WO2007036825A1 - Mise en correspondance d'empreintes digitales - Google Patents

Mise en correspondance d'empreintes digitales Download PDF

Info

Publication number
WO2007036825A1
WO2007036825A1 PCT/IB2006/053235 IB2006053235W WO2007036825A1 WO 2007036825 A1 WO2007036825 A1 WO 2007036825A1 IB 2006053235 W IB2006053235 W IB 2006053235W WO 2007036825 A1 WO2007036825 A1 WO 2007036825A1
Authority
WO
WIPO (PCT)
Prior art keywords
filters
data
determining
correlation
filter
Prior art date
Application number
PCT/IB2006/053235
Other languages
English (en)
Inventor
Evgeny Verbitskiy
Pim T. Tuyls
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2007036825A1 publication Critical patent/WO2007036825A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • G06V40/1365Matching; Classification
    • G06V40/1371Matching features related to minutiae or pores

Definitions

  • the present invention relates to secure computation of a measure of similarity between two sets of data, when these sets have different size. More specifically, the invention relates to matching of biometric templates, and in particular to minutiae based fingerprint matching.
  • a fingerprint template acquired by a sensor is compared to reference data stored in a secure database.
  • the reference data can be obtained through an enrollment process, linking the identity of the person to a template of his/her fingerprint.
  • a method for authenticating a claimed identity comprising acquiring a first set of data, generating a first set of filters, associated with said first set of data, receiving a second set of filters, associated with a previously stored set of data associated with said claimed identity, for each filter in said first filter set, determining with which filter in said second set it has the greatest correlation, determining a first subset of said first set of data, including data corresponding to filters in said first set of filters that have a greatest correlation exceeding a given threshold (Tl), determining a measure of similarity between the first subset and a second subset of the second set of data, the second subset including data corresponding to filters in said second set of filters that have a greatest correlation exceeding said given threshold (Tl), the first and second subsets having equal length, in order to authenticate the claimed identity.
  • Tl given threshold
  • the claimed identity is typically the identity of a person, but the invention is not limited to personal identification. On the contrary, the claimed identity may relate to a request for access of data or physical access of premises, requiring some type of access code (the first data set), e.g. provided from a physical object like e.g. a physical unclonable function (PUF).
  • the first data set e.g. provided from a physical object like e.g. a physical unclonable function (PUF).
  • the filters associated with the data sets are selected such that a high correlation between filters will indicate similar data elements.
  • the filters are advantageously based on a surrounding of the minutiae point, i.e. an area of the fingerprint much smaller than the entire fingerprint.
  • An example of useful filters are rotation invariant filters, which can be based on Fourier, Mellin, Gabor, or wavelet transforms of such surroundings.
  • the method comprises verifying that the resulting first subset includes at least a predetermined number of elements. If not, the authentication is denied, as no reliable matching can be performed.
  • the first set of filters is generated by a first party
  • the second set of filters is received in encrypted form from a second party
  • the step of determining correlation is performed under the encryption.
  • each maximum correlation can be compared with the given threshold using a secure two party protocol.
  • homomorphic threshold encryption can be used to determine if the product (correlation) between the first filter and the encrypted second filter exceeds the given threshold without sharing information about the actual filters. Details of such a two party protocol is described in European patent application EP030784375 (PCT application IB2004/052259) [attorney docket NL031322].
  • the step of determining a measure of similarity is preferably also performed under the encryption using a secure two party protocol, thus avoiding sharing information about the actual data sets.
  • a secure two party protocol is described in US patent application 60/668905 [attorney docket NL041335].
  • the step of determining the measure of similarity includes calculating a matrix of pairwise differences for each of the subsets, and determining if a distance between said matrices is less than a third given threshold.
  • the second set of filters can include at least one random filter, adapted to result in no correlation with any filter in said first set of filters.
  • random filters By including such random filters in the second set of filters, the security of the authentication process is further enhanced. An intruder attempting to respond to the filter set received from the second party (the verifier), will not know which of the filters that are random, and thus should result in no correlation. If the random filters do not result in negligible correlation, the second party (the verifier) can refuse the authentication.
  • the step of determining correlation, and/or the step of determining a measure of similarity at least in part are outsourced to at least one secure server. This can be viewed as an alternative, or a complement, to using secure two party protocols as mentioned above.
  • the object according to the invention is further achieved by a device for authenticating a claimed identity, comprising means being arranged to implement the method according to the invention, and by a computer program product comprising computer executable instructions being arranged to, when loaded and executed, implement the method according to the invention.
  • Fig. 1 shows a schematic block diagram of a system for identification and authentication suitable for implementing the present invention.
  • Fig. 2 shows a flow chart of a method according to an embodiment of the invention.
