Chaotic secure content-based hidden transmission of biometric templates

Chaos, Solitons and Fractals 32 (2007) 1749–1759 www.elsevier.com/locate/chaos

Chaotic secure content-based hidden transmission of biometric templates Muhammad Khurram Khan *, Jiashu Zhang, Lei Tian Research Group for Biometrics and Security, Sichuan Province Key Lab of Signal & Information Processing, Southwest Jiaotong University, Chengdu 610031, Sichuan, PR China Accepted 1 December 2005

Abstract The large-scale proliferation of biometric verification systems creates a demand for effective and reliable security and privacy of its data. Like passwords and PIN codes, biometric data is also not secret and if it is compromised, the integrity of the whole verification system could be at high risk. To address these issues, this paper presents a novel chaotic secure content-based hidden transmission scheme of biometric data. Encryption and data hiding techniques are used to improve the security and secrecy of the transmitted templates. Secret keys are generated by the biometric image and used as the parameter value and initial condition of the chaotic map, and each transaction session has different secret keys to protect from the attacks. Two chaotic maps are incorporated for the encryption to resolve the finite word length effect and to improve the system’s resistance against attacks. Encryption is applied on the biometric templates before hiding into the cover/host images to make them secure, and then templates are hidden into the cover image. Experimental results show that the security, performance, and accuracy of the presented scheme are encouraging comparable with other methods found in the current literature.  2005 Elsevier Ltd. All rights reserved.

1. Introduction Biometric is defined as measurable physiological and/or behavioral characteristics that can be utilized to verify the identity of an individual. It includes fingerprint, hand geometry, palm print, voice, face, and iris recognition etc. [1]. Biometric is of interest in any area where it is important to verify and authenticate the true identity of an individual. Biometric technologies are gaining more attraction because of secure authentication methods for user access, e-commerce, remote authentication, and access control. Biometric technologies are becoming the foundation of an extensive array of highly secure identification and personal verification solutions. Biometric has shown itself as an emerging cutting edge technology and can be integrated with other technologies to implement high security [1–3]. Biometric techniques have inherent advantages over traditional personal identification techniques such as PINs, identification cards, and passwords; but the problem of ensuring the security and integrity of biometric data is critical. The reliability and user acceptance of a biometric system depends on the effectiveness of the system and the security of *

Corresponding author. E-mail addresses: [email protected], [email protected] (M.K. Khan).

0960-0779/$ - see front matter  2005 Elsevier Ltd. All rights reserved. doi:10.1016/j.chaos.2005.12.015

