Template security in fingerprint matching systems
MetadataShow full item record
As the use of fingerprints as a means to verify identity increases, so does the importance of securing the templates used to represent fingerprints. To verify a persons identity, many verification schemes require storage of insecure fingerprint templates, creating a desirable target for malicious attackers when a large number of templates are stored on a single server. To mitigate this risk, conventional measures such as firewalls and encrypted storage are often used for government use and mobile devices respectively. However, the level of firewalls needed to prevent an attack can be prohibitively expensive, and encrypted templates need to be unencrypted during the matching process if a template security scheme is not used. Large-scale commercial deployment of fingerprint recognition systems utilizing a central server to store templates may not be realized until matching can be performed accurately without exposing the fingerprint data during matching. We have explored various methods of securing fingerprint templates by generating hashes of finger- prints that allow error-tolerant matching in the hash space, thus eliminating the need to expose sensitive fingerprint information. Our results include an implementation of the Fuzzy Vault scheme on fingerprints along with a security analysis of the scheme. We also provide a method of indexing Fuzzy Vaults to enable efficient identification and a multi-server scheme to distribute the risk of a compromised server. In addition, we developed a variety of features to represent fingerprints in our systems.