New biometric cryptosystem to protect sensitive data in Internet of objects

Abstract

Ensuring protection of sensitive data in embedded devices widespread and operanting in adversary environment is a major issue. Among lot of instance of this problem, IoT is the well-know case study. In addition, very often for cost reason, the devices used in Internet of Things (IoT) do not integrate secure components (cryptoprocessor, encrypted memory, etc) like smart card. To solve this issue, this paper presents two contributions to fuzzy vault-biometric cryptosystems which can enable IoT devices supporting biometry to secure sensitive data they embed in their memory when they operate in an adverse environment. If an adversary captures a device and read content of this regular memory, it will be very difficult for him to recover the protected data using brute-force. The first advantage of the proposals is thus to enable IoT devices to still embed regular memory, to protect sensitive data, instead of an expensive native encrypted memory or to add a cryptoprocessor. The second advantage of the proposals is to enable to not require storing of helper data and thus improve security and also save memory. Obviously our proposals can also be used in already secure devices to enhance the security level. Experimental results performed using fingerprint modality show that the proposals have the potential to efficiently protect sensitive data despite the strong constrained of IoT devices.

Keywords

Biometric cryptosystem fuzzy vault internet of things sensitive data encrypted memory

1. Introduction

Nowadays, network connectivity is available everywhere through different technology (cellular like 2G to 4G, LoRA, Wi-Fi, BLE, etc.) and physical objects are supplemented with integrated chip circuit making them smart objects (so called things) which can provide new features for users. Altogether these communicating objects are known under the term ‘Internet of Things’ (IoT).

The IoT is the next wave of innovation that promises to improve and optimize our daily life based on intelligent sensors and smart objects working together. Through Internet Protocol (IP) connectivity, devices can now be connected to the Internet, thus allowing them to be read, controlled, and managed at any time and at any place [6].

The IPV6 new protocol, provides the spaces needed to accommodate a large influx of things onto the Internet and thus humans could easily assign an IP address to every “thing” on the planet. According to Steve Leibson, who identifies himself as “occasional docent at the Computer History Museum”, the address space expansion means that we could “assign an IPV6 address to every atom on the surface of the earth, and still have enough addresses left to do another 100 $+$ earths” [20].

If the growing of IoT is very interesting for human-centric applications because of the new services these smart devices can provide, a major issue is related to security and trust on the information that users access and store on them. Thus, security is an important aspect for IoT deployments [2, 9, 19, 23, 18].

Indeed the smart devices often operate in an adverse environment, meaning that the adversary might have a physical access to them and if he succeeds to dump the content of the memory, he can access sensitive data. In this paper, only this simple attack is considered since if data are plaintext there is no need to pursuit more powerful attacks like the non invasive (side channel, fault-injection, etc.) or invasive (microprobing of buses, reverse-engineering of integrated chip circuit, …) ones.

A solution might be to use only IoT devices equipped with cryptoprocessor and encrypted memory but due to the additional costs incurred (it required lot of changes in the manufacturing and supply chains as well as the increase of the price), this is not realistic at short term.

Thus in this paper, contributions to biometric cryptosystem, where cryptography and biometrics are merged, are done to enable somehow low-cost IoT devices supporting biometry operating in an adverse environment to secure sensitive data they embed in their memory and it is worth noting that the improved biometric cryptosystem can also be added to already secure devices like smart cards.

The salient contributions of this paper are as follows:

1)
Proposing a new fuzzy vault-based biometric cryptosystemto protect a secret key used to secure sensitive data in memory of IoT devices by using both error correcting and detecting codes to improve the efficiency of decoding process.
2)
Proposing new auto-alignment-based matching method, in fuzzy vault domain, that does not require any helper data to auto-align biometric data of the user and those in the vault.

The core idea is to hide a generated key in biometric data of the owner of the considered IoT device in fuzzy vault. The key, before being hidden, is used by IoT device to encrypt our sensitive data. An attacker accessing to the memory of IoT device would not have access to biometric data or generated key since they are mixed together and stored in a fuzzy vault form. He cant also access to sensitive data since it is encrypted. However a genuine user presenting the biometric data would be able to access the generated key and thus can use it to provide her the protected data. To improve efficiency of the process of key recovery from fuzzy vault, auto-alignment-based matching and an correcting code process are used jointly.

The first advantage of the proposals is thus to enable IoT devices to still embed regular memory, to protect sensitive data, instead of an expensive native encrypted memory or to add a cryptoprocessor. The second advantage is to enable to not require storing of helper data for biometric matching and thus not leak any sensitive information that allows to know secrecy and save memory at once.

The remaining sections are organized as follows. Section 2 presents literature review on biometric cryptosystems. Section 3 details the proposals we introduced in the biometric cryptosystem to protect sensitive data in IoT. Some experimental results using FVC2002 DB2 [11] and a critical analysis are provided in Section 4. Section 5 concludes the paper.
2. Literature review

In the Internet of Things (IoT), multiple sensors, tiny computer chips and communications devices will be integrated with physical objects such as appliances to enable communication between them and other computing devices such as cloud servers, computers, laptops and smartphones. These devices will exchange huge amount of data with each other’s and confidentiality must be preserved while communication. Whatever data IoT devices will share should be encrypted. To provide confidentiality, data encryption mechanism (cryptosystem) is commonly used where data is converted into ciphertext form which makes it difficult to access for an adversary. To perform this task, such mechanism uses cryptographic key stored in regular memory. However, if this kind of sensitive data is plaintext, the adversary might have a physical access to IoT device and if he succeeds to dump the content of the memory, he can access to the cryptographic key. Note that, generally, sensitives data is any information whose revelation put the network at risk whatever its nature and size.

