1 Introduction

Traditional authentication systems have their limitations for system access. These systems may fail to guarantee the exact and right password or personal identification number for each authentication process. The most general scheme of biometric authentication involves a sensor module for image acquisition, a pre-processing module to provide alignment and perform noise removal, a segmentation module for region extraction, a feature extraction module and a feature matching module. Biometric traits are classified into two categories: physical and behavioral. The category of physical biometrics includes fingerprints, hand engineering, retinal images, iris scans, and faces. On the other hand, the category of behavioral biometrics includes voice, signature, keystroke pattern, and walking style. These characteristics of the human body can be used to ensure that only the authorized individual has the permission to access the system (Jain et al. 2004; Alarifi et al. 2020a; Algarni et al. 2020a; Abd El-Samie et al. 2021; El-Shafai et al. 2021a; Rathgeb and Busch 2012).

To increase the security level of stored biometric traits, a biometric cryptosystem can be used to build a cancelable biometric system. In traditional biometric cryptosystems, the original biometric templates can be encrypted and stored in the database. During the authentication phase, a decryption process is required. On the other hand, in cancelable biometric systems, the encrypted biometric templates are used in a statistical framework for identity verification. So, there is no need to decrypt the stored templates as in the traditional biometric cryptosystems (Rathgeb and Busch 2012; Soliman et al. 2021a; El-Hameed et al. 2022; Ibrahim et al. 2020; Faragallah et al. 2020). Biometric authentication systems work based on two stages. The first stages is the enrolment of the biometrics of the users, and the second stage is the authentication or verification (Helmy et al. 2022; Kaur and Verma 2014). The main idea of cancelable biometrics is to perform distortion of the original templates by certain transformation methods or encryption schemes to store the distorted templates in the database in the enrollment phase. In the authentication phase, the biometric trait of the corresponding user is transformed or distorted in the same manner and matched to the database. According to a matching criterion, the verification of the user for access is performed. So, cancelable biometrics can be classified as a means of privacy preservation to control the system access. The basic concept of cancelable biometrics was introduced by Ratha et al. (2007). Figure 1 displays the main framework of the cancelable biometric recognition system.

Fig. 1
figure 1

Cancelable biometric recognition system

Full size image

As shown in Fig. 1, a cancelable biometric system has two main stages: enrollment and authentication. In the enrollment stage, the users' cancelable biometric templates are obtained and stored in the database. In the authentication stage, the identification of the user is performed by measuring the similarity between the new cancelable biometric templates and the stored ones (Punithavathi and Subbiah 2017; Patel et al. 2015; Kaur and Khanna 2016). Several researchers have developed and presented different techniques to implement user authentication systems based on biometrics (Alarifi et al. 2020b).

Elliptic Curve Cryptography (ECC) was firstly used in encryption in Koblitz (1987) and Miller (1985). The ECC offers a better level of security than those of classical image encryption techniques, because it is hard to solve the discrete logarithmic problem. Moreover, the ECC has a much lower key size than that of the Rivest–Shamir–Adleman (RSA) algorithm that achieves the same level of security. After that, several researchers focused on the ECC due to its strength (Zhang and Wang 2018; Laiphrakpam and Khumanthem 2018; Toughi et al. 2017). The main problem faced with ECC implementation is the computational cost. The ECC multiplication operation is time-consuming, which makes it challenging to implement ECC for real-time applications. Some researchers use the ECC to encrypt images by generating Pseudo-Random Noise (PRN) to map pixel values, according to the generated points, in order to achieve a large degree of permutation (Hayat and Azam 2019). Another important problem encountered with ECC is the increase in the size of the encrypted data compared to that of the plaintext data. The increase in data size is due to mapping of each pixel value in the plaintext image to a point on the elliptic curve that has two coordinates i.e., \({p}_{x,y}\). In (Abdelwahab et al. 2020; Laiphrakpam and Khumanthem 2017), the authors proposed methods to reduce the encrypted data size by grouping multiple pixel values to a single point. Their methods succeeded to decrease the size of the encrypted data, but it was still larger than that of the plaintext image.

