Biohashing: Two factor authentication featuring fingerprint data and tokenised random number

Andrew Teoh Beng Jin, David Ngo Chek Ling, Alwyn Goh

Research output: Contribution to journalArticle

424 Citations (Scopus)

Abstract

Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

Original languageEnglish
Pages (from-to)2245-2255
Number of pages11
JournalPattern Recognition
Volume37
Issue number11
DOIs
Publication statusPublished - 2004 Nov 1

Fingerprint

Biometrics
Authentication
Computer networks
Data acquisition
Fourier transforms
Fabrication

All Science Journal Classification (ASJC) codes

  • Software
  • Signal Processing
  • Computer Vision and Pattern Recognition
  • Artificial Intelligence

Cite this

@article{f460da2ba6904c4d8e3c6c27a92498e3,
title = "Biohashing: Two factor authentication featuring fingerprint data and tokenised random number",
abstract = "Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.",
author = "Jin, {Andrew Teoh Beng} and Ling, {David Ngo Chek} and Alwyn Goh",
year = "2004",
month = "11",
day = "1",
doi = "10.1016/j.patcog.2004.04.011",
language = "English",
volume = "37",
pages = "2245--2255",
journal = "Pattern Recognition",
issn = "0031-3203",
publisher = "Elsevier Limited",
number = "11",

}

Biohashing : Two factor authentication featuring fingerprint data and tokenised random number. / Jin, Andrew Teoh Beng; Ling, David Ngo Chek; Goh, Alwyn.

In: Pattern Recognition, Vol. 37, No. 11, 01.11.2004, p. 2245-2255.

Research output: Contribution to journalArticle

TY - JOUR

T1 - Biohashing

T2 - Two factor authentication featuring fingerprint data and tokenised random number

AU - Jin, Andrew Teoh Beng

AU - Ling, David Ngo Chek

AU - Goh, Alwyn

PY - 2004/11/1

Y1 - 2004/11/1

N2 - Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

AB - Human authentication is the security task whose job is to limit access to physical locations or computer network only to those with authorisation. This is done by equipped authorised users with passwords, tokens or using their biometrics. Unfortunately, the first two suffer a lack of security as they are easy being forgotten and stolen; even biometrics also suffers from some inherent limitation and specific security threats. A more practical approach is to combine two or more factor authenticator to reap benefits in security or convenient or both. This paper proposed a novel two factor authenticator based on iterated inner products between tokenised pseudo-random number and the user specific fingerprint feature, which generated from the integrated wavelet and Fourier-Mellin transform, and hence produce a set of user specific compact code that coined as BioHashing. BioHashing highly tolerant of data capture offsets, with same user fingerprint data resulting in highly correlated bitstrings. Moreover, there is no deterministic way to get the user specific code without having both token with random data and user fingerprint feature. This would protect us for instance against biometric fabrication by changing the user specific credential, is as simple as changing the token containing the random data. The BioHashing has significant functional advantages over solely biometrics i.e. zero equal error rate point and clean separation of the genuine and imposter populations, thereby allowing elimination of false accept rates without suffering from increased occurrence of false reject rates.

UR - http://www.scopus.com/inward/record.url?scp=12344259813&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=12344259813&partnerID=8YFLogxK

U2 - 10.1016/j.patcog.2004.04.011

DO - 10.1016/j.patcog.2004.04.011

M3 - Article

AN - SCOPUS:12344259813

VL - 37

SP - 2245

EP - 2255

JO - Pattern Recognition

JF - Pattern Recognition

SN - 0031-3203

IS - 11

ER -