An approach to matching fingerprints using cryptographic one-way hashes

Abstract

Password-based systems authenticate users with cryptographic one-way hashes without storing plaintext passwords. The method prevents a hacker from reversing the hashes and hacking into individual accounts easily. Biometric data cannot be reproduced with 100% accuracy. Therefore, the hashing technique has yet to be utilised directly to secure biometric data. Instead, biometric system manages biometric data in two ways. The first is to store original biometric templates in encrypted formats. However, real-time decryption is required upon authentication during which decrypted data can be stolen. The second is to transform original templates such that matching can be done directly in the transformed domain. However, the requirement of similarity-preserving transformation makes the transformed templates vulnerable to reverse engineering. In this paper we propose a novel approach of transforming fingerprint templates, with which matching can be conducted using cryptographic one-way hashes. Our testing results indicate its feasibility.