Cancelable biometric methodologies depend on the utilization of transformed or deformed versions of the biometrics in the verification stage (El-Shafai et al. 2021b). The main goal of cancelable biometrics is to increase the privacy of users. So, several studies have been introduced to generate cancelable biometric templates. Soliman el al. (Soliman et al. 2018) presented a cancelable biometric system based on Double Random Phase Encoding (DRPE) for both face and iris recognition. This system depends on the extraction of features from either face or iris images to generate a matrix of features to be encrypted with the DRPE algorithm. Simulation results revealed an Equal Error Rate (EER) of 0.17% and an Area under Receiver Operating Characteristic curve (AROC) of 99.3%. Gowthamim et al. (Gowthami and Mamatha 2015) discussed fingerprint recognition using zone-based linear binary patterns. Their technique depends on feature extraction from fingerprint images using linear binary patterns. Each fingerprint image is divided into equal-size zones, and in each zone, linear patterns are extracted for recognition. They achieved an average recognition accuracy of 94.28%. Buriro et al. (2019) presented an authentication system based on fusion of behavioral biometrics. Their work involved extracting features by different types of sensors built in the smartphone, followed by a Random Forest (RF) classifier to verify the identity of users. Their system achieved a 99.3% True Acceptance Rate (TAR).

Soliman et al. (2021b) proposed an automatic ear recognition system based on the fusion of different color space representations of the ear. Their  system has five steps. The first step is for the extraction of the person’s ear from the background of the whole image, followed by the conversion of each image of the ear to 13 color space models, which produce 39 images. In the next step, pre-processing is performed on the 39 images through gamma correction, intensity transformation, difference of Gaussian filtering, and histogram equalization. Gabor features are used as  discriminative features from all color space models. After that, feature selection and classification are performed based on Sequential Forward Floating Selection (SFFS) followed by a matching step with a nearest neighbor classifier. This system achieved an AROC of 98.5%.

El-Shafai (2015) introduced personal identification and verification techniques based on the Discrete Wavelet Transform (DWT). Patterns of fingerprints, iris, and palm print have been used. The DWT is applied on a certain cropped area of each pattern. Then, secrete information is hidden in the vertical and horizontal high-frequency sub-band (HH). The Inverse Discrete Wavelet Transform (IDWT) is performed to reconstruct the 4 sub-bands. The RC4 is applied for encryption and decryption of the user information. A minutiae mapping technique is used to extract fingerprint, iris, and palm print features to compare with the patterns stored in the database. This authentication system achieved good results.

This paper introduces a new ECC scheme to generate cancelable biometric templates that can guarantee a high security level. The proposed approach guarantees full distortion and encryption of the original biometric traits to be stored in the database. The quantitative evaluations are performed through the computing the EER, and AROC as performance metrics. The rest of this work is arranged as follows. Section 2 briefly describes the mathematical foundations of the elliptic curve, and the ECC-based cancelable biometric recognition approach is explained. Simulation results and comparative analysis are given in Sect. 3. Section 4 gives the concluding remarks.

2 Proposed ECC-based cancelable biometric recognition approach

Cryptography is a data or image protection process that can be implemented in cancelable biometric systems. The biometric traits are encrypted firstly and stored in the database. For the verification process, a distance metric such as the correlation score is calculated. Different attempts for cancelable biometric systems have been presented based on encryption strategy. This paper follows the same trend, but with a new encryption technique, which is based on ECC.

2.1 Elliptic Curve (EC) mathematics

A finite Elliptic Curve (EC) \(\in {\mathbb{Z}}_{P} (\)integers mod \(P)\) can be defined with a cubic equation as follows:

$$y^{2} = x^{3} + ax + b\,\left({\bmod\;P} \right)$$
(1)

where \(a,b \;{\text{and}} \;P\) are the EC parameters. \(a \;{\text{and}}\; b\) are integer numbers \(\in {\mathbb{Z}}_{p}\) and \(P\) is a prime number. The parameters must satisfy the condition:

$$4{a}^{3}+27{b}^{2}\ne 0 \,\left(mod \;P\right)$$
(2)

Figure 2 shows an EC satisfying Eq. (1) and Eq. (2).

