96 3.36 – – –

Ali and Prakash [38] (2018) 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Proposed Technique 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Various techniques	FVC2000 DB1	FVC2000 DB2	FVC2002 DB1	FVC2002 DB2	FVC2002 DB3	FVC2002 DB4	FVC2004 DB1	FVC2004 DB2	IIT Kanpur (Large database)
Ali and Prakash [36] (2015)	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	0.001	–	–
Cappelli et al. [31] (2010)	–	–	–	–	–	–	1.00	1.64	3.18	0.49	0.68	0.89	3.14	7.18	8.96	3.00	5.75	7.46	–	–	–	–	–	–	–	–	–
Ferrara et al. [22] (2012)	–	–	–	–	–	–	1.88	3.14	5.07	0.99	1.43	2.54	5.24	10.04	12.43	4.84	9.75	11.89	–	–	–	–	–	–	–	–	–
Ferrara et al. [23] (2014)	–	–	–	–	–	–	2.0	3.1	4.3	1.1	1.3	1.4	4.4	8.4	11.8	3.1	5.0	6.6	3.0	6.8	9.1	–	–	–	–	–	–
Moujahdi et al. [7] (2014)	–	–	–	–	–	–	2.03	4.18	6.36	1.01	1.39	2.21	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–
Boult et al. [39] (2007)	2.9	–	–	2.5	–	–	2.1	–	–	1.2	–	–	–	–	–	–	–	–	8.6	–	–	7.5	–	–	–	–	–
Derman and Keskinoz [11]	–	–	–	–	–	–	6	–	–	6	–	–	14	–	–	7	–	–	–	–	–	–	–	–	–	–	–
(2016)
Tran et al. [25] (2017)	–	–	–	–	–	–	–	–	–	0.49	0.67	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–
Ahn et al. [9] (2008)	–	–	–	–	–	–	7.18	–	–	3.61	–	–	11.80	–	–	11.46	–	–	–	–	–	–	–	–	–	–	–
Ali and Prakash [37] (2017)	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	0.001	–	–
Khan et al. [40] (2017)	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	9.03	–	–	9.71	–	–	–	–	–
Kumar et al. [14] (2010)	–	–	–	–	–	–	–	–	–	4.98	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–
Si et al. [42] (2017)	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	–	0.89	1.96	3.36	–	–	–
Ali and Prakash [38] (2018)	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
Proposed Technique	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0

Note: “–” shows non-availability of data.

Table 2

EER values comparison by utilizing 1-vs-1 protocol (values given in percentage)

Various techniques	FVC 2002												IIT Kanpur
	DB1			DB2			DB3			DB4			(Large Database)
	EER	FMR₁₀₀₀	Zero_FMR	EER	FMR₁₀₀₀	Zero_FMR	EER	FMR₁₀₀₀	Zero_FMR	EER	FMR₁₀₀₀	Zero_FMR	EER	FMR₁₀₀₀	Zero_FMR
Sandhya et al. [28] (2016)	0	–	–	0	–	–	1.65	–	–	–	–	–	–	–	–
Cappelli et al. [31] (2010)	0	0	0	0	0	0	2	3	5	3.48	5	5	–	–	–
Ferrara et al. [22] (2012)	0	0	0	0.02	0	1	3.43	4	5	3.37	9	11	–	–	–
Sandhya et al. [26] (2015)	0	–	–	0	–	–	3.65	–	–	–	–	–	–	–	–
Sandhya et al. [27] (2017)	0	–	–	0	–	–	1.65	–	–	–	–	–	–	–	–
Ali and Prakash [38] (2018)	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
Liu and Zhao [12] (2017)	–	0	0	–	0	0	–	–	–	–	–	–	–	–	–
Proposed Technique	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0

Note: “–” shows non-availability of data.

Table 3

Description of the databases

Database	Samples per	Total	Total
subject	subjects	Fingerprint images
IIT Kanpur	4	1378	5512
FVC2004 DB1	8	100	800
FVC2004 DB2	8	100	800
FVC2002 DB1	8	100	800
FVC2002 DB2	8	100	800
FVC2002 DB3	8	100	800
FVC2002 DB4	8	100	800
FVC2000 DB1	8	100	800
FVC2000 DB2	8	100	800

Fig. 9

ROC curves obtained for the fingerprint databases.

