Iris Biometric Cryptography for Identity Document - IEEE Computer ...

2009 International Conference of Soft Computing and Pattern Recognition

Iris Biometric Cryptography for Identity Document Sim Hiew Moi, Nazeema Binti Abdul Rahim, Puteh Saad, Pang Li Sim, Zalmiyah Zakaria

Subariah Ibrahim Department of System & Communication, Faculty of Computer Science And Information System Universiti Teknologi Malaysia Johor, Malaysia

Department of Software Engineering, Faculty of Computer Science And Information System Universiti Teknologi Malaysia Johor, Malaysia e-mail: [email protected], [email protected]

strength security protection on the iris information. AES has been chosen for our work due to it resistance of the algorithm to cryptanalysis, randomness of the output, computational speed and its efficiency and flexibility on different platform. The paper next describes Literature Review in Section II. Section III is on Methodology, Results in Section IV. The paper ends with a conclusion in Section V.

Abstract—Currently, it is noticed that users tend to choose shorter password as their authentication which can be easily attacked. Biometric technologies such as fingerprint scanning, voice authentication, face recognition, signature, hand geometry and iris recognition is now playing an important role especially in application related to security issue. In this work, we present an approach to generate a unique and more secure cryptographic key from iris template. The iris images are processed to produce iris template or code to be utilized for the encryption and decryption tasks. AES cryptography algorithm are employed to encrypt and decrypt the identity data. Distance metric such as hamming distance and Euclidean distance are used for the template matching identification process. Experimental results show that this system can obtain a higher security with a low false rejection or false acceptance rate.

II.

Keywords-iris, biometric,cryptography,encryption,decryption

I.

INTRODUCTION

History has proven that human can remember only short password, most of the user even tend to choose password that can be easily guessed using dictionary or brute force search. This limitation has triggered the utilization of biometric to produce strong cryptographic key. A biometric is a unique characteristic of a human body or behavior which will be compared to a stored template to provide authentication of the individual. This technology has been used for more than 25 years. Examples of biometrics are; iris recognition, face recognition, fingerprints, hand, voice and keystroke. Among the aforementioned biometric features, iris is the most unique biometric identifier and also has a high identification accuracy. The utilization of biometric as a key is to increase security in a more effective way, reduce human mistakes during identification, increase user convenience and automation of security function. On the other hand, cryptography is the conversion of data into a secret code for transmission over a public network. This secret code is also known as “cipher text” which produces via an encryption algorithm. In this work, biometric cryptography using iris as the biometric feature is introduced to adopt the idea on protection over the iris template. The international standard cryptography algorithm – AES has been adopted in our work to produce a high cryptographic

978-0-7695-3879-2/09 $26.00 © 2009 IEEE DOI 10.1109/SoCPaR.2009.149

LITERATURE REVIEW

The main challenge and the most important motivation of biometric authentication is to provide a secure storage for the biometric template. Biometric authentication is the process of establishing the individual identity using the measurements of his/her biological characteristic. Biometric authentication technologies such as fingerprint scanning, voice authentication, face recognition, hand geometry authentication, signature and iris scanning is now playing a major role especially in the data security application. Biometric can eliminate the problem of forgotten passwords and to strengthen the security relative to passwords. Currently, some biometric cryptographic algorithms have been developed based on fingerprints, iris, face, voice, signature and palm prints. Comparison of some of the biometric identifiers based on seven factors is provided in Table 1 [14]. Properties of biometric identifiers are; Universality, distinctiveness, permanence and collectability. Performance (speed and accuracy), acceptability (willingness of people to use), and circumvention (foolproof) are attributes of biometric systems [3]. Based on the comparison of Table 1, we noticed that using iris as the biometric identifier would be more effective, reliable and accurate for authentication process available today when compared to others. Each eye is unique and remains stable from birth to end of life. Therefore, we have chosen iris for our biometric cryptography. There are numerous works that suggest the combination of biometrics and cryptography. [7] and [8] are referred to cancellable biometrics, which uses one way transformation to convert the biometric signal into irreversible form. Jinyu Zuo, Nalini K. Ratha and Jonathan H. Connell has proposed 753 736

four cancellable iris biometrics methods that work with conventional iris recognition systems, either at the unwrapped image level or at the binary iriss code level [12]. In cancellable biometrics, the system prooduces a binary yes/no response making it more vulnerable tto attacks.

Template Matching 1.

Hamming Distance Dmin = (IrisCodeA ⊕ IrrisCodeB) / 2048

2.

TABLE I.