Fig. 2
figure 2

An elliptic curve

Full size image

We briefly state some of the mathematical operations of EC mathematics. For more details, see Harkanson and Kim (2017) and Menezes et al. (1993).

Point addition: If the point \({q}_{1}\left({x}_{{q}_{1}} , {y}_{{q}_{1}}\right)\) is added to the point \({q}_{2}\left({x}_{{q}_{2}} , {y}_{{q}_{2}}\right)\), the result \({q}_{3}\left({x}_{{q}_{3}} , {y}_{{q}_{3}}\right)\) is calculated as follows:

$${q}_{1}+{q}_{2}={q}_{3}$$
(3)

where \({x}_{{q}_{3}}= {\eta }^{2}-{x}_{{q}_{1}}-{x}_{{q}_{2}} \left({\bmod\;P} \right)\)

$${y}_{{q}_{3}}=\eta \left({x}_{{q}_{1}}-{x}_{{q}_{3}}\right)-{y}_{{q}_{1}} \left({\bmod\;P} \right)$$
$$\eta =\frac{{y}_{{q}_{2}}-{y}_{{q}_{1}}}{{x}_{{q}_{2}}-{x}_{{q}_{1}}}$$

Figure 3 illustrates the addition operation of two points (Xu 2018).

Fig. 3
figure 3

Addition operation

Full size image

Point inverse: The inverse of point \({q}_{1}\left({x}_{{q}_{1}} , {y}_{{q}_{1}}\right)\) is \({q}_{2}\left({x}_{{q}_{2}} , {y}_{{q}_{2}}\right)\). It is calculated as follows:

$${q}_{2}\left({x}_{{q}_{2}} , {y}_{{q}_{2}}\right)={q}_{1}\left({x}_{{q}_{1}}, P-{y}_{{q}_{1}}\right)$$
(4)

Point multiplication: The product of an integer number \(n\) by a point \({q}_{1}\left({x}_{{q}_{1}} , {y}_{{q}_{1}}\right)\) is calculated as follows;

$${q}_{2}\left({x}_{{q}_{2}} , {y}_{{q}_{2}}\right)=n\bullet {q}_{1}\left({x}_{{q}_{1}} , {y}_{{q}_{1}}\right)$$
(5)

Practically, the multiplication operation is performed by additive operations \(n\) times as follows:

$${q}_{2}\left({x}_{{q}_{2}} , {y}_{{q}_{2}}\right)=\sum_{n}{q}_{1}\left({x}_{{q}_{1}} , {y}_{{q}_{1}}\right)$$
(6)

Discrete logarithm problem: In EC public key encryption, each user randomly chooses his private key, i.e., \({k}_{p}\) and shares \(\gamma ={k}_{p}G,\) where \(G\) is a generating point, which is shared through the channel. An intruder tries to gather information about the used key. It is very easy to calculate \(\gamma\) as \({k}_{p}G\), but it is infeasible to calculate \({k}_{p}\) from \(\gamma , \mathrm{and} \,G\). This is known as the discrete logarithm problem.

2.2 Image encryption using ECC

Different from symmetric–key encryption, the ECC is a public-key encryption. In public-key encryption, each user has two keys: public and private. The private key is secret, and no one can decrypt an encrypted message without knowing the private key. Diffie and Hellman in 1976 proposed a solution to securely share the key between users. They introduced a public-key protocol to exchange keys with EC, securely (Washington 2008).

For message encryption, El Gamal cryptosystem with EC was firstly introduced in 1984 (Washington 2008). El Gamal is a public key encryption algorithm, which uses two keys. The two users, denoted as \(\alpha\, {\text{and}} \,\beta, \) agree on predetermined curve parameters (\(a, b, {\text{and}} \;P\)), and pick a point on the curve \(G\). A pixel value of the plaintext image represents information mapped to a point \(M\) on the curve and encoded for transmission over the channel. The protocol of encryption and decryption is as follows:

  1. 1.

    Users randomly choose their private keys, \({k}_{\alpha }\) and \({k}_{\beta }\), and keep them secret.

