Optimized Authentication System with High Security and Privacy

Abstract

Authentication and privacy play an important role in the present electronic world. Biometrics and especially fingerprint-based authentication are extremely useful for unlocking doors, mobile phones, etc. Fingerprint biometrics usually store the attributes of the minutia point of a fingerprint directly in the database as a user template. Existing research works have shown that from such insecure user templates, original fingerprints can be constructed. If the database gets compromised, the attacker may construct the fingerprint of a user, which is a serious security and privacy issue. Security of original fingerprints is therefore extremely important. Ali et al. have designed a system for secure fingerprint biometrics; however, their technique has various limitations and is not optimized. In this paper, first we have proposed a secure technique which is highly robust, optimized, and fast. Secondly, unlike most of the fingerprint biometrics apart from the minutiae point location and orientation, we have used the quality of minutiae points as well to construct an optimized template. Third, the template constructed is in 3D shell shape. We have rigorously evaluated the technique on nine different fingerprint databases. The obtained results from the experiments are highly promising and show the effectiveness of the technique.

1. Introduction

Authentication is an extremely important mechanism to maintain in the present computerized world [1,2,3]. Life has become easier due to computerization; however, huge damage can be caused due to an insecure automated user authentication system [4,5]. Traditional authentication systems rely on tokens and passwords [6], though these techniques are highly popular; however, there are various limitations associated with them such as a token can be lost/stolen, the physical presence of the person getting authenticated is not compulsory, etc. In these systems, if the user credentials are compromised by an adversary then it may lead to huge damage to the user in terms of money (adversary can access the bank account of a user). Other than that, an adversary can even do something offensive (e.g., send a threatening message to anyone) by using the user’s credentials and then instead of the adversary, the user will be suspected. In such scenarios tracing down the culprit is also difficult [7]. There are various security and privacy challenges [8,9,10] with the traditional authentication systems and a highly secure authentication system is required [11]. The limitations of the traditional frameworks can be overcome by using biometrics, which is based on biometric traits of a human [12,13]. Biometric data of a human has gained immense popularity for user authentication and sensors are also easily available for presently [14]. Non-invasive biosensors are available for forensics, biometrics, and cybersecurity [15]. The use of biometrics for authentication provides many advantages [16] over conventional authentication methods and demands the physical presence of the person to be verified at the time of the authentication [17]. It is becoming popular for the Internet of Things [18].

In biometrics there are two main steps, enrollment and verification [19] that are as follows:

• Enrollment: From the data provided by the user a template is computed, which is saved in the repository/database to facilitate the user verification in future.
• Verification: Similar to the above step a user template is computed from the data provided by the user and then its similarity is computed with the template available in the repository. Depending on scores computed a person is verified.

Out of various biometric traits, the fingerprint is a highly popular one. It can also be used by light devices [20]. Nevertheless, there are many open issues where security is the prominent one related to fingerprint [21]. Multiple types of attacks are possible fingerprint-based biometrics, among which the compromising of the database is a disastrous one [22,23,24]. Various threats/attacks possible on secured fingerprint template present in the database and for which the proposed technique has been compared with the other state of the art techniques are given in [24].

Mostly, fingerprint-based biometric systems save the minutiae points (fingerprint features shown in Figure 1) as a template [25]. However, by using minutiae points, original fingerprint reconstruction is possible [26,27,28,29]. The cyberattacks are increasing day by day and an attacker can attack the biometric databases as well [7], hence it is important to secure the biometric data in biometrics as they cannot be revoked if leaked [30]. The compromised biometric data/features may have serious consequences and can lead to cross-matching attack [31,32].

As there are numerous issues related to fingerprint biometrics [33], there is a need for a highly secure fingerprint-based authentication method. Any secure biometric system is expected to depict the essential requirements [19,34] given below:

• Revocability: By the use of the same data (biometric features) provided by the user, it must be possible to construct multiple templates.
• Diversity: There must be no similarity among the different templates generated by using the same data of the user.
• Security: Original data provided by the user must never get compromised under any scenario.
• Performance: Due to security enhancement the recognition performance of the system should not get reduced.

To achieve the essential requirements mentioned above, the main concept used [24] is to transform the user data (biometric features) $UD$, provided by the user through a function F and a unique key for user $ke{y}_1$. Transformed template $F(UD,ke{y}_1)$ obtained after transformation is saved in the repository/database. In case the user template has been captured by the adversary, then through modification of the key from $ke{y}_1$ to $ke{y}_2$, a different template $F(UD,ke{y}_2)$ can be constructed. In this paper, a highly secure and optimized fingerprint-based biometrics has been proposed. The major contributions of the technique proposed in this paper are as follows:

• A completely secure template is constructed by using the features of the fingerprint provided by a user that depicts exceptional revocability, diversity, security, and recognition performance.
• Generally during minutiae extraction, there exists a problem of missing minutiae points. The proposed technique has shown good resistance against the missing minutiae points problem.
• The proposed technique exhibits superior recognition performance in comparison to other existing techniques and has achieved 0% equal error rate (EER).
• Rotation/translation of fingerprint on the fingerprint scanner leads to variation in the fingerprint images captured, the proposed technique is highly robust against such variations.
• Mostly the fingerprint-based authentication techniques generate a user template which is not optimized. The proposed technique uses the quality of minutiae points and generates a highly optimized user template.

