FR2925730A1 - METHOD AND SYSTEM FOR AUTHENTICATING INDIVIDUALS FROM BIOMETRIC DATA - Google Patents

Abstract

System for authenticating an individual using biometric data characterized in that it comprises at least the following elements: a sensor (6) for collecting biometric data belonging to an individual and communicating with a system composed of an authentication server (1, 5), a database (2), a comparator (3 ) of data,. said database (2) containing representative elements of the biometric data ,. said comparator (3) receiving information from the database (2) and the identification server (1) ,. said authentication server (1), said database (2), and the comparator (3) being physically separate and communicating with one another ,. said authentication server (1, 5) comprising algorithms for extracting stable and reproducible information from biometric data.

Description

METHOD AND SYSTEM FOR AUTHENTICATING INDIVIDUALS FROM BIOMETRIC DATA

A system and method for authenticating users using biometric data. The invention can also enable the generation of keys from biometric data.

Biometric data, including fingerprints, are data that are subject to change. They are not systematically identical and reproducible over time. For example, because of parameters such as the humidity that can occur when taking the fingerprint, or the way an individual places his finger on the fingerprint sensor, the image of the fingerprint can change and be unrepeatable. Classical cryptography uses accurate and reproducible data. Its security is based in particular on the fact that a small variation of the variables and input parameters induces a completely different result on the output data. The use in cryptography of biometric data therefore requires taking into account possible variations of the biometric data while ensuring that the final result remains the same. Another problem is related to the recommendation of the Commission Nationale Informatique et Libertés or CNIL, which is to prohibit the use of permanent databases containing biometric data and to identify people. There are two ways to answer this problem. It is necessary either to store the biometric data locally on a secure individual medium or, in the case of a database, to protect the biometric data or to protect the association between an identity and its biometry, ideally both. Many articles and patents deal with the subject of biometrics. The tools of the prior art in general use the systematic storage of biometric data in raw, clear or encrypted form and with a key collocated with the data, which is contrary to the recommendation of the CNIL. US patent application 2007/0239994 discloses a system and method for encrypting communication in a recognition system using the biometric data associated with an individual. The prior art known to the Applicant has the following disadvantages in particular: • The techniques used use the systematic storage of biometric data in raw form, clear or encrypted, • It does not offer a complete solution to the problem of biometric authentication , ie efficient (encoding and decoding time of data), secure, robust (error tolerance from one capture to another).

The invention is based in particular on a differentiation of the storage function of the database and the authentication server thus making it possible to increase the security of an identification system of an individual from biometric data. In addition, biometric data is not stored in a clear or encrypted form. Only data constructed from the biometric data are stored and which, without a comparison with the biometric data of the user, do not make it possible to reconstruct the initial data. In the rest of the description, when referring to a server, the Applicant refers to the systems making it possible to render services to a user. A server may be a computer, a computer program that provides services to computers and software that connect to it through a computer network. This service can consist of storing files, performing calculations, and so on. The word syndrome is used in the description to denote the result of an algorithm on a biometric data, such algorithm being a fuzzy extractor, for example.

The invention relates to a system for authenticating an individual using biometric data, characterized in that it comprises at least the following elements: a sensor for collecting biometric data belonging to an individual and communicating with a system composed of a authentication server, a database, a data comparator, • said database containing elements representative of the biometric data, • said comparator receiving information from the database and the identification server Said authentication server, said database, and the comparator being physically separate and communicating with each other, said authentication server comprising algorithms for extracting stable and reproducible information from biometric data. The system may include means for the exchange of protected data in confidentiality and integrity. The invention also relates to a method for authenticating an individual from biometric data, characterized in that it comprises at least the following steps: a user Idi sends via a server connected to a sensor making it possible to collect data of biometrics, its identity Idi and the capture of its biometric data w'i, 25 • the server determines from this capture the corresponding syndrome denoted s (w'i) and transmits at an authentication step the identity Idi and the syndrome s (w'i) associated, • an authentication server makes the link between the identity of the user Idi and the address Addi storage information about him in the database, and then transmits this Addi address to the database, • the database decrypts the received address Addi and transmits the data found at this address Addi to a comparison step, • a comparator decrypts the received data, and obtains the data built from the capture of the biometric data during the authentication phase s (w'i) and during the enrollment phase s (wi) and c (wi), • apply extraction type algorithms fuzzy in order to find the initial data from the biometric data during the authentication phase s (w'i) and during the enrollment phase s (wi) and c (wi), • If the data obtained from of the biometric capture and the data (s (w;), c (w;)) contained in the Addi address indicated by the database are consistent, then the comparator returns to the authentication server a chord notification • if there is an inconsistency, then it sends a notice of disagreement. According to one embodiment, the exchanged data can be protected in confidentiality and in integrity.

