Biometric template protection based on the fingerprint fuzzy vault scheme

University ID: 10532 Students ID: LB2010036 Subject Index: TP301 Security Level: Normal PhD THESIS BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME Student name : NGUYEN THI HANH College : Information Science and Engineering Supervisor : Professor LI RENFA & Dr WANG YI Major : Research field : Date : Computer science and technology Information Security Jan 2014 学校代号: 10532 学号 : LB2010036 密级: 普通湖南大学博士学位论文 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME 学位申请人姓名 : 培养单位 : 导师姓名及职称 : NGUYEN THI HANH 信息科学与工程学院李仁发教授, 王奕博士专业名称 : 研究方向 : 信息安全论文提交日期 : 2013 年 11 月 20 日论文答辩日期 : 2014 年 01 月 09 日答辩委员会主席 : 计算机科学与技术殷建平教授 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME A Thesis Submitted to Graduate School Of HUNAN UNIVERSITY By NGUYEN THI HANH Lecturer In Partial Fulfillment of the Requirements for the Degree Of Doctor of Philosophy of Engineering in Computer Science and Technology SCHOOL OF INFORMATION SCIENCE AND ENGINEERING Supervisor Professor LI RENFA, Doctor WANG YI January 2014 Copyright 2014, NGUYEN THI HANH HUNAN UNIVERSITY DECLARATION I, NGUYEN THI HANH, hereby declare that the work presented in this PhD thesis entitled “BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME.” is my original work and has not been presented elsewhere for any academic qualification Where references have been used from books, published papers, reports and web sites, it is fully acknowledged in accordance with the standard referencing practices of the discipline Student’s signature: Date: Copyright Statement Permission is herewith granted to Hunan University to circulate and reproduce for non-commercial purposes, at its discretion, this thesis upon the request of individuals or institutions The author does not reserve other publication rights and the thesis nor extensive extracts from it be printed or otherwise reproduce without the author’s written permission This thesis belongs to: Secure □, and this power of attorney is valid after Not secure □ （Please mark the above corresponding check box with“√”） Author’s Signature: Date: Supervisor’s Signature: Date: I DEDICATION This thesis is dedicated to my husband, my family, my friends, and my beloved II BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME ABSTRACT In the last few years biometric technologies have been employed for automatic human authentication and identification at an increasing rate due to several inherent advantages that they offer However, increasing usage of biometric technology raised many concerns One of the biggest challenges in biometric systems is how to secure the storage of biometric templates Once the adversaries have compromised a template, they can use this template to imitate as the legitimate users This leads to serious problems in security and privacy, such as imitation, information leakage, and tracking/tracing threats in biometric systems The template protection technologies can be categorized into the following two main classes: (i) transformation based technologies and (ii) biometric cryptosystems In the transformation based technologies, the biometric features are transformed using a non-invertible transformation such that the matching can be performed in the transformed domain Such techniques are secure since the original biometric features are not explicitly presented in the biometric templates Biometric cryptosystems are techniques that the user’s biometric features combine with an external key to construct a helper data, and they are stored publicly as a reference database instead of the template Both the secret key and biometric template are hidden in this helper data The key should be recoverable when another instance of the biometric template closely matching the template is presented In this dissertation, we employ the fuzzy vault scheme to analyze and improve the biometric cryptosystems The fuzzy vault scheme becomes one of the most popular algorithms, which is used to protect the biometric templates and secret key simultaneously In fuzzy vault scheme, the biometric features are used to lock and unlock the secret key, which is encoded as the coefficients of a polynomial equation Its security based on the infeasibility of the polynomial reconstruction problem Furthermore, the performance and security of fuzzy vault scheme can be improved by increasing the number of chaff points to the vault First, we propose a new chaff point generation algorithm for fuzzy vault scheme in biometric cryptosystems This algorithm reduces significantly the computation time for producing more chaff points Additionally, the degree of freedom of chaff points does not depend on the order that they are generated for concealing genuine points It is hard III BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME for the attacker based on the degree of freedom to distinguish the chaff and genuine points Second, we propose and implement an effective minutiae-based fuzzy vault scheme The chaff points are generated by our proposed algorithm is mentioned above The computational time of fuzzy vault scheme significantly reduced and the security of fingerprint templates is also improved This shows that our scheme can be applied to real-time authentication system in practice Third, we improve the ridge-based coordinate system (RCS) which is used to redefine the ridge features in distorted fingerprint images A novel ridge feature extraction algorithm is proposed to improve the accuracy of fingerprint matching and reduce the time of ridge feature extraction process Thus, the algorithm matching based on this data structure ridge features could avoid the alignment process which deals with the nonlinear deformation of fingerprint image and ensures the accuracy Finally, we propose a new chaff ridge feature generation algorithm for the fuzzy vault Furthermore, we also propose a novel fuzzy vault scheme based on ridge features In this scheme, ridge features are used as the encoding and the decoding sets; template sets are matched by using matching algorithm is mentioned in above contribution Our fuzzy vault scheme achieved the high accuracy for distorted fingerprint images and ensured the privacy and security of both secret key and fingerprint templates simultaneously Keywords: Biometrics, Biometric Template, Fingerprint, Fuzzy Vault, Biometric Encryption, Ridge Features, Ridge-based Coordinate Systems, Template Security, Biometric system IV BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME 详细中文摘要与其他传统方法相比，生物技术在个人身份验证和识别方面更有优势，因此近几年来应用到了越来越多的领域。