Privacy-preserving model for biometric-based authentication and Key Derivation Function

Bio-cryptosystems often save the biometric template for authentication and generally employ randomly generated keys to encrypt and sign data. This method raises privacy protection concerns. Furthermore, for a system secured by the usage of a cryptographic key, losing the key often has disastrous consequences. To overcome the privacy issues, and allow the secure recovery of lost keys, we design a Key Derivation Function to extract a key from biometric data: a new method - based on clustering algorithms - detects consistent and discriminative features from biometric characteristics to create a code. Then, HMAC-SHA256 (as specified by the National Institute of Standards and Technology) generates a standard key from the code. To reproduce the code at future times (that also serves for authentication), the Key Derivation Function stores helper data with the guarantee of privacy. Indeed, with a private face dataset, the probability of generating the code with only the helper data is less than 2-300, and less than 2-246 for a subset of the YouTube Face database. Moreover, on the private database and the tested users from the YouTube Face database, our system has a false acceptance rate of 0%. It corrects up to 40.3% of noise levels on the private database and has good management of the inter-user variability.