Other characteristics and advantages will become apparent on reading the detailed description given by way of nonlimiting example which follows, with reference to appended drawings which represent: FIG. 1, the steps implemented during the enrollment of an individual on an authentication system, and • Figure 2, the steps implemented during the verification or control. In order to better understand the principle implemented in the method and system according to the invention, the following description is given in the case of a fingerprint used to characterize an individual in which the data exchanged are protected in confidentiality and in integrity. This protection is however not mandatory and the method can be applied without implementing the protection. Any other type of representative biometric characteristic of an individual may be used, for example the structure of the iris. It is also possible to use the signature of an individual who is recognized in this technical field as a biometric data.

For the record, a fingerprint can be represented by a set of minutiae, or other characteristic data. A minutia term known to those skilled in the art corresponds to a characteristic point of a print in the image of the print. for example the end of a line, a fork, etc.

The process according to the invention uses fuzzy extractors, better known by the acronym fuzzy extractors. These objects make it possible to extract stable and reproducible information from biometric data. This information alone does not allow the reconstruction of biometric data. On the other hand, from these elements, it is possible to authenticate with certainty a person. In order to better understand the principle of the method according to the invention, the example given by way of illustration uses a fuzzy extractor named Pinsketch jointly used with a minutia camouflage algorithm named Point Set Hidding. To do this, each minutiae is characterized by a point. These two algorithms can be used when the application targets fingerprints. More generally, the scheme according to the invention can be used with a fuzzy extractor alone or together with one or more other algorithms.

The Pintsketch algorithm is described in Y. Dodis, R. Ostrovsky, L. Reyzin and A. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. Cryptology ePrint Archive, Report 2003 / 235,2003 available from the Internet address http: // eprint. iacr.orq.

The "Point set Hidding" algorithm is for example described in the E-C document. Chang and Li. Hiding secret points amidst chaff. In Eurocrypt 2006 LNCS 4404 pages 59-72, 2006. Data constructed from the fuzzy extractor and used for authentication are called syndromes. Data built from the Point Hidding camouflage algorithm is called constellations. The principle of the Hiding Point Set is to drown the biometric data in over-information: false minutiae are added to the original imprint until it is difficult to find the true minutiae among the false ones. Different methods can be used for the placement of the minutiae. For example, it is possible to choose minutiae randomly and then add them to the fingerprint. Another method is explained in the article by Chang and Li previously cited.

A database used by the method according to the invention consists of elements constructed from the biometric data using a fuzzy extractor and possibly data built with one or more other algorithms known to those skilled in the art. A fundamental property of the stored data is that these data alone do not make it possible to reconstruct the initial biometric data. On the other hand, from these elements, it is possible to authenticate with certainty a person. In the example given, the database stores the syndromes Sx constructed with the fuzzy extractor named Pinsketch and the constellations Cx constructed with the Agorithm Point Set Hidding. It is not possible to reconstruct fingerprints from these syndromes and constellations alone. On the other hand, from these elements, it is possible to authenticate with certainty a person. Using these two algorithms and a capture of his biometric data the person can be authenticated. The architecture according to the invention, detailed with reference to FIGS. 1 and 2 proposes, by dissociating the storage function of the database and the algorithmic part necessary for authenticating the authentication server, to increase the overall system security.

Indeed the authentication server is not able to perform only the necessary operations for authentication. The database only stores data that alone can not be used. The matcher does not store any biometric data or data from biometric data and never knows the identity of the persons whose biometric data he is reconstructing. However, there is nothing to prevent the functions from being partially or totally grouped, for example two of them being grouped together. The system according to the invention described with reference to FIGS. 1 and 2 comprises at least the following elements: an authentication server 1 connected to a database 2 and to a comparator 3 (FIG. 2), better known by its acronym Anglo-Saxon match. The database 2 is itself connected to the matcher 3. The system also includes a server 4 (FIG. 2) responsible for calculating a syndrome S (wx) and a constellation C (wx) corresponding to the biometric data obtained for each user. Ux during the enrollment phase or initialization phase. The system also includes a server 5 responsible for calculating a syndrome corresponding to each user during the recognition phase of an individual. The servers 4 and 5 can be grouped into a single server capable of performing the various steps corresponding to the enrollment phase and the verification phase or authentication phase of an individual. For a system using two servers 4 and 5 physically separated, the server 4 intended for enrollment has the particularity (to optimize security) of not being connected to the authentication server 1 and the database 2, once the enrollment phase or initialization phase 8 completed. However, the system can work if the server 4 remains connected to the authentication server 1 and the database 2. The links between the different elements, server, database, involved in the system according to the invention can be done by wired links, radio links or any other type of link.

