A new bio-cryptosystem-oriented security analysis framework and implementation of multibiometric cryptosystems based on decision level fusion

Biometric cryptosystems provide an innovative solution for cryptographic key generation, encryption as well as biometric template protection. Besides high authentication accuracy, a good biometric cryptosystem is expected to protect biometric templates effectively, which requires that helper data does not reveal significant information about the templates. Previous works predominantly follow an appropriate entropy definition to measure the security of biometric cryptosystems. In this paper, we point out limitations of entropy-based security analysis and propose a new security analysis framework that combines information-theoretic approach with computational security. In addition, we construct a fingerprint-based multibiometric cryptosystem using decision level fusion. Hash functions are employed in our construction to further protect each single biometric trait. The experimental results and security analysis demonstrate that the proposed multibiometric cryptosystem provides stronger security and better authentication accuracy compared to a cryptosystem based on single biometric.