Foundations and Trends® in Communications and Information Theory > Vol 7 > Issue 2–3

Biometric Security from an Information-Theoretical Perspective

By Tanya Ignatenko, Eindhoven University of Technology, The Netherlands, t.ignatenko@ieee.org | Frans M.J. Willems, Eindhoven University of Technology, The Netherlands, f.m.j.willems@tue.nl

 
Suggested Citation
Tanya Ignatenko and Frans M.J. Willems (2012), "Biometric Security from an Information-Theoretical Perspective", Foundations and Trends® in Communications and Information Theory: Vol. 7: No. 2–3, pp 135-316. http://dx.doi.org/10.1561/0100000051

Publication Date: 15 Feb 2012
© 2012 T. Ignatenko and F. M. J. Willems
 
Subjects
Cryptology and data security,  Security
 

Free Preview:

Download extract

Share

Download article
In this article:
1 Introduction 
2 Secret Sharing and Biometric Systems 
3 Biometric Authentication. Discrete Biometric Sources 
4 Biometric Authentication. Gaussian Biometric Sources 
5 Biometric Identification 
6 Practical Constructions. Fuzzy Commitment and Its Properties 
7 From Gaussian to Binary: Quantization Effects. Case Study for Fuzzy Commitment 
8 Conclusions and Future Directions 
Glossary 
A Some Results of Information Theory 
B Proof of the Results from Section 3 
C Proof of the Results from Section 4 
D Proof of the Results from Section 5 
E Proof of the Results from Section 6 
Acknowledgments 
References 

Abstract

In this review, biometric systems are studied from an information theoretical point of view. In the first part biometric authentication systems are studied. The objective of these systems is, observing correlated enrollment and authentication biometric sequences, to generate or convey as large as possible secret keys by interchanging a public message, while minimizing privacy leakage. Here privacy leakage is defined as the amount of information that this public message contains about the biometric enrollment sequence. In this setting also the secrecy leakage, that is, the amount of information the public message leaks about the secret key, should be negligible. Next identification biometric systems are investigated. These systems should be able to identify as many individuals as possible while being able to assign as large as possible secret keys to each individual and again minimize the privacy leakage. To realize these systems public reference data are stored in the database. Leakage is defined with respect to these reference data. For all these biometric systems fundamental limits are determined in the current work. Finally, a popular practical construction for biometric systems, fuzzy commitment, is analyzed with respect to both its theoretical performance and performance related to the code choice.

DOI:10.1561/0100000051
ISBN: 978-1-60198-522-4
192 pp. $99.00
Buy book (pb)
 
ISBN: 978-1-60198-523-1
192 pp. $220.00
Buy E-book (.pdf)
Table of contents:
1 Introduction
2 Secret Sharing and Biometric Systems
3 Biometric Authentication: Discrete Biometric Sources
4 Biometric Authentication: Gaussian Biometric Sources
5 Biometric Identification
6 Practical Constructions: Fuzzy Commitment and Its Properties
7 From Gaussian to Binary: Quantization Effects and Coding for Fuzzy Commitment
8 Conclusions and Future Directions
References

Biometric Security from an Information-Theoretical Perspective

The issue of biometric security has become a major research area recently. While systems based on iris-recognition, DNA analysis and fingerprinting are being deployed there are instances where these alone cannot provide fool-proof security. Biometric Security from an Information-Theoretical Perspective provides an overview of the state-of-the-art of biometric security systems. Using information theoretic techniques it discusses some of the most promising methods to provide practical, but safe systems.

Biometric Security from an Information-Theoretical Perspective studies a number of problems related to the design of biometric secrecy systems for both authentication and identification. First, it reviews the problem of secret sharing in order to set theoretical grounds for the subsequent discussion of secret-key rates and privacy leakage in biometric secrecy systems. Biometric authentication systems are discussed in depth using discrete and Gaussian biometric sources, before describing biometric identification techniques in detail. Since biometric data are typically used for both identification and authentication purposes, the trade-off between identification, secret-key and privacy-leakage rates are determined. Finally, practical considerations are treated. The realization of binary biometric authentication systems with chosen secret keys, called fuzzy commitment, is analyzed. It concludes by investigating how binary quantization of biometric sequences influences the performance of biometric secrecy systems with respect to secret-key rates and privacy leakage.

Biometric Security from an Information-Theoretical Perspective is an in-depth review of the topic which gives the reader an excellent starting point for further research.

 
CIT-051