J4 ›› 2011, Vol. 38 ›› Issue (4): 173-180.doi: 10.3969/j.issn.1001-2400.2011.04.031

• 研究论文 • 上一篇    

改进的可撤销指纹Fuzzy Vault方案

张镕麟;刘而云;赵恒;庞辽军   

  1. (西安电子科技大学 生命科学技术学院,陕西 西安  710071)
  • 收稿日期:2010-10-17 出版日期:2011-08-20 发布日期:2011-09-28
  • 通讯作者: 张镕麟
  • 作者简介:张镕麟(1984-),女,西安电子科技大学博士研究生,E-mail: zhangrongling@life.xidian.edu.cn.
  • 基金资助:

    国家自然科学基金项目资助项目(60902083, 60803151, 60875018);北京市自然科学基金重点资助项目(4091004)

Improved cancelable fingerprint fuzzy vault system

ZHANG Ronglin;LIU Eryun;ZHAO Heng;PANG Liaojun   

  1. (School of Life Sciences and Technology, Xidian Univ., Xi'an  710071, China)
  • Received:2010-10-17 Online:2011-08-20 Published:2011-09-28
  • Contact: ZHANG Ronglin

摘要:

Fuzzy Vault系统是生物特征加密(Biometric Encryption,BE)领域中广泛应用的密钥绑定框架,适用于集合特征(例如指纹细节点)与密钥的绑定.然而,Vault模板中包含了真实指纹细节点特征,攻击者可以从多个发布的Vault模板中获取真实指纹信息,因而严重威胁到用户的隐私和密钥安全.笔者提出一种改进的可撤销指纹Fuzzy Vault方案.首先,基于口令构造一个不可逆变换函数,应用该变换函数对细节点特征进行变换,然后使用变换后的细节点输入Fuzzy Vault系统.攻击者即使得到多个应用系统上的Vault也不能获得原始指纹细节点特征,且用户可以通过随时更换口令来发布新的Vault模板.在FVC2002 DB2上的实验表明,所提出的方案能有效降低交叉匹配带来的安全隐患,提高系统安全性.

关键词: 可撤销生物特征, 双因子认证, fuzzy vault, 生物特征加密, 指纹识别

Abstract:

Fuzzy vault has been widely applied in biometric encryption domain for key binding, suitable for set feature representation, such as minutiae set of fingerprint image. However, with the real minutia points contained in vault, fuzzy vault is suffered from cross matching problem, which makes attackers easily obtain real minutia information from multiple vault templates and threatens user privacy and secret key security. In this paper, an improved cancelable fuzzy vault scheme is proposed, in which an one-way function based on password is constructed to transform original minutia information and then the transformed minutiae are fed to fuzzy vault system. The attackers can not obtain the original minutia features even though multiple vaults are at hand, and the users can reissue a new vault template by changing password. Experimental results on FVC2002 DB2 show that the proposed method can effectively reduce the hidden troubles and increase security of system.

Key words: cancelable biometric, two factor authentication, fuzzy vault, biometric encryption, fingerprint recognition

中图分类号: 

  • TP301