A privacy-preserving cancelable iris template generation scheme using decimal encoding and look-up table mapping Rudresh Dwivedi *, Somnath Dey, Ramveer Singh, Aditya Prasad Discipline of Computer Science & Engineering, Indian Institute of Technology Indore, Indore, India ARTICLE INFO Article history: Received 23 November 2015 Received in revised form 20 September 2016 Accepted 17 October 2016 Available online ABSTRACT Biometric-based recognition systems have overcome passive issues of traditional human authentication systems. However, security theft and privacy invasion are two passive issues that still persist in the effective deployment of biometric-based authentication systems. Com- promise of biometric data can potentially lead to serious security violation as the user’s biometric trait cannot be changed. In order to prevent the invasion of biometric templates, it is desired to morph the original biometric template through non-invertible or irrevers- ible transformation function. This transformed template is referred to as cancelable template and can be replaced or reissued in case of compromise. In this paper, we propose a novel cancelable iris template generation technique based on randomized look-up table mapping. The technique utilizes a decimal vector generated from a rotation-invariant feature vector. The feature vector is generated using 1-D Log Gabor filter applied to the iris image. Experi- ments carried out on various iris databases confirm the efficacy of the proposed approach. After applying the template protection mechanism, we have achieved Equal Error Rate (EER) of 0.37%, 0.43% and 0.79% for CASIA-V 1.0, CASIA-V3-Interval and ICE 2005 iris databases, respectively. Moreover, the transformation preserves the irreversibility, revocability and di- versity properties of the concealable iris templates. © 2016 Elsevier Ltd. All rights reserved. Keywords: Biometrics Iris biometric Cancelable biometrics Security Privacy 1. Introduction Over the last decade, biometric authentication has gained much public attention as compared to traditional knowledge (pass- word, key) or token-based authentication systems and is widely deployed to identify/verify users firmly in several domains. However, biometric-based authentication systems suffer from security and privacy invasion challenges as their compro- mise may expose sensitive and ancillary information about a user. Further, if the biometric template gets compromised, it results in permanent identity theft as biometric data are in- trinsically linked to the user. This introduces the research question “how do we replace the biometric data which is per- manent and limited for a user without affecting the accuracy of the system?”. The different attacks such as hill-climbing, cor- relation or stolen-token attacks (Jain et al., 2008) can be launched for illicit use of biometric data which reduce the reliability of the system. In correlation attack, the attacker intercepts mul- tiple protected templates of the same user from different applications and tries to find out the correlation between these protected templates to retrieve the original template (Rathgeb and Uhl, 2011). The hill-climbing attack is launched to maxi- mize the matching score by iteratively and incrementally modifying the biometric input (Rathgeb and Uhl, 2011). In case of the stolen token attack, the imposter captures the genuine * Corresponding author. E-mail addresses: phd1301201006@iiti.ac.in (R. Dwivedi), somnathd@iiti.ac.in (S. Dey). http://dx.doi.org/10.1016/j.cose.2016.10.004 0167-4048/© 2016 Elsevier Ltd. All rights reserved. computers & security ■■ (2016) ■■ – ■■ ARTICLE IN PRESS Please cite this article in press as: Rudresh Dwivedi, Somnath Dey, Ramveer Singh, Aditya Prasad, A privacy-preserving cancelable iris template generation scheme using decimal encoding and look-up table mapping, computers & security (2016), doi: 10.1016/j.cose.2016.10.004 Available online at www.sciencedirect.com journal homepage: www.elsevier.com/locate/cose ScienceDirect