  2. 2.

    Users calculate their public keys, \({Q}_{\alpha }={k}_{\alpha }G\) and \({Q}_{\beta }={k}_{\beta }G\), and share them over the channel.

  3. 3.

    If user \(\alpha\) wants to send a message \(M\) to user \(\beta\), it calculates:

    $$S=M+{k}_{\alpha }{Q}_{\beta }$$
    (7)
  4. 4.

    User \(\alpha\) sends \(S\) to user \(\beta .\)

  5. 5.

    User \(\beta\) decrypts the message by calculating:

    $$S+\left(-{k}_{\beta }\right){Q}_{\alpha }=M+{k}_{\alpha }{Q}_{\beta }-{k}_{\beta }{Q}_{\alpha }=M+{k}_{\alpha }{k}_{\beta }G-{k}_{\beta }{k}_{\alpha }G=M$$
    (8)

Any intruder aiming to calculate \({k}_{\alpha }\) or \({k}_{\beta }\) form \({Q}_{\alpha }\) or \({Q}_{\beta }\) will face the discrete logarithm problem, which is computationally infeasible to solve.

To encrypt an image using ECC, each pixel value is mapped to a point on a predefined EC. The EC parameters play an important role in the pixel scrambling process to satisfy the required confusion level. The number of points of the selected EC parameters should be greater than the size of the plaintext image to achieve a high security level. In this paper, we select the technique that is implemented in Soleymani et al. (2013) to encrypt the images. In Soleymani et al. (2013), the authors proposed a mapping method to distribute the pixel values on the points of a selected EC. For example, they selected an EC with 123,456 points, and the image pixel value 0 is mapped to 482 points specified according to repetitions of the pixel value 0 in the image. For more details, see Algarni et al. (2020b) and Nishchal (2019). We have chosen this method, because it is simple and suitable for our application. Figure 4 shows the results of ECC encryption of three different images. Figure 5 shows the block diagram of the proposed ECC-based cancelable biometric approach. The correlation coefficient score is considered as the metric of matching.

Fig. 4
figure 4

Encryption results

Full size image
Fig. 5
figure 5

Block diagram of the proposed cancelable biometric recognition approach

Full size image

Figure 5 describes the authentication process of the current user or entity in two cases. When the person is authorized, his/her encrypted distorted template is highly correlated with a one stored in the database. The other case is for the imposter with low correlation score. The proposed cancelable biometric recognition approach is tested with several noise levels. Noise variance may change according to several causes, such as the thermal effect of the sensor or the environmental changes like light and cloud.

3 Simulation results

In this section, the evaluation of the proposed approach is presented. Firstly, the security of the proposed ECC is assessed in terms of visual analysis, histogram analysis, correlation analysis, entropy analysis, differential attack analysis, and key sensitivity analysis as given in Figs. 6, 7, 8 and Table 1. It is known that an encryption system must break correlation between adjacent pixels. Therefore, it is noticed from the results that the encryption system succeeds in destroying the very strong correlation of the plain image pixels in the biometric templates. In addition, the encryption system should produce a different encrypted image from the original one even with a correlated key. Figure 8 shows an original image and its encrypted versions using very related private keys K1(8, 3), K2(8, 4), and K3(7, 3). The histograms are almost uniform, which indicates an equal probability of the encrypted pixel levels.

Fig. 6
figure 6

Histogram analysis of the original and encrypted biometric templates

Full size image
Fig. 7
figure 7

Differential attack analysis of the difference between two original biometrics with only a random one-pixel change

Full size image
Fig. 8
figure 8

Key sensitivity analysis with different related keys

Full size image
Table 1 The correlation, NPCR and UACI values of encrypted biometrics with different related keys
Full size table

Furthermore, Table 1 shows the values of correlation, Number of Pixels Change Rate (NPCR), and Unified Average Changed Intensity (UACI) between two encrypted biometrics using the related keys: K1, K2, and K3. The results indicate that the cryptosystem is very sensitive to the encryption key. All obtained results prove that the proposed ECC technique can be implemented, efficiently, for designing a secure and efficient cancelable biometric recognition system. So, this motivated us to use it in our proposed work.

