Revocable Biotokens

Keywords: template protection, fingerprint verification, face verification, voice verification, cryptography
Fall 2007 - Fall 2013
teaser image

Description

While we might consider biometrics to be just another useful application of computer vision, the concept of personal identity is important from several perspectives. From a cultural perspective, the more the world converges, the more individual cultures wish to maintain their separate identities. From an individual perspective, the greater the population and the tendency to reduce people to stereotypes, the greater the desire to establish an individual identity. There is, however, another level where identity and the verification of identity is becoming increasingly important in relation to all manner of transactions, from those related to mobility, to those related to legal, and political, rights and obligations, to those of financial and economical transactions. The intrusion of technology into these areas is not new, but their heightened visibility and ubiquity can create anxiety. This holds particularly true for biometrics.

In this work, the social problems of biometrics are addressed from a security and privacy perspective through a template protection technology called "revocable biotokens". Revocable biotokens incorporate ideas from computer vision, pattern recognition, cryptography and network security, making the approach a uniquely cross-disciplinary endeavor. When pattern recognition and cryptography are combined, a new class of algorithms and protocols enables privacy preserving identity verification, including a full "Biocryptographic Key Infrastructure" with applications to the Internet and beyond.

This work was supported by NSF STTR Award No. 0750485 and NSF PFI Award No. 0650251

Publications

  • "Voice Authentication Using Short Phrases: Examining Accuracy, Security and Privacy Issues,"
    R.C. Johnson, Terrance E. Boult, Walter J. Scheirer,
    Proceedings of the IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS),
    September 2013.
  • "Secure Voice-based Authentication for Mobile Devices: Vaulted Voice Verification,"
    R.C. Johnson, Walter J. Scheirer, Terrance E. Boult,
    Proceedings of the SPIE Defense, Security + Sensing Symposium,
    May 2013.
  • "PRIVV: Private Remote Iris-authentication with Vaulted Verification,"
    Michael J. Wilber, Walter J. Scheirer, Terrance E. Boult,
    Proceedings of the IEEE Computer Society Workshop on Biometrics,
    June 2012.
  • "Beyond PKI: The Biocryptographic Key Infrastructure (Chapter),"
    Walter J. Scheirer, Bill Bishop, Terrance E. Boult,
    Security and Privacy in Biometrics (Springer-Verlag),
    Forthcoming 2012.
  • "Beyond PKI: The Biocryptographic Key Infrastructure,"
    Walter J. Scheirer, Bill Bishop, Terrance E. Boult,
    Proceedings of the IEEE International Workshop on Information Forensics and Security (WIFS),
    December 2010.
  • "Bipartite Biotokens: Definition, Implementation, and Analysis,"
    Walter J. Scheirer, Terrance E. Boult,
    Proceedings of the 3rd IAPR/IEEE International Conference on Biometrics (ICB),
    June 2009.
  • "Bio-Cryptographic Protocols with Bipartite Biotokens,"
    Walter J. Scheirer, Terrance E. Boult,
    Proceedings of the Biometrics Symposium, held in conjunction with the Biometrics Consortium Conference (BCC),
    September 2008.
  • "Cracking Fuzzy Vaults and Biometric Encryption,"
    Walter J. Scheirer, Terrance E. Boult,
    Proceedings of the Biometrics Symposium, held in conjunction with the Biometrics Consortium Conference (BCC),
    September 2007.
  • "Revocable Fingerprint Biotokens: Accuracy and Security Analysis,"
    Terrance E. Boult, Walter J. Scheirer, Robert Woodworth,
    Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (CVPR),
    June 2007.

Demos

PayNice

PayNice Biometric-Based E-Commerce Service:

PayNice is a new way to make payments over the Internet, combining revocable biotokens with PayPal.