Table 1 Existing biohash inversion attacks
From: Practical security and privacy attacks against biometric hashing using sparse recovery
Method | Assumptions | Security | Privacy |
|---|---|---|---|
Multiply with the | - Random projection | Attack with biohash | Â |
pseudo-inverse of | matrix is available | from estimated features: | Â |
the random projection | - Threshold is fixed | - existing key | Â |
and it is 0 | - a new key is assigned | Â | |
| Â | - Wavelet FMT face | and stolen again | Â |
| Â | features | Â | Â |
Genetic algorithms | - Random projection | 1) Attack with biohash | Â |
[18] | matrix is available | from estimated features: | Â |
| Â | - Threshold is fixed | - existing key | Â |
| Â | and it is 0 | - a new key is assigned | Â |
| Â | - Fingercode features | and stolen again | Â |
| Â | Â | 2) Average distance | Â |
| Â | Â | between real and | Â |
| Â | Â | approximated features | Â |
Perceptron-learning | - Several biohashes | Identification scenario, | Adversary has |
with hill climbing and | of various different | where biohash generated | access to output |
MLP modeling with | subjects are available | from each synthetic face | of feature extractor |
customized hill- | (other methods assume | is matched against the | given a face image |
climbing [19] | availability of a single | stolen templates | and applies hill- |
| Â | stolen biohash) | Â | climbing attack to |
| Â | - Attacker can access | Â | generate synthetic |
| Â | the matching scores of | Â | face images |
| Â | the system | Â | Â |
| Â | - Secret key of the | Â | Â |
| Â | user is available | Â | Â |
Solve a constrained | - Random projection | Attack with biohash | Reconstructed |
minimization of | matrix is available | from estimated features: | face images |
distance between | - Threshold is available | - existing key | from estimated |
estimated features | - A database of | - a new key is assigned | vector using |
and unrelated | unrelated features | and stolen again | PCA inversion |
feature vector [4] | - Eigenface features | Â | Â |
Methods proposed | - Random projection | 1) Attack with biohash | Orthogonal linear |
and discussed | matrix is available | from estimated features: | face features |
in this study: | - Threshold is available | - existing key | (i.e., PCA, LDA): |
| Â | - Eigenface features | - a new key is assigned | transformation |
- Sparse recovery | Â | and is unknown | matrix is known |
- Min-norm solutions | Â | - a new key is assigned | and its inverse |
| Â | Â | and stolen again | is used to |
| Â | Â | 2) Verification accuracy | reconstruct |
| Â | Â | using the real features | face images |
| Â | Â | as gallery and | Â |
| Â | Â | approximated features | Â |
| Â | Â | as probe | Â |