Biometric authentication is a personal authentication technique using information on physical and behavioral characteristics of persons. The physical characteristics include fingerprints, veins, irises, and DNAs, for example. The behavioral characteristics include handwriting, for example. The biometric authentication is executed by acquiring biometric information called a template in advance and comparing the biometric information with information acquired by a sensor upon matching.
In recent years, attention has been paid to a biometric authentication technique for comparing information obtained by converting a template and stored in a database with biometric information without the restoration of the converted information to the original template upon matching. This biometric authentication technique is referred to as a “template-protected biometric authentication technique”. In a system using the template-protected biometric authentication technique, even if a converted template leaks, a conversion method is changed to another method that makes the leaked template unusable and avoids access to the leaked template.
As template-protected biometric authentication techniques, template protection schemes that are referred to as key binding schemes are known. As one of the key binding schemes, there is a key binding scheme by lattice element addition. In the key binding scheme by lattice element addition, a determination matrix that includes a threshold to be used to determine the similarity between data to be matched and registered data is defined in advance, for example. In the key binding scheme by lattice element addition, a template is generated by using the determination matrix or the like to conceal biometric information to be registered, and the determination matrix and the template are stored in a database. In the key binding scheme by lattice element addition, data is generated by using the determination matrix or the like to conceal biometric information to be matched, and a remainder vector that indicates a remainder obtained by division using the determination matrix as a divisor is calculated from the generated data and the template. Then, in the key binding scheme by lattice element addition, whether or not the biometric information to be matched is sufficiently close to the registered biometric information is determined. Examples of related art are Japanese Laid-open Patent Publication No. 2010-108365, Japanese Laid-open Patent Publication No. 2010-146245, Japanese Laid-open Patent Publication No. 2014-95878, and International Publication Pamphlet No. WO2012/056582.
In the conventional key binding scheme by lattice element addition, the registered biometric information and the biometric information to be matched are expressed by vectors, and the determination is made using the following standard: if “the biometric information to be matched is sufficiently close to the registered biometric information”, “differences between components of the vectors are equal to or smaller than a threshold”. On the other hand, in biometric authentication, standards that are different for types of biometric information and are, for example, Hamming distances between vectors, square norm distances between the vectors, and the like are used for the determination of similarities between the biometric information without the use of differences between components of the vectors in general.
In the conventional key binding scheme by lattice element addition, however, various standards that are different for types of biometric information are not supported, types of biometric information that are applicable are limited, and if a standard is forcibly applied, the accuracy of the authentication may be reduced.
The aforementioned problems may occur not only in the authentication of biometric information but also in general authentication executed based on similarities between data to be matched and registered data. The data to be matched and the registered data may be numerical information such as positional information or confidential information.
According to one aspect, an object is to provide a concealed data matching device, a concealed data matching program, and a concealed data matching method that may improve the accuracy of authentication.