Biometric authentication is currently used as user authentication. In biometric authentication, whether an authentication target user is a registered user is determined based on a physical feature or a behavioral feature of the authentication target user. Examples of the physical feature include a finger print, veins, and an iris, and examples of the behavioral feature include handwriting. In biometric authentication, when registration processing is performed on a user, a biometric feature code that represents a physical feature or a behavioral feature of the user is generated, and a template based on this biometric feature code is registered in a database. When matching processing is performed on a user, a biometric feature code that represents a physical feature or a behavioral feature of the user is generated, and whether the user is registered is determined by using this generated biometric feature code and the corresponding template in the database.
Unlike user IDs, passwords, etc. that can easily be changed when leaked, biometric feature codes cannot easily be changed. Thus, when a biometric authentication system is configured, it is preferable to reduce the risk of leakage of biometric feature codes from the biometric authentication system. There has been proposed template-protection-type biometric authentication as one mode of a biometric authentication method capable of protecting the biometric feature codes.
In the template-protection-type biometric authentication, a biometric feature code itself is not included in an individual template. Instead, data obtained by converting a biometric feature code on the basis of a conversion parameter is included in an individual template. In the template-protection-type biometric authentication, even if a template is leaked, it is difficult to restore the original biometric feature code from a template. In addition, since a different template can be created from the same biometric feature code by changing the conversion parameter, the leaked template can be made invalid.
As one mode of the template-protection-type biometric authentication, biometric encryption such as a fuzzy commitment has been proposed. In a fuzzy commitment, when registration processing is performed on a user, a registration biometric feature code is masked on the basis of secret information such as a password or a secret key, and the masked data is registered in a database. In addition, a hash value of the secret information is registered in the database. When matching processing is performed on the user, the secret information is restored by using a biometric feature code generated in the matching processing and the masked data registered in the database. A hash value of the restored secret information is compared with the hash value registered in the database, so as to determine whether the user is a registered user.
In addition, a fuzzy commitment scheme for generating a fuzzy commitment from an input pattern has been proposed. According to the proposed fuzzy commitment scheme, one of a plurality of codewords associated with an error-correcting code is randomly selected, and an input pattern received from a user is mapped to the selected codeword. According to the fuzzy commitment scheme, an offset between the input pattern and the selected codeword is calculated, and a hash of the selected codeword is calculated.
In addition, an authentication device capable of protecting a template used in biometric authentication has been proposed. The proposed authentication device divides a single template into a plurality of partial templates on the basis of an error-correcting code. The authentication device embeds the plurality of partial templates in a biometric authentication object on the basis of the error-correcting code to obfuscate the template. The authentication device transmits the biometric authentication object including the obfuscated template.
There has also been proposed a biometric authentication system capable of preventing a spoofing attack even if a template and key information are leaked. In the proposed biometric authentication system, when registration processing is performed on a user, a registration device acquires a registration biometric feature code and issues key information. The registration device generates the exclusive OR of the registration biometric feature code, the key information, and a randomly selected authentication parameter as a template and transmits the key information to the terminal device. When matching processing is performed, an authentication device acquires a biometric feature code for matching. In addition, the terminal device generates the exclusive OR of a randomly selected masked value and key information as secret key information and transmits the secret key information to the authentication device. The authentication device generates the exclusive OR of the matching biometric feature code, the template, and the secret key information as an error-corrected information and transmits the error-corrected information to the terminal device. The terminal device generates the exclusive OR of the error-corrected information and the masked value as authentication target information and transmits this information to the authentication device. The authentication device determines whether to authenticate the user on the basis of the degree of coincidence between the authentication target information and the authentication parameter.
See, for example, the following documents:
International Publication Pamphlet No. WO00/51244;
International Publication Pamphlet No. WO2006/093238;
International Publication Pamphlet No. WO2012/042775; and
Ari Juels and Martin Wattenberg, “A fuzzy commitment scheme”, Proc. of the 6th ACM (Association for Computing Machinery) conference on Computer and Communications Security, pp. 28-36, 1999.
However, according to the technique discussed in Non-Patent Literature 1, a biometric feature code itself generated in the matching processing is used for calculation with a template. In addition, according to this technique, when a user is authenticated, accurate secret information is restored. Since the masked data included in a template is data obtained by masking a registration biometric feature code on the basis of secret information, an authentication device could estimate the registration biometric feature code from the restored secret information and the template. Thus, if a malicious administrator or attacker fraudulently operates the authentication device, biometric feature codes could be leaked.