(1)

Euclidean Distance Dmin =

Comparison of Various Biometric Technoloogies Based on the Perception of the Authors. High, Medium m, and Low are Denoted by H, M, and L, respectively

⎤ n ∑ (IrisCodeA(i ) − IrisCodeB(i ))2 ⎥ (2) ⎥⎦ ⎢⎣ i = 1 ⎡

Min ⎢

where IrisCodeA is the featuree vector of iris image stored as a template in database. d IrisCodeB is the featuree vector of a tested image. A. Encryption Process The flow of the encryption proceess is shown in the Figure 1. The encryption steps are describeed below;

iris Feature Step 1: Iris image has been extract through t Extraction process to generate the irris template and to produce the iris binary code. Davida et al.’s [2], store the error correection bits in the database that might have lead to some leaakage of the user biometric data. Besides that, the error toolerance of their scheme is much smaller. The assumption of iris code bit changes among different presentation of thee iris of a person is only 10%. However, the fact is 30% bitss of the iris code could be different due to the different presentations of the same iris [1]. Fuzzy commitment scheme [15] has been introduced by Juels and Wattenberg’s. The fuzzy comm mitment schemes bind random bit string with a biometric teemplate in binary format called difference vector. Consequuently, Juels and Sudan propose Fuzzy vault scheme [16] tto improve Juels and attenberg’s work. Here, the vault is locked using an unordered set. Srinivasa and Ramesh [44] overcome the limitation of fuzzy vault by binding fuzzy vault and secret key using a password. Password has been used as an additional layer of security to enhance the seecurity level. III.

Step 2: The binary code for the iris image is encrypted with the user identification data using thee Advanced Encryption Standard (AES) cryptography. Step 3: A cipher text is generated affter the encryption process and is stored in the databasee.

Image during enrolment

Iris Feature Extraction

Iris template original (Binary Code)

User Identification Data

METHODOLOGY

Encryption using Advanced Encryption Standard (AES)

Cipher text

The methodology consists of two phasess; encryption and decryption process. Template Matching is a process used for pattern recognition. In this paper, two distannce metrics are applied for the genuine identification test whhich was shown below.

Key

n Process Figure 1. Encryption

737 754

B. Decryption The flow of the decryption process is shown in the Figure 2 and the steps to decrypt are described below. Step 1: A tested iris image has been extract using iris feature extraction to obtain the iris binary code and the iris template of the testing iris image. The technique used for the feature extraction is Log-Gabor Technique which is introduced by Masek [19].

Tested Image

Iris template (Binary Code)

Step 2: Templates are match in the template matching process with two different distance metric function which is hamming distance and Euclidean distance. The function of the two distance metric mentioned above is shown in equation (1) and equation (2). Template matching is a one to many matching process where the test data will be compared with all templates stored in database.

Tested iris templates (Binary Code)

Iris Feature Extraction

Template Matching (Genuine Identification using distance metric)

If iris image found match

No Exit

Yes

Step 3: If there is image template in the database which is found match with the tested image, the relevant iris template will be released and step 4 is performed. Otherwise, the system will be exit.

Iris template original (Binary Code)

Step 4: The released iris image template will undergo the decryption process using Advanced Encryption Standard (AES) cryptography algorithm with the cipher text to obtain the user identification data.

Cipher text Key

Decryption using Advanced Encryption Standard (AES)

User Identification Data

Figure 2. Decryption Process

IV.

EXPERIMENTAL RESULTS

The proposed approach has been implemented and results were analyzed using MATLAB 7.0. The experimental result is based on 108 set of different iris and each of the iris has 7 images with 320×280 pixels in 250 gray level obtained from CASIA Database Version 1.0. The experiment has been performed by conducting altogether 648 (108×6) genuine decryption and 80892 (108×107×7) imposter decryption to show the False Rejection Rate (FRR) and False Acceptance Rate (FAR) with its corresponding threshold. Comparisons are made between two different template matching distance metric that is Hamming Distance and Euclidean Distance.

738 755

120

1

100%

Error Percentage %

The False Rejection Rate (FRR) measurees the probability of an enrolled individual not being identifieed by the system. The False Acceptance Rate (FAR) measurees the probability of an individual being wrongly identiffied as another individual. The Equal Error Rate (EER) is measures where FAR equal FRR. There is another performannce measurement which is called Total Success Rate (TSR) is obtained from FAR and FRR. It can also represent the veerification rate of the iris cryptography system and is calculateed as follow [18].

