Security analysis of key binding biometric cryptosystems

  • Authors:

  • Maryam Lafkih;Mounia Mikram;Sanaa Ghouzali;Mohamed El Haziti

  • Affiliations:

  • LRIT, Faculty of Sciences, Mohammed V University, Rabat, Morocco;LRIT, Faculty of Sciences, Mohammed V University, Rabat, Morocco, The School of Information Sciences, Rabat, Morocco;LRIT, Faculty of Sciences, Mohammed V University, Rabat, Morocco, College of Computer and Information Sciences, King Saud University, Riyadh, Saudi Arabia;Higher School of Technology, Sale, Morocco

  • Venue:
  • ICISP'12 Proceedings of the 5th international conference on Image and Signal Processing
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

The use of biometric systems is becoming an important solution to replace traditional authentication. However, biometric systems are vulnerable to attacks. When biometric data is compromised, unlike a password, it can't be changed. Therefore, the security of biometrics models is essential in designing an authentication system. To achieve this protection of biometric models, two categories of approaches are proposed in the literature, namely, methods based on transformation of characteristics and biometric cryptosystems. For the first type of approaches, a study is made to assess the security of biometric systems. In biometric cryptosystems the realized works are hampered by the lack of formal security analysis. Hence the purpose of this paper is to propose standard criteria for a formal security analysis of biometric cryptosystems. The proposed measures take into account the specific effect of key binding cryptosystems. The security analysis is illustrated by experiments on the techniques of Fuzzy Commitment and Fuzzy Vault which we use in this work for the protection of biometric face recognition system. Our analysis indicates that both techniques are vulnerable to intrusion and binding attacks because of the ease of obtaining the user's model using the elements known to the attacker.