Hence the proposed technique outperforms the other techniques in various aspects that are given below:

Unlike other techniques, all the features of fingerprint that are utilized for template generation are secured. No information about the original features of a fingerprint can be leaked from the secured features.

Proposed technique provides the liberty to modify all the secured features obtained from a fingerprint in case there is any security breach, which is not provided by [7] and [38].

The proposed technique achieved a higher recognition rate than the other existing techniques. This is due to the utilization of highly secured features that are generated by modifying the original biometric features of a fingerprint.

Proposed technique provides very high revocability as the modified features are used for, template generation instead of the original fingerprint features. By changing the user key-set value, these modified features value can be changed as well as the complete spiral curve of a user will change. Leading to better revocability than the other techniques.

The proposed technique utilizes rotational/translation invariant features of fingerprint for the user template computation. This reduces the intra-subject variations, which improves the performance

The proposed technique is highly efficient and robust against various attacks, providing a highly secured authentication system.

Table 4

Comparison of the Kolmogorov-Smirnov test values

Various techniques	FVC2002	FVC2002	FVC2002	IIT
DB1	DB2	DB3	Kanpur
Sandhya et al. [28] (2016)	1	1	0.9691	–
Moujahdi et al. [7] (2014)	0.9934	–	–	–
Sandhya et al. [26] (2015)	1	1	0.93	–
Ali and Prakash [38] (2018)	1	1	1	1
Sandhya et al. [27] (2017)	1	1	0.93	–
Proposed technique	1	1	1	1

Note: “–” shows non-availability of data.

Table 5

Revoked template attack (values show the percentage of successful attacks)

Database	Attack-I	Attack-II
IIT Kanpur	0.0	0.0
FVC2000 DB1	0.0	0.0
FVC2000 DB2	0.0	0.0
FVC2002 DB1	0.0	0.0
FVC2002 DB2	0.0	0.0
FVC2002 DB3	0.0	0.0
FVC2002 DB4	0.0	0.0
FVC2004 DB1	0.0	0.0
FVC2004 DB2	0.0	0.0

Table 6

Pseudo minutiae template attack. (values show the percentage of successful attacks)

Database	Successful attacks
IIT Kanpur	0.0
FVC2000 DB1	0.0
FVC2000 DB2	0.0
FVC2002 DB1	0.0
FVC2002 DB2	0.0
FVC2002 DB3	0.0
FVC2002 DB4	0.0
FVC2004 DB1	0.0
FVC2004 DB2	0.0

5. Conclusion

There are various issues related to privacy and security in biometric-based authentication systems. In this paper, we analyzed the weakness of the technique proposed for biometric template security in [38]. We proposed a highly robust and secure technique for biometric template security. The proposed technique avoids the template generation by directly using the fingerprint features, instead, the proposed template generates a template by modifying the fingerprint features through the utilization of a user key-set. From modified fingerprint features no information about original fingerprint features can be obtained, making original fingerprint features impregnable. In case of a security breach, the values of modified features can be changed through the user key-set. The proposed technique is highly secure and robust. The experimental results obtained for FVC2000, FVC2002, FVC2004 and IIT Kanpur databases are highly encouraging, that demonstrates the effectiveness of the proposed technique.

In future, we will use various other versions of Hausdorff distance available for the comparison of the 3-dimensional spiral curves generated by the proposed technique. We will utilize other features such as the texture of the fingerprint and the type of minu-tia point (ridge starting/ending and bifurcation), for constructing a secure template for a user. We have also planned to enhance the proposed technique and implement it for the multimodal authentication systems.

Footnotes

Acknowledgment

This research has been supported by the Science & Engineering Research Board (SERB) grant number SB/ FTP/ ETA-0074/ 2014.

References

A.A.

Ross ,

Shah and

A.K.