但是，也带来了许多令人担忧的问题。其中，生物识别系统能否被广泛应用的最大挑战就是生物特征模板的安全存储。所谓生物特征模板，就是从生物样本中提取出的具有独特生物信息的数字参考。在用户注册登记阶段，可以采集到用户的生物特征模板。当攻击者获取到了一个模板，就能利用这个模板模仿合法用户。这将导致了严重的安全和隐私问题，例如冒充、信息泄露以及生物识别系统的追踪或跟踪威胁。 1.背景一个关键的问题是如何保护用户的生物特征模板。模板通常被存储在数据库或智能卡里。被窃取的生物特征模板通常通过如下两种途径危害识别系统的安全：（i）被窃取的生物模板可被重新放入匹配程序以实现未经授权的访问（or 非法访问、非法存取）。（ii）生物特征模板被用来创建一个伪造品以实现对系统未经授权的访问。和密钥不同，一旦生物特征模板被获取，其合法用户将无法撤销其原有的生物识别码，换成另一组识别码。因为生物数据不可重新替换的特性，获取存储模板的攻击构成了生物识别系统的安全和隐私的主要威胁。在生物密码系统中，模板保护技术主要分为以下两类：（i）基于变换的技术和（ii）生物密钥技术。在基于变换的技术中，对生物特征信息进行非可逆变换，并在变换域上匹配该信息。这种技术是安全的，因为在生物模板中原始的生物特征信息并未明确地被体现。在生物密钥技术中，用户的生物特征和外部密钥相结合来构造一个辅助数据（helper data），该信息以数据库的形式而不是模板的形式存储。在辅助数据中隐藏密钥和生物特征模板信息。生物特征加密技术有两类：密钥绑定和密钥生成。若辅助数据通过生物特征模板和密钥绑定的方法生成的，称为密钥绑定。若辅助数据由生物特征模板生成，而密钥由辅助数据和生物特征模板共同生成，称为密钥生成。由 Juels 和 Sudan 提出的模糊保险箱机制（Fuzzy Vault scheme）是密钥绑定方法中的一种智能的生物加密算法。模糊保险箱算法被用于保护生物特征模板和密钥。模糊保险箱机制旨在利用生物特征模板保障关键数据的安全，使得只有合法用户提供有效指纹后才可访问保密数据。在编码阶段，利用多项式编码和错误校验产生保险箱模板，可以使得在缺少有效生物特征信息时，密钥无法被复制。在这个过程中，密钥被编码为多项式 P(x) 的系数。生物特征信息中的元素被映射到多项式函数中。这些元素被称为真实点（genuine points）。杂凑点（chaff point）是不在该多项式中的噪声点，它们可以随机生成，用来保护在保险箱模板中的真实点，并公开存储在数据库中。在解码阶段，通过测量生物特征模板和查询模板之间的差值，来恢复真实点和私钥。模糊保险箱框架结合了密码学和生物统计学的优点，该框架更为适合密码和生物认证交叉融合的应用。模糊保险箱机制在计算生物数据类内距离上不同于密码学：当查询生物特征模板及其模板（biometric template）的差异很小时，模糊保险箱可能会允许一个匹配的发生。模糊保险箱的安全性取决于多项式重构的不可逆性。通过增加杂凑点的数目，提高保险箱的性能。 V BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME 模糊保险箱机制广泛应用于指纹识别。各种基于指纹的该机制可以概括的分为两类：基于细节特征的模糊保险箱机制和基于描述符的模糊保险箱机制。在基于细节特征的机制中，细节特征是编码集和解码集。细节特征指的是指纹脊线的端点和分支点。每个细节特征由参数(x, y, , t)描述，(x, y)表示细节特征的坐标， 表示细节特征的方向，t 表示细节特征的类型。在基于描述符的机制中，描述符是编码集和解码集。细节特征描述符指的是一个细节特征的相邻细节特征方向和纹线频率信息。细节特征描述符可分为三种：基于脊线（ridge-based）的、基于方向（orientation-based）的、基于细节特征的（minutiae-based）。模糊保险箱技术已经成为生物特征模板保护技术中最具潜力的机制。当其逐渐被研究和应用所采纳后，研究者也提出了相应的攻击策略。大部分的攻击者假设监听从数据库获得保险箱信息，几种攻击方法包括暴力破解（ brute force attack）和相关性攻击（correlation attack），都能够以成功进行攻击。比如， Chang 等利用所有点的统计特性，将真实点和杂凑点进行区分。观察结果表明，杂凑点实际上是趋于集中的。由于杂凑点是一个接一个地被生成的，所以后来构造杂凑点往往意味着它周围的空区越小，也就是说，模糊保险箱的安全性高度依赖于杂凑点的生成方法。如果杂凑点的数目接近于最大可能的杂凑点的数目，那么这种攻击方法就比蛮力攻击更有效率。它的基本理念就是，杂凑点附近的自由区域小于真实点附近的自由区域。评价系统的目的是为了鉴别所提出系统的实际应用性和掌握该系统性能的弱点和限制条件。评价生物识别系统的性能，有几种现有的度量。使用较多的度量包括真实特征的错误拒绝率（FRR）和冒充特征的认假率（FAR）。但这两种错误率是负相关的，所以经常使用的性能评价度量是受试者工作特征（Receiver Operating Characteristic）曲线，即 ROC 曲线。ROC 曲线反映了在不同的接受阈值（acceptance threshold）下，真实接受率 1-FRR（true accept rate）随 FAR 的变化情况。模糊保险箱机制的安全性取决于杂凑点掩藏真实点的能力。杂凑点的作用是增加伪多项式的数目。分析模糊保险箱机制安全性的另一种方法是最小熵理论。该理论基于多项式重构的复杂性，对安全性进行分析。基于指纹的保险箱（fingerprint-based vault）V={(ai,bi)}ti=1 是一个由 t 个点组成的无序集。这 t 个点由 r 个在多项式 P 上的点和 s 个不在多项式 P 上的杂凑点组成。多项式 P 由密钥 K 来定义。如果 X 和 Y 分别是真实点集和杂凑点集，且 aiX 或 Y, i=1, 2, …,t。仅当攻击者能找到一个候选集 L’’={(aj,bj)}n+1j=1 的情况下，保险箱才可被破解。L”是 V 的一个子集，且 ajX, ( aj,bj)L”，其中 n 是多项式 P 的阶。若没有其他附加信息，攻击者将不得不随机从 V 集合中选出一个含(n+1)点的子集，用来破解保险箱。本文称这种情况叫蛮力攻击。若细节特征点坐标（minutiae location）和细节特征点方向（minutiae orientation）均是均匀分布的，真实点模板 MT 最小熵可由下式计算：  (rn 1 )  H  ( M | V )  log  t   (n 1 )  T (1) 另外，本文可以依据暴力攻击的情况来分析模糊保险箱机制的安全性。本文假设攻击者使用暴力攻击方法攻击一个生物特征识别系统（biometric system）， VI BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME 假如该攻击使用暴力破解方法。假如使用保险箱中所有（n+1）个点的组合，若秘密的大小是 k 比特，保险箱中真实点和杂凑点的数目分别为 r 和 t，所有可能的   t r 组合数目是 n 。在这些所有可能的组合中，假设有能够破解秘密的概率是：     t n t r n   个能够成功破解秘密。 t n (2) 现有的两个公开可用的指纹数据库分别是 NIST 特殊数据库和 FVC （Fingerprint Verification Competition）数据库。FVC 数据库的建立，是为了提供公平公正的方法，对指纹匹配算法结果进行比较。大多数算法的作者在 FVC 数据库上公布了实验结果。因此本文也使用 FVC 数据库对提出协议的性能进行分析比较。 2.问题描述尽管模糊保险箱机制被证明具有多种安全属性，但是它仍有自身的一些限制。如果相同的生物特征数据被重用，以构建一个不同的模板保险箱（利用不同的多项式和杂凑点），那么模糊保险箱机制的安全性就会受到威胁。若果攻击者利用持有基于相同生物特征数据的两个不同的保险箱模板，就可轻易的识别真实点。这样，容易造成不同数据库之间模板的交叉匹配。由于生物特征数据的非均匀性，攻击者很容易利用保险箱模板中点的统计分析结果来攻击。攻击者可以使用自己的生物特征数据来代替模板中的一些点，因为杂凑点的数目远大于真实点。如果原始模板信息在用户认证阶段被暴露的话，攻击者能够获得到原始模板信息。上文提到的这些局限性带来了挑战。在本文的研究中，为了提高模糊保险箱机制的性能和安全，这些问题需要合适的解决方案。这些问题如下： —本文采取一种使攻击者无法识别真实点的方式来生成杂凑点。该杂凑点根据以下两个标准随机生成：（i）杂凑点应不易与真实点区分（或者杂凑点和真实点应差别较小，不易区分）（ii）杂凑点的自由度不依赖于其生成的次序。若以上两点都可满足，则模板的安全性会得到显著加强。 —在模糊保险箱机制中，计算最为密集的模块是杂凑点生成模块。它几乎占据了整个生物特征识别系统 18%的计算时间。在生物特征加密系统需要实时实现时，现有的杂凑点生成算法是不够合适。 —指纹匹配算法的性能受到在图像获取阶段非线性变换指纹的影响。如果这个算法被用于在模糊保险箱机制中去匹配模板，保险箱的精确性会很低。对模糊保险箱机制来说，需要能提高对非线性变换指纹识别性能的模板匹配机制。 3.可行的解决方案 3.1 改进杂凑点提取方法 Juels 和 Sudan 首先提出了模糊保险箱机制，其中使用了独立细节特征的坐标作为模糊保险箱模板。杂凑点被随机生成，若其满足以下两个条件，则将其加入模板：（i）该点的 x 轴坐标与有效点和已存在的杂凑点的 x 轴坐标均不相同 VII BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME belong to these segments would have the same degree of freedom This means the proposed chaff ridge features extraction algorithm could resist against the attack in [92] To prove the ability to resist against the Chang’s attack, we carry on an experiment to analyze the degree of freedom chaff features generated by the proposed chaff generation algorithms We select 24 genuine ridge features and randomly generate 240 chaff ridge features under the prerequisite that the distance between these points is larger than or equaling to 20 During generation chaff ridge features, we generate chaff origin minutiae by using three methods (Clancy et al [33]; Khalil-Hani et al [91], and our method is presented Chapter 4) We calculate and compare conditional probabilities among existing chaff origin generation these methods Figure 6.6 shows the result It is proved that the conditional probability of our method is higher and varies