Keywords

1 Introduction

Biometric refers to identify or verify a person according to their physiological or behavioral characteristics such as fingerprint and handwriting. It is an automated process of identification and authentication, in which specific biometric traits of an individual are extracted during enrollment and stored as biometric templates. However, such authentication technology needs large-scale capture and storage of biometric data which leads to serious concern about leaking of privacy and identity theft. Unlike the traditional identification technology such as password or credit card, biometric characteristics are inherent to a person. Once the template is compromised, it is compromised forever because it cannot be revoked, reissued or even destroyed. Furthermore, since the same template might be used for various application and location, it would be possible to perform cross matching between them. In this way, the privacy of the user cannot be guaranteed.

Many template protection algorithms have been proposed. Jain divided these algorithms into two kinds: feature transformation and biometric encryption [1]. The former is a popular scheme in which the same transformation function respectively applies to register biometric characteristics and testing biometric characteristics in enrollment procedure and testing procedure. Then the transformed testing characteristics directly compares with the transformed template generated by register characteristics. The latter is firstly proposed to use biometric feature to encrypt key. It is deferent from feature transformation is that public information related to the biometric feature is stored in the database. The former security depends on the key safety and noninvertible transforms. And the latter depends on the safety of help data. This paper proposes a face template protection method based on chaotic map which belongs to the former.

Due to the high sensitivity of chaotic systems to parameters and initial conditions as well as the availability of many circuit realizations, chaos based algorithms are developed and studied as the core of encryption algorithms [2]. Chaotic image encryption refers to use discrete chaotic sequence to encrypt the image, and its essence is to play the characteristics of chaos to conceal the original face image and avoid the valuable information being achieved by other people even they get encrypted information [3, 4].

In this paper, an eigenvalues permutation algorithm for face template protection based on chaotic map is proposed. The original face template is extracted using principal component analysis (PCA) algorithm and disturbed based on chaotic logistic map. The rest of the paper is organized as follows: Sect. 2 introduces the existing biometric protection methods. Section 3 gives the proposed algorithm. Section 4 is devoted to the experiments and security analysis. At last, Sect. 5 concludes this paper.

2 Related Works

2.1 Biometric Protection Method

In recent years, there are increasing applications of biometric identification technology in the identity authentication, but also gradually expose its inherent weaknesses in some aspects of security and privacy, so higher requirements of the security of biometric template in the practical applications is raised. The template protection scheme should have properties like diversity, revocability, security and performance. The template protection schemes are broadly classified into two main types as function transformation approach and biometric cryptosystem based approach. Function transformation approach is further categorized as salting and non-invertible transformation method. Biometric cryptosystem based approach is further categorized as key binding and key generation methods.

A large number of famous biometric cryptosystems have been proposed such as fuzzy vault scheme [5,6,7,8], fuzzy commitment scheme [9], and fuzzy extractor [10]. Fuzzy vault is used to encrypt the biometric template which is described in the form of point sets, such as fingerprint minutiae sets. The fuzzy vault scheme proposed by Juels and Sudan [5,6,7] has become one of the most popular key-binding approaches as it provides effective and provable security for biometric template protection [11]. Since the fuzzy vault scheme is proposed, many biometric characteristics have been used to construct biometric cryptosystems based on fuzzy vault scheme, such as fingerprints, ear, and face.

Fuzzy commitment and fuzzy extractor are among the two most popular template protection schemes. Fuzzy commitment binds a binary key to a binary biometric representation and the key can only be recovered if a similar binary biometric re-presentation is presented. Fuzzy extractor directly transforms a binary biometric input into a stable binary string that can be used as encryption keys in cryptographic applications. Both these schemes take an ordered multi-biometric representation as input in our context. When modalities that are represented by un-ordered features are fused with modalities that are represented by ordered features, an unordered-to-ordered feature transformation is required.

3 Proposed Algorithm

A face recognition system firstly collects several face images of each legitimate user and extracts face features stored in the database corresponding with this user’s ID number. One of the popular approaches for face recognition is eigenface method (Principal Component Analysis, PCA) [12]. The key idea is to find the best set of projection directions to span the feature space that will maximize the total scatter. Our proposed algorithm adopts PCA to produce face features for each user. So each user’s face feature is a vector. Then we use image encryption for reference to displace the order of face feature vector by utilizing chaotic map. This section describes the generalized logistic map and the detail steps of our algorithm.