Jain . Toward reconstructing Fingerprints from minutiae points. In Proceedings of SPIE Conference on Biometric Technology for Human Identification, pages 68–80, 2005.

A.A.

Taha and

Hanbury . An Efficient Algorithm for Calculating the Exact Hausdorff Distance, IEEE Transactions on PAMI37 (2015), 2153–2163.

Cavoukian and

Stoianov . Biometric encryption. In Encyclopedia of Cryptography and Security. Springer, 2009.

Juels and

Sudan . A fuzzy vault scheme. In Proceedings of IEEE International Symposium on Information Theory, page 408, 2002.

Juels and

Wattenberg . A fuzzy commitment scheme. In Proceedings of CCS 1999, pages 28–36, 1999.

A.P.

Nurtantio ,

Catur and

Septino . Image compression based on SVD for BoVW model in Fingerprint classification, Journal of Intelligent Fuzzy Systems34(4) (2018), 2513–2519.

Moujahdi ,

Bebis ,

Ghouzali and

Rziza . Fingerprint shell: Secure representation of Fingerprint template, Pattern Recognition Letters45 (2014), 189–196.

Rui . Application of face recognition technology based on CA algorithm in intelligent residential property management, Journal of Intelligent Fuzzy Systems, 35(3) (2018), 2909–2919.

Ahn ,

S.G.

Kong ,

Y.S.

Chung and

K.Y.

Moon . Matching with secure Fingerprint templates using non-invertible transform. In Proceedings of CISP 20082 (2008), 29–33.

10.

Maio ,

Maltoni ,

Cappelli ,

J.L.

Wayman and

A.K.

Jain . FVC2000: Fingerprint verification competition, IEEE Transactions on PAMI24(3) (2002), 402–412.

11.

Derman and

Keskinoz . Normalized cross-correlation based global distortion correction in Fingerprint image matching. In Proceedings of IWSSIP 2016, pages 1–4,2016.

12.

Liu and

Zhao . Encrypted domain matching of Fingerprint minutia cylinder-code (MCC) with 1 minimization, Neurocomputing259 (2017), 3–13.

13.

Zhu ,

Guo and

Yin . Walking to singular points of Fingerprints, Pattern Recognition56 (2016), 116–128.

14.

Kumar ,

Tulyakov and

Govindaraju . Combination of symmetric hash functions for secure Fingerprint matching. In Proceedings of ICPR 2010, pages 890–893, 2010.

15.

Gopal, S.

Srivastava, V.

Kalra and

Joshi . Palmprint recognition using novel oriented gabor gradients, Journal of Intelligent Fuzzy Systems, 2018.

16.

Gopal, S.

Srivastava and

Srivastava . Biometric authentication using local subspace adaptive histogram equalization,Journal of Intelligent Fuzzy Systems32(4) (2017) 2893- 2899.

17.

H.K.

Lam ,

Hou ,

W.Y.

Yau ,

T.P.

Chen and

Li . A systemtic topological method for Fingerprint singular point detection. In Proceedings of ICCARV 2008, pages 967–972, 2008.

18.

I.I.

Ganapathi ,

Prakash ,

I.R.

Dave ,

Joshi ,

S.S.

Ali and

A.M.

Shrivastava . Ear recognition in 3D using 2D curvilinear features, IET Biometrics, 2018.

19.

I.I.

Ganapathi ,

S.S.

Ali and

Prakash .Geometric statistics-based descriptor for 3D ear recognition, The Visual Computer,2018.

20.

Breebaart ,

Yang ,

Buhan-Dulman and

Busch . Biometric template protection, Datenschutz und Datensicherheit-DuD33(5) (2009), 299–304.

21.

Nandakumar . A Fingerprint cryptosystem based on minutiae phase spectrum. In Proceedings of WIFS 2010,pages 1–6, 2010.

22.

Ferrara ,

Maltoni and

Cappelli . Noninvertible Minutia Cylinder-Code Representation, IEEE Transactions on IFS7(6) (2012), 1727–1737.

23.

Ferrara ,

Maltoni and

Cappelli . A two-factor protection scheme for MCC Fingerprint templates. In Proceedings of BIOSIG 2014, pages 1–8, 2014.

