Biometric Masterkeys

TL;DR

This paper introduces the concept of biometric masterkeys, which are feature vectors capable of matching with many templates in cancelable biometric databases, highlighting potential security vulnerabilities.

Contribution

It defines biometric masterkeys, explores their creation from existing databases and pre-creation scenarios, and demonstrates their effectiveness through experiments on fingerprint and face datasets.

Findings

Masterkeys can match all templates in a cancelable database.

Effective construction of masterkeys from any feature vector.

Experimental validation on fingerprint and face datasets.

Abstract

Biometric authentication is used to secure digital or physical access. Such an authentication system uses a biometric database, where data are sometimes protected by cancelable transformations. This paper introduces the notion of biometric masterkeys. A masterkey is a feature vector such that the corresponding template matches with a significant number of templates stored in a cancelable biometric database. Such a masterkey is directly researched from a cancelable biometric database, but we also investigate another scenario in which the masterkey is fixed before the creation of the cancelable biometric database, providing additional access rights in the system for the masterkey's owner. Experimental results on the fingerprint database FVC and the face image database LFW show the effectiveness and the efficiency of such masterkeys in both scenarios. In particular, from any given feature vector, we are able to construct a cancelable database, for which the biometric template matches with all the templates of the database.