Handwriting Biometric Hash Attack: A Genetic Algorithm with User Interaction for Raw Data Reconstruction

Abstract : Biometric Hash algorithms, also called BioHash, are mainly designed to ensure template protection to its biometric raw data. To assure reproducibility, BioHash algorithms provide a certain level of robustness against input variability to ensure high reproduction rates by compensating for intra-class variation of the biometric raw data. This concept can be a potential vulnerability. In this paper, we want to reflect such vulnerability of a specific Biometric Hash algorithm for handwriting, which was introduced in [1], consider and discuss possible attempts to exploit these flaws. We introduce a new reconstruction approach, which exploits this vulnerability; to generate artificial raw data out of a reference BioHash. Motivated by work from Cappelli et al. for fingerprint modality in [6] further studied in [3], where such an artificially generated raw data has the property of producing false positive recognitions, although they may not necessarily be visually similar. Our new approach for handwriting is based on genetic algorithms combined with user interaction in using a design vulnerability of the BioHash with an attack corresponding to cipher-text-only attack with side information as system parameters from BioHash. To show the general validity of our concept, in first experiments we evaluate using 60 raw data sets (5 individuals overall) consisting of two different handwritten semantics (arbitrary Symbol and fixed PIN). Experimental results demonstrate that reconstructed raw data produces an EERreconstr. in the range from 30% to 75%, as compared to non-attacked inter-class EERinter-class of 5% to 10% and handwritten PIN semantic can be better reconstructed than the Symbol semantic using this new technique. The security flaws of the Biometric Hash algorithm are pointed out and possible countermeasures are proposed.
Type de document :
Communication dans un congrès
Bart Decker; Ingrid Schaumüller-Bichl. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. Springer, Lecture Notes in Computer Science, LNCS-6109, pp.178-190, 2010, Communications and Multimedia Security. 〈10.1007/978-3-642-13241-4_17〉
Liste complète des métadonnées

Littérature citée [8 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01056380
Contributeur : Hal Ifip <>
Soumis le : lundi 18 août 2014 - 18:07:27
Dernière modification le : vendredi 11 août 2017 - 15:29:37
Document(s) archivé(s) le : jeudi 27 novembre 2014 - 05:33:08

Fichier

cms2010_submission_34.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Karl Kümmel, Claus Vielhauer, Tobias Scheidat, Dirk Franke, Jana Dittmann. Handwriting Biometric Hash Attack: A Genetic Algorithm with User Interaction for Raw Data Reconstruction. Bart Decker; Ingrid Schaumüller-Bichl. 11th IFIP TC 6/TC 11 International Conference on Communications and Multimedia Security (CMS), May 2010, Linz, Austria. Springer, Lecture Notes in Computer Science, LNCS-6109, pp.178-190, 2010, Communications and Multimedia Security. 〈10.1007/978-3-642-13241-4_17〉. 〈hal-01056380〉

Partager

Métriques

Consultations de la notice

394

Téléchargements de fichiers

219