a symmetric bio-hash function based on fingerprint ...

5 downloads 21512 Views 114KB Size Report
fingerprint, then using the systematic bio hash function to compute the digital digest ... adding extra chaff points and securing biometric template by a standard 128-bit .... efficient symmetric hash function and public key digital signature scheme.
A SYMMETRIC BIO-HASH FUNCTION BASED ON FINGERPRINT MINUTIAE AND PRINCIPAL CURVES APPROACH

KAREEM KAMAL A.GHANY Computer Sciences and Information Dept. ISSR, Cairo University, Cairo, Egypt [email protected]

MAHMOOD A.MONEIM CS and Information Dept. ISSR, Cairo University, Cairo, Egypt [email protected]

ABOUL ELLA HASSANIEN Information Technology Dept. Cairo University, Cairo, Egypt [email protected]

NEVEEN I. GHALI Faculty of Science Al-Azhar University Cairo, Egypt [email protected]

HESHAM A. HEFNY Computer Sciences and Information Dept. ISSR, Cairo University [email protected]

ABSTRACT

In this paper, a fingerprint-based biometric is used and protected by a computationally efficient symmetric bio hash function and generate a digest. The extracted minutiae points from a fingerprint are represented by a fixed length code vector, called bio- minutiae fingerprint code and does not assume a pre-alignment between the test and the stored fingerprint templates. The principal curves algorithm were used to extract the minutiae points from the fingerprint, then using the systematic bio hash function to compute the digital digest. The fingerprint transformation, rotation and the error rate in case of changing the position of the fingerprint has been computed and evaluated. KEY WORDS

Biometrics; Fingerprints; Hashing; Security

1. INTRODUCTION

With fast evolution of wire and wireless networks, the need of protecting user sensitive information and performing secure user and data authentication remotely become evermore increasing. For example, in healthcare industry, medical images are stored in picture archiving and transmitting between hospitals and exchanging the patients’ data such as images and diagnostic reports between physicians via networks, cause complicated network protocol, image compression and security problems. These medical images are stored in picture archiving and communication systems that are accessed over the public network by radiologists for diagnosis. Biometrics such as a subject’s voice, fingerprint, or iris has the potential to identify individuals with a high degree of assurance, thus providing a foundation for trust. Among all biometric security systems, fingerprint-based systems are definitely the most popular. A fingerprint is the pattern of interleaving ridges and furrows on the surface of a fingertip, where ridges refer to a raised portion of the epidermis and furrows refer to valleys between ridges. Ridges in a fingerprint are highly structured, and its whole configuration is determined in a fetal period and remains unchanged in one’s lifetime. In the identification and verification process, current matching algorithms are almost exclusively based on critical fingerprint features such as

minutiae and singular points. Therefore, how to extract accurate minutiae and singular point from the template and query image is becoming a crucial problem. Also in bio-cryptography, extracting accurate fingerprint features is a major challenge due to the uncertainty introduced at each impression. In most fingerprint verification systems, the query fingerprint images may be rotated, translated or scaled with respect to the template images. Therefore, registration algorithms are needed to address this problem. Registration algorithms based on singular points tend to use singular point as the reference point to establish a relative rotation and transformation relationship between two fingerprint images[4]. Some work has been done recently, for example, Juels and Sudan [14] proposed a fuzzy vault scheme which embeds a secret S in a fuzzy vault with a dataset A. In order to extract the secret, one needs to present another set B to decrypt the vault V. Kuan et al. [9] proposed a method for extracting keys from dynamic signatures. The application of fuzzy vault to fingerprint identification can be found in Clancy et al. [10] approach. The algorithm used the assumption that fingerprints are aligned, and the selected minutiae had similar coordinates. Uludag and Jain [11] proposed a fuzzy vault scheme by adding extra chaff points and securing biometric template by a standard 128-bit AES algorithm. The rest of this paper is organized as follows: Section 2 reviews different types of threats that attack a biometric system and the hash function. Section 3 discusses the proposed system in detalis. Section 4 introduces the experimental results. Finally, section 5 presents the conclusion and future work. 2. PRELIMINARIES

2.1 THREATS THAT ATTACK A BIOMETRIC SYSTEM

Even if a biometric intelligent system can deal with user security, it is also faced with different types of threats as follows [1, 2]. The first type is Circumvention when an intruder may gain access to the system protected by biometrics and peruse sensitive data. The Repudiation when a legitimate user may access the facilities offered by an application and then claim that an intruder had circumvented the system. Covert acquisition occurs when an intruder may surreptitiously obtain the raw biometric data of a user to access the system. Also Collusion appears when an individual with wide super-user privileges (such as an administrator) may deliberately modify system parameters to permit incursions by an intruder. Ratha et al. in [3] identified different levels of attacks that can be launched against any biometric system: (1) illegally intercepted data may be resubmitted to the system, (2) a fake biometric trait such as an artificial finger may be presented at the sensor, (3) the feature extractor may be replaced by a Trojan horse program that produces pre-determined feature sets, (4) legitimate feature sets may be replaced with synthetic feature sets, (5) the matcher may be replaced by a Trojan horse program that always outputs high scores thereby defying system security, (6) the templates stored in the database may be modified or removed, or new templates may be introduced in the database, (7) the data in the communication channel between various modules of the system may be altered, and (8) the final decision.

