生物哈希的逆操作和预像攻击

2009 IEEE Workshop on Computational Intelligence in Biometrics: Theory, Algorithms, and Applications Pub Date : 2009-05-15 DOI:10.1109/CIB.2009.4925692

Yongjin Lee, Yun-Su Chung, Kiyoung Moon

{"title":"生物哈希的逆操作和预像攻击","authors":"Yongjin Lee, Yun-Su Chung, Kiyoung Moon","doi":"10.1109/CIB.2009.4925692","DOIUrl":null,"url":null,"abstract":"BioHashing generates a BioCode from a user's biometric features by projecting them onto user-specific random vectors and then discritizes the projection coefficients into zero or one. Since biometric features are distorted by the non-invertible transforms and template matching is performed in a transformed state, it has been claimed that BioHashing is oneway and a BioCode is as secure as a hashed password. However, we disprove it by showing that even without a genuine's private random vectors, a preimage of a BioCode is easily calculated from a lost BioCode and an attacker can gain an illegal access to a system.","PeriodicalId":395538,"journal":{"name":"2009 IEEE Workshop on Computational Intelligence in Biometrics: Theory, Algorithms, and Applications","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"39","resultStr":"{\"title\":\"Inverse operation and preimage attack on BioHashing\",\"authors\":\"Yongjin Lee, Yun-Su Chung, Kiyoung Moon\",\"doi\":\"10.1109/CIB.2009.4925692\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"BioHashing generates a BioCode from a user's biometric features by projecting them onto user-specific random vectors and then discritizes the projection coefficients into zero or one. Since biometric features are distorted by the non-invertible transforms and template matching is performed in a transformed state, it has been claimed that BioHashing is oneway and a BioCode is as secure as a hashed password. However, we disprove it by showing that even without a genuine's private random vectors, a preimage of a BioCode is easily calculated from a lost BioCode and an attacker can gain an illegal access to a system.\",\"PeriodicalId\":395538,\"journal\":{\"name\":\"2009 IEEE Workshop on Computational Intelligence in Biometrics: Theory, Algorithms, and Applications\",\"volume\":\"8 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-05-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"39\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 IEEE Workshop on Computational Intelligence in Biometrics: Theory, Algorithms, and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CIB.2009.4925692\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 IEEE Workshop on Computational Intelligence in Biometrics: Theory, Algorithms, and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CIB.2009.4925692","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 39

摘要

BioHashing通过将用户的生物特征投影到用户特定的随机向量上，然后将投影系数区分为0或1，从而从用户的生物特征中生成BioCode。由于生物特征被不可逆转的变换扭曲，模板匹配是在转换状态下进行的，因此有人声称生物哈希是单向的，生物密码和哈希密码一样安全。然而，我们通过证明即使没有正版的私有随机向量，也可以很容易地从丢失的BioCode中计算出BioCode的预映像，并且攻击者可以非法访问系统来证明这一点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Inverse operation and preimage attack on BioHashing

BioHashing generates a BioCode from a user's biometric features by projecting them onto user-specific random vectors and then discritizes the projection coefficients into zero or one. Since biometric features are distorted by the non-invertible transforms and template matching is performed in a transformed state, it has been claimed that BioHashing is oneway and a BioCode is as secure as a hashed password. However, we disprove it by showing that even without a genuine's private random vectors, a preimage of a BioCode is easily calculated from a lost BioCode and an attacker can gain an illegal access to a system.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2009 IEEE Workshop on Computational Intelligence in Biometrics: Theory, Algorithms, and Applications

自引率

0.00%

发文量