Privacy-Preserving Fingerprint Authentication Using D-H Key Exchange and Secret Sharing

Wang, Huiyong; Luo, Mingjun; Ding, Yong

doi:https://doi.org/10.1155/2021/5344696

Security and Communication Networks

On this page

Abstract Introduction Related Work Preliminaries Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Research Article | Open Access

Volume 2021 | Article ID 5344696 | https://doi.org/10.1155/2021/5344696

Privacy-Preserving Fingerprint Authentication Using D-H Key Exchange and Secret Sharing

Huiyong Wang,^1,2Mingjun Luo,¹and Yong Ding^2,3

Academic Editor: Savio Sciancalepore

Received07 Jun 2021

Revised10 Aug 2021

Accepted28 Oct 2021

Published27 Nov 2021

Abstract

Biometric based remote authentication has been widely deployed. However, there exist security and privacy issues to be addressed since biometric data includes sensitive information. To alleviate these concerns, we design a privacy-preserving fingerprint authentication technique based on Diffie-Hellman (D-H) key exchange and secret sharing. We employ secret sharing scheme to securely distribute fragments of critical private information around a distributed network or group, which softens the burden of the template storage center (TSC) and the users. To ensure the security of template data, the user’s original fingerprint template is stored in ciphertext format in TSC. Furthermore, the D-H key exchange protocol allows TSC and the user to encrypt the fingerprint template in each query using a random one-time key, so as to protect the user’s data privacy. Security analysis indicates that our scheme enjoys indistinguishability against chosen-plaintext attacks and user anonymity. Through experimental analysis, we demonstrate that our scheme can provide secure and accurate remote fingerprint authentication.

1. Introduction

Biometric based authentication mainly depends on individual biological characteristics (such as fingerprint, face, iris, and palm print, etc.) or behavioral traits (such as speech and signature, etc.), which is convenient, fast, and less likely to be forgotten, lost, or copied compared to traditional authentication methods like password/tokens [1]. However, biometric based authentication verifies an individual’s identity according to the fixed natural connection between an individual and his or her biometrics. Once biometrics are stolen or forged and misused, it will result in significant losses for individuals, businesses, and even the government [2, 3]. This is because biological characteristics are usually unique and unchangeable, and they can never be revoked or reused once leaked or stolen [4]. Furthermore, the stolen biometric information may be used to acquire sensitive information about the owner, such as ethnic groups, genetic information, medical diseases, and health records [5]. As a result, developing a biometric authentication technique with privacy protection is critical [6–8].

Since the biometric authentication system needs to store and transmit individual biometrics in different entities, it is vulnerable to a variety of attacks [9]. For example, once the hackers or other malicious attackers break the template dataset and obtain the biometric data, they can access to all applications without user authorization where the same biological characteristics have been used [10]. A good biometric template protection system should have the following characteristics [11–13]:(1)Diversity: the same biometric data should have different template representations in different databases to resist cross-matching attacks(2)Reusability/revocability: the damaged or stolen template should be able to be revoked and a new template can be regenerated based on the same biometric data, which cannot be matched with the damaged or stolen one successfully(3)Noninvertibility: it is impossible to calculate or obtain a template with reasonable similarity to the original template from the protected template, so as to prevent the adversary’s biological fraud attack(4)Performance: the performance of the authentication system cannot be greatly reduced

To ensure the template’s security in a biometric authentication system [2, 14], the extracted biometric template should be protected (encrypted or transformed) being stored.

In this paper, building upon the fingerprint feature representation “FingerCode,” we propose a privacy-preserving fingerprint authentication scheme, which employs secret sharing and D-H key exchange. We summarise the contributions of the proposed method as follows:(i)The secret sharing technology effectively reduces the risk of key leakage and relieves storage pressure for users and TSC.(ii)The D-H key exchange technology used built bilinear groups can effectively conceal the real identity of users and generate different templates, which can resist replay attacks and cross-matching attacks.(iii)The proposed scheme can prevent attacks like chosen-plaintext attacks and cross-matching attacks and achieve the conditions of diversity, revocability, noninvertibility, and good performance.

The rest of this paper is organized as follows. Section 2 reviews the existing related work in this field. We introduce related knowledge in Section 3. The system model and construction goals are described in Section 4. Section 5 introduces ours fingerprint protection scheme and Section 6 proves its security. In Section 7, we discuss the test results, and finally, Section 8 concludes this paper.

