A Cryptanalysis of Two Cancelable Biometric Schemes based on Index-of-Max Hashing
This exposes security flaws in biometric protection schemes, which is critical for privacy and security in authentication systems, though it is incremental as it builds on prior cryptanalysis work.
The paper cryptanalyzes two cancelable biometric schemes, GRP-IoM and URP-IoM, based on index-of-max hashing, showing they are severely vulnerable to authentication and linkability attacks, with attacks verified on the original dataset.
Cancelable biometric schemes generate secure biometric templates by combining user specific tokens and biometric data. The main objective is to create irreversible, unlinkable, and revocable templates, with high accuracy in matching. In this paper, we cryptanalyze two recent cancelable biometric schemes based on a particular locality sensitive hashing function, index-of-max (IoM): Gaussian Random Projection-IoM (GRP-IoM) and Uniformly Random Permutation-IoM (URP-IoM). As originally proposed, these schemes were claimed to be resistant against reversibility, authentication, and linkability attacks under the stolen token scenario. We propose several attacks against GRP-IoM and URP-IoM, and argue that both schemes are severely vulnerable against authentication and linkability attacks. We also propose better, but not yet practical, reversibility attacks against GRP-IoM. The correctness and practical impact of our attacks are verified over the same dataset provided by the authors of these two schemes.