100 80 FAR(%)

60

FRR(%)

40 EER

20 0

(3)

0.2 0.3 0.4 0.42 0..44 0.5 Security Thresh hold EXPERIMENTAL RESULT FOR DIFFEERENT THRESHOLD VALUES USING HAMMING DISTANC CE

Figure 3. FAR and FRR for different threshold values for hamming distance measurem ment

Threshold

FAR(%)

FRR R(%)

0.2

0

999

140

0.25

0

888

120

0.3

0

555

0.35

0

266

0.4

0.02

111

0.41

0.11

9

0.42

0.38

7

0.43

1.21

6

0.44

3.68

4

0.45

10.21

2

0.5

99.37

0

0.55

100

0

Count Genuine

TABLE II.

100 80 60 40 20

Same eyes min mean max std

0.176 0.316 0.484 0.059

0

Hammingg Distance

Table II shows the FAR and FRR on diifferent threshold values for the measurement using hammingg distance. From the above result, 0.4 gives the best FAR andd FRR and hence, it is chosen as the threshold value for thhis proposed iris cryptography system. Figure 3 illustrates thhe FAR and FRR graph and EER is obtained at the point wheere FAR is equal to FRR. The Equal Error Rate (EER) shownn below is 3.68%. Using the formula (3), the Total Success Rate (TSR) calculated is 89%. Figure 4 and Figurre 5 shows the histogram for the hamming distance betweeen iris code for genuine and imposter testing.

Figure 4. Hamming Distance Between Irris Code for Genuine Testing

739 756

Count Imposter

45000 40000 35000 30000 25000 20000 15000 10000 5000 0

RR on different threshold Table III shows the FAR and FR distance. From values for the measurement using Euclidean E the above result, 0.04 gives the best FAR and FRR. The FAR and FRR for this threshold valuee is 20.5% and 41.51% nt, we found out that, respectively. From our experimen comparing to hamming distance reesult, Euclidean distance measurement result is much weakerr and not efficient for the use of iris identification. Figure 6 illustrates the FAR and FRR graph for the measurement using Euclidean Distance. n below is 28.7%. Using The Equal Error Rate (EER) shown the formula (3), the Total Success Rate (TSR) calculated is we found that o only 56.41%. From the result obtained, Hamming distance is a suitable disstance metric to compute mplate to many templates the difference between one iris tem due to its efficiency and simplicity. Hamming distance count nd thus it is more suitable the bits different in two patterns an n binary form. Euclidean to encoded information especially in distance which is frequently used to compute differences in coordinate axis that is usually represented as continuous numerical values is unsuitable as a distance metric in iris d Figure 8 shows the template matching. Figure 7 and nce between iris code for histogram for the Euclidean Distan genuine and imposter testing.

Different eyes min mean max std

0.361 0.469 0.519 0.015

Hamming Distaance Figure 5. Hamming Distance Between Iris Code foor Imposter Testing

120 100 80 60 40 20 0

FAR(%)

FRR((%)

0.02

0

1000

0.025

0

99.2

0.03

0

88.7

0.035

3

63.227

0.04

20.5

41.551

0.045

44.7

28.7

0.05

64.9

19.9

0.055

78.3

14.2

d Security Threshold

0.06

86.2

8.22

0.065

91.6

5.99

0.07

94.8

3.99

0.075

97.1

3.22

0.08

98.1

2.55

0.085

98.8

1.55

0.09

99.1

0.66

0.095

99.4

0.66

0.1

99.6

0.33

0.105

99.7

0.33

0.11

99.8

0.33

0.115

99.8

0

0.12

99.8

0

0.2

100

0

Error Percentage %

Threshold

0.02 0.035 0.05 0.065 0.08 0.095 00.11 11 0.2

EXPERIMENTAL RESULT FOR DIFFEERENT THRESHOLD VALUE USING EUCLIDEAN DISTANC CE

EER

FAR(%) FRR(%)

Figure 6. FAR and FRR for different thrreshold values for euclidean ment distance measurem

Count Genuine

TABLE III.

180 160 140 120 100 80 60 40 20 0

Same eyes min mean max std

0.023 0.041 0.115 0.013

n Distance Euclidean Figure 7. Euclidean Distance Between Irris Code for Genuine Testing

740 757

Count Imposter

25000 [3]

20000

Diffeerent eyes

15000

min n mean max std

10000

[4]

0.030 0.049 0.197 0.011

[5]

5000 [6]

0

[7]

[8]

Euclidean Distance Figure 8. Euclidean Distance Between Iris Code foor Imposter Testing

V.

[9]

FUTURE WORK AND CONCLUSION

This paper proposed an approach for iiris cryptography system. The crypto key is generated using the iris template, which is believed to be stable for a personn throughout their entire lifetime. The increment of the difficculty to crack or guess the crypto key has reduced the compplicated sequence of the operation used in the traditional cryptography system. In this paper, Advanced Encryption Syystem (AES) is employed to encrypt and decrypt the iddentity data. The security of this algorithm has been identiified as a world standard algorithm which has been uused for many protections on important data especiaally government sensitive information. For the future work suuggestion, hybrid ms to solve burst of different error correction codes algorithm and background error of an iris image cann be studied and applied to enhance the performance of this iiris cryptographic system.

