Skip to main content Accessibility help

We use cookies to distinguish you from other users and to provide you with a better experience on our websites. Close this message to accept cookies or find out how to manage your cookie settings.

Close cookie message
×
Hostname: page-component-7479d7b7d-c9gpj Total loading time: 0 Render date: 2024-07-13T01:51:57.462Z Has data issue: false hasContentIssue false

15 - Information Theoretic Analysis of the Performance of Biometric Authentication Systems

from Part IV - Data Systems and Related Applications

Published online by Cambridge University Press:  28 June 2017

By
T. Ignatenko  and
F. M. J. Willems
Edited by
Rafael F. Schaefer ,
Holger Boche ,
Ashish Khisti  and
H. Vincent Poor
T. Ignatenko
Affiliation:
Electrical Engineering Department, Eindhoven University of Technology
F. M. J. Willems
Affiliation:
Electrical Engineering Department, Eindhoven University of Technology
Rafael F. Schaefer
Affiliation:
Technische Universität Berlin
Holger Boche
Affiliation:
Technische Universität München
Ashish Khisti
Affiliation:
University of Toronto
H. Vincent Poor
Affiliation:
Princeton University, New Jersey
Get access

Summary

In this chapter we analyze the performance of biometric authentication systems in terms of their typical performance measures, i.e., false rejection rate (FRR) and false acceptance rate (FAR). In biometric authentication systems the goal is to reliably authenticate individuals based on their biometric information. Recently, however, it was also concluded that biometric information itself has to be protected in these systems, due to privacy concerns. This gave rise to the development of biometric systems with template protection. In this work we analyze four types of biometric systems, i.e., traditional authentication systems, authentication systems with storage constraints, secret-based authentication systems, and secret-based authentication systems with privacy protection. For all these systems we present the fundamental limits on the false acceptance exponent. Moreover, for the last system we determine the tradeoff between the false acceptance exponent and the amount of information that the exchanged message leaks about the biometric sequence (privacy leakage).

Introduction

Nowadays, securing and regulating access to various systems and services relies heavily on passwords. However, password-based access control systems have a number of drawbacks. From the usability perspective, these systems are not user friendly, since users have to remember a large number of passwords. The latter, in its turn, results in weak security guarantees, since users tend to choose passwords that are easy to remember, and thus also easy to guess, as well as to reuse them in different applications.With the recent advances in biometric technologies, biometric information that uniquely characterizes individuals is a promising alternative to passwords. Biometric authentication is the process of establishing the identity of an individual using measurements of his/her biological characteristics, such as irises, fingerprints, face, etc.

The attractive property of uniqueness of biometrics also introduces privacy concerns related to their use in various access control systems. Unlike passwords, biometric data cannot be easily canceled and substituted with new biometrics, as they are unique for individuals and, moreover, individuals have limited resources of biometric information. Therefore secure storage and communication of biometric information in the corresponding access control systems becomes crucial. The corresponding biometric systems are called systems with template protection.

Type
Chapter
Information
Information Theoretic Security and Privacy of Information Systems , pp. 421 - 444
Publisher: Cambridge University Press
Print publication year: 2017

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

[1] R., Ahlswede and I., Csiszár, “Common randomness in information theory and cryptography – Part I: Secret sharing,” IEEE Trans. Inf. Theory, vol. 39, no. 4, pp. 1121–1132, Jul. 1993.Google Scholar
[2] A., Juels and M., Wattenberg, “A fuzzy commitment scheme,” in Proc. 6th ACM Conf. on Computer and Communications Security, Singapore: ACM Press, Nov. 1999, pp. 26–36.
[3] T., Ignatenko and F. M. J., Willems, “Biometric systems: Privacy and secrecy aspects,” IEEE Trans. Inf. Forensics Security, vol. 4, no. 4, pp. 956–973, Dec. 2009.Google Scholar
[4] S., Wang, S., Rane, S. C., Draper, and P., Ishwar, “An information-theoretic analysis of revocability and reusability in secure biometrics,” in Proc. Inf. Theory Applications Workshop, La Jolla, CA, USA, Feb. 2011, pp. 1–10.
[5] J., Wayman, A., Jain, and D., Maltoni, Eds., Biometric Systems: Technology, Design and Performance Evaluation. London: Springer-Verlag, 2005.
[6] N., Ratha, J., Connell, and R., Bolle, “Enhancing security and privacy in biometrics-based authentication systems,” IBM Syst. J., vol. 40, no. 3, pp. 614–634, 2001.Google Scholar
[7] T. M., Cover and J. A., Thomas, Elements of Information Theory, 2nd edn. Chichester:Wiley & Sons, 2006.
[8] I., Csiszár and J., Körner, Information Theory – Coding Theorems for Discrete Memoryless Systems, 1st edn. Waltham, MA: Academic Press, 1981.
[9] R., Ahlswede and J., Körner, “Source coding with side information and a converse for degraded broadcast channels,” IEEE Trans. Inf. Theory, vol. 21, no. 6, pp. 629–637, Nov. 1975.Google Scholar
[10] R., Ahlswede and I., Csiszár, “Hypothesis testing with communication constraints,” IEEE Trans. Inf. Theory, vol. 32, no. 4, pp. 533–542, Jul. 1986.Google Scholar
[11] S.-W., Ho, “On the interplay between Shannon's information measures and reliability criteria,” in Proc. IEEE Int. Symp. Inf. Theory, Seoul, Korea, Jun. 2009, pp. 154–158.
[12] S.-W., Ho and S., Verdú, “On the interplay between conditional entropy and error probability,” IEEE Trans. Inf. Theory, vol. 56, no. 12, pp. 5930–5942, Dec. 2010.Google Scholar
[13] L., Lai, S.-W., Ho, and H. V., Poor, “Privacy–security trade-offs in biometric security systems – Part I: Single use case,” IEEE Trans. Inf. Forensics Security, vol. 6, no. 1, pp. 122–139, Mar. 2011.Google Scholar
[14] I., Csiszár and P., Narayan, “Common randomness and secret key generation with a helper,” IEEE Trans. Inf. Theory, vol. 46, no. 2, pp. 344–366, Mar. 2000.Google Scholar
[15] R. G., Gallager, Information Theory and Reliable Communication. Chichester: Wiley & Sons, 1968.
[16] A. D., Wyner and J., Ziv, “The rate–distortion function for source coding with side information at the decoder,” IEEE Trans. Inf. Theory, vol. 22, no. 1, pp. 1–10, Jan. 1976.Google Scholar

Save book to Kindle

To save this book to your Kindle, first ensure coreplatform@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

Available formats
×