3.1 Logistic Map

The logistic map is an one-dimensional map and it is very simple and can produce fundamental results on non-linear dynamics, and it attracts many attention in image encryption lately. A simple chaotic logistic map is defined by Eq. (1):

$$ x_{n + 1} = \mu x_{n} (1 - x_{n} ) $$
(1)

Where n is a non-negative integer, \( x_{0} \) is the initial value of the logistic map, \( x_{0} \in [0,1] \), μ is a control parameter. For a fixed value μ, we can get a certain sequence \( x_{n} \) by iteration with an initial value \( x_{0} \).

Figure 1 shows the bifurcation diagram of the logistic map while μ belongs to (3, 4]. From the bifurcation diagram, we can see that the sequences generated by logistic map are chaotic sequences when \( 3.57 < \mu \le 4 \).

Fig. 1.
figure 1

Bifurcation diagram of the logistic map

Full size image

Figure 2 shows the Lyapunov exponent curve of logistic and generalized logistic maps. Generally, the Lyapunov exponent is usually taken as an indication that the system is chaotic. If the value of Lyapunov exponent is positive number, the system is chaotic. It is noted that the logistic map has some drawbacks such as non-uniform behaviour and blank windows in the chaotic region as can be seen in Fig. 2(a), there are some areas where the Lyapunov exponent is either zero or negative.

Fig. 2.
figure 2

Lyapunov exponent curves of logistic and generalized logistic maps

Full size image

To overcome the issue of the logistic map, we introduce a generalized logistic map [13] defined by Eq. (2)

$$ x_{n + 1} = \frac{{4\mu^{2} x_{n} (1 - x_{n} )}}{{1 + 4(\mu^{2} - 1)x_{n} (1 - x_{n} )}} $$
(2)

Where n is a non-negative integer, \( - 4 < \mu \le 4 \). The logistic map is in the chaotic region when \( - 4 < \mu \le - 2 \) or \( 2 < \mu \le 4 \). Figure 2(b) shows the Lyapunov exponent of the generalized logistic map. We can see that there is no non-chaotic area in the chaotic region, and the uniform behavior of the generalized map is further proved.

The logistic map has been applied to image encryption since it satisfies the ergodicity, pseudorandom property and extreme sensitive to initial conditions and system parameters.

3.2 Our Algorithm

In this section, we presented our template protection algorithm for face recognition using a position permutation approach for face feature with the chaotic logistic sequences. Each user has its own specific ID, so we use the user ID and the master key of the system to determine the initial conditions of logistic map by hash function. The order of chaotic sequence controls the substitution index of face template. Figure 3 shows the generation process of the face template.

Fig. 3.
figure 3

The generation process of the face template

Full size image

Figure 4 shows an example of the detailed generation flow of the substitution index. For example, the initial value of the logistic map is 0.9, the control parameter of the logistic map is 4, and we choose 10 numbers from the logistic sequence as an example to show the process of the permutation. The method is described in steps as follows:

Fig. 4.
figure 4

An example of the detailed generation flow of the substitution index

Full size image
  1. (1)

    Encode the master key and user ID to a vector satisfied the input request of hash function, the output of hash function is taken as the initial value of logistic map. Then select an appropriate control parameter through Fig. 2(b), the chaotic logistic sequence is produced. Because different user has different ID, the initial conditions of the chaos are not the same, so the chaotic sequences are different.

  2. (2)

    Let \( V = \left\{ {v_{1} ,v_{2} , \ldots ,v_{n} } \right\} \) be a face feature of the user where n is the dimensionality of eigenvectors, the dimension of chaotic sequence is often great than n. We select the former n dimension of the logistic sequence gained by step (1) as the final used chaotic sequence \( L = \left\{ {l_{1} ,l_{2} , \ldots ,l_{n} } \right\} \).

  3. (3)

    Sort \( L = \left\{ {l_{1} ,l_{2} , \ldots ,l_{n} } \right\} \) in ascending order of size and obtain the new sequence \( L^{{\prime }} = \left\{ {l_{1}^{{\prime }} ,l_{2}^{{\prime }} , \ldots ,l_{n}^{{\prime }} } \right\} \). Meanwhile, the substitution index \( S = \left\{ {s_{1} ,s_{2} , \ldots ,s_{n} } \right\} \) is produced where \( s_{i} \) is the position in \( L \) of \( l_{i}^{{\prime }} \). In Fig. 4, 0.9 is the first dimension in \( L \), the corresponding index is seven.