Over the years, a number of biometric template protection schemes have been proposed [15–19]. In this section, we review some approaches that have been proposed to deal with the security and privacy issues of fingerprint authentication systems, which are relevant to the proposed method.

Tuyls [10] and Ratha [20] outlined the types of attacks that the biometric system could face at each stage, and they believed that attacks would range from template collecting to final recognition decision. For example, in the process of template collection, it may be vulnerable to spoofing attacks, brute force attacks, device replacement attacks, and denial of service attacks. In the process of sending the collected fingerprint feature templates to the matcher, there may exist replay attacks, eavesdropping attacks, man-in-the-middle attacks, and brute force attacks [12]. These surveys show us the right direction for constructing a remote authentication scheme with privacy protection.

Different biometric authentication applications in smart cities can help for human lives; thus, there are many scholars who conducted research in this field. For example, El-Latif et al. [21] introduced a score level multibiometrics fusion approach for healthcare. In their proposed approach, they treat the biometric traits of patient/user as a request for healthcare assistance, which are processed in the cloud management and received by the caregiver with valid identification/verification for further treatment. Then they use the 1D-log Gabor iris features, two-directional modified fisher principal component analysis MFPCA), and Complex Gabor Jet Descriptor face features for healthcare monitoring. In [22], Sedik et al. presented a system to discriminate pristine, adulterated, and fake biometrics in 5G-based smart cities by detecting alterations to biometric modalities. This work uses a convolutional neural network (CNN) and a hybrid structure that combines CNN with convolutional long-short term memory (ConvLSTM) as DLMs for the detection of different levels of alteration in biometrics that are employed for person identification, which provides a solution for different biometric authentication applications in secure smart cities.

Other research topics of biometrics involve protecting biometric templates and preserving users’ privacy. Peng et al. [23] designed a novel biometric cryptosystem scheme based on random projection (RP) and backpropagation neural network (BPNN) to solve the problems of biometric template protection. The main idea of this work is to project the original biometric feature vector onto a fix-length feature vector of random subspace using random projection. After that, a backpropagation neural network model was applied to bind a projected feature vector with a random key. Finally, based on BPNN, a robust mapping between a projected feature vector and a random key is learned to generate an error-correction based biometric cryptosystem.

Zhu et al. [24] suggested a matrix based and efficient biometric outsourcing scheme with privacy protection in 2018, which has good performance in the preparation phase and the recognition phase. However, Liu et al. [25] in 2019 proved this scheme is insecure under chosen-plaintext attack and proposed a new matrix transformation-based and privacy-preserving cloud computing, which not only can resist but also has good recognition performance. Zhu et al. [26] proposed a privacy-preserving online fingerprint authentication scheme, named e-Finga, over encrypted outsourced data in 2018. e-Finga is based on bilinear mapping, which outsources the user fingerprint registered in the trust center to other servers under user’s authorization, allowing the server to provide safe, accurate, and efficient identity verification services without leaking any fingerprint information. However, this method sends the user’s fingerprint template in plain text to the trusted organization in the registration phase, which poses a certain security risk.

Trivedi et al. [27] proposed a noninvertible cancellable fingerprint template generation scheme based on information extracted from the Delaunay triangulation of minutiae points system in 2020. In their method, the location information of the fingerprint without minutiae points was extracted from the triangles to solve the security problem brought by fingerprint reconstruction technology, which can handle the intraclass changes of fingerprints. In the same year, Kaur et al. [28] used cancellable biometrics and secret sharing to develop a privacy-preserving remote multiserver biometric authentication system. Their system allows user to operate safely on diverse applications and can prevent transmission attacks such as replay attacks, man-in-the-middle attacks, and database and server spoofing.

3. Preliminaries

In this section, we present the bilinear pairing technique and Decisional Diffie-Hellman assumption (DDH) problem and introduce the FingerCode-based identity matching algorithm which is the basis of our scheme.

3.1. FingerCode-Based Identity Matching Algorithm

The FingerCode-based identity matching algorithm utilizes a fixed-length “FingerCode” [29, 30] to characterize the fingerprint template, which uses a bank of Gabor filters to extract both local and global details in a fingerprint to produce a feature vector of fixed length, which is usually 640, where each element’s length is 8-bit integer. When matching two fingerprints, we usually compute a certain distance between their FingerCodes and decide whether the distance is smaller than a predetermined threshold . For example, given two fingerprint codes and , we can calculate their Euclidean distance using the following equation:

The Euclidean distance is then compared to . If the Euclidean distance is less than , the two fingerprints will be judged to be from the same person. Otherwise, it is judged to be from different persons.