1750

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

the system against intruders, unauthorized modification, and misuse. A biometric-based verification system works properly only if the verifier system can guarantee that the templates come from the valid and legitimate user at the time of enrollment [4]. Biometric data is unique, but it does not provide secrecy. Only biometrics is not a panacea for the secrecy of data because it has some risks of being hacked, modified, and reused whenever it is sent over the network, so there is a need to protect biometric data from different attacks. To promote widespread utilization of biometric techniques, an increased security and secrecy of its data are necessary. Steganography, watermarking, and cryptography can be used to achieve the biometric data security and secrecy [4–6]. Steganography is a technique of concealed data, where a secret message is hidden within another unrelated message and then communicated to the other party [7,8]. The word Steganography came from Greek words Steganos and Graphia, which means hidden writing. In digital realm, it involves embedding or hiding secret data into an inconspicuous cover file, such as JPEG image [8,9]. The digital steganography process has three basic components: (i) data to be hidden; (ii) the cover file, in which the secret data are to be embedded; and (iii) the resulting stego-file. In contrast to cryptography, the content of the sent message is a secret and only parties involved in the communication know its presence. On the other hand, watermarking is used for the copyright protection. Steganography is widely used by military and intelligence agencies for sending secret messages hidden into another message. Cryptography is about encrypting secret data in unrecognized form so that only authorized receivers can recover the encrypted data [9]. Encryption is mostly used way of data security. Before the content is made ready for delivery over a network, it should be encrypted. Once the data has been encrypted, it cannot be used until it is decrypted. In encryption, there are two basic problems: (1) Hackers have historically found ways to crack encryption, in effect, obtaining the key without being a legitimate user; and (2) once a single legitimate copy of some content has been decrypted, a hacker is now free to make another copy of the decrypted data [6]. 1.1. Related work First, Yeung–Pankanti [10] investigated the effects of watermarking fingerprint images on the recognition and retrieval accuracy using an invisible fragile watermarking technique for image verification applications on a fingerprint recognition system. They specified that introducing watermarking in the fingerprint images can provide a value-added protection, as well as copyright notification capability, to the fingerprint data collection processes and its usage. Their method is only for checking the integrity of fingerprint images before performing the identification of a claimed identity, and cannot be used for the secure transmission of biometric templates over insecure network. Later, Sonia [11] researched on a local average scheme where an executable compares block-by-block local average of the transmitted image and the received image. Her method does not provide detailed results on the watermarked image, and she did not give any signal or image processing effects on her method. In 2002, Gunsel et al. [5] presented two spatial domain-watermarking methods. Their first method utilizes an image adaptive strength adjustment technique to make low visibility of watermark, while another method uses feature adaptive watermarking technique, thus applicable before feature extraction. The drawback of their system is that they did not encrypt watermark data, so their method is also vulnerable to attack if an adversary is successful in extracting the biometric template from the transmitted image. Recently, Jain-Uludag [4] proposed two application scenarios based on amplitude modulation watermarking method for hiding biometric data. First application is based on steganography, while another is embedding the facial information in fingerprint images. Jain-Uludag did not mention different kinds of noises and attacks on their method, so it is difficult to judge the performance of their system under different conditions. Furthermore, both their applications embed the secret biometric template without being encrypted so it could also have the risk of biometric data copy attack, in case if an adversary is able to extract it from the transmitted host image. To improve the security and secrecy, this paper presents a novel content-based hidden transmission method of biometric templates by using chaos. Biometric templates are encrypted by coupled-chaotic maps and hidden into the cover image. Because chaotic trajectory is sensitive to its initial condition and parameter value, and biometric is random at each enrollment of the subject [12], so the secret keys are generated from the biometric image and used as the parameter value and initial condition of the chaotic map. Thus, we use biokey i.e. biometrically generated keys as the secret keys of the chaotic map. We utilize two chaotic maps for the encryption, in which one generates a pseudorandom sequence key and another encrypts the biometric templates. On the other hand, after encrypting biometric data, we hide it into host/ cover image. Our method utilizes discrete wavelet transform (DWT) due to its excellent time-frequency features and well matching to the human visual system (HVS) characteristic, which makes embedded data more imperceptible and robust to image distortions than embedded data in the spatial domain. Hence, the proposed scheme gives better decoding and matching performance in a secure manner. Moreover, detailed experimental and simulation results show

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

1751

that the proposed scheme is robust against attacks, and solves the problems found in the related literature cited at the beginning of this subsection. 1.2. Outline The rest of the paper is outlined as follows: Section 2 gives an overview, architecture, and details of the proposed system. Section 3 presents the proposed transmission scheme. Experiments, discussions, and results are reported in Section 4. At the end, Section 5 concludes the findings of this paper.