  4. (4)

    \( V = \left\{ {v_{1} ,v_{2} ,..,v_{n} } \right\} \) is replaced with \( V^{{\prime }} = \left\{ {v_{1}^{{\prime }} ,v_{2}^{{\prime }} , \ldots ,v_{n}^{{\prime }} } \right\} \) by the same rule of permutation, because the elements of the sequence \( V = \left\{ {v_{1} ,v_{2} ,..,v_{n} } \right\} \) and the sequence \( L = \left\{ {l_{1} ,l_{2} , \ldots ,l_{n} } \right\} \) are corresponding one by one. \( V^{'} = \left\{ {v_{1}^{'} ,v_{2}^{'} , \ldots ,v_{n}^{'} } \right\} \) is the face template.

  5. (5)

    All the face features of every user are carried out the above four steps to get a new face template.

  6. (6)

    In testing, a face image of the user is collected. The mapping matrix attained by PCA in registration process is used to extract the testing feature from the face image. Then the logistic sequence is produced by this user ID and the master key to displace the testing feature. Finally, matching the template stored in the system database according to user ID.

4 Experimental Results and Analysis

4.1 Experiment Data and Performance Parameters

In order to test the proposed algorithm, we conduct experiments on the FERET database, and compare the experimental results with the eigenface method. The FERET database is created by the United States Department of Defense, it is the most authoritative face database at present and it contains 200 individuals and 7 images for each person with different postures, facial expression, and illumination condition. Three samples of each person are used as training set, others are used for test.

The original template is the facial feature vector extracted using PCA algorithm. In the FERET database there are 200 persons, so each person has its own user ID, which means each person has its own corresponding logistic map since the initial value of the logistic map is determined by the user ID and the master key. Here we choose 200 logistic map, the initial conditions of the logistic map is determined by the user ID and the master key with an appropriate transformed function, the control parameter of the logistic map is fixed, we set μ = 4 and at this point the logistic map is entirely in the state of chaos, and it can increase the randomness. And then the new template is generated according to our scheme proposed in this paper.

In our algorithm, we use False match rate (FMR) and False non-match rate (FNMR) to evaluate the performance of the algorithm. FMR and FNMR are the major two parameters of recognition algorithm performance evaluation. In addition, the equal error rate (EER) can measure the overall performance of an algorithm. It unifies FMR and FNMR at the same time. FMR increases with the increase of the threshold and FNMR decreases with the increase of the threshold. EER refers to the value of the intersection of FNMR and FMR in the same coordinate. For a high-performance algorithm, there is a smaller value of EER. The DET curve is similar to EER, x axis and y axis represent FMR and FNMR respectively. The Lower DET curve means the higher performance.

4.2 Experimental Results and Security Analysis

Figure 5 shows the DET curve with eigenface and the proposed algorithm. Experimental results show that the ERR of eigenface and the proposed algorithm are 14.2% and 8% respectively. From the graph, we can see more clearly and directly that the performance of our proposed algorithm using the logistic map is better than the original PCA algorithm.

Fig. 5.
figure 5

The comparison of DET curve

Full size image

In system, we store four data: the mapping matrix of PCA, user ID, the control parameter of logistic map and the face templates. The security of our algorithm depends on the logistic map. If the attacker doesn’t know the logistic sequence, he can’t recover the original face feature. The control parameter can’t produce the logistic map without the initial condition. The master key and user ID conduct the initial condition by hash function. The irreversibility of hash ensures the security of the master key. The master key is the superlative key of the system, and it is used to protect the primary key and the encryption key. Generally speaking, it is very difficult to attack the master key directly, because the master key is usually stored in a dedicated cryptographic device, it is secure not only physically, but also logically. The master key is only mastered by a few security managers, these security managers are not directly contact to the user’s key and plaintext data. And it is not possible for the user to obtain the master key that the security manager has, which is helpful to ensure the security of the key.

In our scheme, we can generate a new feature template by changing the control parameters of chaotic map or changing the master key. In this way, if the original template is destroyed or stolen, you can change the relevant parameters to generate a new template to replace the original template.

5 Conclusion

In this paper, we presented a template protection algorithm for face recognition using chaotic map. We use the properties of the logistic map, such as the ergodicity, pseudorandom property and extreme sensitive to initial conditions and system parameters to generate a chaotic sequence, and the original face feature can be displaced by the chaotic sequences. Since the representation of disturbed template features is the same as before, we can use the same matching scheme to measure the performance of the face recognition system. Experiment results show that our algorithm significantly improve the recognition performance and ensure the security of face template.