In this review, biometric systems are studied from an information theoretical point of view. In the first part biometric authentication systems are studied. The objective of these systems is, observing correlated enrollment and authentication biometric sequences, to generate or convey as large as possible secret keys by interchanging a public message, while minimizing privacy leakage. Here privacy leakage is defined as the amount of information that this public message contains about the biometric enrollment sequence. In this setting also the secrecy leakage, that is, the amount of information the public message leaks about the secret key, should be negligible. Next identification biometric systems are investigated. These systems should be able to identify as many individuals as possible while being able to assign as large as possible secret keys to each individual and again minimize the privacy leakage. To realize these systems public reference data are stored in the database. Leakage is defined with respect to these reference data. For all these biometric systems fundamental limits are determined in the current work. Finally, a popular practical construction for biometric systems, fuzzy commitment, is analyzed with respect to both its theoretical performance and performance related to the code choice.
The issue of biometric security has become a major research area recently. While systems based on iris-recognition, DNA analysis and fingerprinting are being deployed there are instances where these alone cannot provide fool-proof security. Biometric Security from an Information-Theoretical Perspective provides an overview of the state-of-the-art of biometric security systems. Using information theoretic techniques it discusses some of the most promising methods to provide practical, but safe systems.
Biometric Security from an Information-Theoretical Perspective studies a number of problems related to the design of biometric secrecy systems for both authentication and identification. First, it reviews the problem of secret sharing in order to set theoretical grounds for the subsequent discussion of secret-key rates and privacy leakage in biometric secrecy systems. Biometric authentication systems are discussed in depth using discrete and Gaussian biometric sources, before describing biometric identification techniques in detail. Since biometric data are typically used for both identification and authentication purposes, the trade-off between identification, secret-key and privacy-leakage rates are determined. Finally, practical considerations are treated. The realization of binary biometric authentication systems with chosen secret keys, called fuzzy commitment, is analyzed. It concludes by investigating how binary quantization of biometric sequences influences the performance of biometric secrecy systems with respect to secret-key rates and privacy leakage.
Biometric Security from an Information-Theoretical Perspective is an in-depth review of the topic which gives the reader an excellent starting point for further research.