Vision researcher Terrence E. Boult has identified what he calls the “Biometric dilemma” – the more we use biometrics the more likely they will be compromised and hence become useless for security.
This is a hugely important observation – the necessary starting point for all thinking about biometrics. I'd even call it a law.
Terrence was responding to a piece by Sean Convery that picked up on my post about reversing biometric templates. Terrence went on to call our attention to more recent work, including some that details the reversibility of fingerprint templates.
On the very sober end of things, Terrence cites:
A. Ross, J. Shah and A. K. Jain, â€œFrom Template to Image: Reconstructing Fingerprints From Minutiae Points,â€ IEEE Transactions on Pattern Analysis and Machine Intelligence, Special Issue on Biometrics, Vol. 29, No. 4, pp. 544-560, April 2007.
Pranab Mohanty, Sudeep Sarkar, Rangachar Kasturi, â€œ/From Scores to Face Template: A Model-based Approach/â€, To appear in IEEE Journal of Pattern Analysis & Machine Intelligence (PAMI)
Pranab Mohanty, Sudeep Sarkar, Rangachar Kasturi, â€œ/Privacy &
Security Issues Related to Match Scores/â€, IEEE Workshop on
Privacy Research In Vision, CVPRW, 2006. *(PDF)
On what he calls “a more positive note”, he says there are many people working on cancelable or â€œrevocable biometricsâ€, as discussed in:
T. E. Boult, â€œRobust distance measures for face recognition supporting revocable biometric tokensâ€, IEEE Conf. on Face and Gesture, April 2006. http://vast.uccs.edu/~tboult/vast.uccs.edu/~tboult/PAPERS/Boult-IEEEFG06-preprint.pdf
T.E. Boult, W.J. Scheirer and R. Woodworth, â€œRevocable Fingerprint Biotokens: Accuracy and Security Analysisâ€, IEEE Conf. on Computer Vision and Pattern Recognition, June 2007.
Cancelable biometric filters for face recognition
Savvides, M.; Vijaya Kumar, B.V.K.; Khosla, P.K.
ICPR 2004. 922 – 925 Vol.3
Like Sean, I don't see how the techniques discussed in the IBM paper above can be immune to Andy Adler's attack, in which a large number of photos are put through the same transformation as a target photo and optimized for best match. And if this is the case, how can a biometric really be revocable? But I'm just starting to read this collection of new papers.
BTW, I suggest you check out Sean Convery's blog.