  • the process of biometric authentication has two parts, the enrollment and the authentication.
  • enrollment authentication data such as a fingerprint template is stored in a database in association with a specific identity or authorization.
  • a template is acquired together with a request to a service, such as access to information or physical access to a location.
  • Figure 1 shows a system for identification and authentication of an individual based on biometric data associated with the individual, in which system the present invention advantageously may be employed.
  • the system 100 includes an enrollment device 110 for performing the enrollment procedure, and an authentication device 120 for performing the authentication procedure.
  • the enrollment device 110 comprises a measuring device such as a fingerprint sensor 112 for acquiring raw biometric data, e.g. fingerprints, iris or retinal, facial or hand geometry, voice features etc.
  • a fingerprint sensor 112 for acquiring raw biometric data, e.g. fingerprints, iris or retinal, facial or hand geometry, voice features etc.
  • the data is a fingerprint 101.
  • the enrollment device 110 further includes a processor 114 for generating the auxiliary data that has to be used during the authentication phase.
  • the processor may be any suitable processor, such as a general purpose processor under the control of a control program, which may be stored in a non- volatile memory.
  • the enrollment device may be placed in a secure environment, and parts of the processing steps may be executed in a secure module, such as a cryptographic module.
  • the authentication data is stored in a database 130, accessible from the authentication device 120.
  • the database 130 may be incorporated into the enrollment device 120.
  • the authentication device 120 is illustrated in fig 1 as a separate device, but it will be realized by the skilled person that the authentication device and the enrollment device may be the same structure.
  • the authentication device 120 includes a measuring device such as a fingerprint sensor 122. It is preferable that the sensors 112 and 122 are of similar device in order to minimize any differences occurring during scanning of e.g. the fingerprint 105.
  • the authentication device 120 further includes a processor 124 for comparing the properties acquired by the sensor 122 with the authentication data stored in the database 130 and communicated to the authentication device 120.
  • the processor may be of similar kind as used in the enrollment device 110.
  • CA certification authority
  • a common public key k Pl3l is constructed from ku and kcA (e.g. using a known procedure such as the one described in B. Schoenmakers, P. Tuyls, Practical Two-Party Computation based on the Conditional Gate, In proceedings of Asiacrypt 2004, volume 3329 of Lecture Notes in Computer Science, pages 119-136, Berlin, 2004. Springer- Verlag).
  • a fingerprint image is scanned by the sensor 122, and the processor 124 performs an authentication procedure based on this acquired fingerprint template and the encrypted information stored in the database 130.
  • this procedure involves running a secure two party computation protocol between a "sensor”, here the authentication device 120 and a remote party (referred to as a "verifier").
  • a remote party is the enrollment device 110, but in principle this party could be separate from the enrollment device, as long as it has access to the authentication data and the secret key kcA-
  • steps S2 - S9 the sensor and the verifier establish the correspondence between their respective sets of minutiae, in order to select a number of corresponding minutiae to base the similarity measure upon.
  • the verifier For each minutiae point in its set, the verifier transmits the encrypted filter
  • step S2 E(Fi), to the sensor (step S2).
  • the encryption is t homomorphic, this corresponds to computing , which is convenient, as the sensor has access to the encrypted filter E(F 1 ) and the plain text filter G j .
  • step S5 - S6 the sensor and the verifier run a secure two-party protocol in order to determine if the correlation C 1J* exceeds a predetermined threshold, Tl.
  • a protocol to allow such a determination, without revealing cij has been described in European patent application EP030784375 (PCT application IB2004/052259) [attorney docket NL031322], which is hereby incorporated by reference.
  • both the sensor and the verifier include these indices i and j* in lists Is and Iy so as to create index lists Is and Iy for defining subsets of matched minutiae, (X 1 ; V 1 ; ⁇ ,), e Iv and (x j 5 y D ⁇ D ) ⁇ e h (steps S7 - S8). Steps S2 - S8 are then repeated for all filters F 1 (step S9, SlO). At the end of this processing, both the sensor and the verifier will have constructed sets of equal length. To facilitate reliable fingerprint matching, these lists must be sufficiently large.
  • step Sl 1 if the number of points in these sets are fewer than a second threshold T2, authentication is refused (step Sl 1).
  • step 11 may be performed in the verifier. At this point, a sufficient number of corresponding minutiae have been selected. However, this is not enough for a match. Next, it must be determined that these minutiae are part of the same fingerprint, and this can be accomplished by using the matrices of pair-wise distances.
  • the set of filters Fi includes at least one random filter, causing only negligible correlation with any one of the filters Gi.
  • the verifier will hence expect to receive no correlation for these filters.
  • An intruder attempting to deduce information from the verifier will not know which filters that are expected to return negligible correlation. If such an intruder indicates high correlation for any one of these random filters, the authentication can be refused by the verifier.
  • the security of the system may thus be further enhanced.
  • the step of determining correlation, and/or the step of determining a measure of similarity can be at least in part outsourced to a secure server, or a network of secure servers.
  • the present invention may also advantageously be used also to other kinds of biometrics, and authentication of physical objects.