Addressing critical IoT security threats is now more important than ever. A solution for this issue might be to make a secure IoT devices (equipped with cryptoprocessor and encrypted memory) like secure smart card. However, very often for cost reason, this solution is not realistic at short term.

Over the past several years, many researches have been conducted in the field of biometric cryptosystems aiming to addressing the issues related to integration of biometrics into cryptosystems; among which we quote [4, 17, 22, 8, 7, 3, 21, 15, 16, 24]. Such concept have been studied and exploited to secure data in generic cryptosystems. So, why not to reuse it within somehow low-cost IoT devices to protect their data?

In this context, there are two main approaches for using biometrics into cryptosystems which are: biometric-based key release and biometric-based key binding. In biometric-based key release approach, a cryptographic key is stored together with biometric template of the user on a device, and is only released upon a successful biometric authentication. In biometric-based key binding approach, Instead of storing the cryptographic key and biometric template together on a device, we can hide a cryptographic key within the biometric template itself in such a way that only a fuzzy template will be stored on a device. Further, cryptographic key marries (binds) with the user biometric template in such a way that both the cryptographic key and biometric data are inaccessible to an attacker. Such key can only be recovered if a valid biometric is provided for authentication.

From a fundamental security standpoint, the key distinction between the two techniques is whether an adversary, with physical access, could have any useful information. In biometric-based key release approach, the cryptographic key and biometric template are decoupled and both stored unencrypted on memory which makes them easily accessible. Such approach provides illusion of security rather than guaranteed security.

We focus in the state of the art on key binding-based schemes since they provide a promising solution of security for IoT. In literature, there is two main key binding-based schemes which are: (i) fuzzy commitment scheme [8] proposed by Juels and Wattenberg and (ii) fuzzy vault scheme [7] proposed by Juels and Sudan.

In fuzzy commitment scheme, using fingerprint modality, data are represented as an ordered set of minutiae (i.e. feature extracted from fingerprint). At the enrollment stage,the secret is then merged in such set by a XOR operation and using error correcting code such as Hamming or Reed-Solomon. The result is an encrypted set called fuzzy commitment. To retrieve the secret, a set of minutiae extracted from a query fingerprint can again be XOR-ed with the fuzzy commitment construct at the authentication stage to obtain some code. After correcting some small number of bit errors, introduced by noice, the secret will be then obtained. Noice is resulted in the different measures when extracting the minutiae. However, this scheme was not practicable because minutiae data of fingerprint are often subject to reordering and erasures and the security proof of this scheme holds only if minutiae are uniformly distributed, which is not the case in reality.

Fuzzy vault scheme is more compatible with partial and reordered data of variable length such as a set of minutiae. It is a promising approach of biometric cryptosystem. The security of this scheme is based on the infeasibility of the polynomial reconstruction (i.e., if Bob does not know many points that lie on $P$ , he cannot feasibly find the parameters of $P$ , hence cannot access $K$ ). Clancy et al. [3] were the first who concretely describes the fuzzy vault implementation in the fingerprint domain to encrypt an embedded private key. Fingerprint-based fuzzy vault, called fingerprint vault, uses a set of minutiae and a secret key $K$ encoded as some $d$ coefficients of polynomial $P$ . At encoding (enrollment) stage, $P$ is evaluated on each value of minutiae derived from the fingerprint image. Large series of chaff points (i.e. random points) are generated. The ordinates of the chaff points are added to the polynomial values to form the ordinates of the vault while the abscissas of the chaff points are added to the values of minutiae to form the abscissas of the vault. At decoding (authentication) stage, if query biometric features (minutiae) are approximately close to these abscissas then the polynomial and thus, the secret key can be recovered using polynomial interpolation, which also involves user authentication. However, Clancy et al. oriented research on attack complexities over such system rather than detailing the decoding results. Thereafter, several implementations results for fingerprint-based fuzzy vault have been reported and the most interesting are in [21, 15, 16, 24]. Uludag et al. [21] introduced a modification to the fingerprint vault by using a simple Cyclic Redundancy Check code (CRC) for error-detection at decoding stage. However, the genuine accept rate (GAR) of their system was 79% and the decoding time was very slow (52 seconds) with a 3.4 GHz processor.

The major shortcomings of the work in [3, 21] is that their system inherently assumes that fingerprints, the one that locks the vault and the one that tries to unlock it, were pre-aligned. This is not a realistic assumption for fingerprint-based authentication systems and thus can not be applicable.

Nagar et al. [15] and Nandakumar et al. [16] also proposed a fingerprint vault with an auto-alignment based on helper data generated from ridges information and considered as reference points. [15] reported a GAR of 95% at 0.01% of false accept rate (FAR), and [16] reported a GAR of 94.3% at 0.09% FAR. Their systems have performed the decoding time (the mean decoding time was 3 sec and 8 sec, respectively) but they have a limitation in the possibility of failure to find the reference points in some images. Furthermore, their method may leak information of the fingerprint ridges which enables to find a secret data and thus their method can not be implemented in IoT devices because of risk of compromising sensitive data.