The remaining paper is organized as follows. The literature review of the approaches available for biometric template recognition and protection is presented in Section 2. Section 3 represents the proposed technique. Section 4 contains the discussion of the experimental results. The last section summarizes the conclusions.

2. Literature Review

With various advantages biometric authentication has many challenges [22,33] as well. Various frameworks present in the literature for biometric template recognition and protection are mentioned below.

Cappelli et al. [35] transformed fingerprint of a user into a cylinder form known as Minutia Cylinder-Code (MCC). MCC is an efficient way to represent a fingerprint; however, it is insecure as it is an invertible technique. Ferrara et al. [36] proposed a non-invertible framework of [35], in which transformations are applied that are non-invertible in nature. However, it was observed that [36] is non-revocable. Ferrara et al. [37] have proposed an enhanced version of MCC, which depicts good revocability apart from being secure. By using $l_1$ minimization, matching in the encrypted domain for MCC has been designed by Liu et al. [38].

To classify the fingerprints Nurtantioet al. [39] proposed a decomposition based on the singular value which uses image compressing. Feng et al. [40] has introduced a hybrid framework for securing data. Trivedi et al. [41] have introduced a cancellable non-invertible fingerprint-based biometrics. Azzakhnini et al. [42] have proposed a scheme which relies on RGB-D data, user’s emotional state, ethnicity, and gender are recognized. Yang et al. [43] used the combination of scattering and convolutional networks for the estimation of age and expression. Balazia and Sojka [44] have designed a framework for recognition by using the motion of the user. Dave et al. [45] have designed an approach for human biometric data acquisition and recognition. Ilyas et al. [23] have designed an anti-spoofing framework for user age verification. Kumar et al. [46] have developed a framework for authentication by the combination of a symmetric hash function. Ganapathi et al. [47] have introduced a scheme for recognition that is based on the geometric descriptor.

By using the nearest k-neighborhood structure, Sandhya and Prasad [48] have designed a cancelable template. Sandhya et al. [49] have designed an approach that relies on the use of Delaunay triangles to obtain a cancelable template for a user. In order to secure the biometric data, Sandhya and Prasad [50] have introduced a technique that uses fused structures. Iula and Micucci [13] have validated the use of biometrics relying on ultrasound images. Nakanishi and Maruoka [14] have proposed a biometric authentication using electroencephalograms stimulated by ultrasound. To obtain cancelable templates Wang et al. [51] used transformation that is non-invertible on the binary fingerprint presentation. Derman and Keskinoz [52] have developed a method based on distortion rectification for authentication. Wang and Hu [53] secured the fingerprint features by designing a method that is based on the heavy many-to-one mapping, and Si et al. [54] have used the approach of dense registration. Many times, biometrics can be traced and due to this they are have been combined with the traditional techniques for better security in [20,55,56].

An alignment free framework has been proposed by Wang and Hu [57] through the use of the non-invertible transformation for securing the templates that are cancelable. Another alignment invariant technique based on minutiae triplet is designed by Ahn et al. [58]. Tran et al. [59] have designed a method based on hybrid matcher for user authentication. Wang et al. [60] used zoned minutia pair for local minutiae structure to design a scheme that computes cancelable user template. Boult et al. [61] have introduced Biotop biotoken, which are generated through encryption of user data. The fingerprint image is enhanced by Khan et al. in [62] by using anisotropic Gaussian. Ali et al. in [33] designed a technique in which secured fingerprint features are used, which has been further enhanced in [63]. Ali et al. [6] have designed a secure 3-dimensional secured user template through the relocation of minutiae points. The fingerprint features used are the translation/rotation variant.

Ali et al. [24] have proposed Polynomial Vault, in which they used polynomial functions and the fingerprint to generate a polynomial function which is treated a user template. In this technique, all the minutiae points of a fingerprint are used, due to which it is not optimized. Fingerprint shell [64] has been introduced by Moujahdi et al., in this technique, the template computed has a 2D shell shape structure. Based on [64], Ali and Prakash [65] proposed a technique with better recognition performance. However, features of a fingerprint are insecure in Fingerprint Shell [66], Ali et al. [7] designed a secure version of [64] which was a 3D fingerprint shell and was much more secure than the 2D fingerprint shell [64]. It is observed that the ridge count for different minutiae points (with respect to the singular point) is found to be different. Ali et al. used it in [31] and added high randomness to the generated user template.