2. Proposed system model First step of our proposed system is to capture any biometric image from the sensor and perform image processing algorithm to extract the important features to be used to hide in the host image, as shown in Fig. 1. This research uses iris templates to perform the experiments. In this paper, we utilize chaos to encrypt the iris template before hiding into the host image. The most attractive features of chaos in information hiding are its extreme sensitivity to initial conditions and the outspreading of orbits over the entire space [13]. These special characteristics make chaotic maps excellent candidates for data hiding and encryption, based on the classic Shannon’s requirement of confusion and diffusion [14]. In the recent years, chaotic maps have been used for digital data hiding and watermarking to increase the security [15]. Here, in our method, we use two chaotic maps for encrypting biometric data i.e. iris templates. One chaotic map generates a secure pseudorandom sequence, which is used as the sequence key and another chaotic map encrypts the iris templates, as shown in Fig. 2. It provides the following features: (1) resistant to the finite world length effect of the chaotic sequence, (2) very unpredictable, (3) robust against attacks, and (4) resistant to repeated group attack [13]. In addition, the secret keys used as parameter value and initial condition of chaotic map are generated by the biometric, because biometric is very random at each enrollment of the subject (person) [27]. After encryption, the iris template is embedded into the cover/host and the end result of this step is a stego-image, which contains encrypted and secured iris template. For this process, we employed DWT-based blind data hiding algorithm which does not require the original image to extract the iris template from the host image that contains hidden data. The reason for using DWT is due to its superior robustness against various signal processing attacks and high data compression [14,16]. To perform verification of a person’s claimed identity, the stego-image is sent to the authentication server over network, as shown in Fig. 1. At the server end, the stego-image is received and data extraction takes place from the cover/host image. After extracting the iris template, a chaotic sequence is generated by the secret keys and applied on the extracted data to decrypt it in its actual form, as shown in Fig. 2(b). The end result of this step is the extracted iris template ready to perform identification and verification in the pre-stored database.

Biometric Scanner

Template Extraction Template Decryption

Image processing Data Transfer

Matching

Feature Vector Network

Database

Encrypt Template Decision Making

Template Hiding Client End

Authentication Sever End

Fig. 1. Proposed system model.

1752

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

Host Image

Data Hiding Process

Iris Template

x n+1 = f ( x n , y n )

Quantizer

Stego-Image

Key

y n+1 = g ( y n ) Biokey (a) Extracted Iris Template

x n+1 = f ( x n , y n )

Data Extraction Process

Quantizer

Stego-Image

Key

y n+1 = g ( y n ) Biokey (b) Fig. 2. Iris-biometric template hiding/un-hiding process: (a) template hiding process and (b) template extraction process.

3. Proposed transmission scheme for biometric data Our proposed scheme, for the secure transmission of biometric data, consists of the secret keys generation i.e. biokey, iris-biometric template encryption, hiding template into the cover image, template extraction on the server side, and iris template decryption and matching against the stored templates in the database. In the following subsections, these processes are described in detail. 3.1. Secret key generation and iris template encryption Before secret keys generation and template encryption, we capture the iris-biometric of user by the CCD camera. Two captured iris images of a person are shown in Fig. 3. We extract the iris features by the process and method described by John Daugman [2], the inventor of the iris recognition system. The statistical properties of iris-biometric are very random and have about 244 degree-of-freedom, means features, to identify a person [2]. Even the two irises of the same person have different features, which make iris-biometric a good candidate to use for the identification [27]. The pixel value distribution of the captured iris images is different at every instant, because of different posing, illumination effects, distance of a person from camera, and so on, as it can be seen in Fig. 3. Both Fig. 3(a) and (b) are captured during a short break of few seconds, but the pattern got from the camera is different and gray value distribution is changed due to the eye-movement and other factors [27]. These characteristics make iris-biometric images a good candidate to generate the secret keys for the chaotic map. The chaotic trajectory is sensitive to its initial condition and parameter value, so these values can be generated from the random pixel value distribution of the captured iris images from the camera. Assume that the iris gray image is X with size M · N. It can be represented as X ¼ fxði; jÞ; 0 6 i < M; 0 6 j < N g;

xði; jÞ 2 f0; 1; . . . ; 2L  1g

where L is the number of bits to represent a pixel.

ð1Þ

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

1753

Fig. 3. Iris images of a person captured by CCD camera.

