280 likes | 398 Views
Biometric Verification Schemes for Gaussian Data. V. Balakirsky and A.J. Han Vinck ISITA October 2010, Taichun, Taiwan University Duisburg-Essen. Biometrics used as a key/password . I am Han, can I come in?. - verify claimed identity with stored information problems :
E N D
Biometric Verification Schemes for Gaussian Data V. Balakirsky and A.J. Han Vinck ISITA October 2010, Taichun, Taiwan University Duisburg-Essen
Biometrics used as a key/password I am Han, can I come in? • - verify claimed identity with stored information • problems: • Errors: false rejection (FRR)/ false acceptance (FAR) • Leakage: privacy / information about bio from Data Base • Attacks: generation of fake system inputs (wolves) A.J. Han Vinck 2
content • Gaussian assumptions of the biometric data • to go to binary gives loss • Verification algorithm • Data compression for privacy reasons • Attacks
Introduction to the problemsituation where verifier has to make the accept decision Enrolment channel W(x|z), σ2 verifier x W Acc Rej= false rejection z W‘ y Verificationchannel W‘(y|z), ρ2 Enrolment channel and verification channel can be different - more measurements and different sensors
Introduction to the problemsituation where verifier has to make the reject decision Enrolment channel W(x|z), σ2 verifier x W Rej Acc= false acceptance z z‘ y W‘ Another user with the same probability distribution
Create an input („wolf“) and verifysituation where verifier has to make the reject decision Enrolment channel W(x|z), σ2 verifier x W Rej Acc= false acceptance z 0 y W‘
Create a direct input („wolf“)situation where verifier has to make the reject decision Enrolment channel W(x|z), σ2 verifier x W Rej Acc= false acceptance z y „wolf“ A sequence of direct inputs
PDF‘s for the model x W z W‘ y Enrolment channel and verification channel can be different - more measurements and different sensors
Example of the PDFs V(y|x) σ2 x z μ2 y ρ2 Decision region False Reject y - x‘i + Note: the expected value of yi under the „acc“ hypothesis differs from xi
FAR, another user σ2 Decision region x z μ2 y z‘ ρ2 ФFAR(y i) y - x‘i + 10
FAR, input 0 vector („wolf“ 1) σ2 Decision region x z μ2 y 0 ρ2 ФFAR(y i) y - x‘i +
input 0 vector directly („wolf“ 2) σ2 2δ x z μ2 y 0 y x-i x‘i x+i Probability that „wolf“ inside decision region Assume input: 0 condition: x-i < 0 => xi < + δ ( μ 2 + σ2)/ μ 2 x+i > 0 => xi > - δ ( μ 2 + σ2)/μ 2 Therefore: FAR(„wolf“)=
Summary so FAR σ2 x z μ2 y z‘ other user ρ2 σ2 x z μ2 y 0 wolf-1 ρ2 σ2 x μ2 z y 0 wolf-2
Change strategy to improve privacystore only average of n components System: G(n1, 0, σ2) enrolment G(z, 0, μ2) z + n1 Aaron Wyner verification z + n2 G(n2, 0, ρ2) G(n1, 0, σ2) G(z, 0, μ2) ∑ verification ∑ G(n2, 0, ρ2)
Change strategy to improve privacystore only average of n components System: enrolment verification G(n1, 0, σ2) G(z, 0, μ2) ∑ verification ∑ G(n2, 0, ρ2) 15
Transformation of the dependencyfrom x => y to a => b (T blocks of length n) verifier a = pw(x) Rej Acc= false acceptance b =pw(y) Transformation of dependency
consequence • Same FAR - FRR if we change decision region from • but high privacy due to compression • Processing T blocks: • Accept: # of accepts > # of rejects • Otherwise Reject • Result: • improvement by looking at Euclidean distance 17
Gaussian Fuzzy Commitmentmasking the bio at enrollmentent R C Code word (n,k) code DCT Stored at enrollment G(n1, 0, σ2) c G(z, 0, μ2) c + n1 +z - observable by attacker z + n2 at verification G(n2, 0, ρ2) 18
Gaussian Fuzzy CommitmentEquivalent wiretappresentation Enrol - verify = decode R (c + n1 +z) - (z + n2)= c + n1 - n2 C decode c c + n1 - n2 DCT c Joint decoding c + n1 +z wiretap Encode given z There is an exchange between security and privacy 19
conclusions • We presented a direct verification scheme for Gaussian data • To improve privacy (hiding): • we store a compressed biometric (average) • Same performance, but high expected privacy • Relation with „wire tapper“ • => Juels-Wattenberg fuzzy commitment scheme • => Exchange between privacy and security • Processing T blocks of length n improves performance
FAR, another user σ2 x z decision region μ2 y 0 ρ2 ФFAR(b i) y a-i a‘i a+i
LOW PRIVACY => Transformation into a password Enrolment channel W(x|z), σ2 verifier a = pw(x) x pw W 1 Rej Acc= false acceptance n z b =pw(y) W‘ y pw Verificationchannel W‘(y|z), ρ2 Enrolment channel and verification channel can be different - more measurements and different sensors
Transformation into a passwordFAR for another user Enrolment channel W(x|z), σ2 verifier a = pw(x) x pw W 1 Rej Acc= false acceptance n z b =pw(y) z‘ y pw W‘ Enrolment channel and verification channel can be different - more measurements and different sensors
Wolf 1 Enrolment channel W(x|z), σ2 verifier a = pw(x) x pw W 1 Rej Acc= false acceptance n z b =pw(y) 0 pw A sequence of direct inputs 24
„wolf“ 2 Enrolment channel W(x|z), σ2 verifier a = pw(x) x pw W 1 Rej Acc= false acceptance n z y A sequence of direct inputs
Example of the PDFs V(b|a) σ2 x μ2 z acceptance region y ρ2 y a-i a‘i a+i
wolf 1 σ2 x z decision region μ2 y 0 ρ2 ФFAR(b i) y a-i a‘i a+i
wolf 2 σ2 x z decision region μ2 y 0 y a-i a‘i a+i