Since biometric data cannot be easily replaced or revoked, it is important that biometric templates used in biometric applications should be constructed and stored in a secure way, such that attackers would not be able to forge biometric data easily even when the templates are compromised. This is a challenging goal since biometric data are “noisy ” by nature, and the matching algorithms are often complex, which make it difficult to apply traditional cryptographic techniques, especially when multiple modalities are considered. In this paper, we consider a “fusion” of a minutiae-based fingerprint authentication scheme and an SVD-based face authentication scheme, and show that by employing a recently proposed cryptographic primitive called “secure sketch”, and a known geometric transformation on minutiae, we can make it easier to combine different modalities, and at the same time make it computationally infeasible to forge an “original ” combination of fingerprint and face image that passes the authentication. We evaluate the effectiveness of our scheme using real fingerprints and face images from publicly available sources. 1.

Multibiometric systems, which consolidate information from multiple biometric sources, are gaining popularity because they are able to overcome limitations such as non-universality, noisy sensor data, large intra-user variations and susceptibility to spoof attacks that are commonly encountered in unibiometric systems. In this thesis, we address two critical issues in the design of a multibiometric system, namely, fusion methodology and template security. First, we propose a fusion methodology based on the Neyman-Pearson theorem for combination of match scores provided by multiple biometric matchers. The likelihood ratio (LR) test used in the Neyman-Pearson theorem directly maximizes the genuine accept rate (GAR) at any desired false accept rate (FAR). The densities of genuine and impostor match scores needed for the LR test are estimated using finite Gaussian mixture models. We also extend the likelihood ratio based fusion scheme to incorporate the quality of the biometric samples. Further, we also show that the LR framework can be used for designing sequential multibiometric systems by constructing a binary decision tree classifier based on the marginal likelihood ratios of the

Abstract In this paper we generalize the concept of Private Information Retrieval (PIR) by formalizing a new cryptographic primitive, named Extended Private Information Retrieval (EPIR). Instead of enabling a user to retrieve a bit (or a block) from a database as in the case of PIR, an EPIR protocol enables a user to evaluate a function f which takes a string chosen by the user and a block from the database as input. Like PIR, EPIR can also be considered as a special case of the secure two-party computation problem (and more specifically the oblivious function evaluation problem). We propose two EPIR protocols, one for testing equality and the other for computing Hamming distance. As an important application, we show how to construct strong privacy-preserving biometric-based authentication schemes by employing these EPIR protocols. 1

Abstract. Due to privacy concern on the widespread use of biometric authentication systems, biometric template protection has gained great attention in the biometric research recently. It is a challenging task to design a biometric template protection scheme which is anonymous, revocable and noninvertible while maintaining acceptable performance. Many methods have been proposed to resolve this problem, and cancelable biometrics is one of them. In this paper, we propose a scheme coined as Random Triangle Hashing which follows the concept of cancelable biometrics in the fingerprint domain. In this method, realignment of fingerprints is not required as all the minutiae are translated into a pre-defined 2 dimensional space based on a reference minutia. After that, the proposed Random Triangle hashing method is used to enforce the one-way property (non-invertibility) of the biometric template. The proposed method is resistant to minor translation error and rotation distortion. Finally, the hash vectors are converted into bit-strings to be stored in the database. The proposed method is evaluated using the public database FVC2004 DB1. An EER of less than 1 % is achieved by using the proposed method.

This paper is a survey on biometrics and forensics, especially on the techniques and applications of face recognition in forensics. This paper describes the differences and connections between biometrics and forensics, and bridges each other by formulating the conditions when biometrics can be applied in forensics. Under these conditions, face recognition, as a non-intrusive and non-contact biometrics, is discussed in detail as an illustration of applying biometrics in forensics. The discussion on face recognition covers different approaches, feature extractions, and decision procedures. The advantages and limitations of biometrics in forensic applications are also addressed.

Biometric authentication and privacy protection are conflicting issues in a practical system. Since biometrics cannot be revoked or canceled if compromised duo to the permanent association with the user, privacy-preserving biometric recognition is desired. However, the recently proposed template protection schemes are not yet sufficiently mature. Specially, the popular noninvertible transform approach will result in an obvious decrease of GAR for a fixed FAR [1]. In this paper, we put forward a novel anonymous fingerprint recognition scheme, Biomapping, as the first approach to integrate the feature extraction, noninvertible transform, and anonymous query as a whole. Biomapping extracts the fingerprint feature utilizing a minutiae-centered region encoding, then performs anonymous enrollment and verification using the noninvertible and discriminable constructions. Experiments on the public domain database show Biomapping can provide better recognition accuracy along with the ability to protect the biometric template, thus becomes a promising solution for privacy trustworthy biometric applications. 1.