To evaluate the performance of the proposed cancelable biometric recognition approach using ECC, three different databases have been used (Database 2020a, 2020b, 2020c): Research Laboratory for Olivetti and Oracle (ORL) database (Database 2020a), NiST Face Recognition Technology (FERET) dataset (Database 2020b) and Mass Labelled Faces in the Wild (LFW) dataset of the University of Massachusetts’ Computer Vision Laboratory (Database 2020c). Twenty images have been used from each database and the correlation coefficient and ROC curve have been estimated for each case. All used encrypted biometrics and their histograms are shown in Figs. 9, 10 and 11 for the three databases.

Fig. 9
figure 9

ORL encrypted images and their histograms

Full size image
Fig. 10
figure 10

LFW encrypted images and their histograms

Full size image
Fig. 11
figure 11

FERET encrypted images and their histograms

Full size image

The block diagram shown in Fig. 5 has been used to obtain the encrypted images from the original ones for the three databases. These images are stored in the database for matching afterwards. For checking the recognition and security levels, the correlation coefficient and AROC are estimated. The correlation scores for genuine and imposter distributions for the studied cases are shown in Figs. 12, 13, 14 and 15. The noise variances are changed to be 0.01, 0.02, 0.03, 0.04, and 0.05 to investigate the effect of noise on the performance.

Fig. 12
figure 12

Correlation scores with the FERET in the first column, ORL in the second column and the third column is for LFW dataset for 0.01, 0.02 and 0.03 noise variances

Full size image
Fig. 13
figure 13

ROC with the FERET in the first column, ORL in the second column and the third column is for LFW dataset for 0.01 noise variance at the first row, 0.02 at the second row and 0.03 at the third row

Full size image
Fig. 14
figure 14

Correlation scores with the FERET in the first column, ORL in the second column and the third column is for LFW dataset for 0.04 and 0.05 noise variances

Full size image
Fig. 15
figure 15

ROC with the FERET in the first column, ORL in the second column and the third column is for the LFW dataset for 0.04 noise variance at the first row and 0.05 at the second row

Full size image

The results shown in the figures ensure the feasibility to add the encrypted images with ECC in the database and use them for biometric authentication. The evaluation metrics with different levels of noise variance in the proposed ECC-based cancelable face recognition approach for ORL, FERET, and LFW databases are shown in Table 2.

Table 2 Evaluation metrics with different levels of noise variance for the proposed ECC-based cancelable face recognition approach for ORL, FERET, and LFW databases
Full size table

To prove the high performance of the proposed approach compared to the existing approaches (Soliman et al. 2021a; El-Hameed et al. 2022; Ibrahim et al. 2020; Ratha et al. 2007; Kaur and Khanna 2016), different simulation tests have been performed on the same used biometric datasets (Database 2020a, 2020b, 2020c). Table 3 presents the obtained results of the comparative study, which prove the high security performance of the proposed approach compared to other related and existing approaches.

Table 3 Comparative analysis
Full size table

4 Conclusions and future works

This paper presented an efficient approach for cancelable face recognition based on the concepts of ECC. The main achievement of this approach is the utilization of ECC for biometric encryption in order to achieve biometric security from intruders. The ECC is classified as a public-key encryption (asymmetric) technique. The proposed approach guarantees full distortion and encryption of the original biometric traits to be saved in the database in order to ensure that no access of original biometrics can be achieved by intruders. Investigation tests validated the inspiring attainment of the suggested approach in well ciphering and distortion of the stored biometrics. Thus, it is more suitable for generating secure biometric patterns compared to traditional encryption methods. The capability of the proposed approach to satisfactorily cipher and distort a variety of biometric datasets has been proved. So, the suggested cancelable biometric recognition approach is a good candidate for modern access technology. In the future work, we plan to design a cancelable biometric system based on steganography, encryption, and watermarking concepts for achieving a higher level of security. In addition, a further improved deep learning model for cancelable biometric recognition will be introduced for cloud-based applications.