In both Figures 1 and 2, the direction of the arrows indicates the direction in which data streams are allowed and the notations used will be common to both figures. For example, EK (M) represents the encryption of a data item M with an encryption algorithm E and a key k. In Figure 1 are diagrammatically the different steps implemented during the enrollment phase of a user Ui. A user Ui who wants to be identified in a system interacts with the server 4 connected to a sensor 6 for capturing an imprint 7, to record the corresponding data to the fingerprint represented by (wi) for example in a non-remanent memory not shown in the figure and transmit these data to the server 4. The server 4 by implementing the above algorithms calculates a syndrome s (wi) and a constellation c (wi) for the individual Ui to identify. It then sends this information to the database 2, which refers to the user via the same server 4, the address Addi where these information are placed. The returned Addi addresses are the addresses of the database where a couple s (wi), c (wi) can be found. The association of the identity Idi, and the address Addi of the data which correspond to it, is transmitted by the user Ui via the server 4 to the authentication server 1. FIG. 2 represents the steps taken during the identification phase. Phase 1: a user Ui who wants to be identified by a system, puts his finger on a fingerprint sensor, for example the same sensor 6 and types his name (pin code or other ...) to enable his identification Idi.

The server 5 for authenticating a user during the authentication phase, determines from the fingerprint capture (w'i) of the user Ui the corresponding syndrome noted s (w'i). The server 5 transmits to the authentication server 1 the identity Idi and the syndrome s (w'i).

For reasons of confidentiality this data can be transmitted protected in confidentiality and in integrity. For this, conventional methods known to those skilled in the art are used. An encryption algorithm E 'ensuring the integrity of the data can then be used. The key k 'associated with the encryption is known to the server 5 and the authentication server 1. For additional security reasons the syndrome built s (w'i) can be protected in integrity and in confidentiality with an algorithm E and a key k, the key being known only from the server 5 and the matcher 3. The notation E'k, (Idi, Ek (s (w'i))) designates the encryption with the encryption algorithm E 'and the key k 'of the concatenation of the identity Idi with the syndrome built from the capture w'i of the fingerprint and encrypted by the encryption algorithm E and the key k. It is possible to proceed with only one encryption or none depending on the objectives and constraints of the application. The encryption algorithms used may be asymmetrical in which case the key used is the public key of the recipient of the message. Phase 2: the authentication server 1 receives a message containing the fingerprint (w'i) captured by the fingerprint sensor (in this context a data is considered as a message, as well as data constituting a message) and possibly, when there was encryption of the data, it decrypts this message with the key k 'or its public key. He thus obtains the identity Idi of the user and the syndrome s (w'i) of the capture of the imprint. This capture of the fingerprint (w'i) could be protected in confidentiality and integrity using the encryption algorithm E and the key k used during phase 1. 10 Phase 3: the server of Authentication 1 makes the link between the identity Idi of the user and the address Addi of storage of the information concerning the identity in the database 2. It then transmits this address Addi protected in integrity and confidentiality with a second algorithm of encryption E "kä to the database 2. The key k" used by this second encryption algorithm is known from the database 2. In parallel with this operation, the authentication server 1 transmits to the matcher 3 the encrypted syndrome Ek (s (w'i)). Phase 4: Database 2 decrypts the received address Addi. The database 2 transmits to the matcher 3 the data found at this address Addi. This data is transmitted protected in confidentiality and integrity of the database 2 to the matcher 3 by using a third encryption algorithm E "'with the key k"' E "'k'., (C (wi), s ( wi)) Phase 5: the matcher 3 decrypts the received data, he thus obtains the syndrome determined from the impression capture s (w'i), the initial syndrome obtained during the enrollment phase for this same user s (wi) which is stored at address Addi and the corresponding constellation c (wi) stored at address Addi The public algorithms Pinsketch and Point Set Hidding are used from these input data. obtained syndrome s (w'i) from the biometric capture and the data (c (wi), s (w;)) contained at the address Addi indicated by the database 2 are coherent, then the comparator 3 sends a notification of agreement to the authentication server 1. If there is an inconsistency, then it transmits a notification of disagreement The decision is taken by means of the two aforementioned public algorithms or any other algorithm having the same functionalities.