less than the conditional probability of the existing methods These show that the proposed chaff ridge features have random degree of freedom regardless of their order 0.4 0.35 Conditional probability 0.3 0.25 0.2 0.15 Our proposed method Khalil-Hani’s method Clancy’s method 0.1 0.05 0 50 100 150 200 250 300 350 Free Area: f Figure 6.6: Conditional probability whereby the chaff point generation methods Additionally, Chang et al [92] shows that as the number of chaff points is increased, the amount of free area available for adding new chaff points decreases because of the minimum distance constraint Thus, when we implement the proposed ridge featuresbased fuzzy vault scheme, we restrict the number of chaff ridge features (chaff points) to approximately 10 times larger than the number of genuine ridge features (genuine points) If even more chaff points are added into the vault template, the adversaries are more easy to identify chaff points belonging to this template 6.4.4.2 Security analysis of proposed biometric cryptosystem In this section, we adopt the min-entropy method, proposed in [98] , to analyze the security of our proposed scheme This method analyzes the security of the fuzzy vault 91 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME scheme based on the complexity to reconstruct the polynomial Assuming both chaff ridge features and genuine ridge features are similarly distributed The min-entropy of the template ridge features SRFT given the vault V can be computed by Equation (2.6) in chapter 2, where r, n and s parameter are listed in Table 6-3 Table 6-3 also shows the security level measure for two different databases Table 6-3: Security level measures proposed fuzzy vault on two databases No of genuine ridge features, r Number of chaff ridge features, s Degree of encoding polynomial, n GAR (%) (FAR=0) Min-entropy of the vault (in security bits) Total number of combinations Number of evaluation FVC2002 24 240 10 86% 42 bits FVC2004 26 260 10 89% 42 bits 8.8061 x 1018 2,496,144 21.593 x 1018 7,726,160 The total number of possible combination is 8.8061 × 1018 and 21.593 × 1018 on FVC2002-DB2A and FVC2004-DB3A, respectively To decode the secret successfully, on FVC2002-DB2A needs 2,496,144 combinations, while FVC2004-DB3A needs 7,726,160 combinations The probability that a combination of ridge features decodes the secret is equivalent 2.8 × 10-13 and 3.6 × 10-13 for FVC2002-DB2A and FVC2004DB3A, respectively Based on these analyses, the security of the ridge features-based fuzzy vault is approximately 42 bits This also shows that the level security of proposed scheme on FVC2004-DB3A is better than FVC2002-DB2A based on our current implementation 6.5 SUMMARY Nonlinear distortion always appears in the common sensor when acquiring fingerprint images It degrades the performance for fingerprint authentication systems apparently To reduce the influence of nonlinear distortion on fingerprint fuzzy vault scheme, we proposed to use the ridge features of a fingerprint image to construct the vault template in this paper The ridge features are incorporated between minutiae and the topological information of the ridge obtained from the fingerprint image These ridge features are invariant to any geometric transformations of the fingerprints, thus the performance of the proposed fuzzy vault scheme is enhanced for distorted fingerprint images In addition, a generation algorithm for the chaff ridge features is proposed for the proposed 92 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME ridge feature-based fuzzy vault scheme With this algorithm, the degree of freedom of the chaff ridge features does not depend on the order of chaff features that are generated Thus, the proposed fuzzy vault scheme could resist against the Chang et al.’s attacks We evaluate our results on FVC2002-DB2A and FVC2004-DB3A databases and show that if the key size is 160-bit (i.e., polynomial degree n=10), the GAR is 89% and 75% FAR is 0% on FVC2002-DB2A and FVC2004-DB3A, respectively The vault security is measured in terms of min-entropy, which is 42 bits The experimental results show that our proposed ridge features-based fuzzy vault scheme is achieved relatively better performance and higher security when dealing with distorted fingerprint images 93 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME CONCLUSION AND FUTURE WORK Compromising template database leads to two major risks: first, it enables attackers to create spoofs from the template, which in turn enables them to access other biometric based authentication systems using the same biometric trait Second, compromised templates enable the cross-referencing among databases using the same trait without the user’s consent This thesis has explored different aspects of the fuzzy vault scheme which aims to develop several algorithms to secure the templates in fingerprint-based biometric systems To address this motivation, several solutions were presented in this research and all of them were tested using the FVC fingerprint databases compared to the existing solutions All developed systems were evaluated according to the criteria set in the literature for template protection scheme to prove the practicality, performance, security of proposed systems In this research, firstly, we proposed a new chaff point generation method for minutiae-based fingerprint fuzzy vault scheme In our method, the fingerprint image is split into the segments, called image cells, the candidate chaff points are generated randomly in an arbitrary image cell A point can be a chaff point, if it is the unique one in this image cell and the distance between this point and adjacent points is larger or equaling to a distance threshold To check the validation of a new chaff point, the proposed algorithm only needs