2008 International Symposium on Computer Science and Computational Technology

Cracking Cancelable Fingerprint Template of Ratha

Feng Quan, Su Fei and Cai Anni

Zhao Feifei

Beijing University of Posts and Telecommunications

Beijing, China
e-mail: fquan@sina.com, {sufei, annicai}@bupt.edu.cn

Gansu Agricultural University

Lanzhou, China
e-mail: zhao_fei_fei@yahoo.com.cn
the transform function is known and the resulting
transformed biometric data are known, the original
biometrics cannot be recovered.
Cancelable biometrics seems to be a promising approach
to address biometric security and privacy vulnerabilities.
Savvides et al. [3] proposed cancelable biometrics for face
recognition that uses PIN-based random kernels and
minimum average correlation energy (MACE) filters. Teoh
et al. [4] presented an omnipotent approach named
BioHashing. They calculated the inner production between a
set of orthonormal vectors specified by the user and the
global biometric feature vector, and generated a binary
string by a predefined threshold. They applied the method to
fingerprint [4]-[5], face [6] and palmprint [7]. Ratha et al.
[2], [8] crystallized their idea and gave the concrete
transform functions and the experimental based on
fingerprint minutiae. Lee et al. [9] proposed an approach to
generate cancelable fingerprint template without any
pre-alignment information. However, there are several
concerns about the security of such schemes. In fact, there is
very little work analyzing their security, except for an
analysis of BioHashing [10]-[11]. In this paper, we
concentrate on cracking the scheme of Ratha. That is, we
will try to recover the original fingerprint minutiae from the
transformed ones. The experimental results show that the
scheme is quite vulnerable.

AbstractCancelable biometrics may be a good approach to

address the security and privacy concerns on biometric
authentication. It uses some parameterized transforms to
convert an original biometric template into a new version for
authentication. The security of cancelable biometrics lies on
noninvertibility of the transformed template, that is, the
transforms should be noninvertible so that the original
template can not be recovered. One way to achieve the
noninvertibilty is through the use of many-to-one transforms.
The idea of Rathas scheme of generating fingerprint templates
just depends on this. However, it is revealed in this paper that
the form of the transforms and the parameters chosen in his
implementation weaken the many-to-one property. This results
in the possible recovery of original minutiae from one
transformed template.
Keywords-cancelable biometrics;
minutiae; privacy; security

I.

fingerprint

template;

INTRODUCTION

Biometric systems offer several advantages over

traditional authentication methods. Biometric information
can not be acquired by direct covert observation. It is
impossible to share and difficult to reproduce. It enhances
users convenience by alleviating the need to memorize long
and random passwords. It protects against repudiation by
the user. But, re-issue, one of the advantages of password or
token, does not exist in biometrics. If a password or a token
is lost or stolen, they can be cancelled and replaced by a
new version, i.e. reissued. On the other hand, this is not
naturally available in biometrics. For example, if someones
fingerprint is compromised, it cannot be canceled nor
reissued. Furthermore, the privacy concern that the
biometric data may be used to track a person without his
consent also worries the public [1]-[2]. In order to alleviate
these problems, Ratha et al. [1] introduce the concept of
cancelable biometrics. It consists of an intentional,
repeatable distortion of a biometric signal based on a chosen
transform. The biometric signal is distorted in the same
fashion at each presentation, for enrollment and for every
authentication. With this method, if the transformed
biometric data is compromised, then the transform function
can simply be changed to create a new version. The
transformed biometrics and the transformation are stored
either distributed on a smart-card or centrally in a database.
One key of cancelable biometrics is that the distortion
transforms must be selected to be noninvertible. So even if
978-0-7695-3498-5/08 $25.00 2008 IEEE
DOI 10.1109/ISCSCT.2008.226

II.

