Biohashing: Two factor authentication featuring fingerprint data and tokenised random number

Andrew Teoh Beng Jin; David Ngo Chek Ling; Alwyn Goh

doi:10.1016/j.patcog.2004.04.011

Biohashing: Two factor authentication featuring fingerprint data and tokenised random number

Andrew Teoh Beng Jin, David Ngo Chek Ling, Alwyn Goh

Department of Electrical and Electronic Engineering

Research output: Contribution to journal › Article › peer-review

580 Citations (Scopus)

Abstract

Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

Original language	English
Pages (from-to)	2245-2255
Number of pages	11
Journal	Pattern Recognition
Volume	37
Issue number	11
DOIs	https://doi.org/10.1016/j.patcog.2004.04.011
Publication status	Published - 2004 Nov

Bibliographical note

Funding Information:
About the Author —ALWYN GOH is an experienced and well-published researcher in biometrics, cryptography and information security. His work is recognised by citations from the Malaysian National Science Foundation and the European Federation of Medical Informatics. He previously lectured Computer Sciences at Universiti Sains Malaysia where he specialised in data-defined problems, client server computing and cryptographic protocols. Goh has a Masters in Theoretical Physics from the University of Texas, and a Bachelors in Electrical Engineering and Physics from the University of Miami.

All Science Journal Classification (ASJC) codes

Software
Signal Processing
Computer Vision and Pattern Recognition
Artificial Intelligence

Access to Document

10.1016/j.patcog.2004.04.011

Cite this

@article{f460da2ba6904c4d8e3c6c27a92498e3,

title = "Biohashing: Two factor authentication featuring fingerprint data and tokenised random number",

abstract = "Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.",

author = "Jin, {Andrew Teoh Beng} and Ling, {David Ngo Chek} and Alwyn Goh",

note = "Funding Information: About the Author —ALWYN GOH is an experienced and well-published researcher in biometrics, cryptography and information security. His work is recognised by citations from the Malaysian National Science Foundation and the European Federation of Medical Informatics. He previously lectured Computer Sciences at Universiti Sains Malaysia where he specialised in data-defined problems, client server computing and cryptographic protocols. Goh has a Masters in Theoretical Physics from the University of Texas, and a Bachelors in Electrical Engineering and Physics from the University of Miami.",

year = "2004",

month = nov,

doi = "10.1016/j.patcog.2004.04.011",

language = "English",

volume = "37",

pages = "2245--2255",

journal = "Pattern Recognition",

issn = "0031-3203",

publisher = "Elsevier Limited",

number = "11",

}

TY - JOUR

T1 - Biohashing

T2 - Two factor authentication featuring fingerprint data and tokenised random number

AU - Jin, Andrew Teoh Beng

AU - Ling, David Ngo Chek

AU - Goh, Alwyn

N1 - Funding Information: About the Author —ALWYN GOH is an experienced and well-published researcher in biometrics, cryptography and information security. His work is recognised by citations from the Malaysian National Science Foundation and the European Federation of Medical Informatics. He previously lectured Computer Sciences at Universiti Sains Malaysia where he specialised in data-defined problems, client server computing and cryptographic protocols. Goh has a Masters in Theoretical Physics from the University of Texas, and a Bachelors in Electrical Engineering and Physics from the University of Miami.

PY - 2004/11

Y1 - 2004/11

N2 - Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

AB - Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

UR - http://www.scopus.com/inward/record.url?scp=12344259813&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=12344259813&partnerID=8YFLogxK

U2 - 10.1016/j.patcog.2004.04.011

DO - 10.1016/j.patcog.2004.04.011

M3 - Article

AN - SCOPUS:12344259813

SN - 0031-3203

VL - 37

SP - 2245

EP - 2255

JO - Pattern Recognition

JF - Pattern Recognition

IS - 11

ER -

Biohashing: Two factor authentication featuring fingerprint data and tokenised random number

Abstract

Bibliographical note

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this