to calculate and compare maximum eight times of Euclidean distance This leads to our algorithm with a complexity of O(n2), which is a significant improvement over the existing algorithm of the complexity of O(n3) Our experimental results show that the proposed algorithm achieves 14.84 times and 41.86 times faster than Clancy’s [33] and Khalil-Hani’s [91] algorithms in the case of generating 240 chaff points To generate the same numbers of valid chaff points, the number of required candidate points is 20.33 times and 35.89 times less than Clancy’s and KhalilHani’s algorithm Our proposed algorithm generates 11% more chaff points compared to the Khalil-Hani’s algorithm Additionally, the degree of freedom of chaff points doesnot depend on the order that they are generated for concealing genuine points; the attacker based on the degree of freedom will be hard to distinguish the chaff and genuine points The results show that our algorithm significantly reduces the computation time for producing more chaff points and ensures privacy of chaff points 94 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME Secondly, we implemented a fuzzy vault scheme using the above proposed chaff point generation algorithm Experimental results show that the ERR of the ROC turned out to be 2.4% and 1.9% for FVC2002-DB1A and FVC2002-DB2A, respectively Based on min-entropy analyses the security of our proposed fuzzy vault is approximately 34 bits which meets the typical medium security requirement Our fuzzy vault scheme could resist against the attack of Chang et al [92] In brief, our fuzzy vault scheme achieves the high accuracy and the security of fingerprint templates also is improved Specially, it performs well on processing time Thus, our fuzzy vault scheme can be applied to real-time authentication system in practice Thirdly, we proposed an improve ridge feature extraction algorithm to improve the accuracy of fingerprint matching and reduce the time of ridge feature extraction process We improved RCS proposed by Choi et al [59] and redefined the ridge features Our proposed RCS are constructed based on the orientation of original minutia with a horizontal axis, a vertical axis, and zero to many point coordinates The definition and calculation of the attributes of ridge features are also improved from [59] Based on propose RCS and the ridge lines we proposed an extraction algorithm for ridge features The data structure of the ridge features is expressed as a directed graph whose nodes are minutiae and whose edges are ridge features K-plet graph are used to store the ridge features The experimental results show that our proposed algorithm archives 1.6 times faster than Choi’s algorithm on FVC2002-DB1A, FVC2002-DB2A databases And the equal error rate (ERR) of the ROC for Choi’s one is 2.2% and it is only 1.9% for the proposed algorithm on FVC2002-DB2A database This proved that the proposed algorithm is reliable and effective for the distorted fingerprints matching Finally, we proposed and implemented a ridge feature-based fingerprint fuzzy vault scheme, which can improve the accuracy of geometric transformations of the fingerprints, and avoid the alignment procedure We used the extraction algorithm mentioned above to extract the ridge features for constructing template vault To avoid the alignment during templates matching, we adopted matching algorithm described in [59] to match the fingerprint templates A new chaff ridge feature generation technique is also proposed for our fuzzy vault scheme Thus, our fuzzy vault scheme uses simple encoding and decoding phases and improves its performance and security Experiments are carried on FVC2002 and FVC2004 databases The security level of the proposed system is evaluated based on the min-entropy analysis and the degree of freedom of 95 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME generated noise points When the key size is 160-bit (i.e., polynomial degree n=10), the genuine accept rate (GAR) is 89% and 75% at false accept rate (FAR) is 0% on FVC2002-DB2A and FVC2004-DB3A, respectively The security of the proposed fuzzy vault is approximately 42 bits The experimental results show our ridge featuresbased fuzzy vault scheme archive good performance and ensure the security of both fingerprint template and secret key A number of research lines arise from the work carried on in this thesis We consider of special interest the following ones:  The chaff and genuine ridge features in vault template spend a large storage space, looking for and developing a solution for compacting ridge features without sacrificing the accuracy and security level for fuzzy vault is issue need consider  One of direction to improve more performance of ridge features fuzzy vault is to research and design an alignment-free ridge features to fuzzy vault construction Moreover, fuzzy extractor is another cryptographic scheme which does not involve chaff points and alignment is a challenging task in applying ridge features for fuzzy extractor construction as well 96 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME ACKNOWLEDGEMENTS I would like to give a very special thanks to my supervisor, Prof Renfa Li Thanks Prof Li for giving me an opportunity to become his student and learn from him Thanks for his guidance and willingness to support me in a variety of different ways throughout the duration of my PhD study I would like to express my profound gratitude and great indebtedness to Dr Yi Wang for being the second adviser and her scientific input and support She taught me how to work and write scientifically I always got very helpful recommendations from her after discussion with her She made a lot of effort to help me enhance the thesis I would like to thank Mr Wufei Wu have helped me to translate the abstract of our