Finally, Yang and Verbauwhede [24] aligned automatically two fingerprint templates in the fuzzy vault domain using a concept of reference minutia which could be generated with the distance and the orientation of two nearest-neighbor minutiae. However, their system is based on the impractical assumption that two reference minutia can always be extracted accurately from both the input and the enrolled fingerprints. They reported a GAR of 83% and FAR of 0% as performance of decoding.

3. Proposed biometric cryptosystem for IoT

3.1 Overall principle

IoT devices often operate in an adverse environment and having no dedicated secure hardware to secure sensitive data they embed in their regular memory, meaning that the adversary might have a physical access to dump the content of the memory and thus can access sensitive data. Such devices need a solution that should provide them a guaranteed security. A solution that appears somehow low-cost is biometric cryptosystem. On the other hand, biometric cryptosystems based on a realistic and practicable assumption that can ensure security of sensitive data, is an issue that should be addressed. These are the rationales that pushed us to contribute by giving two proposals to biometric cryptosystems in order to make them quite realistic, practicable and secure before being integrated on IoT devices supporting biometry to secure sensitive data they embed in such a way that an adversary who captures IoT device and read content of its regular memory, it will be very difficult for him to recover the protected data using brute-force. Further, it is worth noting that the improved biometric cryptosystem can also be added to already secure devices like smart cards in order to enhance security level.

Foremost, fingerprint is chosen as a biometric modality, among other, for our proposed approach because it dominates the biometrics market both privately and publicly or in government. The report 2009–2014 provided by the International Biometric Group confirms it [1].

Our approach for building biometric cryptosystem, as usual in fingerprint-based authentication systems, splits in two steps: the encoding (enrollment) step and the decoding (authentication) step. Each of these steps introduce a pre-processing step in order to improve the fingerprint image. However, our approach should take into consideration constraints related to IoT devices (limited processor speed and memory space) as well as several issues such as automatic fingerprint alignment, authentication accuracy, template size, execution time, error correcting code, etc.

During encoding, the owner of the considered IoT device presents his fingerprint. After the pre-processing step, biometric data are extracted from the enhanced fingerprint image and represented by a set $L$ (named locking set) of $t$ minutiae $l_{i}(i=1,2,\ldots,t)$ . A secret key $K$ is generated randomly and used to encrypt our IoT sensitive data (SD) and provide a cipher message (SD ${}^{*}$ ). The key $K$ is encoded as coefficients of some degree $d$ polynomial $W$ using both error correcting and detecting codes. $W(x)$ is now the secret to protect. The locked vault or fuzzy vault $V$ contains all the pairs $[l_{i},W(l_{i})]$ and some large number of chaff points $(\alpha_{j},\beta_{j})$ , where $W(\alpha_{j})\neq\beta_{j}(j=t+1,t+2,\ldots,r)$ . Only SD ${}^{*}$ and $V$ are stored on the IoT device. Thus, an attacker who can steal the fuzzy vault, must be able to separate the chaff points from the real values, something that is difficult for him.

At decoding, a user wants to authenticate presents her fingerprint and the pre-processing step is involved. A set $U$ of $s$ minutiae $u_{k}(k=1,2,\ldots,s)$ is extracted from the enhanced fingerprint image. The genuine user should be able to separate the real values if $U$ overlaps with $L$ , otherwise the user will be rejected. In general, to successfully interpolate the polynomial $W$ for retrieving the secret, the user must have an unlocking set $U$ such that $L\cap U$ contains at least $d+1$ minutiae that overlap. Based on new matching/auto-alignment method and using both error correcting and detecting codes, it is assumed that the genuine user can reconstruct $W$ and thus $K$ that will be used, subsequently, to decrypt (SD ${}^{*}$ ) to get (SD).

The aim of using error-correcting code, in communication, is to prevent loss of information during transmission of a message over a noisy channel by adding redundancy to the original message $m$ to form a message $m^{\prime}$ which is transmitted instead of $m$ , where $m^{\prime}=$ encode( $m$ ). If some bits are corrupted during the transmission then receiver will obtain $m^{\prime\prime}$ rather than $m^{\prime}$ . So with error correcting code, it remains possible for the receiver to reconstruct $m^{\prime}=$ decode( $m^{\prime\prime}$ ), and therefore $m$ . In this design, error correcting code encodes the secret key $K$ and the noise is the result of the presence of chaffs points with real minutiae in the vault. During decoding step, the error correcting code leads to correct some error allowing to recover the valid secret key $K$ . It could happen where some real minutiae of user match with chaffs ones stored in the vault.

Figure 1.

Fingerprint image enhancement.

The aim of using error detecting code is to check if decoding procedure had led to the right key.

In this implementation Reed Solomon code [14] is the error correcting code used to encoding and decoding the secret key $K$ while CRC code (cyclic redundancy check) [10], is the error detecting code used to checking the valid key.

3.2 Pre-processing

Fingerprint enhancement (Fig. 1) is very important for any automatic fingerprint matching system [12]. The performance of a feature extraction algorithm heavily depends on the quality of the input fingerprint images. In this context, the preprocessing step proceeds as follows:

1.
Reduce the size of the processed fingerprint images at 256 $\times$ 256 pixels. This will make it possible to represent each pixel over [0..255].
2.
Different ridge filters are used to increase the contrast between ridges and valleys of the reduced fingerprint.