3.2. Bilinear Pairing

Suppose and are two cyclic groups of prime order with generators and , respectively. Define a mapping . We call this mapping bilinear if the following properties are satisfied:(1)Bilinearity: and , ; (2)Nondegeneracy: , (3)Efficiency: , the mapping can be efficiently computed

3.2.1. The Decisional Diffie-Hellman Assumption (DDH)

Let be a cyclic group of prime order with a generator , and choose any triplet for some random values to any probability polynomial-time (PPT) and attackers ; the advantage for is negligible in , where .

4. Framework and Design Goals

In this section, we formalize the architecture of the proposed scheme and summarise its security requirements as follows.

4.1. System Architecture

The proposed fingerprint template protection system consists of three types of entities (see Figure 1), which are the template storage center , the matcher , and the user . We assume that is a trusted participant and is a semihonest participant.(1) bootstraps the system, which generates and sends system parameters to the user and the matcher. In real-world applications, can be an official entity of the government. The tasks of are to store the user’s encrypted fingerprint reference template and send the relevant reference template in ciphertext form to the matcher. Since all users must register in , the number of registered users will be significantly large. If the fingerprint templates registered by users are stored together, needs to spend a lot of time to find the reference fingerprint template corresponding to the user’s query identity when users make queries. Thus, there are many substorages in for user registrations and authentications. When the corresponding substorage cannot find the reference template corresponding to the user’s query identity, will retrieve and send the templates in all other substores to the matcher for matching.(2)User terminal converts the user’s physical fingerprints into digital fingerprint feature templates through the fingerprint sensor and uploads them to for storage or poses queries to the matcher after encrypting the fingerprint feature templates.(3)The matcher is mainly responsible for providing authentication service. Before providing fingerprint authentication services, the matcher must register in to obtain the right to identify user’s fingerprints. To evaluate whether the user is authenticated, the matcher compares the Euclidean distance between the user’s query template and the reference template to a predefined threshold. Only the users who pass the authentication can access the related servers.

4.2. Functionalities and Design Goals

In fingerprint authentication system, malicious entities can obtain user’s fingerprint template information as much as possible through eavesdropping, malicious attacks, etc. In order to achieve privacy-preserving remote identification, we determine the functionalities and design goals of the proposed system as follows:(1)User anonymity: the matcher is curious about the data entered by users to obtain additional information. Thus, for each query, the original identity is always converted into a ciphertext format to guarantee privacy, and only can decrypt the ciphertexts.(2)Template security: might also be attacked by an adversary. In order to prevent the user’s original fingerprint template information from being leaked after the server is compromised, the user’s reference template should be encrypted before being stored. Since the matcher might be curious about the templates input by the users and the templates stored in , to prevent the adversary from obtaining relevant fingerprint template information through cross-matching attack, the users and employ the same one-time key to encrypt the query template. Thereby, even if the matcher or adversary obtained all the templates from or the users, they cannot get any relevant information about the user’s original fingerprint template.(3)Efficiency: we ensure the efficiency of the system while ensuring the security and privacy of the user’s fingerprint template.

4.3. Framework of Our System

Formally, the proposed system consists of nine polynomial-time computable algorithms/protocols, that is, Ureg,Mreg, FTenc, Aque, , and .(1): on input of a security parameter , the fingerprint template protection system setup algorithm , which is run by , generates public key , private key for , and the public parameter for the system(2): on input of the public parameter , the user key generation algorithm , which is run by the users, generates a secret key and a public key and for (3): on input of the public parameter , the matcher key generation algorithm , which is run by the matcher, generates a secret key and a public key for (4): on input of the public parameter , the encrypted original fingerprint template , the user’s public key , and the user’s identity , the user registration algorithm , which is run by , generates the pseudo-identity for (5): on input of the matcher’s public key and identity , the matcher registration algorithm , which is run by , completes matcher registration(6): on input of the public parameter , the query fingerprint template , and the pseudo-identity of , the fresh fingerprint template encryption algorithm , which is run by , generates an encrypted query fingerprint template (7): on input of the public parameter , the fingerprint template authentication query algorithm , which is jointly run by and matcher with and , respectively, outputs two ciphertexts (8): on input of the public parameter , the secret key of , and the ciphertexts , the template storage center response algorithm , which is run by , outputs the ciphertext format that includes the reference fingerprint template(9): on input of the public parameter , the ciphertext format that includes the reference fingerprint template, and the secret key of the matcher, the matching algorithm, which is run by the matcher, outputs ‘1′ if the query is accepted; otherwise, it outputs ’‘