Landscapes

  • Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Theoretical Computer Science (AREA)
  • Collating Specific Patterns (AREA)

Abstract

L'invention concerne une méthode destinée à authentifier une identité prétendue. Cette méthode consiste à acquérir un premier ensemble de données, à générer un premier ensemble de filtres (étape S1) associé au premier ensemble de données, à recevoir un second ensemble de filtres (étape S3) associé à un ensemble de données précédemment stocké associé à ladite identité, pour chaque filtre du premier ensemble de filtres, on détermine le degré le plus élevé de corrélation avec un filtre du second ensemble (étape S3, S4), à déterminer un premier sous-ensemble du premier ensemble de données (étape S7) comprenant des données correspondant aux filtres du premier ensemble de filtres qui présentent une corrélation élevée dépassant un seuil donné (T1), et à déterminer une mesure d'analogie (étape S14) entre le premier sous-ensemble et un second sous-ensemble du second ensemble de données, comprenant des données correspondant aux filtres du second ensemble de filtres qui présentent une corrélation élevée dépassant le seuil donné (T1), le premier sous-ensemble et le second sous-ensemble présentant une longueur égale. Selon cette approche, une corrélation entre les deux ensembles de filtres est utilisée pour établir quels éléments de données correspondent entre eux. Des ensembles de données sont ensuite réduits pour former des sous-ensembles contenant seulement les éléments mis en correspondance, et par conséquent présentent des tailles égales. Ces sous-ensembles peuvent être utilisés pour déterminer une mesure d'analogie, par exemple, à l'aide de calculs de mesures classiques existants, notamment calcul de la distance euclidienne ou de la distance crête à crête.
PCT/IB2006/053235 2005-09-30 2006-09-12 Mise en correspondance d'empreintes digitales WO2007036825A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP05109051 2005-09-30
EP05109051.2 2005-09-30

Publications (1)

Publication Number Publication Date
WO2007036825A1 true WO2007036825A1 (fr) 2007-04-05

Family

ID=37734380

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/053235 WO2007036825A1 (fr) 2005-09-30 2006-09-12 Mise en correspondance d'empreintes digitales

Country Status (1)

Country Link
WO (1) WO2007036825A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2011055469A (ja) * 2009-08-31 2011-03-17 Mitsubishi Electric Research Laboratories Inc マンハッタン距離を安全に求めるための方法及びシステム
US10503957B2 (en) 2016-04-15 2019-12-10 Nxp B.V. Fingerprint authentication system and method