The present frameworks for fingerprint-based biometrics are generally insecure and unoptimized. In some techniques, it is even possible to obtain the original biometric features information from the user template [7,64]. Apart from security, the available techniques usually use all the minutiae points for the template generation, leading to an unoptimized user template that makes the authentication system slow. Hence, in the proposed technique we have generated a highly robust and irreversible template for a user. The template generated by the proposed technique is a 3D shell and hence much stronger than a 2D fingerprint shell [7,64]. With other attributes of minutiae points of a fingerprint, we have used the quality of minutia point as well, leading to a highly secure and optimized user template. As only good-quality minutiae points (with better ridge termination or bifurcation [19]) are used, this makes the authentication system much faster. In case adversary gets the user template generated by the proposed technique, then it is not possible (computationally very hard) for the adversary to obtain the original fingerprint of a user from it; and the compromised user template can be easily replaced with a new template (very different from the compromised template) by changing the user keys.

3. Proposed Technique

In the proposed technique a secure and optimized user template is generated by using the secured features (explained below) of the fingerprint and a user key-set. The template generated by the proposed technique has a shell shape structure. This template is stored in the database at the time of enrollment for a user and is further used for the user verification. Figure 2 shows the overview of the proposed technique and a detailed description of it is given below.

Fingerprints are easy to capture and provide various advantages which make them suitable for the biometrics. A fingerprint mainly consists of ridges and valleys (shown in Figure 1). The points where these ridges have very high curvature are known as singular points; delta, core and arch are the major types. Usually, there can be up to four singular points in the fingerprint. The location of the singular point is its major attribute. Let us denote a singular point as Singular ($u_{sing}$, $v_{sing}$), where $u_{sing}$ is the value of the abscissa and $v_{sing}$ is the ordinate value. There is another type of special points in a fingerprint which are known as minutiae points. A minutia point is a point in a fingerprint where a ridge begins/ends or bifurcate. The major attributes of a minutia point are its location, orientation with respect to the abscissa axis (denoted u-axis in this paper), type (ridge bifurcation or starting/termination), and quality of a minutia point.

Let us denote the jth minutia point of a fingerprint as $Minuti{a}_j$ ($u_j$, $v_j$, $\varphi$, $t_j$, $q_j$), where $u_j$ is the abscissa value, $v_j$ is the ordinate value, $\varphi$ is the orientation of the minutia point with respect to abscissa axis, $t_j$ is the type of minutia, and $q_j$ is the quality of minutia point $Minuti{a}_j$. We have denoted abscissa axis as u-axis, ordinate axis as v-axis, and applicate axis as w-axis. Usually, only the location and orientation information of minutiae points are used as the template for a user and is directly saved into the database. As the attacker can attack the database and can generate the original fingerprint from the compromised template present in the database. Fingerprints are permanent and non-revocable, directly storing minutiae points is extremely dangerous. Most of the techniques generate a user template by using all the minutiae points. Such techniques usually use only the orientation, location, and type of minutia (ridge bifurcation or starting/ending) point information. Quality of minutia point is not used so extensively. We have taken the advantage of quality of minutia point information and used it as well for the generation of a secured template, by using key-set $\{k_1$, $k_2$, $k_3$, $k_4\}$. We have used only superior quality minutiae points for the template generation. This reduces the problem of missing minutiae points (as poor-quality minutiae points that leads to missing minutiae problem gets eliminated), which leads to a highly robust and optimized user template. In the proposed technique, in place of storing the insecure minutiae attributes, a transformed form of minutiae attributes is saved. The highly secured template generated is in the shape of a spiral shell.

3.1. Features Required for Template Generation

Following features of the fingerprint of a user are required for the template generation (Algorithm 1 contains the steps involved):

• Singular Point: Only the location of it is used.
• Minutiae Points: Their location, orientation, and quality are used. Instead of directly using the location of a minutia point, a secured location computed corresponding to it is used.
• Ridge Counts: Ridge counts, which are the number of ridges between minutiae points and a singular point are used. Instead of directly using the ridge counts, secured ridge counts are calculated, which are further used.

In fingerprint-based biometrics there are various issues related to the capturing of the fingerprint of a user that leads to intra-subject variance. During fingerprint capturing there can be rotation as well as the translation of the finger on the sensor, leading to rotational and translational variations. In order to avoid such effects, the rotation and translation invariant information present in a fingerprint are used which are given below:

• Secured distance between singular point and minutiae point. Let $di{s}_j$ be the distance between singular and the jth minutia point. It can be noted that $di{s}_j$ is rotation/translation invariant; however, it is not secure to directly use $di{s}_j$ because it is permanent and cannot be changed if compromised. Instead of using $di{s}_j$, a secured distance $sdi{s}_j$ is used, corresponding to jth minutia point. The secured distance $sdi{s}_j$ is generated with the help of $di{s}_j$, orientation of jth minutia, and the user keys $k_1$, $k_2$. This is pictorially shown in Figure 3.
• Secured ridge count between the singular and minutia point. Similar to above, it is not safe to directly use the ridge count between the jth minutia point and the singular point. Instead, a secured ridge count $sr{c}_j$ is calculated with the help of keys $k_1$, $k_2$. As shown in Figure 3.