[10] [11]

[12]

[13]

[14] [15]

[16]

ACKNOWLEDGMENT

[17]

The authors would like to acknowledgge the funding of MOSTI (Sciencefund) under the project tittle Iris Biometric for Identity Document. Portions of the reseaarch in this paper use the CASIA iris image database collected by the Institute Sciences. of Automation of the Chinese Academy of S

[18]

[19]

REFERENCES [1]

[2]

[20] [21]

Daugman J. G., “High confidence visual recognnition of persons by a test of statistical independence,” IEEE Trans. Paattern Anal. Machine Intell., vol. 15, pp. 1148–1161, Nov. 1993. Davida G. I., Y. Frankel, B. J. Matt, and R. Peraalta, “On the relation of error correction and cryptography to an offfline biometric based

741 758

identification scheme,” in Proc. Worksshop Coding and Cryptography (WCC’99), pp. 129–138. Wayman J. L., “Fundamentals of biometric authentication technologies,” Int. J. Image Graph, vol. 1, no. 1, pp. 93–113, 2001. I “Performance of Iris Based Srinivasa Reddy E. , Ramesh Babu I., Hard Fuzzy Vault, ” IJCSNS Interrnational Journal of Computer Science and Network Security, vol.8, no.1, Jan. 2008 Dodis Y., Reyzin L., and Smith A.., “Fuzzy Extractors: How to generate Strong Keys from Biomettrics and other Noisy Data”, nce on Theory and Applications Proceedings of International Conferen of Cryptographic Techniques, pp. 523--540, 2004. Monrose F., Rieter M., Li Q.,Wetzel S.,” Password hardening using key board dynamics”, Proceedings of ACM conference on Computer and Communications security, pp.73-82, 1999. Ratha N. K., Chikkerur S., Conneell J. H., and Bolle R. M., mplates,” IEEE Transactions on “Generating cancelable fingerprint tem gence, vol. 29, no. 4, pp. 561– Pattern Analysis and Machine Intellig 572, April 2007 osla P., “Cancelable biometric Savvides M., Kumar B. V., and Kho filters for face recognition,” in Proceeedings of the 17th International Conference on Pattern Recognition (IICPR04), vol. 3, August 2004, pp. 922–925. n J., “Combining crypto with Hao F., Anderson R., and Daugman biometrics effectively,” IEEE Transacctions on Computers, vol. 55, no. 9, pp.1081–1088, 2006. statistical principles of r Daugman J., The importance of being random: 2003. iris recognition. Pattern Recognition, 36(2):279–291, 3 S., “Cryptographic key Monrose F., Reiter M., Li Q., and Wetzel W gs of the IEEE Symposium on generation from voice,” in Proceeding 02–213. Security and Privacy, May 2001, pp. 20 Jinyu Z., Nalini K. R. and Jonathan H. C., “Cancelable Iris Biometric”, 19th International Confereence on Pattern Recognition, December 2008,Tampa,FL,USA. Bremananth R. and Chitra A., An Effficient Biometric Cryptosystem using auto correlators. International Journal of Signal Processing, 2006. Wayman J. L., “Biometric Cryptosysteems: Issues and Challenges,” In Proceedings of the IEEE, vol. 92, no. 6, 6 June 2004. y Commitment Scheme”. Sixth Juels A. and Wattenberg M., “A Fuzzy ommunication Security, pp. 28– ACM Conference on Computer and Co 36, 1999. Juels A. and Sudan M. , “A Fuzzy Vaault Scheme”, In Proceedings of IEEE international symposium on Inforrmation Theory, p.408,2002. h N., "An Improvement of Iris Ariyapreechakul P. and Covavisaruch Pattern Identification Using Radon Traansform", Proceedings, the 10th gineering Conference (NCSEC National Computer Science and Eng 6. 2006), Khon Kaen, 25-27 October 2006 vid N., “Palmprint Recognition Tee C., Andrew T., Michael G., Dav with PCA and ICA”, Faculty off Information Sciences and Malaysia, Palmerston Technology, Multimedia University, Melaka, M North, November 2003. man Tris Pattern for Biometric Masek, L. (2003). Recognition of Hum of Western Australia. Identification. Bachelor Degree, The University U CASIA Iris Image Database. NIST, Advanced Encryption Standard (AES), 2001.