Authentication Attacks on Projection-based Cancelable Biometric Schemes
This work addresses a critical security problem for biometric authentication systems by revealing vulnerabilities in cancelable biometric schemes, which is incremental as it builds on prior attacks but introduces new formalizations and attack scenarios.
The paper tackles the security of projection-based cancelable biometric schemes by demonstrating that an adversary can impersonate individuals by slightly altering fingerprint images, and even impersonate multiple individuals simultaneously, using integer linear programming and quadratically constrained quadratic programming to formalize and solve these attacks.
Cancelable biometric schemes aim at generating secure biometric templates by combining user specific tokens, such as password, stored secret or salt, along with biometric data. This type of transformation is constructed as a composition of a biometric transformation with a feature extraction algorithm. The security requirements of cancelable biometric schemes concern the irreversibility, unlinkability and revocability of templates, without losing in accuracy of comparison. While several schemes were recently attacked regarding these requirements, full reversibility of such a composition in order to produce colliding biometric characteristics, and specifically presentation attacks, were never demonstrated to the best of our knowledge. In this paper, we formalize these attacks for a traditional cancelable scheme with the help of integer linear programming (ILP) and quadratically constrained quadratic programming (QCQP). Solving these optimization problems allows an adversary to slightly alter its fingerprint image in order to impersonate any individual. Moreover, in an even more severe scenario, it is possible to simultaneously impersonate several individuals.