In the following steps, we generate secret keys to be used in the encryption process of the iris templates. 1. Randomly select two pixel values from the x-axis and y-axis of the iris image which are px and py, respectively. 2. Subtract these values and divide by the total gray scale of the image, as shown in the following equation. Note that all captured iris images are gray images V ¼

absðpx  py Þ N

0
ð2Þ

where abs( ) returns absolute value of the two subtracted pixel values and N is the number of pixels of the iris image. 3. Now, generate the parameter value by the following equation [17]:  3þV V > 0:57 ð3Þ Sk ¼ 3:57 þ ð0:43  V Þ V 6 0:57 4. We use the following equation to generate the initial condition of the chaotic map: Y n ¼ absðdV e  V Þ 0 < Y n 6 1

ð4Þ

where dVe is the ceiling-value of V and abs( ) returns the absolute value. For the encryption, as described earlier, we use two chaotic maps. One map, which is logistic map, is used to generate 1-D sequence of real numbers that is used as a sequence key. Eq. (5) shows the logistic chaotic map y nþ1 ¼ gðy n Þ ¼ ly n ð1  y n Þ

ð5Þ

where n = 1, 2, 3, . . . is the map iteration index and l is the system parameter. For 3.57 < l 6 4.0, the sequence is nonperiodic, non-convergent, and very sensitive to the initial value. The secret keys Sk and Yn are used as the parameter value and initial condition of the logistic map, respectively. Another chaotic map is Henon map [14,18], which is used to encrypt the templates. The generalized Henon map is shown in xnþ1 ¼ ½1 þ bðxn1  cÞ þ 379y 2n  ðmod 1Þ

ð6Þ

where b = 0.3 and 1.07 6 c 6 1.09. Modulo operation is performed to restrict the chaotic sequence within limits and it also prevents the chaotic sequence from divergence. Because the stream generated by Henon map is a sequence of real numbers, the output of the Henon map in Eq. (6) is quantized into binary stream by the following threshold to perform XOR operation with the biometric template.  1; xn P 0:5 cðnÞ ¼ ð7Þ 0; xn < 0:5 The normalized sequence created by Henon map is c(n) 2 {0, 1} and the extracted-normalized iris-biometric template is s(n) 2 {0, 1}. We use XOR operation to encrypt the iris template, and the encrypted template is obtained by wðnÞ ¼

N X

sðnÞ  cðnÞ

n¼1

where N is size of the iris-biometric template, and generated chaotic sequence.

ð8Þ

1754

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

3.2. Iris-biometric template hiding in the host image In generating the pseudorandom numbers, the secret key is used as a seed value. The generated numbers are used as hiding position of LH2, HL2, and HH2 sub-bands. To avoid overlapping of data allocation and modification of pixel value, we select the data hiding position separated with at least one pixel. The same pixel should not be selected as embedding/hiding position in selecting the procedure. If size of the biometric template is large, we can also select the pixels in HL3, LH3 and HH3 for embedding e.g. the template size of multimodal biometric template is large, which can contain face, voice or/and iris together. After that, we compute the neighboring symbol’s mean value of selected pixels by using (9). The pixel value of the data embedding position is xi,j, and the mean value of the neighboring value is mi,j, then we compute mi,j using the following formula: mi;j ¼ meanðxi;j1 ; xi1;j ; xiþ1;j ; xi;jþ1 Þ

ð9Þ

After computing the mean value, we embed the encrypted iris template into the selected pixels and generate flags (fi,j) by the following steps: (1) If the selected xi,j is bigger than the mean value mi,j and wi,j = 1, we change xi,j with x0i;j using (10) and create a flag fi,j that contains value of 0 if ðxi;j > mi;j and wi;j ¼ 1Þ then x0i;j ¼ xi;j ð1  awi;j Þ f i;j ¼ 0

ð10Þ

where a is the data hiding/embedding strength. (2) If the selected xi,j is bigger than the mean value mi,j and wi,j = 0, we change xi,j with x0i;j using (11) and create a flag fi,j that contains value of 1 if ðxi;j > mi;j and wi;j ¼ 0Þ then x0i;j ¼ xi;j ð1  aÞ f i;j ¼ 1