24.

M.G.

Luca ,

Fabio and

Luca . Multimodal Fingerprint verification by score-level fusion: An experimental investigation, Journal of Intelligent Fuzzy Systems24(1) (2013), 51–60.

25.

M.H.

Tran ,

T.N.

Duong ,

D.M.

Nguyen and

Q.H.

Dang . A local feature vector for an adaptive hybrid Fingerprint matcher. In Proceedings of ICIC 2017, pages 2492017.

26.

Sandhya and

M.V.N.K.

Prasad . k-Nearest Neighbo Structure (k-NNS) based alignment-free method for I print template protection. In Proceedings of ICB2386–393, 2015.

27.

Sandhya and

M.V.N.K.

Prasad . Securing templates using fused structures, IETBiometrics6173–182.

28.

Sandhya ,

M.V.N.K.

Prasad and

R.R.

Chillarige . Generating cancellable Fingerprint templates based on Delaunay triangle feature set construction, IET Biometrics5(2) (2016), 131–139.

29.

N.K.

Ratha ,

J.H.

Connell and

R.M.

Bolle . Enhancing security and privacy in biometrics-based authentication systems, IBM Systems Journal40(3) (2001), 614–634.

30.

Neurotechnology, Verifinger SDK.http://www.neuro technology.com.

31.

Cappelli ,

Ferrara and

Maltoni . Minutia Cylinder Code: A New Representation and Matching Technique for Fingerprint Recognition, IEEE Transactions on PAMI32(12) (2010) 2128–2141.

32.

Wilcox . Kolmogoro-Smirnov Test. In Encyclopedia of Biostatistics, John Wiley & Sons, Ltd, 2005.

33.

Haitaoa ,

Zhena ,

Fangc and

Qiao . An effective face recognition algorithm based on parallel local phase quantization and matching degree, Journal of Intelligent Fuzzy Systems32(5) (2017), 3377–3385.

34.

Jeyanthi ,

N.U.

Maheswari and

Venkatesh . Neural network based automatic Fingerprint recognition system for overlapped latent images, Journal of Intelligent Fuzzy Systems28(6) (2015), 2889–2899.

35.

S.S.

Ali ,

I.I.

Ganapathi and

Prakash . A robust technique for Fingerprint template protection, IET Biometrics, 2018.

36.

S.S.

Ali and

Prakash . Enhanced Fingerprint Shell. In Proceedings of SPIN 2015, pages 801–805, 2015.

37.

S.S.

Ali and

Prakash . Fingerprint Shell Construction with Prominent Minutiae Points. In Proceedings of COMPUTE 2017, pages 91–98. ACM,2017.

38.

S.S.

Ali and

Prakash . 3-Dimensional Secured Fingerprint Shell, Pattern Recognition Letters,2018.

39.

T.E.

Boult ,

W.J.

Scheirer and

Woodworth . Revocable Finngerprint biotokens: Accuracy and security analysis. In Proceedings of CVPR 2007, pages 1–8, 2007.

40.

T.M.

Khan ,

D.G.

Bailey ,

M.A.U.

Khan and

Kong .Efficient Hardware Implementation For Fingerprint Imagehancement Using Anisotropic Gaussian Filter, IEEE Transactions on Image Processing26(5) (2017), 2116–2126.

41.

T.S.

Trivandrum ,

S.N.

Shali ,

C.Z.

Geevar ,

S.N.

Madhu and

P.J.

Anna . Identification of tongue print images for forensic science and biometric authentication, Journal of Intelligent Fuzzy Systems34(3) (2018), 1421–1426.

42.

Si ,

Feng ,

Yuan and

Zhou . Dense registration of Finngerprints, Pattern Recognition63 (2017), 87–101.

43.

Mohanraj ,

S.S.

Chakkaravarthy ,

Gogul ,

V.S.

Kumar ,

Kumar and

Vaidehi . Hybrid feature descriptors to detect face spoof attacks, Journal of Intelligent Fuzzy Systems34(3) (2018), 1411–1419.