2.2. BIO HASH FUNCTION

A hash function is a one-way transformation that takes an arbitrary input and returns a fixed-size string, called the hash value or message digest.[12]. Because of great surge in biometrics and their ability to differentiate a single person from others, many real-life systems have adopted them to solve the authentication and verification problems. However, a slight change in the biometric data (missing information, noise or a change in the order of the input) or in the acquisition of the biometric may cause a significant change in the hash value, this is due to the inherent uncertainty of retrieved biometric features. Therefore, the bio-hashing system must adhere to the following properties: (a) Similar fingerprints should have similar hash values, (b) Different fingerprints should not have similar hashes, (c) Rotation and translation of the original template should not have a big impact on hash values, (d) Partial fingerprints (with missing core and delta) should be matched if sufficient minutiae are present. Therefore, a certain class of hash functions can be formulated that are invariant to the order in which the input pattern is presented to the hash function. Such hash functions are known as symmetric hash or bio-hash functions. A certain class of hash functions can, however, be formulated that are invariant to the order in which the input pattern is presented to the hash function. 3. PROPOSED SYMMETRIC BIO-HASH FUNCTION APPROACH

The proposed approshed composed of three phases: (1) Finger print preprocessing, (2) fingerprint minutae extraction and (3) Hash value generation phase. Figure (1) shows the overall architecture of the proposed approach. These three phases are elaborated in the following subsections.

Fig.1 Proposed Symmetric Bio-Hash function approach 3.1 FINGERPRINT PRE-PROCESSING PHASE

The quality of the fingerprint ridge structure is very important as they possess the necessary information for the extraction of minutiae points.Ideally the ridges and valleys should alternate with a clear demarcation and flow in a locally constant direction. Due to an umber of factors, the obtained fingerprints may not

have well defined ridge/valley structures and might contain a lot of disturbance in the image. So the fingerprint image is first enhanced before further process including the minutae extraction [13 ]. 3.2 PRINCIPAL CURVES APPROACH

Fingerprint image is regarded as a collection of curves instead of a set of pixels. In fingerprint recognition and matching, an algorithm is needed to get the skeleton of a fingerprint, which includes a set of curves. In this paper we adapt the well known algorithm called the principal curve to generate the skeleton. The smooth curve is a principal curve [5, 7] if and only if satisfy the following properties: It does not intersect itself, it should self-consistent and it has finite length inside any bounded subset of the area. More details can be found in [7]. Algorithm (1) shows the technical steps.

Algorithm 1: Extract fingerprint minutiae from principal curves for i = 1 to n Get Graph Gvs , where V = {v1, v2, … , vn}is a set of vertices , S = {(vi1, vj1), … , (vik, vjk)} = {Si1j1, … , Sikjk} is a set of edges. Minimizes a penalized distance function E(G) = ∆(G) + λP(G) Restructuring the graph by removing short branches and short loops. end for if a single point is found in one data set then It is regarded as an ending of a simple ridge. else in three data sets then It is regarded as an ending of a ridge bifurcation. Filter the ridge endings and ridge bifurcations obtained in the extraction step. end if 3.3 A SYMMETRIC BIO-HASH FUNCTION The symmetric hash function [6] is applied for biometric minutiae to generate the digest value. It uses the Linear Least Square (LLS) to compute the rotation, translation, and the error rate. The Euclidean distance between minutiae points with a selected reference point for both the normal and transformed minutiae were first used. The three parameters are computing using the following Equations:

t = ∑i

x i2 ∑ y i − i

n ∑ x i2

∑ x∑ − (∑ x )



xi yi −

i

n∑ x i

E=

∑ (y i

2

i

∑ x ∑ y , i=1,2,….,n. − (∑ x ) i

i

2 i

(1)

i

i

r=

x i y i , i=1,2,….,n.

i

i

i

(2)

2

i

i

i

− ( t + rx i )) 2 , i=1,2,….,n

(3)

The detailed algorithm is shown in Algorithm (2). Algorithm 2: Apply a symmetric hash function by Linear Least Squares Input: The Euclidean distance between minutiae points with a selected reference point for both the normal and transformed minutiae. Output: The transformation (t), The rotation (r), Error rate (E) 1.For i = 1 to n h′1 = rh1+t , where: (h) is for normal distance, (h’) is for transformed distance, Xi=sum(hi), Yi=sum(hi’) Endfor 2. For i=1 to n Compute t using Equation (1) Compute r using Equation (2) Compute E using Equation (3) Endfor.