4.4. Formal Security Definitions

We consider the case where malicious users may forge fingerprint templates during registration and collude with honest-but-curious matcher to get arbitrary plaintext and corresponding ciphertext of fake reference templates. Let be a adversary, who plays the following game with a challenger . Setup: on input of a security parameter , the challenger generates and publishes the public parameter . Keys generation: on input of the public parameter , the challenger runs user key generation algorithm and returns the secret key , the public key , and of . Challenge: the adversary submits a pair of fingerprint templates plaintexts and with the same length to the challenger . And then the challenger chooses a bit uniformly and computes the ciphertext , which is given to the adversary . Guess: at the end of the game, the adversary outputs a guess and succeeds in the game if . Definition1 A fingerprint template protection scheme is secure (indistinguishable against chosen-plaintext attacks), if any adversary has only negligible advantage in in winning the above game; that is,

5. The Proposed Scheme

In this section, a concrete fingerprint template protection scheme based on bilinear groups is proposed. Table 1 summarises the frequently used notations.

5.1. System Setup

The template storage center bootstraps system setup and mainly carries out two tasks:(1)Preparatory work(1)generates a bilinear mapping , where and are cyclic groups with prime order and are two distinct generators of (2)selects random value , sets the as secret key, and computes , which is set as public key(3)picks four cryptographic hash functions and a threshold as , where and denote the lengths of the identities of fingerprint template and the user’s information, respectively(4)makes the system parameters public(2)Prepare substorage The template storage center prepares (for example, empty substorages for distributed storage of reference fingerprint templates registered by users.(1)selects random values , then computes , and denotes the substorages as (2)For the security of , picks random polynomials of degree like , which can translate into shares for storage

5.2. User Key Generation

In the user key generation phase, generates its own private key, public key, and according to system parameters . selects random values , computes , and sets its secret key and public key as and , respectively. Finally, picks a polynomial of degree , such as , which turns into shares for storage.

5.3. Matcher Key Generation

In the matching key generation stage, the matcher generates its own private key and public key according to the system parameters . The matcher selects random value and then computes . Finally, its secret key and public key are set as and , respectively.

5.4. User Registration

Each user’s original fingerprint sample will be preprocessed to extract feature and obtain the corresponding fingerprint template . Note that might also be attacked by the adversary. Thus, the user first uses to encrypt the original fingerprint template before registering in :Without loss of generality, we let . And then the user sends the public key , its identity information , and the encrypted original fingerprint template to . And stores the user’s information in substorage randomly and sends corresponding to the identity of each substorage to , which is set as the user’s pseudo-identity.

5.5. Matcher Registration

In the registration phase, the matcher submits its identity information and public key to for signature verification.

5.6. Fresh Fingerprint Template Encryption

should first obtain a fresh fingerprint template with the fingerprint sensor before initiating an authentication query to the matcher. Then picks a random value and a positive random value , computes , and encrypts the fresh fingerprint template as follows:

We denote this as without loss of generality. Finally, extends to a n+3-dimensional vector .

5.7. Authentication Query

The authentication query stage is mainly divided into two steps: initiates a fingerprint authentication query request to the matcher and the matcher asks for the reference fingerprint feature template corresponding to the user’s claimed identity.

Step 1. chooses three random values after encrypting his fingerprint template into and computes the ciphertext , whereThen, the user sends to the matcher, where is a time stamp.

Step 2. Upon receiving from , the matcher runs the following steps to decrypt ciphertext with its secret key . The matcher computesand checks whether the following condition is satisfied:If it is true, the matcher saves . And without loss of generality, we let . Then the matcher picks a random value and computes . Finally, the matcher submits to , where and are the identity of the matcher and a time stamp, respectively.

5.8. Response

Upon receiving from the matcher, performs the following process. first decrypts ciphertext with its secret key :and checks whether the following conditions are satisfied:

If both are true, accepts , and . Then finds the substorage that corresponds to and computes . should encrypt reference fingerprint templates corresponding to the identity in the substorage with

Without loss of generality, we denote it as . Then selects two random values and a positive random value , extends to -dimensional vector as , and computes the ciphertext , where

Finally, sends to the matcher, where is a time stamp.