Algorithm 1: Encoding

Inputs:

Fingerprint image of user: $F^{T}$

outputs:

Vault $V$

Secret polynomial $W$ of degree $q-1$

Encrypted sensitive data (SD ${}^{}$* )

Begin

Perform enhancement process on $F^{T}$

//Extract minutiae signature $L^{T}$ of $t$ real minutiae:

$L^{T}\leftarrow\{(x_{i},y_{i},\theta_{i},t_{i})\|i=1,2,\ldots,t\}.$

if the desired number of minutiae (say $t$ ) cannot be obtained

return Failure to Capture Rate (FTCR).

end if

Generate random secret key $K$

//Encrypt sensitive data SD:

$SD^{}\leftarrow\textit{AES}(K,SD)$

Divide $K$ into $n$ blocks of 16 bits each,

//CRC* 16-bits code is calculated from $K$ and appended to $K$ :

$K^{}\leftarrow K||\textit{CRC}(=a_{0}||a_{2}||\ldots||a_{n})$

//Generate $q$ symbols of code using Reed-Solomon* encode procedure:

$[w_{0},w_{1},w_{2},\ldots,w_{q-1}]\leftarrow\textit{RS\_encode}([a_{0}a_{1}a_{% 2}\ldots a_{n}],q)$

Generate a polynomial $W$ with coefficients $w_{0},w_{1},w_{2},\ldots w_{q-1}$ .

//Compute the polynomial projections:

$W(X_{i})$ , $X_{i}\leftarrow x_{i}||y_{i}|x_{i},y_{i}\in L^{T},(i=1,\ldots,t)$

//Generate the locked set $R^{T}$ :

$R^{T}\leftarrow\{(r_{i},W(X_{i}))|i=1,2,\ldots,t\},r_{i}=(x_{i},y_{i},\theta_{% i},t_{i}),$

//Generate, randomly, chaff minutiae that do not lie on $W(x)$ :

$F\leftarrow\{(c_{j},d_{j})|j=t+1,t+2,\ldots,r,c_{j}\neq r_{i}\textit{ and }d_{% j}\neq W(X_{i})\forall i=1,2,\ldots,t\}$

//Generate a set $V$ called locked vault or fuzzy vault:

$V=R^{T}\cup F$

$V\leftarrow\{(r_{i},d_{i})|i=1,\ldots,r\},r_{i}=(x_{i},y_{i},\theta_{i},t_{i})$

//degree $q-1$ and (SD ${}^{}$* ) are added to $V$ to form a final vault $V_{f}$ :

$V_{f}\leftarrow\{M_{i}=(r_{i},d_{i}),(q-1),SD^{*}|i=1,2,\ldots,r\}$

return $V_{f}$

End

3.3 Encoding (enrollment)

This procedure has for task to encrypt sensitive data IoT device and then hide the encryption key. Foremost, a random secret key $K$ is generated and used by IoT device to encrypt the sensitive data SD, regardless of its size, and thus provide a cipher message (SD ${}^{*}$ ). A symmetric cryptographic algorithm like AES(Advanced Encryption Standard) [13] is applied to perform this task. Thereafter, a fingerprint vault construction is called to hide $K$ in a vault denoted $V$ using fingerprint modality. Instead storing SD, only $V$ and SD ${}^{*}$ will be stored in IoT device. This procedure is illustrated in Fig. 2 and detailed in Algorithm 1.

In the set $L^{T}$ , in Algorithm 1, minutia attributes: $x$ cordinates, $y$ cordinates, direction and type are quantized and represented as bit strings of length 8 each. This means that each minutia is 4 bytes size. Reed-Solomon code is represented by generate a polynomial $W$ with coefficients $w_{0},w_{1},w_{2},\ldots,w_{q-1}$ over a finite field GF(2 ${}^{16}$ ). Such polynomial contains $q$ symbols of code among which there are ( $n+1$ ) symbols of information while the rest represent symbols of control such that:

$\displaystyle q-n=2\times e+1.$ (1)

where $2e$ represents the number of symbols of control and $e$ is the number of correctable symbols.

Figure 2.

Encoding procedure.

Figure 3.

Decoding procedure.

3.4 Decoding

This procedure reconstructs the polynomial $W$ of degree $q-1$ through minutiae matching between input fingerprint data and fingerprint template hidden in a fuzzy vault (or fingerprint vault). Thereafter, Reed-Solomon error correcting code and CRC error detecting code are applied to validate the right secret key $K^{*}$ that will be used, subsequently, to decrypt the ciphered message (SD ${}^{*}$ ) and thus obtain (SD). On the other hand, retrieving the right secret key means authenticating the user. This procedure is illustrated in Fig. 3 and detailed in Algorithm 2. To recover the $q-1$ degree of polynomial $W$ , $q$ projections among $t_{m}$ are necessary. Here, if $t_{m}<q$ , ( $t$ is number of maximum matched minutiae), then the system will reject the user automatically, else $C^{q}_{t_{m}}$ number of combinations is required. However, correcting code could reduce this number. Indeed reed-solomon decode procedure corrects symbols of code associated to the recovered polynomial $W^{\prime}$ . This correction may lead to the best code and thus reduce the number of combinations. For such combination, lagrange interpolation is done to recover the coefficients $w^{\prime}_{0},w^{\prime}_{1},\ldots,w^{\prime}_{q-1}$ of a polynomial $W^{\prime}$ of degree $q-1$ . For checking whether that is the valid key, $K^{*}$ is divided with the CRC generator polynomial, $g_{\textit{crc}}=x^{16}+x^{15}+x^{2}+1$ . Due to the definition of CRC, if the remainder is not zero, certainly there are errors and this means that interpolating with this combination is wrong. If the remainder is not zero for all $C^{q}_{t_{m}}$ combinations then the system will reject the user automatically. Otherwise, the first combination that leads to a remainder equal zero is able to reconstruct the secret polynomial.