ð11Þ

(3) If the selected xi,j is smaller than the mean value mi,j and wi,j = 1, we change xi,j with x0i;j using (12) and create a flag fi,j that contains value of 2 if ðxi;j < mi;j and wi;j ¼ 1Þ then x0i;j ¼ xi;j ð1 þ awi;j Þ

ð12Þ

f i;j ¼ 2 (4) If the selected xi,j is smaller than the mean value mi,j and wi,j = 0, we change xi,j with x0i;j using (13) and create a flag fi,j that contains value of 3 if ðxi;j < mi;j and wi;j ¼ 0Þ then x0i;j ¼ xi;j ð1 þ aÞ f i;j ¼ 3

ð13Þ

These equations describe that the modified value x0i;j is proportional to the original value of the image xi,j, which makes the hidden iris-biometric template more robust. The generated flag fi,j is stored in the database and is used in the template extraction procedure. After this process, we take the inverse transform of the host image using inverse discrete wavelet transform (IDWT) to reconstruct the stego-image. Now, the stego-image can be transmitted to the authentication server to perform identification of the claimed identity.

3.3. Template extraction, decryption and matching On the authentication server side, for the hidden data extraction, we transform the stego-image using second level discrete wavelet decomposition, as it was decomposed in the template hiding/embedding process, to extract the data from LH2, HL2 and HH2 sub-bands. After transforming the image into wavelet domain, we find the embedded location of the hidden template by using the same key, which was used in the hiding procedure. After that, we compute

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

1755

neighbor’s mean value mi,j using the same method described in data hiding process and generate a flag fi;j0 , and then generate w0i;j using the opposite procedure described in flag generation and template hiding process. After successfully extraction of the iris template from the received stego-image, we perform decryption by using the secret key of the client. The same chaotic sequence c(n) is generated by the chaotic decryption system and applied on the extracted template i.e. w 0 (n). Template extraction and decryption process is elaborated in Fig. 2(b). We utilize the following formula to decrypt the extracted data: s0 ðnÞ ¼

N X

w0 ðnÞ  cðnÞ

ð14Þ

n¼1

Then, we compare the extracted iris template s 0 (n) with the original template, which is stored in the database. Eq. (15) is used for this matching process M¼

N 1 X s0 ðnÞ  sðnÞ N i¼1

ð15Þ

where the Boolean operator (XOR) equals 1, if and only if the two bits are different. Here, N is the size of the template, s(n) is the original template stored in the database, while s 0 (n) is an extracted and decrypted data sequence from the cover image. We may define a matching threshold according to the criticality and usage of the system.

4. Experimental results and discussion In this section, we discuss experimental results performed during the research of this work. To evaluate the performance of the proposed method, portions of the research in this paper use the CASIA iris image database collected by the Institute of Automation, Chinese Academy of Sciences. CASIA iris image database (ver 1.0) contains 756 iris images from 108 eyes [19]. A well designed data-hiding system should fulfill the ‘Kerchoff’s’ principle of cryptography. According to his principle, the security of the system has to be based on the assumption that the adversary or attacker has full knowledge of the design and development details of the system. The only missing information for the attacker is the secret key and without the secret key, he has no way of extracting the hidden data from the carrier [9]. In our system, we generated secret keys from the iris-biometric image i.e. biokey, because biometric is a potential source of high-entropy and has been suggested as a way to enable strong, cryptographically-secure authentication of a person without requiring them to remember or store traditional cryptographic keys [12]. To perform the experiments, we used biokey as the parameter value and initial condition of the chaotic map. The results shown in Fig. 4 indicate that the generated keys are very sensitive and a tiny amount of change can abruptly change the behavior of the system. As an example, at the encryption end, we used the secret key Sk = 0.345, but when

Fig. 4. Sensitivity to the secret keys: (a) encryption when secret key = 0.345 and (b) decryption when secret key = 0.34500000000001.

