With the increasing use of biometrics, more and more concerns are being raised about the privacy of the personal biometric data. Conventional biometric systems store biometric templates in a database. This may lead to the possibility of tracking personal information stored in one database by getting access to another database through cross-database matching. Moreover, biometric data are permanently associated with the user. Hence if stolen, they are lost permanently and become unusable in that system and possibly in all other systems based on that biometrics. In order to overcome this non-revocability of biometrics, we propose a two factor scheme to generate cancelable iris templates using iris-biometric and password. We employ a user specific shuffling key to shuffle the iris codes. Additionally, we introduce a novel way to use Error Correcting Codes (ECC) to reduce the variabilities in biometric data. The shuffling scheme increases the impostor Hamming distance leaving genuine Hamming distance intact while the ECC reduce the Hamming distance for genuine comparisons by a larger amount than for the impostor comparisons. This results in better separation between genuine and impostor users which improves the verification performance. The shuffling key is protected by a password which makes the system truly revocable. The biometric data is stored in a protected form which protects the privacy. The proposed scheme reduces the Equal Error Rate (EER) of the system by more than 90% (e.g., from 1.70% to 0.057% on the NIST-ICE database).
Biometrics lack revocability and privacy while cryptography cannot detect the user's identity. By obtaining cryptographic keys using biometrics, one can achieve the properties such as revocability, assurance about user's identity, and privacy. In this paper, we propose a multi-biometric based cryptographic key regeneration scheme. Since left and right irises of a person are uncorrelated, we treat them as two independent biometrics and combine in our system. We propose a novel idea for feature level fusion through weighted error correction to obtain a multi-biometric feature vector which is used to get a secure template. A shuffling key which is protected by a password is used to shuffle the error correcting codes data. The password helps improve revocability, privacy, and security of the system. We succeed to generate 147-bit long keys with as much entropy at 0% FAR and 0.18% FRR on the NIST-ICE database.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.