5.9. Matching

Upon receiving , the matcher decrypts with its secret key asand checks whether the following condition is satisfied:

If it is true, the matcher saves . We denote it as .

Then the matcher matches with query fingerprint template

Since and are both positive, the matcher outputs “1” when the results of the user’s query fingerprint template and the reference fingerprint template are greater than or equal to 0; otherwise, it outputs “.”

6. Soundness and Security

In this section, we show that our scheme is sound and enjoys various security and privacy as discussed below. Theorem 1 The proposed fingerprint template protection scheme is sound.

Proof. We only need to show equations (7)–(14) hold.
For a public key of , equation (7) holds as below:In the fingerprint template storage center response phase, ciphertexts and can pass the verification of equations (9) and (10), respectively:For a valid ciphertext , equation (14) holds in matching stage as follows:

Theorem 2. The proposed scheme is secure. That is, suppose the DDH assumption holds; the fingerprint template of the developed scheme is security.

Proof. If there exists an adversary that can break the fingerprint template protection scheme with nonnegligible probability , then we can construct a algorithm to solve the underlying .
We consider the following algorithm attempts to solve the DDH problem. Suppose receives , , and the system parameters , where , , and is either or (for uniform. The goal of is to determine which is the case.

Algorithm C:. The algorithm is given , , and the system parameters as input.(1)Sets and runs to obtain two fingerprint templates with (2)Chooses a bit uniformly, and sets (3)Gives the ciphertext to and obtains an output bit . If , outputs 1; otherwise, output 0There are two cases about the behavior of C to consider:

Case1. The challenger chooses random values and sets , and then runs on a public key constructed as and returns a ciphertext as .
In this case, we can see that the view of when run as a subroutine by is distributed identically to view in the game of Section 4.4. Since outputs 1 exactly when the output of is equal to , we have

Case2. The challenger chooses random values and sets ; then runs on a public key constructed as and returns a ciphertext as .
In this case, we can see that the view of when run as a subroutine by is distributed identically to view in the game of Section 4.4. Since outputs 1 exactly when the output of is equal to , we haveUnder the assumption that the DDH problem is hard, there is a negligible function such thatThis implies that , which demonstrates the proposed fingerprint template scheme is secure.
In addition to satisfying the above security, a secure fingerprint template protection scheme also needs to satisfy diversity, noninvertibility, and performance. The experimental results and analysis in Section 7 have proved that the fingerprint template protection scheme proposed in this paper will not affect the performance of the fingerprint authentication system. Next, we analyze the security of the proposed scheme in other aspects.(1)Noninvertibility: An adversary is impossible to calculate or recover a template with reasonable similarity to the original template from the transformed template. In our scheme, the original fingerprint template is first encrypted to by adding each element of the original fingerprint template to the hash value of randomly selected by the user in registration phase. And in the query stage, each element of is added to the hash value of a random number again, which is generated by the Diffie-Hellman key exchange. Thus, to obtain the original template, the adversary must first obtain the value of . However, to obtain , it must solve the DDH assumption problem, which is hard. In this case, our scheme satisfies noninvertibility.(2)Diversity and Revocability: If a stored template is damaged or stolen, we should be able to revoke it and issue a new one based on the same original template to replace it, and it cannot match the new template successfully. In this paper, we encrypt fingerprint template by exploiting the hash values of the random keys and , which is selected by user. Thus, different transformed fingerprint templates can be generated from the same sample by changing only or only or both of them. So our scheme satisfies diversity and revocability.(3)User Anonymity: For each query, the original identity is always converted into a ciphertext format to guarantee privacy, where only can decrypt the ciphertexts. Therefore, an adversary is infeasible to trace the original identity making the transaction.Existing literature on biometric template protection suffers from the problem of key management; that is, whether the key is stored in the server or is kept by the user, there is a risk of key leakage or loss. In this paper, the secret sharing can safely distribute confidential data in an efficient, secure, and private manner without storing it on a centralized server, which can reduce the risk of information leakage. The proposed scheme satisfies the security, which is attributed to the D-H key exchange. The D-H key exchange allows the user and template storage center to encrypt the query fingerprint template with different random number in each query, thus strengthening security.