4. EXPERIMENTAL RESULTS

Figure (2) illustrates the results of the pre-processing and minutiae points genration.

(a) Orignal fingerprint (b) Enhanced image (c) minutiae points Fig.2 Fingerprint enhanced and minutiae generated The transformation (t), the rotation (r), and the error (E) for the minutiae points are calculated for the same fingerprint with different positions using algorithm 2. Table 1 shows an example of the output of our algorithm. We assume that for any two fingerprints extracted from one finger they will be different in the transformation and rotation. So the set of minutia points of one fingerprint image can be obtained from the set of minutia points of another fingerprint image by scaling and rotating. Tab.1 Example of our results R

t

E

0.5033

9.9200e+013

9.3417e+017

0.6528

-0.4399

0.0136

1.4714

1.4223

0.2376

From table (1) we observe that when the distance between the points is lager, the error is large. 5. CONCLUSION AND FUTURE WORK

In this paper principal curves approach is used for the extraction of the minutiae points. The extracted minutiae points from a fingerprint are represented by a fixed length code vector, called bio- minutiae fingerprint code and does not assume a pre-alignment between the test and the stored fingerprint templates. The symmetric bio-hash function was applied for securing fingerprint template. In future work we will try to automatically select a reference point from the fingerprint and fingerprint biometric will protected by a computationally efficient symmetric hash function and public key digital signature scheme. Then, the generated bio-digital signature will be embeded into the medical images using the particular swarm optimization algorithm. REFERENCES [1] D. Maltoni, D. Maio, A. K. Jain, and S. Prabhakar, Handbook of Fingerprint Recognition. Springer-Verlag, 2003 [2] U. Uludag and A. K. Jain, “Attacks on biometric systems: a case study in fingerprints,” in Proc. SPIE, Security, Seganography and Watermarking of Multimedia Contents VI, vol. 5306, pp. 622–633, 2004. [3] N. Ratha, J. H. Connell, and R. M. Bolle, “An analysis of minutiae matching strength,” in Proc. Audio and Video-based Biometric Person Authentication (AVBPA), pp. 223–228, (Halmstad, Sweden), 2001. [4] A. Adler, “Images can be regenerated from quantized biometric match score data,” Proceeding of Canadian conference of Electrical and Computer Engineering, pp. 469-472, 2004 [5] D.milao. Q. Tang, and W. Fu, “Fingerprint minutiae extraction based on principal curves,” Pattern Recognition Letters, Vol.28, Issue 16, pp. 2184-2189, 2007. [6] S. Tulyakov, F. Farook, P. Mansukhani, and V. Govindaraju “Symmetric hash functions for secure fingerprint biometric systems,” Pattern Recognition Letters Vol. 28, pp. 2427–2436, 2007. [7] J. Zhang and J. Wang, “An overview of principal curves”, Chinese J. Comput.Vol. 26, Issue 2, pp. 129–146, 2003. [8] Y. Kuan, A. Goh, D. Ngo, and A. Teoh, “Cryptographic keys from dynamic hand-signatures with biometric secrecy preservation and replaceability”, in: Proc. IEEE Workshop on Automatic Identification Advanced Technologies, pp. 27–32, 2005. [9] T. Clancy, D. Lin, and N. Kiyavash, “Secure smartcard-based fingerprint authentication”, in: Proc. ACM Workshop on Biometric Methods and Applications, pp. 45-52, 2003. [10] U. Uludag, S. Pankanthi, and A. Jain, “Fuzzy vault for fingerprints”, in: Proc. Of the 5th International Conference on Audio and Video-based Biometric Person Authentication, pp. 310–319, 2005. [11] A. Juels and M. Sudan. “A Fuzzy Vault Scheme”, IEEE International Symposium on Information Theory, pp. 408-426, 2002. [12] M. R. Reyhanitabar, W. Susilo, and Y. Mu, “Enhanced Security Notions for Dedicated-Key Hash Functions: Definitions and Relationships,” in: Proc 17th International Workshop on Fast Software Encryption, vol. 6147, pp. 192–211, Springer 2010. [13] Lamiaa Elbakrawy, Neveen Ghali, Aboul Ella Hassanien James Petter, “Strict Authentication of Multimodal Biometric Images Using Near Sets”, in: Proc. 15th Online World Conference on Soft Computing in Industrial Applications, Springer in "Advances In Intelligent and Soft Computing, pp. 249-258, 2011.