Biometric/Cryptographic Keys Binding Based on Function Minimization

Abstract

Traditional cryptosystems are based on the possession of secret keys that can be stolen or shared by non legitimate users. On the other hand, binding the real identity of a system user to what he is instead of something he knows or possesses is the main desirable property of biometric systems. Biometric Crypto-Systems (or BCSs) are designed to bind a cryptographic key with a biometric template to ensure that only a legitimate user can access to encrypted data. In this paper, we propose a new biometric cryptosystem that reformulates the binding process as a minimization problem in such a way that the cryptographic key cannot be derived from the parameters of the objective functions unless the system is provided with a valid biometric template. The idea this method is based on is quite novel and unexplored, and shows the advantage of being robust to attacks that commonly break some of the existing approaches. Moreover, unlike most of biometric crypto-systems, it doesn't need any error correction code technique. The paper formally discusses about the security of the system by evaluating the probability of an attacker to retrieve the correct cryptographic key, while experimental results show the efficiency and the effectiveness of the binding process by measuring the system performance in terms of accuracy, computational time and storage requirements.