7. Experimental Analysis

We implement our system by using MATLAB (2019b) as the programming language. All experimental results were run on Windows 10 with 8-core 3.00 GHz Intel i7 CPU and 16 GB RAM. We use the public fingerprint dataset (http://www.neurotechnology.com) composed of 408 grayscale fingerprint images acquired by a CrossMatch Verifier 300 sensor for performance testing. The dataset contains 8 images for each individual and each image is of 512 480 pixel size with a resolution equal 500 dpi [31]. Figure 2 shows two image samples in the dataset.

(a)

(b)

Our main purpose is to study the effectiveness of the fingerprint template protection, not the fingerprint recognition algorithm, so the final recognition accuracy is somewhat different from the accuracy obtained by the relevant fingerprint recognition algorithm. The performance of the proposed system on accuracy is measured as equal error rate (EER). The EER is the error rate when the false acceptance rate (FAR) and the false rejection rate (FRR) are equal, which can reflect the overall accuracy of the fingerprint recognition system and the acceptability of the query user. In order to test the impact of the number of features in the FingerCode template on performance, we generated a total of 4 different configurations, corresponding to 4 sets of FingerCode vectors with a length ranging from 640 features (original configuration) to 96 features. Table 2 lists the detailed parameters of each configuration ( represent the dimension of features, the number of filters, the number of centric bands, the width of each band, and the number of sectors in each band, respectively).

The experimental results in Figure 3 and Table 3 prove that the protection method proposed in this paper has no effect on the performance of the fingerprint authentication system and fully demonstrates that the template protection scheme proposed in this paper guarantees the recognition performance and feasibility of the fingerprint recognition system.

It can be seen from Figure 4 that the performance between different feature quantity configurations is very close, but compared with the original 640-dimensional feature configuration, the performance of the other two configurations (192-dimension and 96-dimension) is slightly worse, which shows the fingerprint template feature reduction will influence the system accuracy.

8. Conclusion

In this paper, a privacy-preserving fingerprint authentication scheme is proposed. We utilize the secret sharing technology to store keys to reduce the risk of key leakage and exploit the D-H key exchange to conceal the real identity of the users and generate various fingerprint templates to prevent cross-matching attack over bilinear groups. And in order to protect privacy and confidentiality of all fingerprint templates, the matcher matches the templates in ciphertext format without destroying authentication accuracy. The designed framework maintains user anonymity, diversity, revocability, noninvertibility, and indistinguishability against chosen-plaintext attacks. Through security and experimental analysis, we demonstrate the security strength and the performance of the proposed system.

Since the user’s original fingerprint template is stored in ciphertext format in the template storage center, it requires a user to reenroll if the template storage center is attacked and the templates in it are compromised, which is a limitation of the proposed method.

Recently, some novel fingerprint representations demonstrated superior authentication accuracy, which lay a great foundation for the future development of fingerprint template protection methods, for example, the Minutia Cylinder-Code (MCC) [32], a representation based on 3D data structures (called cylinders) and the DeepPrint [33], a fixed-length fingerprint representation of only 200 bytes. Built upon this novel fingerprint representation, we will investigate template protection for fingerprint biometric systems. In addition, multiple-biometric template protection and artificial intelligence (AI) based template data protection are worthy of further study.

Data Availability

The data used to support the findings of this study are included within the article.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.

Acknowledgments

This article is supported in part by the National Key R&D Program of China under Projects 2020YFB1006003 and 2020YFB1006004, the National Natural Science Foundation of China under Projects 61772150, 61862012, and 61962012, the Guangdong Key R&D Program under Project 2020B0101090002, the Guangxi Natural Science Foundation under Grants 2018GXNSFDA281054, 2019GXNSFFA245015, 2019GXNSFGA245004, and AD19245048, the Peng Cheng Laboratory Project of Guangdong Province PCL2018KP004, and the Innovation Project of GUET Graduate Education 2021YCXS115 and 2021YCXS116.