thesis to Chinese language I would like also to express my gratitude to Hunan University for providing me with a convenient environment to live and study in china I must of course thank Administrators of Industrial University of Ho Chi Minh City, Viet Nam and Dean with all members of the Faculty of Information Technology have given me the opportunity to study abroad in China I would like to thank my dear parents for their great spiritual support They always show me what the essential of life is, when I am lost They give me the power to face all difficulties It was not easy to finish this thesis I am very lucky to have some many supporters, colleagues and friends to help me Thank you! Finally, I would like to thank all people for the completion of this thesis I am not able to list them all here, but thank you! 97 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME REFERENCES [1] Wayman J L., A definition of biometrics, National Biometric Test Center Collected Works, 2000, 1: 21-23 [2] Miller B., Everything you need to know about biometric identification, Personal Identification News 1988 Biometric Industry Directory, 1988 [3] Ross A., Shah J., Jain A K., From template to image: Reconstructing fingerprints from minutiae points, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2007, 29(4): 544-560 [4] Adler A., Images can be regenerated from quantized biometric match score data, in Electrical and Computer Engineering, 2004 Canadian Conference on, 2004: 469472 [5] Cappelli R., Lumini A., Maio D et al., Fingerprint image reconstruction from standard templates, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2007, 29(9): 1489-1503 [6] Ratha N K., Connell J H., Bolle R M., An analysis of minutiae matching strength, in Audio-and Video-Based Biometric Person Authentication, 2001: 223-228 [7] Jain, A K., Nandakumar, K., & Nagar, A., Biometric template security, EURASIP Journal on Advances in Signal Processing, 2008: 113 [8] Jain A K., Bolle R., Pankanti S., Biometrics: personal identification in networked society: kluwer academic publishers, 1999 [9] Adler A., Vulnerabilities in biometric encryption systems, in Audio-and VideoBased Biometric Person Authentication, 2005: 1100-1109 [10] Mordini E., Massari S., Body, biometrics and identity, Bioethics, 2008, 22(9): 488498 [11] Tuyls P., Goseling J., Capacity and examples of template-protecting biometric authentication systems, Biometric Authentication, Proceedings, 2004: 158-170 [12] Berry J., Stoney D A., The history and development of fingerprinting, Advances in fingerprint Technology, 2001, 2: 13-52 [13] National Institute of Standards and Technology (NIST) Special databases., 2013 http://www.nist.gov/srd/biomet.cfm [14] Venugopalan S., Savvides M., How to generate spoofed irises from an iris code template, Information Forensics and Security, IEEE Transactions on, 2011, 6(2): 385-395 [15] Jain A K., Kumar A., Biometric Recognition: An Overview Springer, 2012 [16] Ratha N K., Chikkerur S., Connell J H et al., Generating cancelable fingerprint templates, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2007, 29(4): 561-572 [17] Teoh A B., Ngo D C., Cancellable biometerics featuring with tokenised random number, Pattern recognition letters, 2005, 26(10): 1454-1460 [18] Teoh A B., Ling D N C., Goh A., Biohashing: two factor authentication featuring fingerprint data and tokenised random number, Pattern Recognition, 2004, 37(11): 2245-2255 [19] Teoh A B., Goh A., Ngo D C., Random multispace quantization as an analytic mechanism for biohashing of biometric and random identity inputs, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2006, 28(12): 18921901 98 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME [20] Davida G I., Frankel Y., Matt B J., On enabling secure applications through offline biometric identification, in Security and Privacy, 1998 Proceedings 1998 IEEE Symposium on, 1998: 148-157 [21] Ratha N K., Connell J H., Bolle R M., Enhancing security and privacy in biometrics-based authentication systems, IBM systems journal, 2001, 40(3): 614634 [22] Ratha N., Connell J., Bolle R M et al., Cancelable biometrics: A case study in fingerprints, in Pattern Recognition, 2006 ICPR 2006 18th International Conference on, 2006: 370-373 [23] Tulyakov S., Farooq F., Govindaraju V., Symmetric hash functions for fingerprint minutiae Springer, 2005: 30-38 [24] Ang R., Safavi-Naini R., McAven L., Cancelable key-based fingerprint templates, in Information Security and Privacy, 2005: 242-252 [25] Sutcu Y., Sencar H T., Memon N., A secure biometric authentication scheme based on robust hashing, in Proceedings of the 7th workshop on Multimedia and security, 2005: 111-116 [26] Uludag U., Pankanti S., Prabhakar S et al., Biometric cryptosystems: issues and challenges, Proceedings of the IEEE, 2004, 92(6): 948-960 [27] Cavoukian A., Stoianov A., Biometric encryption: A positive-sum technology that achieves strong authentication, security and privacy: Information and Privacy Commissioner, Ontario, 2007 [28] Vetro A., Memon N., Biometric system security, in Tutorial presented at Second International Conference on Biometrics, Seoul, South Korea, 2007 [29] Juels A., Wattenberg M., A fuzzy commitment scheme, in Proceedings of the 6th ACM conference on Computer and communications security, 1999: 28-36 [30] Juels A., Sudan M., A fuzzy vault scheme, in Information Theory, 2002 Proceedings 2002 IEEE International Symposium on, 2002: 408 [31] Tuyls P., Akkermans A H., Kevenaar T A et al., Practical biometric authentication with template protection, in Audio-and Video-Based Biometric Person Authentication, 2005: 436-446 [32] Draper S C., Khisti A., Martinian E et al., Using distributed source coding to secure fingerprint biometrics, in Acoustics, Speech and Signal Processing, 2007 ICASSP 2007 IEEE International Conference on, 2007: II-129-II-132 [33] Clancy T C., Kiyavash N., Lin D J., Secure smartcardbased fingerprint authentication, in Proceedings of the 2003 ACM SIGMM workshop on Biometrics methods and applications, 2003: 45-52 [34] Yang S., Verbauwhede I., Automatic secure fingerprint verification system based on fuzzy vault scheme, in Acoustics, Speech, and Signal Processing, 2005 Proceedings.