Secure and Privacy-Preserving User Authentication Using Biometrics Monday, 18/12/2017 Nikolaos Theodorakis

Research Motivation Fingerprint biometric systems still do not provide efficient security/accuracy Compatibility and privacy issues have not been addressed correctly Aim to improve performance of minutiae-based protected systems by investigating and experimenting on trade-offs

Thesis Outline Theory & Background Fuzzy Vault Implementation Results Future Research Plan

Biometric System Modules Sensor Feature Extraction Matching Database 4

Enrollment & Matching Enrollment Matching Template stored in database Verification (one-to-one) Identification (one-to-many) 5

Metrics Two types of errors: Comparisons between false/true attempts: False Match (false positive) False Non-Match (false negative) Comparisons between false/true attempts: FAR (False Acceptance Rate) FRR (False Rejection Rate) GAR (Genuine Acceptance Rate) EER (Equal Error Rate) ROC curves / DET curves FTCR (Failure to Capture Rate) FTQR (Failure to Quantize Rate) 6

Fingerprint Minutia m = { x, y, θ, t } x,y : coordinates θ : orientation angle t : type 7

Requirements Security Requirements Privacy Requirements Confidentiality Integrity Availability Renewability / Revocability Privacy Requirements Identity Privacy Irreversibility Unlinkability

Fuzzy Vault (1) Protects a secret k under a set A Encodes k as coefficients of a polynomial p Projects A to p over F(2m) as genuine points Merges and shuffles {x, p(x)} along with random points as noise (chaff) Unlocks vault when a set B overlaps substantially with A, by locating genuine points (polynomial reconstruction problem) 9

Fuzzy Vault (2) 10

Fuzzy Vault Security Security Analysis Attacks Full brute-force attack: 𝑛 𝑑+1 (1) Combinations unlocking vault: 𝑔 𝑑+1 (2) Average time: (1) (2) Attacks Record Multiplicity Key Inversion Blended Substitution 11

Alignment Problem Statement How to align two templates if one is encrypted? Additional information is needed (helper data) Helper data reveals information about the user Minutiae based helper data could unlock the vault or reveal part of the fingerprint Non-minutiae based helper data cannot be used in already implemented systems without access to the fingerprint image

Alignment Method (1) Enrollment: Matching: Triangle structures of minutiae points (3 minutiae for each triangle) as helper data at enrollment Each minutia: m = {x,y,θ,quality,type} Each triangle: m1x,m1y,m2x,m2y,m3x,m3y, r1, r2, r3, m1θ, m2 θ, m3 θ, φ1, φ2, φ3, m1type, m2type, m3type Matching: Locating almost identical triangles in the query template according to dr, dθ, types Outputs possible transformation sets: dx, dy, referencePointx, referencePointy , dθ Translate and Rotate query template accordingly

Alignment Method (2)

Alignment Method (3)

Alignment Evaluation Investigate proximity between minutiae points after a transformation For every helper data available: minimum distance of every TE point to TQ point as minDists minPercentile = k-th percentile of minDists for every helper data as best transformation For various θ values: θPercentage = 𝑛𝑜. 𝑜𝑓 𝑝𝑜𝑖𝑛𝑡𝑠 𝑤𝑖𝑡ℎ 𝑚𝑖𝑛𝐷𝑖𝑠𝑡<𝜃 𝑛𝑜. 𝑜𝑓 𝑡𝑜𝑡𝑎𝑙 𝑝𝑜𝑖𝑛𝑡𝑠 ∗100 Calculate EER, FAR, FRR, threshold

Fuzzy Vault Protection (1) Polynomial Generation Secret: S = [c1 c2 ... cd+1] ∈ F(2m) length(S) = (d + 1) · m p(x) = c1 · xd + c2 · xd−1 + ... + cd+1 Scaling and Quantization m-bit representation (16-bit in our implementation) x,y scaled to distribute uniformly across the image x,y,θ quantized into 6,5,5 bit strings m = x | y | θ as a 16-bit integer (0 – 65535)

Fuzzy Vault Protection (2) Genuine Point Projection p(mq) = c1 · mq + c2 · mq + ... + cd+1 · mq GenuinePoints = [mq p(mq)] for all q ∈ genuine points Chaff Points Creation Random [chaffX chaffY] which do not belong to GenuinePoints At least minDist distance to genuine points Fuzzy Vault Merge Genuine and Chaff Points and randomly shuffle rows

Fuzzy Vault Key Release Partitioning Fuzzy vault mq partitioned into x,y,θ (reversing quantization) Distances and Subsets Trying to locate a number of potentially genuine points based on distances between vault and input points A larger number than d+1 is selected to try all possible combinations and increase chances of unlocking Polynomial Reconstruction A combination of d + 1 points reconstruct the polynomial by solving a system of equations Secret is retrieved as the unknown variables of the system

Results (1) Database Evaluation Protocol Minutiae database based on FVC2002DB1A Good quality sample selected Evaluation Protocol Multi-Enrolment (1 query template against 1,2 and 3 enrolled) Multi-Query (1 enrolled template against 1,2 and 3 query) FAR and FRR computed 20

Alignment Evaluation (1) trianglesNο. percentile δr δθ Found GAR Found FMR 4 60 20 87% 59% FRR FAR EER Threshold 0.2169 0.2034 0.2101 22.2036 21

Alignment Evaluation (2) Best θ selection: θ = 20 22

Results (2) Degree chaffNo. FailureThreshold trianglesNo. subsetsNo. 7 200-minutiaeNo. 25 4 13 Multi-Query Multi-Enrollment Template No. Gen.No FRR FAR 1 15 38.30 1.08 55.68 20 29.47 2.15 46.59 2.13 25 24.21 4.30 32.95 4.26 2 26.37 1.22 19.35 2.44 30.34 1.06 14.89 6.10 15.73 7.44 3 22.34 1.15 17.24 1.11 14.43 2.30 13.64 2.22 13.27 6.82 7.87 11 223

Results (3) 24

Conclusion Advantages Limitations Applicability Modular, decoupled Ideal for minutiae-based legacy systems Limitations Performance degradation Security and privacy risks due to the usage of minutiae Little entropy Applicability User authentication, key protection Mobile devices ( sensor & TEE )

Future Work Tweak and experiment with more parameters Research on non-minutiae alignment methods Further linkability analysis based on the helper data

Thank you for your attention !