References

Y. J. Lee, K. Bae, S. J. Lee, K. R. Park, and J. Kim, “Biometric key binding: fuzzy vault based on iris images,” in Proceedings of the International Conference on Biometrics, pp. 800–808, Springer, Seoul, South Korea, August 2007.
View at: Google Scholar
C. Rathgeb and A. Uhl, “A survey on biometric cryptosystems and cancelable biometrics,” EURASIP Journal on Information Security, vol. 2011, no. 1, pp. 1–25, 2011.
View at: Publisher Site | Google Scholar
M. A. Acquah, N. Chen, J.-S. Pan, H.-M. Yang, and B. Yan, “Securing fingerprint template using blockchain and distributed storage system,” Symmetry, vol. 12, no. 6, p. 951, 2020.
View at: Google Scholar
L. James, A. K. Jain, D. Maltoni, and D. Maio, Biometric Systems: Technology, Design and Performance Evaluation, Springer Science & Business Media, Berlin, Germany, 2005.
P. Elena and A. Mitrokotsa, “Privacy-preserving biometric authentication: challenges and directions,” Security and Communication Networks, vol. 2017, Article ID 7129505, 9 pages, 2017.
View at: Google Scholar
W. Qing, H. Zhu, R. Lu, and H. Li, “Achieve efficient and privacy-preserving online fingerprint authentication over encrypted outsourced data,” in Proceedings of the 2017 IEEE International Conference on Communications (ICC), pp. 1–6, IEEE, Paris, France, May 2017.
View at: Google Scholar
S. Pan, Y. Shen, and W.-T. Zhu, Security Analysis on Privacy-Preserving Cloud Aided Biometric Identification Schemes, Springer-Verlag, Berlin, Germany, 2016.
View at: Publisher Site
X. Dong, Z. Jin, A. B. Jin, M. Tistarelli, and K. S. Wong, “On the security risk of cancelable biometrics,” 2019, https://arxiv.org/abs/1910.07770.
View at: Google Scholar
A. B. J. Teoh and D. C. L. Ngo, “Cancellable biometerics featuring with tokenised random number,” Pattern Recognition Letters, vol. 26, no. 10, pp. 1454–1460, 2005.
View at: Publisher Site | Google Scholar
P. Tuyls, B. Škoric, and T. Kevenaar, Security with Noisy Data: On Private Biometrics, Secure Key Storage and Anti-counterfeiting, Springer Science & Business Media, Berlin, Germany, 2007.
D. Maltoni, D. Maio, A. K. Jain, and S. Prabhakar, Handbook of Fingerprint Recognition, Springer Science & Business Media, Berlin, Germany, 2009.
A. K. Jain, K. Nandakumar, and A. Nagar, “Biometric template security,” EURASIP Journal on Applied Signal Processing, vol. 2008, pp. 1–17, 2008.
View at: Publisher Site | Google Scholar
M. Shahzad, S. Wang, G. Deng, and W. Yang, “Alignment-free cancelable fingerprint templates with dual protection,” Pattern Recognition, vol. 111, Article ID 107735, 2021.
View at: Google Scholar
R. Cappelli, D. Maio, A. Lumini, and D. Maltoni, “Fingerprint image reconstruction from standard templates,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 29, no. 9, pp. 1489–1503, 2007.
View at: Google Scholar
A. Anil Kumar and K. S. A. Kumar, “Security and performance enhancement of fingerprint biometric template using symmetric hashing,” Computers & Security, vol. 90, Article ID 101714, 2020.
View at: Publisher Site | Google Scholar
A. Siswanto, N. Katuk, and K. R. Ku-Mahamud, “Chaotic-based encryption algorithm using henon and logistic maps for fingerprint template protection,” International Journal of Communication Networks and Information Security, vol. 12, no. 1, pp. 1–9, 2020.
View at: Google Scholar
S. Syed, V. Singh Baghel, I. I. Ganapathi, and S. Prakash, “Robust biometric authentication system with a secure user template,” Image and Vision Computing, vol. 104, Article ID 104004, 2020.
View at: Google Scholar
J. B. Kho, J. Kim, I.-J. Kim, and A. B. J. Teoh, “Cancelable fingerprint template design with randomized non-negative least squares,” Pattern Recognition, vol. 91, pp. 245–260, 2019.
View at: Publisher Site | Google Scholar
A. Muhammed, N. C. Mhala, and A. R. Pais, “A novel fingerprint template protection and fingerprint authentication scheme using visual secret sharing and super-resolution,” Multimedia Tools and Applications, vol. 80, no. 7, pp. 10255–10284, 2021.
View at: Publisher Site | Google Scholar
N. K. Ratha, J. H. Connell, and R. M. Bolle, “Enhancing security and privacy in biometrics-based authentication systems,” IBM Systems Journal, vol. 40, no. 3, pp. 614–634, 2001.
