Private biometrics

Biometric Template Protection refers to a class of procedures to ensure the feature data in the biometric people recognition. Unlike conventional biometric recognition methods in Biometric Template Protection are in the learning phase ( enrollment) detected biometric feature data (templates ) are not stored as reference data. Only reference data is instead from the features (Protected templates) generated and stored. These can be no reconstruction of the features, but still allow checking whether a captured for authentication biometric feature ( feature comparison ) is similar enough to the learned feature.

Objective

Biometric data are subject to the principles of data protection and must be protected from abuse. Also the security of the biometric recognition method, the protection of the reference biometric data to be important if this can be overcome by the facsimile. A particular risk is the storage of biometric reference data of large groups of people in databases dar. Traditional protection mechanisms such as access control or encryption require organizational arrangements for the management of access rights and the cryptographic key, and can therefore be overcome by insiders. To address these risks, to Biometric Template Protection procedures have the following properties:

• From the stored reference data, the biometric characteristic data can not be reconstructed.
• The reference data of a person are variable and can be changed so that different reference data from the same person can not be assigned to each other.

The second property requires that the method of calculating the reference data in the biometric feature is effected randomly or using parameters.

Most methods also have the property that no secret data ( keys or parameters) need to be stored. This represents a significant advantage over traditional encryption of the stored reference data

Operation

Since the - required for the calculation of the feature - the collection of biometric characteristics is almost inevitably associated with inaccuracies and measurement errors, Biometric Template Protection procedures must be tolerant with respect to these errors. Cryptologic hash functions have no fault tolerance and yield even at a single different bit completely different issues. Therefore, can the storage of hashes, as is common for example in the password authentication, apply directly on biometric data.

Biometric template protection methods can be roughly divided into two classes according to their function:

Transformation Procedure: In these, the biometric characteristic data in response to (mostly hidden ) parameters are transformed. The transformation is chosen so that similar input values ​​produce similar outputs. Testing the determined during an authentication biometric data is performed in the transformed domain, i.e. these feature data are also transformed and then compared with the stored reference data. An inverse transformation of the stored reference data does not occur.

Biometric cryptosystems (English Biometric Cryptosystems ): In these methods during enrollment of the biometric features non-secret auxiliary data are generated and stored. With the help of these auxiliary data is later charged with one key feature of the comparison presented for authentication and checked for correctness. The key can be calculated either from the enrollment of the feature data, or randomly generated and linked to the characteristic data of the auxiliary data. The key itself is not stored and must not be á priori also for authentication. In order to check the correctness of the key is stored as a reference whose hash value.

Biometric cryptosystems are usually based on general mathematical method for fault-tolerant authentication, which can then be applied to various biometric characteristics. The best known of the proceedings are the Fuzzy Commitment and the Fuzzy Vault, both of which are based on error-correcting codes. In many biometric cryptosystems which fault tolerance is achieved by quantization or alone. The appropriate choice of the underlying mathematical method depends on the nature and extent of the measurement error in the detection of the characteristic data.

Different designations

For Biometric Template Protection also different terms are used in the literature, eg Private Biometrics or private templates. Biometric cryptosystems are often Biometric Encryption (English Biometric Encryption ) or Helper Data referred system. The term Biometric encryption is motivated by the fact that if the authentication of the (secret ) key is recovered, and this method can therefore also be used for encryption and decryption using biometric data.

Standardization

The international standard ISO / IEC 24745 defines requirements and a general model for Biometric Template Protection procedures. In this model, all Biometric Template Protection Method Pseudo Identities (PI ) as a variable identification strings and Auxiliary Data (AD ), which is needed to verify the characteristics against the stored PIs.