(ICASSP'05) IEEE International Conference on, 2005: v/609-v/612 Vol [35] Chung Y., Moon D., Lee S et al., Automatic alignment of fingerprint features for fuzzy fingerprint vault, in Information Security and Cryptology, 2005: 358-369 [36] Uludag U., Jain A., Securing fingerprint template: Fuzzy vault with helper data, in Computer Vision and Pattern Recognition Workshop, 2006 CVPRW'06 Conference on, 2006: 163-163 [37] Nagar A., Chaudhury S., Biometrics based asymmetric cryptosystem design using modified fuzzy vault scheme, in Pattern Recognition, 2006 ICPR 2006 18th International Conference on, 2006: 537-540 99 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME [38] Feng Y C., Yuen P C., Protecting face biometric data on smartcard with reedsolomon code, in Computer Vision and Pattern Recognition Workshop, 2006 CVPRW'06 Conference on, 2006: 29-29 [39] Lee Y J., Bae K., Lee S J et al., Biometric key binding: Fuzzy vault based on iris images Springer, 2007: 800:808 [40] Amioy K., Ajay K., Development of a new cryptographic construct using palmprint-based fuzzy vault, EURASIP Journal on Advances in Signal Processing, 2009 [41] Freire-Santos M., Fierrez-Aguilar J., Ortega-Garcia J., Cryptographic key generation using handwritten signature, in Defense and Security Symposium, 2006: 62020N-62020N [42] Dodis Y., Reyzin L., Smith A., Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, in Advances in cryptology-Eurocrypt 2004, 2004: 523-540 [43] Dodis Y., Ostrovsky R., Reyzin L et al., Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, SIAM Journal on Computing, 2008, 38(1): 97-139 [44] Li Q., Chang E.-C., Robust, short and sensitive authentication tags using secure sketch, in Proceedings of the 8th workshop on Multimedia and security, 2006: 5661 [45] Sutcu Y., Li Q., Memon N., Protecting biometric templates with sketch: Theory and practice, Information Forensics and Security, IEEE Transactions on, 2007, 2(3): 503-512 [46] Buhan I., Doumen J., Hartel P et al., Fuzzy extractors for continuous distributions, in Proceedings of the 2nd ACM symposium on Information, computer and communications security, 2007: 353-355 [47] Arakala A., Jeffers J., Horadam K., Fuzzy extractors for minutiae-based fingerprint authentication Springer, 2007: 760-769 [48] Chang E.-C., Roy S., Robust extraction of secret bits from minutiae Springer, 2007: 750-759 [49] Zhou X., Template protection and its implementation in 3D face recognition systems, in Proc of SPIE Vol, 2007: 65390L-1 [50] Sutcu Y., Li Q., Memon N., Secure biometric templates from fingerprint-face features, in Computer Vision and Pattern Recognition, 2007 CVPR'07 IEEE Conference on, 2007: 1-6 [51] Boyen X., Dodis Y., Katz J et al., Secure remote authentication using biometric data Springer, 2005: 147-163 [52] Buhan I., Doumen J., Hartel P et al., Secure ad-hoc pairing with biometrics: SAfE, in, 2007 [53] Nagar A., Nandakumar K., Jain A K., A hybrid biometric cryptosystem for securing fingerprint minutiae templates, Pattern recognition letters, 2010, 31(8): 733-741 [54] Boult T E., Scheirer W J., Woodworth R., Revocable fingerprint biotokens: Accuracy and security analysis, in Computer Vision and Pattern Recognition, 2007 CVPR'07 IEEE Conference on, 2007: 1-8 [55] Nandakumar K., Nagar A., Jain A K., Hardening fingerprint fuzzy vault using password Springer, 2007: 927-937 [56] Song O T., Teoh A., Ngo D C L., Application-specific key release scheme from biometrics, Int J Netw Secur., 2008, 6(2): 122-128 100 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME [57] Feng Y C., Yuen P C., Jain A K., A hybrid approach for generating secure and discriminating face template, Information Forensics and Security, IEEE Transactions on, 2010, 5(1): 103-117 [58] Bakhteri R., Hani M K., Biometric encryption using fingerprint fuzzy vault for FPGA-based embedded systems, in TENCON 2009-2009 IEEE Region 10 Conference, 2009: 1-5 [59] Choi H., Choi K., Kim J., Fingerprint Matching Incorporating Ridge Features With Minutiae, Ieee Transactions on Information Forensics and Security, 2011, 6(2): 338-345 [60] Scheirer W J., Boult T E., Cracking fuzzy vaults and biometric encryption, in Biometrics Symposium, 2007, 2007: 1-6 [61] Uludag U., Pankanti S., Jain A K., Fuzzy vault for fingerprints, in Audio-and Video-Based Biometric Person Authentication, 2005: 310-319 [62] Nandakumar K., Jain A K., Pankanti S., Fingerprint-based fuzzy vault: Implementation and performance, Information Forensics and Security, IEEE Transactions on, 2007, 2(4): 744-757 [63] Li P., Yang X., Cao K et al., Security-enhanced fuzzy fingerprint vault based on minutiae’s local ridge information Springer, 2009: 930-939 [64] Li P., Yang X., Cao K et al., An alignment-free fingerprint cryptosystem based on fuzzy vault scheme, Journal of Network and Computer Applications, 2010, 33(3): 207-220 [65] Nagar A., Nandakumar K., Jain A K., Securing Fingerprint Template: Fuzzy Vault with Minutiae Descriptors, 19th International Conference on Pattern Recognition, Vols 1-6, 2008 [66] Nguyen, T H., Wang, Y., Ha, Y., & Li, R., Improved chaff point generation for vault scheme in bio-cryptosystems IET Biometrics, 2(2), 2013: 48-55 [67] Mihailescu P., The fuzzy vault for fingerprints is vulnerable to brute force attack, arXiv preprint arXiv:0708.2974, 2007 [68] Poon H T., Miria A., A Collusion Attack on the Fuzzy Vault Scheme, The ISC Int’l Journal