Algorithm 2: Decoding
Inputs:
Fingerprint input image $F^{I}$
Vault $V$
Degree of polynomial $q-1$
Encrypted sensitive data (SD ${}^{}$* )
Outputs:
Secret polynomial $W$
Sensitive data SD
Begin
Perform enhancement process on $F^{I}$
//Extract minutiae signature $U$ of $s$ real minutiae:
$U\leftarrow\{M_{j}=(x_{j},y_{j},\theta_{j},t_{j})\|j=1,2,\ldots,s\}.$
Call matching procedure in Algorithm 3 to return set $M$ of maximum matched minutiae
if $t_{m}<q$ then
returnThe user is rejected
end if
Perform $C^{q}_{t_{m}}$ combinations
For such combination, Lagrange interpolation is done
polynomial $W^{\prime}$ of degree $q-1$ is then provided
Recover coefficients $w^{\prime}_{0},w^{\prime}_{1},\ldots,w^{\prime}_{q-1}$ of $W^{\prime}$
//Use Reed-Solomon decode procedure for retrieving information symbols from $W^{\prime}$ :
$[a^{\prime}_{0},a^{\prime}_{1},\ldots,a^{\prime}_{n}]\leftarrow RS\_decode(n+1% ,[w^{\prime}_{0},w^{\prime}_{1},\ldots,w^{\prime}_{q-1}]).$
Concatenate obtained information symbols:
$K^{*}\leftarrow(a^{\prime}_{0}\|\|a^{\prime}_{2}\|\|\ldots\|\|a^{\prime}_{n})$
//For checking whether the key is valid, $K^{*}$ is divided with the CRC
//generator polynomial, $g_{\textit{crc}}=x^{16}+x^{15}+x^{2}+1$ :
if $\textit{div}(K^{*},g_{\textit{crc}})\neq 0$ then
interpolating is wrong, and thus go to next combination
end if
if $\textit{div}(K^{*},g_{\textit{crc}})\neq 0$ for all combinations
returnUser is rejected
end if
Otherwise, $K^{}$ is segmented into 2 parts: $K\leftarrow\textit{first}n16\textit{-bits},\textit{CRC}\leftarrow\textit{the % remaining}16\textit{-bits}$
//Decrypt (SD ${}^{}$* ) using $\textit{AES}:\textit{SD}^{*}\leftarrow\textit{AES}^{-}1(K,\textit{SD})$
returnSuccessful Authentication
End

Algorithm 3: Matching
Inputs:
Set $V$ containing $r$ real and chaff minutiae
Set $U$ of $s$ real minutiae
Outputs:
Set $M$ of maximum matched minutiae
Begin
// …………Alignment step
Looking for a pair of reference minutiae $(M^{v}_{ir},M^{u}_{jr})\in V_{f}\times U$ .
//Calculate translation vector $T[\Delta x,\Delta y]$ to obtain $M^{u}_{jr}$ from $M^{v}_{ir}$ :
$\Delta x\leftarrow x^{u}_{jr}-x^{v}_{ir}$ , $\Delta y\leftarrow y^{u}_{jr}-y^{v}_{ir}$
Translating $U$ following the transformation $T[\Delta x,\Delta y]$ .
// …………Matching step
Calculate number of minutiae that overlap
if several minutiae $M^{u}_{j}$ ; satisfy the matching criterion
the one closest to $M^{v}_{i}$ is chosen
end if
Collect the number of minutiae that overlap in a set.
The previous transformations are performed for each reference pair
Each time the set of minutiae that can be matched is estimated
//Set $M$ of maximum matched minutiae $r_{j}$ and their projections on $W$
$M\leftarrow\{(r_{j},v_{j})\|j=1,2,\ldots,t_{m},r_{j}=(x_{j},y_{j},\theta_{j},t_% {j}),v_{j}=W(x_{j}\|\|y_{j})\}$
return set $M$
End

The previous matching in Algorithm 3 starts by aligning the unlocking set $U$ and set $V$ which contains $r$ real and chaff minutiae, and thus identifies all the corresponding minutiae. The proposed auto-alignment that is done in fuzzy vault domain, has the advantage that it does not require any helper data that allows to know some information of the fingerprint ridges. In order to find the alignment parameter having the largest number of matched minutiae, we apply all possible translations to the unlocking set $U$ . We start by looking looking for a pair of reference minutiae $(M^{v}_{ir},M^{u}_{jr})\in V_{f}\times U$ , we select any pair of minutiae having the same type $(t^{v}_{ir}=t^{u}_{jr})$ and a substantially equivalent associated direction such as: $(|\sin(\theta^{v}_{ir}-\theta^{u}_{jr})|)<sin(\theta_{Max})$ . $\theta_{Max}$ has been taken as $=10^{\circ}.$

Figure 4.