RELATED WORKS

Ratha et al [2], [8] proposed three transform methods:

Cartesian, polar, and functional transformation. The major
defect of the first two transforms is that a small change in
minutiae position in the original fingerprint can lead to a
large change in minutiae position after transformation if the
point crosses a sharp boundary. This leads to a lower
matching performance. Ratha argued that a smooth but
non-invertible functional transform would achieve a higher
performance and put several constraints on the parametric
function: 1) the transformation should be locally smooth but
not globally smooth; 2) the transformation should be
many-to-one to make sure that it cannot be uniquely
inverted to recover the original minutiae pattern; 3) each
minutia position must be pushed outside the tolerance limit
of the matcher after transformation. Ratha explored a family
of functions in the following form:

572

(1) and the template, he can not recover the original one. The
security mechanisms of the Rathas and Lees schemes are
Y=y+fY(x,y),
(2) different though they both rely on minutiae-based
transformation. The security of a template of Ratha depends
=mod(+f(x,y), 2),
(3) on many-to-one of the transformation (or one-to-many of
the inverse-transformation) while the security of Lees
depends on the secret, which must not be stored together
where (x,y) are the position and is orientation of a minutia,
(X,Y) and are position and orientation of transformed
with the template, unknown to the attacker.
minutia respectively.
However, when multiple transformed templates are
generated from the same original template, they can be
To cater to the constraints, Ratha generated two vector
G
G
cracked by a known technique named Attack via Record
valued functions F ( x, y ) and G ( x, y ) which had the
Multiplicity (ARM). In [12], Boyen firstly suggested to
same form. Ratha suggested two examples, one was an
reveal the secret in the fuzzy extractor [13] with multiple
electric potential field parameterized by a random
public strings generated from the same secret. Scheirer and
distribution of charges, the other was a mixture of Gaussian
Boult [14] further generalized this method and called it
kernels. For convenience, we only put down the latter here:
ARM, in which the correlation of multiple encodings
created from the same biometric template may be possibly
k
G
i
1
1
T
| G ( x, y ) |=
exp( ( z i ) i ( z i )) (4) utilized to reveal the template and the secrets. They even
gave two cracking examples attacking against fuzzy vault
2
i =1 | 2 i |
[15] and against biometric encryption [16] by way of ARM.
T
Like fuzzy vault, the scheme of Ratha is rather vulnerable to
where z=[x,y] . A random key defines the parameters of the
ARM attacks. Given a transformed templates T1, an attacker
distributions such as the weights i, covariance i, the
can find the inverse solutions for each minutia. Due to
center of the kernels i. Thus, fX(x,y), fY(x,y) and f(x,y) can
many-to-one property of transform functions, there may be
be written as follows:
exist several solutions. One is the original minutia and the
G
others are not. They can be viewed as chaff points. Then, all
f X ( x, y ) = K | G ( x, y ) | + K cos( F ( x, y )) ,
(5) solutions of the template can be treated as a fuzzy vault. If
the attacker collects another template T2 generated from the
G
fY ( x, y ) = K | G ( x, y ) | + K sin( F ( x, y )) ,
(6) same original template, he can get another vault. Finally, he
picks out the right minutiae by matching two vaults.
In [2], (1) - (3) are used to perform the transformation
f ( x, y ) = G ( x, y ) + rand ,
(7)
with relatively small ranges of fX(x,y), fY(x,y) and f(x,y).
One advantage of this approach is that feature representation
G
1
F = arg(F ) + rand ,
(8) is not changed, namely, it is also minutia. Another
advantage is that it can maintain intrauser variability
2
tolerance [2]. This allows the use of existing minutiae-based
G
matching algorithms. Though Ratha argued that (1)-(9)
1
G = arg(G ) + rand .
(9) satisfied the three constraints he suggested, he did not give
2
strict mathematical analysis. We think this is not always true.
It depends on the parameters of (4)-(9). The many-to-one
The random phase offset rand is also defined by the
and non-linear properties of Ratha lie in the second item of
random key.
(1)-(3), fX(x,y), fY(x,y) and f(x,y). However, in [2], they are
In practice, Ratha used 24 Gaussians all with the same
confined in small and limited ranges (e.g., in [2], the
isotropic standard deviation of 50 pixels. The centers of the
translation of minutia is typically 30+30S(x,y) pixels
Gaussians were placed randomly in the 512512 image
where -1S(x,y)1) while the first items of (1) (3), x, y, ,
space and each Gaussian was given a peak magnitude of
increase linearly (in [2], the range of x and y are both
either +1 or -1. K was typically taken 30 pixels.
[0,512]). Suppose the Gaussian kernels distributing
uniformly, this results in global increment and local
III. APPROACHES OF CRACKING FINGERPRINT TEMPLATE
distortion of x, y and , and weakens the many-to-one
OF RATHA
property. The examples of 1-demension are given in Fig.1.
In general, the parameters of transform and the
Though the sutiations of 1-demension have some
transformed template are stored together. So, we suppose
differences with those of 2-demension, the trends are the
that the parameters and the transformed template are known
same. In fact, we can see the weakening effect from the
to the attacker in the following. The security of cancelable
Fig.5 of [2]: in individual portions, e.g., in the upper
biometrics depends on noninvertibility of transformed
right-hand portion, the warping surface folds back over
template. That is, even if an attacker knows the parameters
itself only once, while in most of regions, there only exists
X=x+fX(x,y),

