User authentication with biometric data (a biometric), e.g., speech, a fingerprint, iris appearance is an alternative to conventional typed passwords. The biometric does not need to be memorized, and is difficult to replicate. However, the biometric is inherently subject to noise, and can have some variation from one measurement to another, which makes biometric authentication more challenging than conventional password-based methods.
That problem can be solved in part by storing reference biometrics accessible by an authentication device. Then, pattern matching can be used to compare current biometrics to be authenticated with the reference biometrics. However, that method can become a security threat when the reference biometrics are compromised.
Another method to solve this problem by using “cancelable” biometrics, wherein biometric templates are generated using a specific transformation of the biometric, and the templates can be revoked at any time. However, it is difficult to guarantee security if the cancelable transformation is compromised. Further, it is difficult to provide provable security guarantees for cancelable transformations.
An error correction code (ECC) can correct small variations in biometric data due to noise. Furthermore, check bits of the ECC emulate a cryptographic hash of conventional password systems in the sense that, given only the check bits, the biometric data cannot be recovered. However, state of the art methods based on ECC have a high false reject rate (FRR) because it is difficult to accommodate the variation of biometric samples across different measurements taken from a particular user. Therefore, it is difficult to design an ECC for the noisy channel between biometric measurements.
The problem was partially remedied in the context of fingerprint biometrics by the related patent applications. There, after feature transformation of the fingerprint, the biometric channel, i.e., the noisy channel between biometric measurements from a given user, is reduced to a binary symmetric channel (BSC). The advantage of this approach is that standard ECCs are readily available for the BSC.
Accordingly, it is desired to transform the biometrics before storage in such a way that the original biometric cannot be recovered from the stored information alone, but the stored information can later be combined with a probe biometric to reliably identify or authenticate a particular user.