View at: Publisher Site | Google Scholar
A. Ahmed, A. El-Latif, M. S. Hossain, and N. Wang, “Score level multibiometrics fusion approach for healthcare,” Cluster Computing, vol. 22, no. 1, pp. 2425–2436, 2019.
View at: Publisher Site | Google Scholar
S. Ahmed, H. Mohamed, A. El-Latif et al., “Deep learning modalities for biometric alteration detection in 5g networks-based secure smart cities,” IEEE Access, vol. 9, pp. 94780–94788, 2021.
View at: Google Scholar
J. Peng, B. Yang, B. B. Gupta, and A. A. El-Latif, “A biometric cryptosystem scheme based on random projection and neural network,” Soft Computing, vol. 25, no. 11, pp. 7657–7670, 2021.
View at: Publisher Site | Google Scholar
L. Zhu, C. Zhang, C. Xu, X. Liu, and C. Huang, “An efficient and privacy-preserving biometric identification scheme in cloud computing,” IEEE Access, vol. 6, pp. 19025–19033, 2018.
View at: Publisher Site | Google Scholar
C. Liu, X. Hu, Q. Zhang, J. Wei, and W. Liu, “An efficient biometric identification in cloud computing with enhanced privacy security,” IEEE Access, vol. 7, pp. 105363–105375, 2019.
View at: Publisher Site | Google Scholar
H. Zhu, Q. Wei, X. Yang, R. Lu, and H. Li, “Efficient and privacy-preserving online fingerprint authentication scheme over outsourced data,” IEEE Transactions on Cloud Computing, vol. 9, no. 2, pp. 576–586, 2021.
View at: Publisher Site | Google Scholar
A. K. Trivedi, D. M. Thounaojam, and S. Pal, “Non-invertible cancellable fingerprint template for fingerprint biometric,” Computers & Security, vol. 90, Article ID 101690, 2020.
View at: Google Scholar
H. Kaur and P. Khanna, “Privacy preserving remote multi-server biometric authentication using cancelable biometrics and secret sharing,” Future Generation Computer Systems, vol. 102, no. 30–41, 2020.
View at: Publisher Site | Google Scholar
A. K. Jain, S. Prabhakar, H. Lin, and S. Pankanti, “Fingercode: a filterbank for fingerprint representation and matching,” in Proceedings of the. 1999 IEEE Computer Society Conference on Computer Vision and Pattern Recognition (Cat. No PR00149), vol. 2, pp. 187–193, IEEE, Fort Collins, CO, USA, June 1999.
View at: Google Scholar
A. K. Jain, S. Prabhakar, L. Hong, and S. Pankanti, “Filterbank-based fingerprint matching,” IEEE Transactions on Image Processing, vol. 9, no. 5, pp. 846–859, 2000.
View at: Publisher Site | Google Scholar
M. Barni, T. Bianchi, D. Catalano et al., “A privacy-compliant fingerprint recognition system based on homomorphic encryption and fingercode templates,” in Proceedings of the 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS), pp. 1–7, IEEE, Washington, DC, USA, Sep 2010.
View at: Publisher Site | Google Scholar
R. Cappelli, M. Ferrara, and D. Maltoni, “Minutia cylinder-code: a new representation and matching technique for fingerprint recognition,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 32, no. 12, pp. 2128–2141, 2010.
View at: Publisher Site | Google Scholar
J. J. Engelsma, K. Cao, and A. K. Jain, “Learning a fixed-length fingerprint representation,” IEEE Transactions on Pattern Analysis and Machine Intelligence, vol. 43, no. 6, pp. 1981–1997, 2021.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2021 Huiyong Wang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

576

Downloads

617

Citations

Security and Communication Networks

Privacy-Preserving Fingerprint Authentication Using D-H Key Exchange and Secret Sharing

Abstract

1. Introduction

2. Related Work

3. Preliminaries

3.1. FingerCode-Based Identity Matching Algorithm

3.2. Bilinear Pairing

3.2.1. The Decisional Diffie-Hellman Assumption (DDH)

4. Framework and Design Goals

4.1. System Architecture

4.2. Functionalities and Design Goals

4.3. Framework of Our System

4.4. Formal Security Definitions

5. The Proposed Scheme

5.1. System Setup

5.2. User Key Generation

5.3. Matcher Key Generation

5.4. User Registration

5.5. Matcher Registration

5.6. Fresh Fingerprint Template Encryption

5.7. Authentication Query

5.8. Response

5.9. Matching

6. Soundness and Security

7. Experimental Analysis

8. Conclusion

Data Availability

Conflicts of Interest

Acknowledgments

References

Copyright