573

(a)

(b)

(c)

(d)

Fig.1. The one-dimension examples illustrating the weakening effect of many-to-one property in Rathas scheme. (a) and (c): the examples of f(x)
which is the sum of 5 Gaussian kernels with standard deviation of 40 pixels and 30 pixels respectively. Each Gaussian is given a peak magnitude
of 30 pixels. (b) and (d): the results of x+f(x) correspond to (a) and (c) respectively. The centers of the Gaussians are identical in (a) and (c). The
range of x is [0,512]. In (a) and (c), many-to-one property is notable, while in (b) and (c), it is unconspicuous.

distortion, but not overlapping. These imply that, for most

of minutiae, the transformed minutiae can be inverted to the
unique (original) minutiae. Only for little of minutiae, the
inverted minutiae have two solutions. The range of fX(x,y),
fY(x,y) and f(x,y) can not be enlarged arbitrarily because
this may increase the distance between a pair of matching
minutiae after transformation and lead to an unmatchable
result.
Because of poor many-to-one property of Rathas
scheme [2], it can be cracked successfully through (1)
solving equations and (2) brute-force attacks even though
there is only one template.
Since (4)-(9) are smooth, simultaneous nonlinear
equations (1)-(3) can be solved [17] (the mod operation
results in breakpoints at 2k, however, the range of f(x,y)
is not big, so an attacker can just try -2k+, and 2k+
for several ks). As discussed above, in most cases, the
equations just have one solution. There are several typical
methods to solve the simultaneously nonlinear equations,
e.g., newton and secant method [17]. So cracking the
scheme of Ratha from one transformed template is a rather
easy thing.
In general, a minutiae-based matcher can tolerate a
certain amount of uncertainty in the minutiae position and
orientation, and even variation of the number of minutiae.

Furthermore, the range of minutiae is rather restricted, e.g.,

in FVC2002-DB1, x, y and are integers distributing in
[0,388], [0,374] and [0,360] respectively. An attacker needs
not recover the original minutiae exactly and totally in most
applications. These all make it feasible for brute-force
attacks in practice. In order to crack a transformed template,
the attacker can uniformly sample i, j and k integers around
x-, y- and -coordinates respectively as minutiae. Then he
calculates them using the known transform functions and
parameters, matches them with the minutiae of the
transformed template and picks out the minutiae with
shortest distance. There is a total of ijkN matchings
where N is the number of minutiae in the transformed
template.
IV.