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040215615A1 (en) * 2001-06-29 2004-10-28 Alf Larsson Method and device for positioning a finger when verifying a person's identity

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040215615A1 (en) * 2001-06-29 2004-10-28 Alf Larsson Method and device for positioning a finger when verifying a person's identity

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
CHIH-JEN LEE ET AL: "A Gabor filter-based approach to fingerprint recognition", SIGNAL PROCESSING SYSTEMS, 1999. SIPS 99. 1999 IEEE WORKSHOP ON TAIPEI, TAIWAN 20-22 OCT. 1999, PISCATAWAY, NJ, USA,IEEE, US, 20 October 1999 (1999-10-20), pages 371 - 378, XP010370873, ISBN: 0-7803-5650-0 *
KOVACS-VAJNA Z M: "A FINGERPRINT VERIFICATION SYSTEM BASED ON TRIANGULAR MATCHING AND DYNAMIC TIME WARPING", IEEE TRANSACTIONS ON PATTERN ANALYSIS AND MACHINE INTELLIGENCE, IEEE SERVICE CENTER, LOS ALAMITOS, CA, US, vol. 22, no. 11, November 2000 (2000-11-01), pages 1266 - 1276, XP001102786, ISSN: 0162-8828 *
YONGWHA CHUNG ET AL: "A Secure Fingerprint Authentication System on an Untrusted Computing Environment", PROC. SECOND INTL. CONF. ON TRUST, PRIVACY AND SECURITY IN DIGITAL BUSINESS, 22 August 2005 (2005-08-22) - 26 August 2005 (2005-08-26), Copenhagen, Denmark, pages 299 - 310, XP019016895 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2011055469A (ja) * 2009-08-31 2011-03-17 Mitsubishi Electric Research Laboratories Inc マンハッタン距離を安全に求めるための方法及びシステム
US10503957B2 (en) 2016-04-15 2019-12-10 Nxp B.V. Fingerprint authentication system and method

Similar Documents

Publication Publication Date Title
US7844082B2 (en) Method and system for biometric authentication
US6185316B1 (en) Self-authentication apparatus and method
EP1815637B1 (fr) Calcul fiable d'une mesure de similitude
US10552698B2 (en) System for multiple algorithm processing of biometric data
US6851051B1 (en) System and method for liveness authentication using an augmented challenge/response scheme
US8032760B2 (en) Method and system for authentication of a physical object
US9237018B2 (en) Multisystem biometric token
US5991408A (en) Identification and security using biometric measurements
US9384338B2 (en) Architectures for privacy protection of biometric templates
US8239685B2 (en) Biometric authentication method
US20020174344A1 (en) System and method for authentication using biometrics
US20030115475A1 (en) Biometrically enhanced digital certificates and system and method for making and using
US10296734B2 (en) One touch two factor biometric system and method for identification of a user utilizing a portion of the person's fingerprint and a vein map of the sub-surface of the finger
US20080013794A1 (en) Feature Extraction Algorithm for Automatic Ear Recognition
US20030217276A1 (en) Match template protection within biometric security systems
KR20070024570A (ko) 특성 위치에 근거한 생체 템플릿 유사성
AU2020216358B2 (en) Biometric public key system providing revocable credentials
JP7391843B2 (ja) 指紋の2段階の集中的な照合
JP2001052182A (ja) 個人認証方法及び個人認証プログラムを記録した記録媒体
WO2007036825A1 (fr) Mise en correspondance d'empreintes digitales
JP2006350683A (ja) 人物認証装置
Nanni et al. Cancellable biometrics: problems and solutions for improving accuracy
Li et al. An identification system combined with fingerprint and cryptography
WO2023198495A1 (fr) Procédé pour assurer une reconnaissance biométrique d'un utilisateur
Ahmad Global and local feature-based transformations for fingerprint data protection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06796006

Country of ref document: EP

Kind code of ref document: A1