The above features of a fingerprint are used for the generation of the user template along with a unique user key-set $k_1$, $k_2$, $k_3$, $k_4$. Following are the major steps required to construct a highly secure, robust, and optimized template for a user.

Algorithm 1 Secured Features Calculation.

Input:Thinned binary image of fingerprint: fthin,$Minuti{a}_j$ ($u_j$, $v_j$, ϕ, $t_j$, $q_j$) were j varies from 1 to total (total minutiae points present in the fingerprint), Singular Point $(u_{sing},v_{sing})$ and key-set $\{k_1$, $k_2$, $k_3$, $k_4\}$ Output:Ridge count: sdis and src (Secured features) for$j=1$to$total$do  $m=0$  if $q_j>$ = $threshol{d}_{value}$ then   $m=m+1$   $di{s}_m$=$\sqrt{{(u_j-u_{sing})}^2+{(v_j-v_{sing})}^2}$   $sdi{s}_m$=$\sqrt{di{s}_j^2+k_1^2+2(di{s}_j\times k_1\times cos(k_2+{\varphi }_j))}$   $sr{c}_m=0$   $u_j=u_j+k_1\times cos(k_2+{\varphi }_j)$   $v_j=v_j+k_1\times sin(k_2+{\varphi }_j)$   $orientation=\frac{v_j-v_{sing}}{u_j-u_{sing}}$   $step=v_j-orientation\ast u_j$   if $|u_j-u_{sing}|>=|v_j-v_{sing}|$ then    for $u=u_j$ to $u_{sing}$ do     $v=int(orientation\ast u+step)$     if $fthin(u-1,v-1)$ or $fthin(u-1,v)$ or $fthin(u-1,v+1)$ or $fthin(u,v-1)$ or $fthin(u,v)$ or $fthin(u,v+1)$ or $fthin(u+1,v-1)$ or $fthin(u+1,v)$ or $fthin(u+1,v+1)$ then      if $on-Ridge==\mathrm{false}$ then       $sr{c}_m=sr{c}_m+1$       $on-Ridge=\mathrm{true}$      end if     else      $on-Ridge=\mathrm{false}$     end if    end for   else    for $v=v_j$ to $v_{sing}$ do     $u=int\left(\frac{v-step}{orientation}\right)$     if $fthin(u-1,v-1)$ or $fthin(u-1,v)$ or $fthin(u-1,v+1)$ or $fthin(u,v-1)$ or $fthin(u,v)$ or $fthin(u,v+1)$ or $fthin(u+1,v-1)$ or $fthin(u+1,v)$ or $fthin(u+1,u+1)$ then      if $on-Ridge==\mathrm{false}$ then       $sr{c}_m=sr{c}_m+1$       $on-Ridge=\mathrm{true}$      end if     else      $on-Ridge=\mathrm{false}$     end if    end for   end if  end if end for $FeatureSet$ = $\left\{\right(sdi{s}_j$, $sr{c}_j)$|j = 1 → m, sorted with respect to sdis${}_j$}

3.2. Enrollment

During the enrollment process, the following steps are involved for the computation of a secure user template from the fingerprint of a user, with the help of a user key-set.

3.2.1. Extraction of Features

First, the fingerprint of a user is captured. From the fingerprint singular point, minutiae points, and the ridge count between them is obtained. Now instead of using all the minutiae points, only good-quality minutiae points and their ridge count from the singular point is used. This reduces the computations required for template generation and matching. Suppose m good-quality minutiae points are obtained from a fingerprint. From these minutiae points secured distances $sdi{s}_j$ and secured ridge counts $sr{c}_j$ (j varies from 1 to m) are computed, and sorted according to $sdj{s}_j$.

3.2.2. Template Generation

Algorithm 2 contains the computational steps involved for template generation. By using the secured distances $sdi{s}_j$ (j varies from 1 to m) and user key $k_3$ a spiral curve is constructed. We have secured distances $sdi{s}_1$, $sdi{s}_2$, …, $sdi{s}_m$ in sorted order, to these distances we add $k_3$ and get new distance set, i.e., $sdi{s}_1$+$k_3$, $sdi{s}_2$+$k_3$, …, $sdi{s}_m$+$k_3$. Now the spiral curved is formed in such a way that these distances forms contiguous right-triangles with $sdi{s}_j$ (j varies from 1 to m) as hypotenuse of the triangle, as shown in Figure 4. Base of first triangle has length $k_3$ and hypotenuse has length $sdi{s}_1$+$k_3$, base of second triangle has length $sdi{s}_1$+$k_3$ and hypotenuse has length $sdi{s}_2$+$k_3$; and so on it continues. As these secured distances are in sorted order, so the final curve formed is of a spiral/shell shape.

Algorithm 2 User Template Construction.