In general, privacy and integrity protection can be done with algorithms derived from symmetric encryption or asymmetric encryption. All different algorithms can be used, or some can be identical, see only one algorithm can be used.

The method and system according to the invention have the following advantages: o No sensitive data is stored, only data allowing the reconstitution of the sensitive data are stored, o The authentication server is never aware of the biometric data corresponding to an individual. O The database only stores data built from biometric data and can not link to an identity; moreover, these data alone can not under any circumstances make it possible to reconstruct the biometric data. The matcher compares the received and extracted data and never knows the associated identities. o The scheme can use fuzzy extractor type algorithms known to those skilled in the art and which use properties of the error-correcting codes to ensure both the confidentiality of the data and the tolerance to the variations between two captures of a 20 same biometric data. The complexity of the algorithm ensures fast calculations at enrollment as during the verification. o The use of a fuzzy extractor algorithm also makes it possible not to store raw data, but only so-called correction data which do not make it possible to find the original fingerprint without the knowledge of a new capture. o The use of a fuzzy extractor algorithm by the authentication server can allow the generation of a cryptographic key type reproducible data. 30

Claims (3)

1 - System for authenticating an individual using biometric data, characterized in that it comprises at least the following elements: a sensor (6) for collecting biometric data belonging to an individual and communicating with a system composed of a authentication server (1, 5), a database (2), a data comparator (3), • said database (2) containing elements representative of the biometric data, • said comparator ( 3) receiving information from the database (2) and the identification server (1), • said authentication server (1), said database (2), and the comparator (3) being distinct physically and communicating with each other, said authentication server (1, 5) comprising algorithms for extracting stable and reproducible information from biometric data. 2 - System according to claim 1 characterized in that the sensor (6) is a fingerprint sensor, the fingerprint biometric data of an individual and in that the representative elements of the fingerprints are syndromes and constellations. 3 - System according to claim 2 characterized in that it comprises a module using the Pinsektch algorithm to generate the syndromes and a module using the Point Set Hiding algorithm to generate the constellations.4- System according to one of claims 1 at 3 characterized in that it comprises an authentication server (1) during the enrollment phase separate from the authentication server (5) during the authentication phase of an individual. System according to one of claims 1 to 4 characterized in that it comprises means for encrypting data transmitted between the servers, and / or between a server and the database. 6 - A method of authenticating an individual from biometric data characterized in that it comprises at least the following steps: • a user Idi sends via a server (5) connected to a sensor (6) for capturing biometry data, its identity Idi and the capture of its biometric data w'i, • the server (5) determines from this capture the corresponding syndrome noted s (w'i) and transmits to an authentication step the Identity Idi and the syndrome s (w'i) associated, • an authentication server (1) makes the link between the identity of the user Idi and the address Addi storage information about him in the database (2), and then transmits this Addi address to the database (2), said database storing one or more data constructed from biometric data, • the database (2) decrypts the received address Addi and transmit the data found at this address Addi to a comparison step, • a comparator (3) decrypts the data received, and obtains the data constructed from the capture of the biometric data during the authentication phase s (w'i) and during the enrollment phase s (wi) and c (wi), • apply a fuzzy extractor type algorithm and one or more other algorithms for recovering the initial data from the biometric data during the authentication phase s (w ') i) and during the enrollment phase s (wi) and c (wi), • if the data obtained from the biometric data and the data stored at the address Addi indicated by the database are consistent, then the comparator (3) sends back to the authentication server (1) a notification of agreement, • if there is an inconsistency, then it transmits a disagreement notification. 7 ù The method of claim 6 characterized in that the identity Idi is protected in integrity and confidentiality by means of an encryption algorithm E, the encryption key k is known to the server (5) comprising the capture sensor of data and also the authentication server (1) used during the enrollment phase. 8 - Process according to one of claims 6 and 7 characterized in that the biometric data used are fingerprints and in that the database stores SX syndromes built with the fuzzy extractor named Pinsketch and constellations CX built with the Point Set Hidding algorithm. 9 - Process according to one of claims 6 to 8 characterized in that the data exchange or message are encrypted.