Extracting Stable Crypto Keys and Pointers from IrisCodes
- Cryptographic keys must have all of their bits correct in order to work
- Biometric templates have unreliable bits that are only
probabilistically defined
- How can these two technologies be reconciled and merged?
- Answer: vector quantisation, basis projection, and error-correction
methods make possible Biometric Key Cryptography
New paper:
F. Hao, R. Anderson, and J. Daugman (2005) "Combining Cryptography with Biometrics
Effectively."
(PDF here.)
- From the string of 2,048 IrisCode bits that are only probabilistic
(each bit typically having only about 90% probability of taking its value),
a much shorter string of 140 reliable and stable bits can be generated,
for about 99.5% of persons.
- This makes it possible to use the stable shorter 140-bit IrisCode
directly as a "pointer" to an identity; -- rather than performing an
exhaustive search through a large database of IrisCodes to find a best match.
(Although such exhaustive searches occur at the speed of about 1,000,000 persons
per second, and are parallelizable, nonetheless they may be time-consuming
when databases are on a national scale and many queries arrive simultaneously.
Also, it may be objectionable to have to store large central databases of IrisCodes
for searching.)
- A very valuable property facilitating the use of stabilized IrisCodes
directly as pointers, is the sparseness of actual IrisCodes:
it is statistically guaranteed that the clouds of IrisCodes generated
by different eyes "never" come closer than a Hamming Distance of about 0.26
because of the
binomial distributions and renormalisation.
Other references:
U. Uludag, S. Pankanti, S. Prabhakar, and A.K. Jain (2004) "Biometric
Cryptosystems: Issues and Challenges," Proc. of the IEEE,
92(6): 948-960.
C. Soutar, D. Roberge, A. Stoianov, R. Gilroy, and B. Kumar (1999) "Biometric
Encryption," ICSA Guide to Cryptography, McGraw-Hill.
Y. Dodis, L. Reyzin, and A. Smith (2004) "Fuzzy Extractors: How to Generate
Strong Keys from Biometrics and Other Noisy Data," Eurocrypt 2004
LNCS 3027, 523-540.
Back to Main Page.