Technical Report: Multibiometric Cryptosystems

Multibiometric systems are being increasingly deployed in many large scale biometric applications (e.g., FBIIAFIS, UIDAI system in India) because they have several advantages such as lower error rates and larger population coverage compared to unibiometric systems. However, multibiometric systems require storage of multiple biometric templates (e.g., fingerprint, iris, and face) for each user, which results in increased risk to user privacy and system security. One method to protect individual templates is to store only the secure sketch generated from the corresponding template using a biometric cryptosystem. This requires storage of multiple sketches. In this paper, we propose a feature level fusion framework to simultaneously protect multiple templates of a user as a single secure sketch. To make this framework practical, we propose algorithms for (i) embedding different biometric feature representations (e.g. set of points, binary strings, or real-valued vectors) into a common representation, (ii) encoding and decoding multibiometric secure sketches using two well-known biometric cryptosystems, namely, fuzzy vault and fuzzy commitment, and (iii) introducing constraints, such as minimum matching performance requirement for a specific biometric trait. We also analyze the trade-off between matching accuracy and security of the proposed multibiometric cryptosystems through the GARSecurity (G-S) curves, which plot the genuine accept rate of the system against the minimum computational complexity involved in decoding a secure sketch without the genuine user’s biometric data. The proposed framework has been evaluated on two different databases, one real and one virtual multimodal database, each containing the three most popular biometric modalities, namely, fingerprint, iris, and face. Experimental results show that both the multibiometric cryptosystems proposed here have higher security and matching performance compared to their unibiometric counterparts.