Equating Biometric Entropy

This research is being conducted as a part of a Masters thesis by Matthew Young; advised by Stephen Elliott, Ph.D. For more information, please visit our website: http://www.biotown.purdue.edu

The main objective of this study is to determine the key space and entropy in bit strength of fingerprint biometric technologies by assessing probabilities of minutiae locations in a fingerprint image.

Abstract: The use of biometric characteristics for access control to both physical and logical resources has scene tremendous growth in recent years. The increased potential of biometric authentication has been accelerated by the inherent qualities of tightly binding the authenticator to the identity of an individual user. Uniqueness of biometric characteristics varies depending upon which biometrics modality is being evaluated, but one common theme is true and that is the authenticator is a digital representation of the characteristic provided by the individual. This factor makes it virtually impossible to determine how many real life possible representations of biometric data could be presented to the systems. In order to accomplish that task, every human being in the world would have to be considered in such a process.

Previous work in this area as shown by Ratha, Connell, and Bolle, has focused on defining keyspace for biometrics; specifically fingerprints. Keyspace being the total number of possible values of keys in a cryptographic algorithm or other security measure such as a password. Applying this definition to biometrics, key space is the total number of possible features, minutiae points for fingerprints in this case, that could exist in a biometric sample. The previous approach segmented a fingerprint image into possible locations for minutiae to estimate the total possible values, giving equal probability weighting to all locations [1].

Methodology: This research looks to build on the work shown above by determining probability of occurrence for individual potential minutiae locations. Just as some passwords and secrets contain values that are more likely to occur than others, so too are features in biometrics samples [2]. Referring to fingerprints in this case, it is visually evident that a greater number of minutiae are likely to be around the center of the rectangular image rather than unoccupied corners.

In order to equate entropy of biometrics similarly to passwords based on probability of potential values; the principles of Shannon’s Information Theory will be applied to minutiae in fingerprints. Shannon summarizes entropy as the randomness of the information contained in a message [3]. Shannon’s equation for determining entropy as a value of H in bits is shown below:

Apply this to fingerprint minutiae:
• n = total # of possible locations for minutiae in the image.
• p(X) = the probability of minutiae occurring at each individual location.

To accomplish the task of calculating probabilities for minutiae locations:
3 fingerprints on 8 fingers from 255 subjects will be examined using commercially available fingerprint software.
Adjacent segments, determined by the common area minutiae points consume [1], of dimension (15x15 pixels) will be aligned within the standard image dimensions of (248x292 pixels) for the dataset being examined.
Minutiae points for will be recorded as present or not present in the appropriate segments based on their location of coordinates (x,y).
After processing all images in the data set, percentages for actual occurrence of minutiae in all possible segments can calculated.
Based on the these percentages, The required parameters of Shannon’s entropy equation are now available and can be used to equate the entropy of fingerprints, represented in bit strength.

Blog Post References:
1. Ratha, N., J. Connell, and R. Bolle, Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal, 2001. 40(3).
2. Doddington, G., et al. Sheep, Goats, Lambs and Wolves. An Analysis of Individual Differences in Speaker Recognition Performance. in International Conference on Spoken Language Processing. 1998. Sydney, Australia.
3. Shannon, C.E., Communication Theory of Secrecy Systems. Bell Systems Technical Journal, 1949. 28: p. 656-715.