1: Input: Secured Features Set $(sdi{s}_1,sr{c}_1)$, $(sdi{s}_2,sr{c}_2)$, …, $(sdi{s}_m,sr{c}_m)$ and key-set $\{k_1$, $k_2$, $k_3$, $k_4\}$ 2: Output: Secure 3D Template (ST) 3: forj = 1 to m do 4:  /* Hypotenuses of the triangles */ 5:  $sdi{s}_j$ = $sdi{s}_j+k_3$ 6:  if j == 1 then 7:   $u_j$ = $k_3$ 8:   $v_j$ = $\sqrt{sdi{s}_j^2-k_3^2}$ 9:   ${\theta }_j$ = $ta{n}^{-1}\left(\frac{v_j}{u_j}\right)$ 10:  end if 11:  if $j>1$then 12:   /* Angle between axis of abscissas and hypotenuse */ 13:   ${\theta }_j$ = ${\theta }_{j-1}+si{n}^{-1}\left(\frac{\sqrt{{\left(sdi{s}_j\right)}^2-{\left(sdi{s}_{j-1}\right)}^2}}{sdi{s}_j}\right)$ 14:   $u_j$ = $sdi{s}_j\times cos\left(\theta \right)$ 15:   $v_j$ = $sdi{s}_j\times sin\left(\theta \right)$ 16:  end if 17: end for 18: forj = 1 to m do 19:  /* 2D to 3D conversion */ 20:  $w_j$ = $sr{c}_j\times k_4$ 21: end for 22: /* Calculation of $k_{combined}$ */ 23: $k_{combined}$ = $\lfloor k_1\rfloor +\lfloor k_2\rfloor \times \left(2^{16}\right)+\lfloor k_3\rfloor \times \left(2^{32}\right)+\lfloor k_4\rfloor \times \left(2^{48}\right)$ 24: forj = 1 to m do 25:  /* Enhancement of Template */  $\left[\begin{array}{ccccc}{u}_j& & v_j& & w_j\end{array}\right]$ = $\left[\begin{array}{ccccc}{u}_j& & v_j& & w_j\end{array}\right]\times \left[\begin{array}{ccc}cos\left(k_2\right)& sin\left(k_2\right)& 0\\ -sin\left(k_2\right)& cos\left(k_2\right)& 0\\ 0& 0& 1\end{array}\right]\times \left[\begin{array}{ccc}cos\left(k_4\right)& 0& -sin\left(k_4\right)\\ 0& 1& 0\\ sin\left(k_4\right)& 0& cos\left(k_4\right)\end{array}\right]$  $\left[\begin{array}{c}{u}_j\\ v_j\\ w_j\end{array}\right]$ = $\left[\begin{array}{c}{k}_{combined}\times sin\left(k_4\right)\times sin\left(k_2\right)\\ k_{combined}\times cos\left(k_4\right)\\ k_{combined}\times sin\left(k_4\right)\times cos\left(k_2\right)\end{array}\right]$+$\left[\begin{array}{c}{u}_j\\ v_j\\ w_j\end{array}\right]$ 26: end for 27: /* User Template (3-D Spiral Curve) */ 28: $SUT$ = $\left\{\right(u_j$, $v_j$, $w_j)$|j = $1\to m\}$

Right now, the curve is two-dimensional, now corresponding to each distance $sdi{s}_j$+$k_3$ (j varies from 1 to m) in the user curve, the applicate value is updated to $k_4$ times $sr{c}_j$ (j varies from 1 to m). This converts the two-dimensional user template into a three-dimensional secured user template, as shown in Figure 5a.

It can be observed that the center of the curve generated for different users is the origin. This is not an optimized use of the three-dimensional space. To avoid this the curves of different users can be relocated to new different locations with the help of user key $k_2$, $k_4$ and a new key $k_{combined}$, which is the generated from $k_1$, $k_2$, $k_3$, and $k_4$. Key $k_{combined}$ is a 64-bit key generated from the integral values of $k_1$, $k_2$, $k_3$, and $k_4$, as shown in Figure 6. Using $k_2$, $k_4$, and $k_{combined}$, the user curve is rotated and translated to a new location as shown in the Figure 7. The 3D transformed curve is in the form as shown in Figure 5b. If a user template is leaked, a very different template can be constructed by altering the key-set value as depicted in Figure 8.

This is the final user template, if there is more than one singular point, then with respect to each singular point a template is computed and stored in the database.

3.3. Template Matching for Verification

To verify a user, a template is generated by following the above steps (same as during the enrollment), which is compared with the one present in the database. To compare the two templates Hausdorff distance is calculated. Hausdorff distance (HD) [67] is a popular matrix used for comparison in the field of computer vision. The Hausdorff distance between a set of points K and L is calculated as given below.

$$HD(K,L)=max\left[hdis\right(K,L),hdis(L,K\left)\right]$$

$$hdis(K,L)=\underset{k\in K}{max}\underset{l\in L}{min}\left(DisMat(k,l)\right)$$

Here $DisMat(k,$$l)$ can be any distance matrix such as Manhattans distance, Euclidean distance etc. We have used Euclidean distance for calculation of Hausdorff distance. Lesser the Hausdorff distance means that the templates are highly similar.