1756

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

we decrypted the data by a slightly different value of the key i.e. Sk = 0.3450000000001, then the recovered data is different. Hence, our encryption module is very sensitive to the secret keys mismatch (1014). The proposed method exhibits better performance and protection against those with only one chaotic map. The generated chaotic sequences for the encryption/decryption process also showed good statistical properties and their autocorrelation and cross-correlation curves are depicted in Fig. 5. Furthermore, the dynamic secret key i.e. biokey generates a sequence of different pseudorandom numbers at each transaction session, so our chaotic encryption module can resist the statistical characteristics of plaintext and ciphertext attacks as mentioned in [20–22]. The embedded iris-biometric template size is 512 bytes, which depends on the feature extraction and image processing algorithms and varies from system to system [2]. We performed experiments on different cover-images as shown in Fig. 6. We used Baboon, Lena, New York, and Sailboat images for the experiments and the extracted iris-biometric data is exactly the same as it was encoded. The hidden data extraction performance in comparison with others [5,24] is shown in Table 1. If the embedded data size is smaller, then the extraction performance will be higher because each bit of the hidden data will be embedded into more locations, and the effects and distortions of noises and other signal processing effects will be lower [5].

Fig. 5. The statistical correlation curves of used chaotic sequences: (a) auto-correlation curve of the chaotic sequences and (b) crosscorrelation curve of chaotic sequences.

Fig. 6. Sample cover images (a–d) and stego-images (e–h) (New York image courtesy of Patrick Loo, University of Cambridge, others from USC-SIPI).

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

1757

Table 1 Comparison of the proposed methods (in %) Image

Method in [24]

Method in [5]

Our method

Lena Baboon Sailboat New York

99.57 91.79 73.87 98.49

99.78 100 99.78 99.78

99.86 99.84 99.81 99.79

Furthermore, we applied cropping attack on the stego-images and evaluated the performance of our method against Gunsel et al.’s scheme [5], as shown in Table 2. It is eminent from the results that our scheme has better data decoding performance even stego-image is significantly cropped. In contrast, Jain-Uludag [4] did not mention the effects of cropping in their method, so it is very difficult to judge the performance of their system against cropping attack and other noises. Table 2 Performance comparison after 50% cropping effects Image

Method in [5]

Our method

Lena Baboon Sailboat New York

93.52 95.03 84.02 93.74

97.29 97.14 96.85 94.13

Table 3 Detailed experimental results on each image Attacks

PSNR (dB)

Accuracy (%)

(a) Baboon image Median filtering (3 · 3) Wiener filtering (6 · 6) Resize attack Cropping (50%) Gaussian noise (0, 0.001) JPEG compression (4:1)

20.42 23.40 19.48 16.44 29.10 23.73

87.19 88.66 87.08 97.14 93.83 94.84

(b) Lena image Median filtering (3 · 3) Wiener filtering (6 · 6) Resize attack Cropping (50%) Gaussian noise (0, 0.001) JPEG compression (4:1)

30.89 32.90 27.95 17.20 29.61 34.76

88.68 87.25 86.97 97.29 87.27 95.85

(c) Sailboat image Median filtering (3 · 3) Wiener filtering (6 · 6) Resize attack Cropping (50%) Gaussian noise (0, 0.001) JPEG compression (4:1)

26.33 28.91 24.12 14.38 29.41 30.41

88.14 88.11 86.76 96.85 89.25 94.84

(d) New York image Median filtering (3 · 3) Wiener filtering (6 · 6) Resize attack Cropping (50%) Gaussian noise (0, 0.001) JPEG compression (4:1)

20.48 23.02 18.35 17.50 30.63 22.99

92.26 90.47 89.59 94.13 89.44 88.03

1758

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

Fig. 7. Lena image under different attacks: (a) median filtering, (b) Wiener filtering, (c) Gaussian noise, (d) resize, (e) cropping and (f) JPEG compression.

