|
The objective of this project is to investigate the security of fingerprint authentication systems, especially those using partial fingerprints. A number of consumer electronic devices, such as smartphones, are beginning to incorporate fingerprint sensors for user authentication. The sensors embedded in these devices are generally very small and the resulting images are, therefore, limited in size. To compensate for the limited size, these devices often acquire multiple partial impressions (templates) of a single finger during enrollment to ensure that at least one of them will successfully match with the image obtained from the user during authentication. In some cases, the user may even be allowed to enroll multiple fingers, and the templates pertaining to these multiple fingers are associated with the same identity (i.e., one user). A user is deemed to be successfully authenticated if the partial fingerprint obtained during authentication matches with any one of the stored templates.
This project is investigating the possibility of generating a "Master Print," a synthetic or real partial fingerprint that serendipitously matches with a large number of partial impressions pertaining to multiple users. This is akin to having a Master Password that can unlock a diverse set of user accounts. In this regard, the following tasks are being conducted: (a) Analyzing the vulnerability of fingerprint authentication systems that use partial fingerprints by developing methods to generate Master Prints; (b) Models for computing the distinctiveness or uniqueness of partial fingerprints compared to full prints; (c) Methods for mitigating the vulnerability associated with the adversarial use of Master Prints.
|
TWC: Small: Collaborative: The Master Print: Investigating and Addressing Vulnerabilities in Fingerprint-based Authentication Systems