4. Experimental Results and Discussion

To evaluate the efficiency of the proposed technique, we have used nine different databases. These are FVC2000 DB1, FVC2000 DB2, FVC2002 DB1, FVC2002 DB2, FVC2002 DB3, FVC2002 DB4, FVC2004 DB1, FVC2004 DB2, and IIT Kanpur (large database) [7,24] fingerprint databases. All contain 800 images obtained from 100 fingers (8 samples per finger), except IIT Kanpur database. IIT Kanpur database has 5512 fingerprint images taken from 1378 fingers (4 samples per finger). It must be noted that all databases are of moderate size; however, the IIT Kanpur database is a large size database. NIST Biometric Image Software (NBIS) [68] has been used for the minutiae points extraction. Arch-type singular points are captured by the method given in [69] and for other types, the method given in [70] is used. A processor (Intel(R) Core(TM) i5-2400 CPU @ 3.1 GHz (Intel, Santa Clara, CA, USA )) with 4 GB RAM has been used for experimentation. Kolmogorov–Smirnov (KS) test has been used to statically analysis imposter and genuine scores. This test gives the output value in the range of zero to one, a value near one means better separation [71]. The important quantities [16,47,72] that are calculated have been listed below:

• False Acceptance Rate (FAR): Percentage of time an attacker is recognized as a genuine user.
• False Rejection Rate (FRR): Percentage of time a genuine user is not recognized as a genuine user.
• Equal Error Rate (EER): FRR or FAR value, when they both are equal.
• FAR${}_{1000}$: FRR value when the FAR value is 0.001%.
• Zero${}_{FAR}$: Least value of FRR, when the FAR value is zero.
• Genuine Acceptance Rate (GAR): It is the percentage of time a genuine user is recognized correctly as a genuine user.

FVC protocol [73] and 1 vs. 1 [7] protocol has been used for the evaluation. In FVC and 1 vs. 1 protocol, to compute FAR, the first sample of every subject is matched with the first sample of all other subjects. To calculate FRR in FVC protocol, each sample of every subject is matched with every other sample of the same subject. However, to calculate FRR in 1vs1 protocol, two samples of every subject are compared with each other. The proposed technique has been rigorously tested for revocability, diversity, security, and performance; which is given below in detail.

4.1. Revocablility and Diversity

A technique is called revocable if it can generate multiple templates from the same information. This provides the liberty to change the compromised user template in case of the security breach. To check this we have generated multiple templates for the same fingerprint by altering the key-set {$k_1$, $k_2$, $k_3$, $k_4$} values. It was observed that these templates are quite different from each other. This can be pictorially seen from Figure 8. Though the two templates have been computed from the same fingerprint, they are totally different from one another as the key-set values {$k_1$, $k_2$, $k_3$, $k_4$} used to generate them are different.

A technique is diverse if the templates computed from different key-sets and the same user data are non-linkable. To check this we have evaluated the proposed technique for the revoked template attack for the two scenarios given below:

• Attack Scenario I: Attacker possess the user template, compromised by attacking the database. A new template for the user is constructed by using the same fingerprint sample of the user with different user key-set values.
• Attack Scenario II: Attacker possess the old template, compromised by attacking the database. A new user template is computed by using the different fingerprint sample of the same user with different user key-set values.

The results obtained for the above are given in

Table 1. Revoked template attack (successful attacks in percentage), proposed technique can overcome it efficiently.

Database	Ali and Prakash [7]		Ali et al. [31]		Proposed Technique
	Scenario I	Scenario II	Scenario I	Scenario II	Scenario I	Scenario II
FVC2000 DB1	0.00	0.00	0.00	0.00	0.00	0.00
FVC2000 DB2	0.00	0.00	0.00	0.00	0.00	0.00
FVC2002 DB1	0.00	0.00	0.00	0.00	0.00	0.00
FVC2002 DB2	0.00	0.00	0.00	0.00	0.00	0.00
FVC2002 DB3	0.00	0.00	0.00	0.00	0.00	0.00
FVC2002 DB4	0.00	0.00	0.00	0.00	0.00	0.00
FVC2004 DB1	0.00	0.00	0.00	0.00	0.00	0.00
FVC2004 DB2	0.00	0.00	0.00	0.00	0.00	0.00
IIT KANPUR	0.00	0.00	0.00	0.00	0.00	0.00

. It is clear from the results that the proposed technique can handle revoked template attack efficiently and there will not be any security breach in case of revoked template attack by an adversary. This also demonstrates its resistance towards the crossmatch attack [7], and if the template of a user is compromised in any application, in that case, the other applications will not get affected due to it. Hence the proposed technique is revocable and diverse.

