摘要
针对指纹识别中自身生物特征信息的安全保护问题,提出了一种基于BioHashing和密钥绑定的双重可删除指纹模板(DCFT)方法。DCFT方法首先通过BioHashing方法将提取出的原始指纹特征信息不可逆地转化成一串固定长的二进制序列,而后利用FuzzyCommitment绑定密钥,生成一个可删除的指纹模板。验证时利用存储模板和待验证指纹,采用纠错码解码恢复出密钥。采用该方法,即使数据库中存储的模板数据被盗取,甚至密钥被破解,入侵者也不能恢复出原始指纹特征信息;且通过更改BioHashing中的随机矩阵或绑定的密钥,就能改变数据库中的模板,使入侵者无法利用先前已泄露的数据通过验证,避免了因为指纹的不可更改性造成永久性安全威胁,从根本上保证了指纹信息的安全。最后,仿真测试说明了DCFT方法的有效性。
For the original biometric information security in a fingerprint recognition system, this paper proposes a dual can- cellable fingerprint template (DCFT) method based on BioHashing and key bindings. In the phase of enrollment, it firstly irreversibly converts the feature value extracted from the original fingerprint image into a string of binary sequence with a fixed length by BioHashing, and then hinds the key to the binary sequence by the Fuzzy Commitment scheme to generate a cancellable fingerprint template which can be stored in the database or a smartcard. In the phase of identification, the error correcting code is employed to regain the binding key from the cancellable template with the help of query fingerprint images. If using the DCFT method, even if all the data in the database is stolen, none of the original fingerprint biometric information will he leaked. Moreover, the stored template can be regenerated by changing the random matrix in Bio- Hashing or the bingding key, so that the leakage of information is not available in verification. It avoids the permanent security threat caused by non-changeability of fingerprint. In the end, the simulation result is showed to illuminate the validity of the DCFF method.
出处
《高技术通讯》
EI
CAS
CSCD
北大核心
2010年第11期1115-1120,共6页
Chinese High Technology Letters
基金
863计划(2009AA01Z427)资助项目