EXPERIMENTAL RESULTS

Among the above cracking approaches, solving

equations is the simplest one. In this paper, the performance
of solving equations implementation has been evaluated on
FVC2002-DB1 [18]. DB1 consists of 800 fingerprint
images from 100 fingers (eight impressions per finger). The
image size is 388374 pixels. The minutiae of each image
are found by using the algorithm presented in [19]. Thus,
800 minutiae-based original templates are generated. The
average number of minutiae approximates 43 in each

574

[2]

template. The minutiae are transformed by (1)-(9) to form

the transformed version for each original template and the
transformed minutiae approximate 34400. For the
convenience of solving equations, the mod operation is
not used in equation (3). Thus, is continuous. In our
implementation, 24 Gaussian kernels with the same
isotropic standard deviation of 40 pixels are created with
their centers randomly locating in the 360360 pixel space.
Peak magnitude of each Gaussian is set as +1 or -1
randomly.
To recover the original minutiae from transformed ones,
we treat x, y and as unknown and solve the nonlinear
equations (1)-(3) in Matlab using fsolve function for all
transformed minutiae. Since X and Y have nothing to do
with . We solve bivariate equations (1) and (2) first. The
start point x0 of folve is chosen as follows:
x0=(mT+X, nT+Y),

[3]

[4]

[5]

[6]

[7]

(10)
[8]

where m, n=-2,,0,,2; T=15. After successfully finding

the solution of x and y, we solve univariate equation (3) to
get .
The experiments show inspiring results: in all valid
cases, about 90.2% have only one solution, 9.8% have two
solutions and the cases of more than two solutions do not
happen. And the original minutia certainly exists in the
solution(s). In most cases, if an attacker can guess 90%
original minutiae, he will surely pass the authentication.
Thus, the transformed template can easily be cracked. The
results confirm our analysis that Rathas scheme is not
secure.
V.

[9]

[10]

[11]

[12]

CONCLUSION

In this paper, we briefly reviewed the concept of

cancelable biometrics and a scheme of generating
cancelable fingerprint template based on minutiae, which
was proposed by Ratha. Through the analysis on his
approach, we have shown that it is vulnerable to attacks. We
propose three attacking methods against the transformed
templates of Ratha: ARM attack, brute-force attack and
solving-equations attack. The last two methods use only one
transformed template because of poor many-to-one property
of Rathas scheme. We have implemented solving-equations
attack. The experimental results show that most of
transformed minutiae can be exactly inversed to its original
minutiae.

[13]

ACKNOWLEDGEMENT

[18]

[14]

[15]

[16]

[17]

This work is supported by The Key Project of The

Ministry of Education of P. R. China (108012).

[19]

REFERENCES
[1]

N.K. Ratha, J.H. Connell, and R. Bolle, Enhancing Security and

Privacy in Biometrics-Based Authentication System, IBM Systems
J., vol. 40, no. 3, Mar. 2001, pp. 614-634, doi: 10.1147/sj.403.0614.