of Information Security Bd, 2009, 1(1) [69] Wayman J., Jain A., Maltoni D et al., Biometric systems: technology, design and performance evaluation: Springer, 2005 [70] Jain A K., Ross A., Pankanti S., Biometrics: a tool for information security, Information Forensics and Security, IEEE Transactions on, 2006, 1(2): 125-143 [71] Wayman J L., Fundamentals of biometric authentication technologies, International Journal of Image and Graphics, 2001, 1(01): 93-113 [72] Maltoni D., Maio D., Jain A K et al., Handbook of Fingerprint Recognition (2nd ed.): Springer, London 2009 [73] Merkle J., Niesing M., Schwaiger M et al., Performance of the fuzzy vault for multiple fingerprints, BIOSIG LNI, 2010: 57-72 [74] Zhou R., Zhong D., Han J., Fingerprint Identification Using SIFT-Based Minutia Descriptors and Improved All Descriptor-Pair Matching, Sensors, 2013, 13(3): 3142-3156 [75] Rikin A S., Dongju L., Isshiki T et al., A fingerprint matching using minutia ridge shape for low cost match-on-card systems, IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 2005, 88(5): 1305-1312 [76] Jain A., Hong L., Bolle R., On-line fingerprint verification, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 1997, 19(4): 302-314 [77] Tong X., Liu S., Huang J et al., Local relative location error descriptor-based fingerprint minutiae matching, Pattern recognition letters, 2008, 29(3): 286-294 101 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME [78] Tico M., Kuosmanen P., Fingerprint matching using an orientation-based minutia descriptor, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2003, 25(8): 1009-1014 [79] Feng J., Combining minutiae descriptors for fingerprint matching, Pattern Recognition, 2008, 41(1): 342-352 [80] Chen X., Tian J., Yang X., A new algorithm for distorted fingerprints matching based on normalized fuzzy similarity measure, Image Processing, IEEE Transactions on, 2006, 15(3): 767-776 [81] Ratha N K., Bolle R M., Pandit V D et al., Robust fingerprint authentication using local structural similarity, in Applications of Computer Vision, 2000, Fifth IEEE Workshop on., 2000: 29-34 [82] Hrechak A K., McHugh J A., Automated fingerprint recognition using structural matching, Pattern Recognition, 1990, 23(8): 893-904 [83] Wahab A., Chin S H., Tan E C., Novel approach to automated fingerprint recognition, Vision, Image and Signal Processing, IEEE Proceedings, 1998, 145(3): 160-166 [84] Jiang X., Yau W.-Y., Fingerprint minutiae matching based on the local and global structures, in Pattern Recognition, 2000 IEEE Proceedings 15th International Conference on, 2000, 2: 1038-1041 [85] Jea T.-Y., Govindaraju V., A minutia-based partial fingerprint recognition system, Pattern Recognition, 2005, 38(10): 1672-1684 [86] Asai K., Izumisawa H., Owada K et al., Method and device for matching fingerprints with precise minutia pairs selected from coarse pairs Google Patents, 1987 [87] Maltoni D., Handbook of fingerprint recognition: Springer, 2003 [88] Lee D., Choi K., Kim J., A robust fingerprint matching algorithm using local alignment, in Pattern Recognition, 2002 IEEE Proceedings 16th International Conference on, 2002: 803-806 [89] Jeffers J., Arakala A., Minutiae-based structures for a fuzzy vault, in Biometric Consortium Conference, 2006 Biometrics Symposium: Special Session on Research at the, 2006: 1-6 [90] Li J., Yang X., Tian J et al., Topological structure-based alignment for fingerprint fuzzy vault, in Pattern Recognition, 2008 ICPR 2008 19th International Conference on, 2008: 1-4 [91] Khalil-Hani M., Bakhteri R., Securing cryptographic key with fuzzy vault based on a new chaff generation method, in High Performance Computing and Simulation (HPCS), 2010 International Conference on, 2010: 259-265 [92] Chang E.-C., Shen R., Teo F W., Finding the original point set hidden among chaff, in Proceedings of the 2006 ACM Symposium on Information, computer and communications security, 2006: 182-188 [93] Khanna R., Shen W., Automated fingerprint identification system (AFIS) benchmarking using the National Institute of Standards and Technology (NIST) Special Database 4, in Security Technology, 1994 Proceedings Institute of Electrical and Electronics Engineers 28th Annual 1994 International Carnahan Conference on, 1994: 188-194 [94] Maio D., Maltoni D., Cappelli R et al., FVC2000: fingerprint verification competition, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2002, 24(3): 402-412 [95] Fingerprint verification competition (FVC2006) 2007 http://bias.csr.unibo.it/fvc2006/ 102 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME [96] Maio D., Maltoni D., Cappelli R et al., FVC-onGoing: On-Line Evaluation of Fingerprint Recognition Algorithms https://biolab.csr.unibo.it/FvcOnGoing/UI/Form/Home.aspx [97] Maio D., Maltoni D., Cappelli R et al., FVC2002: Second Fingerprint Verification Competition, in Pattern Recognition, 2002 Proceedings 16th International Conference on, 2002: 811-814 vol.3 [98] Nandakumar K., Multibiometric systems: fusion strategies and template security: ProQuest, 2008 [99] Xinjian C., Tian J., Xin Y., A new algorithm for distorted fingerprints matching based on normalized fuzzy similarity measure, Image Processing, IEEE Transactions on, 2006, 15(3): 767-776 [100] Ratha N K., Bolle R M., Effect of controlled image acquisition on fingerprint matching, in Pattern Recognition, 1998 Proceedings Fourteenth International Conference on, 1998: 1659-1661 vol.2 [101] Dorai C., Ratha N K., Bolle R M., Detecting dynamic behavior in compressed fingerprint videos: distortion, in Computer Vision and Pattern Recognition, 2000 Proceedings IEEE Conference on, 2000: 320-326 vol.2 [102] Dorai C., Ratha N., Bolle R., Dynamic Behavior in Fingerprint Videos Springer New York, 2004 http://dx.doi.org/10.1007/0-387-21685-5_4 [103] C