There are two kinds of attacks on a steganography system: one is through signal processing such as filtering, additive noise, and compression; the other is to use geometric transformations, which include cropping, scaling, rotating, and so on [13]. In most algorithms, the tolerance to the first type of attack is higher than that to the latter. Our scheme also aims at gaining high robustness against cropping attack, described earlier, as compared to Gunsel et al.’s system [5]. Even, it tolerates against both kinds of noises and distortions e.g. Wiener filtering, median filtering, resizing, JPEG compression, Gaussian noise, and cropping etc. The detailed experimental results on each stego-image are shown in Table 3. As a reference, in Fig. 7, Lena image is depicted under different attacks. These attacks are described in Table 3 on each individual stego-image with their decoding performance and PSNR value. The performance of Table 3 shows that if stego-image is significantly affected, the extracted iris-biometric data is little distorted and is able to perform the verification of a person. PSNR values are computed by the following equation [23]: 2 3 2 _ ðmax I ðm; nÞÞ 8ðm;nÞ 5 PSNRðI; I Þ ¼ 10log10 4 P ð16Þ _ 2 1 ð I ðm; nÞ  Iðm; nÞÞ 8ðm;nÞ NI _

where I and I are the original cover/host and stego-images, respectively. NI is the number of pixels in the image, (max I"(m,n)(m, n)) is the maximum gray-value of the original host image. Furthermore, Gunsel et al. [5] and Jain-Uludag [4] did not apply encryption on the biometric template before or after the embedding/hiding, so their method is susceptible if a hacker becomes successful in extracting the hidden biometric data from the transmitted stego-image. Thus, their scheme is vulnerable to the so-called copy attack [25], where any unauthorized person can copy hacked biometric data from the host image and misuse it on purpose [26]. Sonia’s [11] method does not provide detailed results on the watermarked image, and she did not give any signal or image processing effects on her method. Yeung–Pankanti [10] also did not give the detail of attacks on their method, but claimed that their method gives a significant performance. So, it is difficult to judge the performance of their method under different kinds of attacks and noises.

5. Conclusion In this work, we have presented a novel chaotic secure content-based hidden transmission scheme of biometric templates, in which encryption and data hiding methods are combined to ensure the authenticity, confidentiality, and integrity of the transmitted templates. We generated secret keys from the biometric data and used as the parameter value and initial condition of the chaotic map. We utilized two chaotic maps for encryption, which exhibited better protection than those with only one chaotic map. We encrypted biometric data by chaotic encryption before hiding into the image,

M.K. Khan et al. / Chaos, Solitons and Fractals 32 (2007) 1749–1759

1759

which makes our system more secure and protected from the copy attack. Due to the excellent time-frequency features and well matching to the human visual system (HVS) characteristics, we used DWT to hide iris templates. Furthermore, we performed a series of experiments to evaluate the proposed system. Moreover, we carried out extensive quantitative comparisons among some existing methods and provided discussions on the overall experimental results. It has also been shown that the presented system is highly robust against different kinds of attacks and gives better performance than others. The proposed system can also be used for any biometric data e.g. fingerprint, face or palm print etc. Hence, our system is an open ended system to securing biometric templates.

Acknowledgements This project is supported by ‘Sichuan Youth Science and Technology Funds’ under grant number: 03ZQ026-033 and ‘Southwest Jiaotong University Doctors Innovation Funds (2005)’. The authors are grateful to Dr. Li Xiaofeng for his assistance in manuscript proofreading. The system presented in this paper is the subject of patent protection.