Illustration of the error margins associated with the signature.

Calculate translation vector $T[\Delta x,\Delta y]$ to obtain $M^{u}_{jr}$ from $M^{v}_{ir}$ . If the sets $U$ and $V$ come from the same fingerprint then they are identical to a translation near $T[\Delta x,\Delta y]$ (Eq. (2)).

$\displaystyle\left(\begin{array}[]{c}x^{v}\\ y^{v}\\ \theta^{v}\end{array}\right)=\left(\begin{array}[]{c}x^{u}\\ y^{u}\\ \theta^{u}\end{array}\right)+\left(\begin{array}[]{c}\Delta x\\ \Delta y\\ 0\end{array}\right)$ (2)

Thus, $\Delta x=x^{u}_{jr}-x^{v}_{ir}$ and $\Delta y\leftarrow y^{u}_{jr}-y^{v}_{ir}$ . Next, we translate $U$ following the transformation $T[\Delta x,\Delta y]$ . Now, the two sets are now aligned with respect to the reference pair and thus the number of minutiae that overlap is calculated. In this case, of course it is unlikely that two minutiae coincide accurately, this is why a tolerance zone must be defined. So, with each minutia $M^{v}_{i}$ of $V$ a rectangular or tolerance zone of dimension $L\times H$ centered in $M^{v}_{i}$ is associated (Fig. 4c) representing the margin of error that one can authorize. A minutia $M^{u}_{j}$ of $U$ can be paired with a minutia $M^{v}_{i}$ of $V$ if it is inside the zone associated with $M^{v}_{i}$ and if it has a same direction and a same type as $M^{v}_{i}$ (Eq. (3)).

$\displaystyle\left[M^{v}_{i}\equiv M^{u}_{j}\right]\Leftrightarrow\left\{% \begin{array}[]{lcl}|x^{v}_{i}+\Delta x-x^{u}_{j}|&\leqslant&L/2\\ |y^{v}_{i}+\Delta y-x^{u}_{j}|&\leqslant&H/2\\ M_{c}==&\textit{``true''}&\end{array}\right.$ (3)

In practice the type is rarely used because it often happens that it changes during the extraction phase. It is, therefore, not considered reliable. Concerning the direction, an angular tolerance zone is defined and the matching condition is then expressed by:

$\displaystyle M_{c}=\{|\sin(\theta_{i}^{v}-\theta_{j}^{u})|<\sin(\theta_{max})\}.$ (4)

A value of $\theta_{\max}$ close to zero will impose a very strict condition on matching, and will lead to an increase in the rate of false reject FRR. Similarly, a value too high will increase the rate of false acceptance FAR.

It should be noted that a severe condition on the reference criterion will be imposed in order to limit the calculations, by reducing a value of $\theta_{\max}$ , because the more the number of reference pairs is important and the more the calculations are long.

Only the transformation that determines the best alignment and leads to the greatest number $t_{m}$ of paired minutiae is retained.

4. Experimental results and analysis

The FVC2002-DB2 Database [11] is used to compare results of this work with those in [3, 21, 15]. The characteristics of this database are summarized in Table 1.

All experiments were performed on a system with a 2.93 GHz processor. Only the first four impressions/finger of the 100 different fingers were used in the experiments, one as template and the other as query. As like in fingerprint recognition, each sample was matched against the remaining samples of the same finger to compute the GAR. Similarly, the first sample of each finger was matched against the first sample of the remaining fingers to compute the FAR.

$\displaystyle\textit{FRR}=\frac{\textit{True claims rejected}}{\textit{Total % true claims}}\times 100.$ (5) $\displaystyle\textit{FAR}=\frac{\textit{Imposter claims accepted}}{\textit{% Total imposter claims}}\times 100.$ (6) $\displaystyle\textit{GAR}=100-\textit{FRR in percentage, where FRR means false% reject rate}.$ (7)

Table 1

Summary of the fingerprint database used in the experiments (FVC2002-DB2)

Number of finger	100
Number of impresion/finger	8
Sensor	Biometrika FX2000 (optical)
Image size	560 $\times$ 296 at 569 dpi resolution
Image quality	Good

The tolerance zone associated with each position of the minutia is defined by the rectangle of size $[L,H]=[7,7]$ . The condition $M_{c}$ for two minutiae present in the rectangle to be matched is an angular difference of at most $\theta_{max}=15^{\circ}.$

The number of symbols of Reed-Solom q is taken as 7, 11, 19 which correspond to $K=$ 64-bits, 128-bits, and 256-bits respectively.