Gottschlich, Curved-Region-Based Ridge Frequency Estimation and Curved Gabor Filters for Fingerprint Image Enhancement, Image Processing, IEEE Transactions on, 2012, 21: 2220-2227 [104] Kovacs-Vajna Z M., A fingerprint verification system based on triangular matching and dynamic time warping, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 2000, 22(11): 1266-1276 [105] Qi J., Wang Y., A robust fingerprint matching method, Pattern Recognition, 2005, 38(10): 1665-1671 [106] Feng Y., Feng J., Chen X et al., A novel fingerprint matching scheme based on local structure compatibility, in Pattern Recognition, 2006 ICPR 2006 18th International Conference on, 2006: 374-377 [107] Luo X., Tian J., Wu Y., A minutiae matching algorithm in fingerprint verification, in Pattern Recognition, 2000 Proceedings 15th International Conference on, 2000: 833-836 [108] Bazen A M., Gerez S H., Fingerprint matching by thin-plate spline modelling of elastic deformations, Pattern Recognition, 2003, 36(8): 1859-1867 [109] Novikov S., Ushmaev O., Registration and Modeling of Elastic Deformations of Fingerprints Springer Berlin Heidelberg, 2004 http://dx.doi.org/10.1007/978-3540-25976-3_8 [110] Liang X., Asano T., A linear time algorithm for binary fingerprint image denoising using distance transform, IEICE TRANSACTIONS on Information and Systems, 2006, 89(4): 1534-1542 [111] Meenen P., Ashrafi A., Adhami R., The utilization of a Taylor series-based transformation in fingerprint verification, Pattern recognition letters, 2006, 27(14): 1606-1618 [112] Ross A., Dass S., Jain A., A deformable model for fingerprint matching, Pattern Recognition, 2005, 38(1): 95-103 [113] Kwon D., Yun I D., Lee S.-U., A Robust Warping Method for Fingerprint Matching, in Computer Vision and Pattern Recognition, 2007 CVPR '07 IEEE Conference on, 2007: 1-6 103 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME [114] Cappelli R., Maio D., Maltoni D., Modelling Plastic Distortion in Fingerprint Images Springer Berlin Heidelberg, 2001 http://dx.doi.org/10.1007/3-540-447326_38 [115] Senior A., Bolle R., Improved Fingerprint Matching by Distortion Removal, IEICE Transaction on Information and Systems, 2001, 84(7): 825-831 [116] Watson C I., Grother P J., Casasent D P., Distortion-tolerant filter for elasticdistorted fingerprint matching, 2000166-174 [117] Chikkerur, S., Cartwright, A N., Govindaraju, V., K-plet and coupled BFS: a graph based fingerprint representation and matching algorithm In Advances in Biometrics, Springer Berlin Heidelberg, 2005: 309-315 [118] Maio D., Maltoni D., Direct gray-scale minutiae detection in fingerprints, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 1997, 19(1): 2740 [119] Hong L., Yifei W., Jain A., Fingerprint image enhancement: algorithm and performance evaluation, Pattern Analysis and Machine Intelligence, IEEE Transactions on, 1998, 20(8): 777-789 [120] Zhao F., Tang X., Preprocessing and postprocessing for skeleton-based fingerprint minutiae extraction, Pattern Recognition, 2007, 40(4): 1270-1281 [121] Ghosh S., Bhowmick P., Extraction of smooth and thin ridgelines from fingerprint images using geometric prediction, in Advances in Pattern Recognition, 2009 ICAPR'09 Seventh International Conference on, 2009: 345-348 [122] Chang Y.-J., Zhang W., Chen T., Biometrics-based cryptographic key generation, in Multimedia and Expo, 2004 ICME'04 2004 IEEE International Conference on, 2004: 2203-2206 [123] Lee Y J., Park K R., Lee S J et al., A new method for generating an invariant iris private key based on the fuzzy vault system, Systems, Man, and Cybernetics, Part B: Cybernetics, IEEE Transactions on, 2008, 38(5): 1302-1313 [124] Meenakshi V., Padmavathi G., Retina and Iris Based Multimodal Biometric Fuzzy Vault, IJCSIS International Journal of CSIS, 2010, 7(2) [125] Wang Y., Plataniotis K., Fuzzy vault for face based cryptographic key generation, in Biometrics Symposium, 2007, 2007: 1-6 [126] Frassen T., Zhou X., Busch C., Fuzzy vault for 3D face recognition systems, in Intelligent Information Hiding and Multimedia Signal Processing, 2008 IIHMSP'08 International Conference on, 2008: 1069-1074 [127] Fingerprint verification competition (FVC2000) http://bias.csr.unibo.it/fvc2000/databases.asp [128] Fingerprint verification competition (FVC2004) http://bias.csr.unibo.it/fvc2004/databases.asp 104 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME LIST OF PUBICATIONS Nguyen, Thi Hanh; Wang, Yi; Ha, Yajun; Li, Renfa: 'Improved chaff point generation for vault scheme in bio-cryptosystems', IET Biometrics, 2(2), 48-55 Nguyen, Thi Hanh; Wang, Yi; Nguyen, Trung Nhan; Li, Renfa: ‘A Fingerprint Fuzzy Vault Scheme Using A Fast Chaff Point Generation Algorithm’, In Signal Processing, Communication and Computing (ICSPCC), 2013 IEEE International Conference on (pp 16) IEEE Nguyen, Thi Hanh; Wang, Yi; Li, Renfa: ‘An improved ridge features extraction algorithm for distorted fingerprints matching’, Journal of Information Security and Applications (2013) (Accepted- In press) Nguyen, Thi Hanh; Wang, Yi; Li, Renfa: ‘A Novel Fuzzy Vault Scheme Based on Ridge Features with Minutiae’, IEEE Transactions On Information Forensics And Security (Under Review) 105 ... into vault template the higher security will be achieved 14 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT FUZZY VAULT SCHEME In this chapter a number of possible attacks on fuzzy vault schemes... of the fuzzy vault scheme because of its random noise features Figure 2.1(a) shows the encoding process of a fingerprint -based fuzzy vault scheme 16 BIOMETRIC TEMPLATE PROTECTION BASED ON THE FINGERPRINT. .. fingerprint -based fuzzy vault for protecting fingerprint templates Their construction uses only the location information of the minutiae They bound the private key with fingerprint information