575

N.K. Ratha, S. Chikkerur, J.H. Connell, and R.M. Bolle, Generating

Cancelable Fingerprint Templates, IEEE Transactions on Pattern
Analysis and Machine Intelligence, 2007, vol. 29, no.4, Apr. 2007,
pp. 561-572, doi: 10.1109/TPAMI.2007.1004.
M. Savvides, B. V. K. V. Kumar, and P. K. Khosla, Cancelable
biometric filters for face recognition, in Proc. 17th ICPR , vol. 3,
Nov. 2004, pp. 922925, doi: 10.1109/ICPR.2004.1334679.
A. Teoh, D. Ngo, and A. Goh, BioHashing: Two factor
authentication featuring fingerprint data and tokenised random
number, Pattern Recognit., vol. 37, no. 11, 2004, pp. 22452255,
doi:10.1016/j.patcog.2004.04.011.
A. Teoh, M. Goh, D. Ngo, Random Multispace Quantization As an
Analytic Mechanism for Biohashing of Biometric and Random
Identity Inputs, IEEE Transactions on Pattern Analysis and Machine
Intelligence, vol.28, no.12, Dec. 2006, pp.1892-1901, doi:
10.1109/TPAMI.2006.250.
A. B. J. Teoh, D. C. L. Ngo, and A. Goh, Personalised cryptographic
key generation based on FaceHashing, Comput. Security, vol. 23,
no. 7, Oct. 2004, pp. 606614.
T. Connie, A. Teoh, M. Goh, and D. Ngo, PalmHashing: A novel
approach for dual-factor authentication, Pattern Anal. Appl., vol. 7,
no. 3, 2004, pp. 255268, doi:10.1016/j.cose.2004.06.002.
N. Ratha, J. Connell, R. Bolle, and S. Chikkerur, Cancelable
Biometrics: A Case Study in Fingerprints, Proc. Intl Conf. Pattern
Recognition, Jul. 2006, pp. 370-373, doi: 10.1109/ICPR.2006.353.
C.Lee, J.-Y. Choi, K.-A Toh, S. Lee, and J. Kim, Alignment-Free
Cancelable Fingerprint Templates Based on Local Minutiae
Information, IEEE Transactions on Systems, Man and Cybernetics,
Part B, Vol. 37, no. 4, Aug. 2007, pp. 980 992, doi:
10.1109/TSMCB.2007.896999.
K. Cheung, A. Kong, D. Zhang, M. Kamel, and J. You, Revealing
the Secret of FaceHashing, ICB 2006, 2006, pp.106-112, doi:
10.1007/11608288.
A. Kong, K. Cheung, D. Zhang, M. Kamel, and J. You, An analysis
of BioHashing and its variants, Pattern Recognit., vol. 39, no. 7, Jul.
27, 2006, pp. 13591368, doi:10.1016/j.patcog.2005.10.025.
X. Boyen, Reusable Cryptographic Fuzzy Extractors, in ACM
Conf. on Computer and Communications Security, 2004, pp. 8291,
doi: 10.1145/1030083.1030096.
Y. Dodis, L. Reyzin, A. Smith, Fuzzy extractors: How to generate
strong keys from biometrics and other noisy data, Eurocrypt2004,
2004, pp. 523540, doi: 10.1007/b97182.
W. J. Scheirer and T. E. Boult, Cracking fuzzy vaults and biometric
encryption, in IEEE Biometrics Research Symposium at the
National Biometrics Consortium Conference, Sep. 2007, pp. 1-6, doi:
10.1109/BCC.2007.4430534..
A. Juels and M. Wattenberg, A Fuzzy Commitment Scheme, in
Sixth ACM Conference on Computer and Communications Security,
1999, pp. 2836, doi: 10.1145/319709.319714.
C. Soutar, D. Roberge, A. Stoianov, R. Gilroy, and B. V. K. V.
Kumar, Biometric encrpytion, in ICSA Guide Cryptograp., R. K.
Nichols, Ed. New York: McGraw-Hill, 1999.
J. E. Dennis and R. B. Schnabel, Numberical methods for
unconstrained optimization and nonlinear equations, Englewwood
Cliffs, New Jersey: Prentice-Hall, 1983, pp.4.
D. Maio, D. Maltoni, J. L.Wayman, and A. K. Jain, FVC2002:
Second fingerprint verification competition, in Proc. Int. Conf.
Pattern
Recognition,
Aug.
2002,
pp.
811814,
doi:
doi/10.1109/ICPR.2002.1048144.
Xiaohui Xie, Fei Su, Anni Cai. A Robust Fingerprint Minutiae
Matching Algorithm Based on the Support Model, International
Conference on Biometric Authentication, ICBA2004, July, 2004, pp.
316-323, doi: 10.1007/b98225.