Table 2

Authentication accuracy comparison

RS polynomial of degree $q-1=$ 6			RS polynomial of degree $q-1=$ 10			RS polynomial of degree $q-1=$ 18
real minutiae t	FAR	GAR	real minutiae t	FAR	GAR	real minutiae t	FAR	GAR
8–10	0.04%	98%	12–18	0.01%	96%	20–25	0%	95%

Table 3

Size of the fingerprint vault

Number of chaff minutiae	200	300	400
Number of real minutiae	15	25	30
Size of fingerprint vault (kbytes)	2.51	3.80	5.03

Table 4

Experimental result of decoding procedure

Number of chaff points		$200$	$300$	$400$
Feature extraction	Execution time	2.310 s	2.310 s	2.310 s
Matching	Execution time	1.251 s	2.127 s	3.153 s
CRC and RS-Decode	Execution time	0.111 s	0.115 s	0.120 s
Total	Execution time	3.672 s	4.552 s	5.583 s

Authentication accuracy: As shown in Table 2, the proposed fingerprint vault-based biometric cryptosystem can improve the performance of GAR without using an other information such as helper data ([15, 16]) for auto-alignment. However, a short secret key $K$ may increase the FAR (i.e., $K=$ 64 makes FAR $=$ 0.06%). This scenario can occur with an imposter having several real minutiae. In such case, there is more chance to find $q$ minutiae to be matched with those that are in the vault since the degree of the polynomial is short. This situation could lead to a true interpolation that led to the secret. To avoid this kind of scenario, it would be necessary to use, at least, a key to the order of 128 bits to ensure a zero FAR.

Fingerprint vault size: The vault $V$ stores only the set of real and chaff points and it’s size $S_{v}$ is calculated as follows:

$\displaystyle\mathcal{S}_{v}=\textit{size of}(\textit{one minutia})\times(% \textit{number of real minutiae}+\textit{number of chaff minutiae})$ (8)

As shown in Table 3, $\mathcal{S}_{v}$ is 3.78 kbytes on average that is acceptable for IoT devices.

Execution time analysis: Table 4 shows the execution time of decoding procedure. The time required to decode the vault is about 3.672, 4.552 and 5.583 s for 200, 300, and 400 chaff minutiae,respectively. However, the decoding time could have been improved with a more reliable processor.

Complexity analysis: Eq. (9) and Table 5 show the complexity of this system in case of a brute-force attack to select $q$ real minutiae from the vault including both real and chaff minutiae. The complexity can be increased as adding more chaff minutiae or when the degree of the polynomial is close to the number of the real minutiae, where $t$ is the number of real minutiae, $r$ number of real and chaff minutiae and $q-1$ is the degree of Reed-Solomon polynomial $(t>q)$ .

$\displaystyle\textit{Complexity}=\frac{C^{r}_{q}}{C^{t}_{q}}$ (9)

Table 5

Complexity calculation

Number of symbols of Reed-Solomon code $q$	11	11	11
Size of the key $K$ in bits	$128$	$128$	$128$
Number of real points	$15$	$12$	$12$
Number of chaff points	$200$	$200$	$300$
Complexity	$\simeq 2^{49}$	$\simeq 2^{56}$	$\simeq 2^{62}$

Table 6

Comparison between previous researches and proposed method

Method	Data base	CPU (GHz)	Alignment	Decoding time (s)	Matching accuracy (%)
					FAR	GAR
In [3]	–	–	Pre-alignment	–	–	–
In [21]	IBM-GTDB	3.4	Pre-alignment	52	0	79
In [15]	FVC2002 DB2	3.4	Auto-alignment	3	0.01	95
Proposed method	FVC2002 DB2	2.93	Auto-alignment	4.30	0.01	95

Nandakumar et al. [16] showed that the min-entropy [5] of the template set of real minutiae $L^{T}$ given the vault $V$ can be computed as in Eq. (10).

$\displaystyle\mathcal{H}(L^{T}|V)=-\log\left(\frac{C^{t}_{q}}{C^{r}_{q}}\right)$ (10)

5. Conclusion

This paper presents contributions to biometric cryptosystems which can enable IoT devices supporting biometry to secure sensitive data they embedded in their regular memory when they operate in an adverse environment. The improved biometric cryptosystem could be used to extend security for any sensitive information, regardless of its size and nature, in IoT device. It also ensures the recovery of such sensitive data during decoding (authentication) step. Hence, an attacker has only the brute force way to break the system since there is no additional data allowing a revelation of sensitive information. Thus, with physical access, he may retrieve the vault or cipher message from IoT device, but it will be of no use. This method does not require any design cost. Experimental results performed using fingerprint modality have been encouraging and prove that the proposed method is efficient to protect sensitive data despite the strong constrained of IoT devices. Compared with results reported in [3, 21], the proposed method is realistic since it uses auto-alignment rather pre-alignment-based matching and thus it is practicable. Moreover, it has approximately the same authentication accuracy as [15] but it is more better because it does not require storing of helper data, for auto-alignment, that allows to know some sensitive information saves memory at once. On the other hand, the proposed method increases attack complexity since it is possible to adding more chaff points and thus it can also be used in already secure devices, like smart cards, to enhance the security level. However, the computational complexity during decoding process increases each time the number of chaff points increases. This constraint is inevitable until finding heuristic-based reliable optimization method for matching in fuzzy vault domain. Moreover, to implementing this method on IoT devices, it requires that matching module will be optimized further to be performed by an in-IoT processor.

Footnotes

Authors’ Bios

Abdelkader Belhadri received the Magister degree in Computer Sciences in 2010 from University of Sciences and Technology Mohamed Boudiaf-USTOran, Algeria. Currently, he is PhD candidate, teacher in the same university. His research interest is in the image processing, biometrics, cryptography and security of embedded systems.

