Template protection is an issue of paramount importance for the design of secure and privacy-compliant biometric recognition systems. Template unlinkability, together with template irreversibility, is an essential requirement to properly guarantee template protection. In fact, it ensures that templates generated from the same trait, but used in different applications, cannot be linked to the same identity. This paper deals with the design of a system satisfying the unlinkability requirement. The robustness of the proposed solution is evaluated by exploiting methods stemming from the theory of stochastic optimization, as well as by using quantitative measures specifically proposed to characterize the unlinkability of biometric protection schemes. A case study using finger-vein biometrics is considered to test the proposed cryptosystem on non-ideal data. The proposed scheme guarantees 128 bits of security with acceptable false recognition rates in real-life conditions. Moreover, we provide guidelines to determine the parameters of the transformations to be applied to real biometric traits so as to ensure proper recognition, security, and unlinkability performance.
Hine, G.e., Kuzu, R.s., Maiorana, E., Campisi, P. (2023). Unlinkable Zero-Leakage Biometric Cryptosystem: Theoretical Evaluation and Experimental Validation. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 18, 3492-3505 [10.1109/TIFS.2023.3279617].
Unlinkable Zero-Leakage Biometric Cryptosystem: Theoretical Evaluation and Experimental Validation
Hine, GE;Kuzu, RS;Maiorana, E;Campisi, P
2023-01-01
Abstract
Template protection is an issue of paramount importance for the design of secure and privacy-compliant biometric recognition systems. Template unlinkability, together with template irreversibility, is an essential requirement to properly guarantee template protection. In fact, it ensures that templates generated from the same trait, but used in different applications, cannot be linked to the same identity. This paper deals with the design of a system satisfying the unlinkability requirement. The robustness of the proposed solution is evaluated by exploiting methods stemming from the theory of stochastic optimization, as well as by using quantitative measures specifically proposed to characterize the unlinkability of biometric protection schemes. A case study using finger-vein biometrics is considered to test the proposed cryptosystem on non-ideal data. The proposed scheme guarantees 128 bits of security with acceptable false recognition rates in real-life conditions. Moreover, we provide guidelines to determine the parameters of the transformations to be applied to real biometric traits so as to ensure proper recognition, security, and unlinkability performance.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.