Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
IST-044-RWS-007 -1 Vulnerabilities in biometric encryption systems
 

Summary: IST-044-RWS-007 - 1
Vulnerabilities in biometric encryption systems
Andy Adler
School of Information Technology and Engineering,
University of Ottawa
Ottawa, Ontario, Canada
adler@site.uOttawa.ca
ABSTRACT
Biometric encryption systems embed a secret code within a biometric image in a way that it can be
decrypted with an image from the enrolled individual. We describe a potential vulnerability in biometric
encryption systems that allows a less than brute force regeneration of both the secret code and an
estimate of the enrolled image. This vulnerability requires the biometric comparison to "leak" some
information from which an analogue for a match score may be calculated. Using this match score value,
a "hill-climbing" attack is performed against the algorithm to calculate an estimate of the enrolled
image, which is then used to decrypt the code. Results are shown against a simplified implementation of
the algorithm of Soutar et al. (1998). Possible extensions of this attack to other biometric encryption
algorithms are discussed.
1.0 INTRODUCTION
There have been significant recent advancements in algorithms for biometric encryption (Uludag et al,
2004). Biometric encryption systems embed a secret code into the template, in such a way that it can be

  

Source: Adler, Andy - Department of Systems and Computer Engineering, Carleton University

 

Collections: Computer Technologies and Information Sciences