4.2. Security Analysis

Attack on a database is a big threat, as user templates are present in the database. And by using the user template from the compromised database, an adversary can obtain the original biometric features of a user. Biometric features are non-revocable, hence, a technique is considered to be secured if it is very hard or computationally almost impossible to get the original fingerprint by using the compromised template.

In the case of the proposed technique, if the template as well as the key-set are compromised, then it is not possible to generate the original fingerprint of a user by using it. a And as we can observe by reversing Algorithm 2 that at most an adversary can get the secured distances and ridge counts only, and no other information an adversary can get.

As we know that to construct the original fingerprint of a user the minutiae points location and orientation are essential [26,27,28,29]. In the proposed technique the orientation information is not stored anywhere, so the adversary cannot get the minutiae points orientation information. Now it is not possible for the adversary to get the location of a minutia point as well, they can only get the secured distance and ridge count. It must be noted that the secured distance and ridge count between minutia and the singular point is revocable in nature; hence even if an adversary gets this information, we can revoke it. Another thing to notice is that as the proposed technique generates an optimized user template with good-quality minutiae points (with quality value more than a particular threshold). This eliminates the poor-quality minutiae points, which further reduces the information. As no important information adversary can get from the user template by which the original fingerprint can be reconstructed, so the proposed technique is extremely secure.

4.3. Performance

To evaluate of the recognition performance, we have generated the user key-set value randomly from the given key range values; $k_1$$\in [0,40]$, $k_2$$\in [0,360]$, $k_3$$\in [0,50]$, and $k_4$$\in [0,360]$. Similar results were obtained for other key range values also (more than 1000 different key-set ranges).

Table 2. Comparison of the EER values of the proposed technique with the other techniques by following the FVC protocol (values are in percentage).

Techniques	FVC2000 DB1			FVC2000 DB2			FVC2002 DB1			FVC2002 DB2			FVC2002 DB3			FVC2002 DB4			FVC2004 DB1			FVC2004 DB2			IIT Kanpur (Large Database)
	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$
Cappelli et al. [35]	-	-	-	-	-	-	1.64	1.00	3.18	0.68	0.49	0.89	7.18	3.14	8.96	5.75	3.00	7.46	-	-	-	-	-	-	-	-	-
Kumar et al. [46]	-	-	-	-	-	-	-	-	-	-	4.98	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
Derman and Keskinoz [52]	-	-	-	-	-	-	-	6	-	-	6	-	-	14	-	-	7	-	-	-	-	-	-	-	-	-	-
Ali and Prakash [19]	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	0.001	-
Ferrara et al. [36]	-	-	-	-	-	-	3.14	1.88	5.07	1.43	0.99	2.54	10.04	5.24	12.43	9.75	4.84	11.89	-	-	-	-	-	-	-	-	-
Moujahdi et al. [64]	-	-	-	-	-	-	4.18	2.03	6.36	1.39	1.01	2.21	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
Ali and Prakash [65]	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	0.001	-
Ferrara et al. [37]	-	-	-	-	-	-	3.1	2.0	4.3	1.3	1.1	1.4	8.4	4.4	11.8	5.0	3.1	6.6	6.8	3.0	9.1	-	-	-	-	-	-
Ahn et al. [58]	-	-	-	-	-	-	-	7.18	-	-	3.61	-	-	11.80	-	-	11.46	-	-	-	-	-	-	-	-	-	-
Khan et al. [62]	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	9.03	-	-	9.71	-	-	-	-
Si et al. [54]	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	1.96	0.89	3.36	-	-	-
Boult et al. [61]	-	2.9	-	-	2.5	-	-	2.1	-	-	1.2	-	-	-	-	-	-	-	-	8.6	-	-	7.5	-	-	-	-
Ali et al. [31]	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
Ali and Prakash [7]	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
Tran et al. [59]	-	-	-	-	-	-	-	-	-	0.67	0.49	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-	-
Proposed Technique	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0

Note: “-” means that the results are not reported by the authors of those technique.

contains the comparison of EER values for the FVC protocol, and the comparison of the EER values, following the 1vs1 protocol is given in

Table 3. Comparison of the EER values of the proposed technique with the other techniques by following the 1vs1 protocol (values are in percentage).

Techniques	FVC2002												IIT Kanpur (Large Database)
	DB1			DB2			DB3			DB4
	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$	FMR${}_{1000}$	EER	Zero${}_{\mathbf{FMR}}$
Sandhya et al. [49]	-	0	-	-	0	-	-	1.65	-	-	-	-	-	-	-
Cappelli et al. [35]	0	0	0	0	0	0	3	2	5	5	3.48	5	-	-	-
Sandhya et al. [50]	-	0	-	-	0	-	-	1.65	-	-	-	-	-	-	-
Ferrara et al. [36]	0	0	0	0	0.02	1	4	3.43	5	9	3.37	11	-	-	-
Sandhya et al. [48]	-	0	-	-	0	-	-	3.65	-	-	-	-	-	-	-
Ali et al. [33]	-	0	-	-	0	-	-	0	-	-	-	-	-	-	-
Liu and Zhao [38]	0	-	0	0	-	0	-	-	-	-	-	-	-	-	-
Ali et al. [31]	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
Ali and Prakash [7]	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0
Proposed Technique	0	0	0	0	0	0	0	0	0	0	0	0	0	0	0

Note: “-” means that the result is not reported by the authors of the technique, for that particular database.

