Quantifying privacy and security of biometric fuzzy commitment

Xuebing Zhou; Arjan Kuijper; Raymond N.J. Veldhuis; Christoph Busch

doi:10.1109/IJCB.2011.6117543

Quantifying privacy and security of biometric fuzzy commitment

Xuebing Zhou, Arjan Kuijper, Raymond N.J. Veldhuis, Christoph Busch

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

29 Citations (Scopus)

63 Downloads (Pure)

Abstract

Fuzzy commitment is an efficient template protection algorithm that can improve security and safeguard privacy of biometrics. Existing theoretical security analysis has proved that although privacy leakage is unavoidable, perfect security from information-theoretical points of view is possible when bits extracted from biometric features are uniformly and independently distributed. Unfortunately, this strict condition is difficult to fulfill in practice. In many applications, dependency of binary features is ignored and security is thus suspected to be highly overestimated. This paper gives a comprehensive analysis on security and privacy of fuzzy commitment regarding empirical evaluation. The criteria representing requirements in practical applications are investigated and measured quantitatively in an existing protection system for 3D face recognition. The evaluation results show that a very significant reduction of security and enlargement of privacy leakage occur due to the dependency of biometric features. This work shows that in practice, one has to explicitly measure the security and privacy instead of trusting results under non-realistic assumptions.

Original language	English
Title of host publication	2011 International Joint Conference on Biometrics (IJCB 2011)
Subtitle of host publication	Washington, DC, USA, 11-13 October 2011
Place of Publication	Piscataway, NJ
Publisher	IEEE Computer Society
Pages	1-8
Number of pages	8
ISBN (Print)	978-1-4577-1359-0
DOIs	https://doi.org/10.1109/IJCB.2011.6117543
Publication status	Published - 11 Oct 2011
Event	2011 IEEE International Joint Conference on Biometrics, IJCB 2011 - Doubletree Hotel Crystal City, Washington, United States Duration: 11 Oct 2011 → 13 Oct 2011

Conference

Conference	2011 IEEE International Joint Conference on Biometrics, IJCB 2011
Abbreviated title	IJCB
Country/Territory	United States
City	Washington
Period	11/10/11 → 13/10/11

Keywords

SCS-Safety
EWI-21735
Template protecion
fuzzy commitment
Biometrics
3D Face recognition
IR-80033
METIS-286310

Access to Document

10.1109/IJCB.2011.6117543

Zhou11_Quantifying_Privacy_and_Security_of_Biometric_Fuzzy_Commitment

Cite this

@inproceedings{c01a8611a23745819b532bcd831b4f72,

title = "Quantifying privacy and security of biometric fuzzy commitment",

abstract = "Fuzzy commitment is an efficient template protection algorithm that can improve security and safeguard privacy of biometrics. Existing theoretical security analysis has proved that although privacy leakage is unavoidable, perfect security from information-theoretical points of view is possible when bits extracted from biometric features are uniformly and independently distributed. Unfortunately, this strict condition is difficult to fulfill in practice. In many applications, dependency of binary features is ignored and security is thus suspected to be highly overestimated. This paper gives a comprehensive analysis on security and privacy of fuzzy commitment regarding empirical evaluation. The criteria representing requirements in practical applications are investigated and measured quantitatively in an existing protection system for 3D face recognition. The evaluation results show that a very significant reduction of security and enlargement of privacy leakage occur due to the dependency of biometric features. This work shows that in practice, one has to explicitly measure the security and privacy instead of trusting results under non-realistic assumptions.",

keywords = "SCS-Safety, EWI-21735, Template protecion, fuzzy commitment, Biometrics, 3D Face recognition, IR-80033, METIS-286310",

author = "Xuebing Zhou and Arjan Kuijper and Veldhuis, {Raymond N.J.} and Christoph Busch",

note = "10.1109/IJCB.2011.6117543 ; 2011 IEEE International Joint Conference on Biometrics, IJCB 2011, IJCB ; Conference date: 11-10-2011 Through 13-10-2011",

