Secure Chaff-less Fuzzy Vault for Face Identification Systems

Biometric cryptosystems such as fuzzy vaults represent one of the most popular approaches for secret and biometric template protection. However, they are solely designed for biometric verification, where the user is required to input both identity credentials and biometrics. Several practical questions related to the implementation of biometric cryptosystems remain open, especially in regard to biometric template protection. In this article, we propose a face cryptosystem for identification (FCI) in which only biometric input is needed. Our FCI is composed of a one-to-N search subsystem for template protection and a one-to-one match chaff-less fuzzy vault (CFV) subsystem for secret protection. The first subsystem stores N facial features, which are protected by index-of-maximum (IoM) hashing, enhanced by a fusion module for search accuracy. When a face image of the user is presented, the subsystem returns the top k matching scores and activates the corresponding vaults in the CFV subsystem. Then, one-to-one matching is applied to the k vaults based on the probe face, and the identifier or secret associated with the user is retrieved from the correct matched vault. We demonstrate that coupling between the IoM hashing and the CFV resolves several practical issues related to fuzzy vault schemes. The FCI system is evaluated on three large-scale public unconstrained face datasets (LFW, VGG2, and IJB-C) in terms of its accuracy, computation cost, template protection criteria, and security.

Significance of the Transition to Biometric Template Protection: Explore the Future

The IT security paradigm evolves from secret-based to biometric identity-based. Biometric identification has gradually become more popular in recent years for handheld devices. Privacy-preserving is a key concern when biometrics is used in authentication systems in the present world today. Nowadays, the declaration of biometric traits has been imposed not only by the government but also by many private entities. There are no proper mechanisms and assurance that biometric traits will be kept safe by such entities. The encryption of biometric traits to avoid privacy attacks is a giant problem. Hence, state-of-the-art safety and security technological solutions must be devised to prevent the loss and misuse of such biometric traits. In this paper, we have identified different cancelable biometrics methods with the possible attacks on the biometric traits and directions on possible countermeasures in order to design a secure and privacy-preserving biometric authentication system. We also proposed a highly secure method for cancelable biometrics using a non-invertible function based on Discrete Cosine Transformation and Index of max hashing. We tested and evaluated the proposed novel method on a standard dataset and achieved good results.