. The proposed technique has achieved 0% EER for the different-different type of fingerprint databases. The proposed technique has shown better performance than the other existing techniques, hence, the proposed technique is highly accurate in discriminating the genuine user and an imposter, as it used the secured features, as well as the user template generated, is highly optimized.

In [7,31] user template is generated by using all the minutiae points (good as well as bad quality minutiae point) of the fingerprint; however, the proposed technique uses only good-quality minutiae points leading to a much-optimized user template. The time taken by the proposed technique has been compared with other techniques in

Table 4. Average time taken comparison of various techniques (values milliseconds).

Techniques	Template Generation	Template Matching
Ali et al. [31]	79	1.5
Ali and Prakash [7]	73	1.4
Ali et al. [33]	253	48.8
Moujahdi et al. [64]	52	0.9
Jun et al. [74]	5257	14.8
Proposed Technique	48	0.8

. The techniques present in Table 4 have been implemented either on a faster processor with more RAM or on a similar processor on which the proposed technique has been implemented. The average time taken for the template generation is 48 milliseconds and 0.8 milliseconds for template matching which is much better than the other techniques and due to this, the proposed technique can be used for light devices as well. As the proposed technique only uses good-quality minutiae points, it reduces the computations involved, which makes it a highly optimized technique, and Figure 9 pictorially depicts it is this which shows the efficiency of the proposed technique in terms of time taken.

It can be observed from Table 2 that FVC2002 DB1, DB2, and DB3 are the most extensively used databases, and we know that IIT Kanpur is a large database [7]. Hence, for the rest of the analysis, these databases have been chosen. The KS test values obtained for FVC2002 (DB1, DB2, and DB3) and IIT Kanpur fingerprint databases are shown in

Table 5. KS test values comparison.

Techniques	IIT Kanpur	FVC2002 DB1	FVC2002 DB2	FVC2002 DB3
Sandhya et al. [48]	-	1	1	0.93
Moujahdi et al. [64]	-	0.9934	-	-
Sandhya et al. [50]	-	1	1	0.93
Ali et al. [31]	1	1	1	1
Ali and Prakash [7]	1	1	1	1
Sandhya et al. [49]	-	1	1	0.9691
Proposed Technique	1	1	1	1

. As the KS test value ranges between 0 to 1, and the value closer to 1 means better separation between the genuine user and the imposter, so it can be observed that the proposed technique has good separation between the genuine and the imposter scores; as it achieved KS test value as 1. Figure 10 depicts the superior performance of the proposed technique for the KS test.

The ROC curve shows the relationship between FAR and GAR. The better value of GAR for different values of FAR means a better performing framework. The ROC curve plots obtained using FVC protocol on FVC2002 (DB1, DB2, and DB3) and IIT Kanpur fingerprint databases are shown in Figure 11. It can be observed that the ROC curve plots obtained for the proposed technique are highly encouraging, hence, the performance of the proposed technique is exceptionally and achieved 100% accuracy [31].

As the proposed technique uses the secure fingerprint features and uses only good-quality minutiae points for the template generation, from the experimental results it can be concluded that the proposed technique is highly robust and is extremely efficient in terms of user recognition.

5. Conclusions

There are various issues related to security and privacy in the fingerprint-based authentication systems. In an insecure fingerprint-based biometrics, an adversary can even reconstruct the original fingerprint of a user. Ali et al. in [31] have designed a framework for a secure fingerprint-based biometrics; however, the technique proposed by them has various limitations. In this paper, a highly robust technique is proposed that constructs an efficient and optimized user template, which has a shape of the 3D spiral curve. Only good-quality minutiae points have been used for the template construction. All the features used to generate the user template are secure as well as revocable. The proposed technique is fast and can generate user template in just 48 milliseconds and for matching the template it requires only 0.8 milliseconds. The proposed technique achieved 0% EER as well. Nothing useful about the original fingerprint of the user can be obtained by adversary even after getting the user template. The technique designed is found to be extremely efficient with respect to revocability, diversity, security, and performance.

In future, we would like to extend the proposed technique for touch-less 3D fingerprint and sensor interoperability; so that it can work with different types of sensors during verification. We will analyze the proposed technique in terms of entropy [75,76,77,78,79] and will compare with other authentication modules [72,80,81]. It will be interesting to combine the other biometric traits in the human body with the proposed technique to develop a multi-modal biometric system. We would also like to use other fingerprint features such as ridge density, texture, etc. with the proposed technique.