year = "2011",

month = oct,

day = "11",

doi = "10.1109/IJCB.2011.6117543",

language = "English",

isbn = "978-1-4577-1359-0",

pages = "1--8",

booktitle = "2011 International Joint Conference on Biometrics (IJCB 2011)",

publisher = "IEEE Computer Society",

address = "United States",

}

Zhou, X, Kuijper, A, Veldhuis, RNJ & Busch, C 2011, Quantifying privacy and security of biometric fuzzy commitment. in 2011 International Joint Conference on Biometrics (IJCB 2011): Washington, DC, USA, 11-13 October 2011. IEEE Computer Society, Piscataway, NJ, pp. 1-8, 2011 IEEE International Joint Conference on Biometrics, IJCB 2011, Washington, District of Columbia, United States, 11/10/11. https://doi.org/10.1109/IJCB.2011.6117543

Quantifying privacy and security of biometric fuzzy commitment. / Zhou, Xuebing; Kuijper, Arjan; Veldhuis, Raymond N.J. et al.

2011 International Joint Conference on Biometrics (IJCB 2011): Washington, DC, USA, 11-13 October 2011. Piscataway, NJ : IEEE Computer Society, 2011. p. 1-8.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Quantifying privacy and security of biometric fuzzy commitment

AU - Zhou, Xuebing

AU - Kuijper, Arjan

AU - Veldhuis, Raymond N.J.

AU - Busch, Christoph

N1 - 10.1109/IJCB.2011.6117543

PY - 2011/10/11

Y1 - 2011/10/11

N2 - Fuzzy commitment is an efficient template protection algorithm that can improve security and safeguard privacy of biometrics. Existing theoretical security analysis has proved that although privacy leakage is unavoidable, perfect security from information-theoretical points of view is possible when bits extracted from biometric features are uniformly and independently distributed. Unfortunately, this strict condition is difficult to fulfill in practice. In many applications, dependency of binary features is ignored and security is thus suspected to be highly overestimated. This paper gives a comprehensive analysis on security and privacy of fuzzy commitment regarding empirical evaluation. The criteria representing requirements in practical applications are investigated and measured quantitatively in an existing protection system for 3D face recognition. The evaluation results show that a very significant reduction of security and enlargement of privacy leakage occur due to the dependency of biometric features. This work shows that in practice, one has to explicitly measure the security and privacy instead of trusting results under non-realistic assumptions.

AB - Fuzzy commitment is an efficient template protection algorithm that can improve security and safeguard privacy of biometrics. Existing theoretical security analysis has proved that although privacy leakage is unavoidable, perfect security from information-theoretical points of view is possible when bits extracted from biometric features are uniformly and independently distributed. Unfortunately, this strict condition is difficult to fulfill in practice. In many applications, dependency of binary features is ignored and security is thus suspected to be highly overestimated. This paper gives a comprehensive analysis on security and privacy of fuzzy commitment regarding empirical evaluation. The criteria representing requirements in practical applications are investigated and measured quantitatively in an existing protection system for 3D face recognition. The evaluation results show that a very significant reduction of security and enlargement of privacy leakage occur due to the dependency of biometric features. This work shows that in practice, one has to explicitly measure the security and privacy instead of trusting results under non-realistic assumptions.

KW - SCS-Safety

KW - EWI-21735

KW - Template protecion

KW - fuzzy commitment

KW - Biometrics

KW - 3D Face recognition

KW - IR-80033

KW - METIS-286310

U2 - 10.1109/IJCB.2011.6117543

DO - 10.1109/IJCB.2011.6117543

M3 - Conference contribution

SN - 978-1-4577-1359-0

SP - 1

EP - 8

BT - 2011 International Joint Conference on Biometrics (IJCB 2011)

PB - IEEE Computer Society

CY - Piscataway, NJ

T2 - 2011 IEEE International Joint Conference on Biometrics, IJCB 2011

Y2 - 11 October 2011 through 13 October 2011

ER -

Quantifying privacy and security of biometric fuzzy commitment

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this