Mohammed Benyettou is in the Computer Science Department, Director of the LAMOSI Laboratory (Modelling and Optimisation of Industrial Systems ), University of Sciences and Technology Mohamed Boudiaf-USTOran, Algeria. He was a teacher in the Nancy University, France, from 1983 to 1991. At present he is a professor in the Department of Computer Science, University of Sciences and Technology Mohamed Boudiaf-USTOran, Algeria. He has published many research papers in the International journals and conferences. His current interests include optimisation, and artificial intelligence.

References

Biometrics market report 2009-2014, Technical report, International Biometric Group, New York: International Biometric Group, 2009.

Chen

Chang

Jin

Ren

and Li

, A novel secure architecture for the internet of things, in: Proc IEEE Int Conf Genetic and Evolutionary Computing, Kitakyushu, Japan Aug 29–Sep 1, 2011, pp. 311–314.

Clancy

T.C.

Kiyavash

and Lin

D.J.

, Secure smartcardbased fingerprint authentication, in: Proc ACM Workshop Biometrics methods and applications, Berkeley, California, Nov 2–8, 2003, pp. 45–52.

Davida

G.I.

Frankel

and Matt

B.J.

, On enabling secure applications through off-line biometric identification, in: Proc IEEE Symp Security and Privacy, Oakland, CA, USA, May 3–6, 1998, pp. 648–651.

Dodis

Ostrovsky

Reyzin

and Smith

, Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, SIAM Journal on Computing 38(1) (2008), 97–139.

Gubbi

Buyya

Marusic

and Palaniswami

, Internet of things (IoT): A vision, architectural elements, and future directions, Future Generation Computer Systems 29(7) (2013), 1645–1660.

Juels

and Sudan

, A fuzzy vault scheme, Designs, Codes and Cryptography 38(2) (2006), 237–257.

Juels

and Wattenberg

, A fuzzy commitment scheme, in: Proc ACM Conf Computer and communication Security, Singapore, Nov 1–4, 1999, pp. 28–36.

Keoh

S.L.

Kumar

S.S.

and Tschofenig

, Securing the internet of things: A standardization perspective, IEEE Internet of Things Journal 1(3) (2014), 265–275.

10.

Kløve

and Korzhik

, Error Detecting Codes: General Theory and Their Application in Feedback Communication Systems, Volume 335, Springer Science and Business Media, 2012.

11.

Maio

Maltoni

Cappelli

Wayman

J.L.

and Jain

A.K.

, Fvc2002: Second fingerprint verification competition, in: Proc IEEE Int Conf Pattern Recognition, Quebec City, QC, Canada, Aug 11–15, Volume 3, 2002, pp. 811–814.

12.

Maltoni

Maio

Jain

and Prabhakar

, Handbook of Fingerprint Recognition, Springer Science and Business Media, 2009.

13.

Miller

F.P.

Vandome

A.F.

and McBrewster

, Advanced Encryption Standard, Alpha Press, 2009.

14.

Morelos-Zaragoza

R.H.

, The Art of Error Correcting Coding, John Wiley and Sons, 2006.

15.

Nagar

Nandakumar

and Jain

A.K.

, Securing fingerprint template: Fuzzy vault with minutiae descriptors, in: Proc IEEE Int Conf Pattern Recognition, Tampa, FL, USA, Dec 8–11, 2008, pp. 1–4.

16.

Nandakumar

Jain

A.K.

and Pankanti

, Fingerprint-based fuzzy vault: Implementation and performance, IEEE Transactions on Information Forensics and Security 2(4) (2007), 744–757.

17.

Soutar

Roberge

Stoianov

Gilroy

and Kumar

B.V.

, Biometric encryption using image processing, in: Optical Security and Counterfeit Deterrence Techniques II, Proc SPIE, San Jose, CA, USA, Jan 24–30, Volume 3314, 1998, pp. 178–189.

18.

Suo

Wan

Zou

and Liu

, Security in the internet of things: A review, in: Proc IEEE Int Conf Computer Science and Electronics Engineering, Hangzhou, China, March 23–25, Volume 3, 2012, pp. 648–651.

19.

Tankard

, The security issues of the internet of things, Computer Fraud and Security 2015(9) (2015), 11–14.

20.

Turcu

and Gaitan

, Integrating robots into the internet of things, International Journal of Circuits, Systems and Signal Processing 6(6) (2012), 430–437.

21.

Uludag

Pankanti

and Jain

A.K.

, Fuzzy vault for fingerprints, in: Proc Springer Int Conf Audio-and Video-Based Biometric Person Authentication, Hilton Rye Town, NY, USA, July 20–22, 2005, pp. 310–319.

22.

Uludag

Pankanti

Prabhakar

and Jain

A.K.

, Biometric cryptosystems: Issues and challenges, Proceedings of the IEEE 92(6) (2004), 948–960.

23.

Weber

R.H.

, Internet of things – new security and privacy challenges, Computer Law and Security Review 26(1) 2010, 23–30.

24.

Yang

and Verbauwhede

, Automatic secure fingerprint verification system based on fuzzy vault scheme, in: Proc IEEE Int Conf Acoustics, Speech and Signal, Philadelphia, Pennsylvania, USA, March 18–23, Volume 5, 2005, pp. 609–612.