References [1] Anil KJ, Pankanti S, Bolle R. Biometrics: personal identification in networked society. Kluwer; 1999. [2] Daugman J. High confidence visual recognition of persons by a test of statistical independence. IEEE Trans Pattern Anal Mach Intell 1999;15:1148–61. [3] Muhammad KK, Zhang J. Securing biometric templates for reliable identity authentication. In: ICIC. Lecture Notes in Computer Science, Part II, vol. 3645. Springer-Verlag; 2005. p. 723–32. [4] Anil KJ, Umut U. Hiding biometric data. IEEE Trans Pattern Anal Mach Intell 2003;25:1494–8. [5] Gunsel B, Umut U, Tekalp AM. Robust watermarking of fingerprint images. Pattern Recognition 2002;35:2739–47. [6] Cox IJ. Digital watermarking. CA, USA: Morgan Kaufmann Publishers; 2002. [7] Dawson E, Lopez J, Montenegro JA, Okamoto E. BAAI: Biometric authentication and authorization infrastructure. In: IEEE int conference on ITRE, August 2003. p. 274–8. [8] McBride BT, Peterson GL, Gustafson SC. A new blind method for detecting novel steganography. Digital Investigation 2005;2:50–70. [9] Katzenbeiser S, Petitcolas FA. Information hiding techniques for steganography and digital watermarking. Artech House Books; 2000. [10] Yeung MM, Pankanti S. Verification watermarks on fingerprint recognition and retrieval. J Electron Imaging 2000;9:468–76. [11] Sonia J. Digital watermarking techniques: a case study in fingerprints and faces. In: Proc Indian conference on computer vision, graphics, and image processing, 2000. p. 139–44. [12] Teoh ABJ, David CLN, Goh A. Personalised cryptographic key generation based on facehashing. Comput Security 2004;23:606–14. [13] Zhao D, Guanrong C, Wenbo L. A chaos-based robust wavelet-domain watermarking algorithm. Chaos, Solitons & Fractals 2004;22:47–54. [14] Zhang J, Lei T, Tai HM. A new watermarking method based on chaotic maps. In: Proc IEEE ICME’04, Taiwan, 2004. [15] Muhammad KK, Zhang J, Tian L. Protecting biometric data for personal identification. In: Sinobiometrics’04. Lecture Notes in Computer Science, vol. 3383. Springer-Verlag; 2004. p. 629–38. [16] Hong I, Kim I, Han SS. A blind watermarking technique using wavelet transform. Proc IEEE ISIE 2001:1946–50. [17] Huang F, Guan ZH. Cryptosystem using chaotic keys. Chaos, Solitons & Fractals 2005;23:851–5. [18] Hitzl D, Zele F. An exploration of the Henon quadratic map. Physica D 1985;14D:305–26. [19] CASIA Iris Database [online], October 2005. Available from: http://www.sinobiometrics.com. [20] Alvarez G, Montoya F, Romera M, Pastor G. Cryptanalysis of a chaotic encryption system. Phys Lett A 2000;276:191–6. [21] Jakimoski G, Kocarev L. Analysis of some recently proposed chaos-based encryption algorithms. Phys Lett A 2001;291:381–4. [22] Alvarez G, Montoya F, Romera M, Pastor G. Cryptanalysis of an ergodic chaotic cipher. Phys Lett A 2003;311:172–9. [23] Kundur D, Hatzinakos D. Digital watermarking for telltale tamper proofing and authentication. Proc IEEE 1999;87:1167–80. [24] Umut U, Gunsel B, Tekalp AM. Robust watermarking of busy images. In: Electronic imaging 2001 conference, security and watermarking of multimedia contents III, USA. Proc SPIE, vol. 4314. p. 18–25. [25] Deguillaume F, Voloshynovskiy S, Pun T. Secure hybrid robust watermarking resistant against tampering and copy attack. Signal Process 2003:2133–70. [26] Muhammad KK, Zhang J. Enhancing the security of biometric templates for trust worthy person authentication. GESTS Int Trans Comput Sci Eng 2005;6(May):166–76. [27] Daugman J, Downing C. Epigenetic randomness, complexity, and singularity of human iris patterns. Proc Roy Soc, Biol Sci 2001;B-268:1737–40.