TEMPLATE PROTECTION FOR DYNAMIC TIME WARPING BASED BIOMETRICSIGNATURE AUTHENTICATION

Emanuele Maiorana, Patrizio Campisi, Alessandro Neri

Dipartimento di Elettronica Applicata, Universita degli Studi "Rorna Tre"Via della Vasca Navale 84, 00146 Roma, Italy

e-mail: {maiorana, campisi, neri}@uniroma3.it

ABSTRACT

In this paper, we propose a protected on-line signature basedbiometric authentication system. The original signature tem­plates are protected by transforming them in a non-invertibleway. Recovering the original biometrics from the stored datais thus computationally as hard as random guessing. Thetransformed templates are compared employing a DynamicTime Warping (DTW) matching strategy. The reported ex­perimental results, evaluated on the public MCYT signaturedatabase, show that the recognition rates are only slightly af­fected by the proposed protection scheme, which is able toguarantee the desired security for the employed biometrics.

Index Terms- Biometrics, Identity Theft, On-line Si­gnature, Cancelable Templates, Biometric Security.

1. INTRODUCTION

Being based on who a person is or what a person does, ratherthan on what a person knows (e.g., password) or what a per­son has (e.g., tokens), biometric based recognition systemsare typically able to guarantee significant convenience andsecurity for their users, when compared to traditional authen­tication methods. However, the use of biometric data in anautomatic recognition system involves serious risks: if bio­metric data are somehow stolen or copied, they can be diffi­cult to replace. Moreover, biometric data can contain sensi­tive information (e.g., health, genetic background), that canbe used in an unauthorized manner for malicious or unde­sired intents [1]. Users' privacy can also be compromisedif a cross-matching between different biometric database isperformed, in order to track the enrolled subjects using theirpersonal biometric traits. The issues deriving from securityand privacy concerns need to be carefully considered whenimplementing a biometric based recognition system, trying toprovide countermeasures to the possible attacks that can beperpetrated at the vulnerable points of the system, enumer­ated and detailed in [2]. The adopted measures should be ableto enhance biometric data resilience against attacks, while al­lowing the matching to be performed efficiently, thus guaran­teeing acceptable recognition performance.

978-1-4244-3298-1/09/$25.00 ©2009 IEEE

The present paper is organized as follows: in Section 2the different solutions which have been investigated in therecent past to secure biometric templates are analyzed. Theproposed protected on-line signature recognition system is il­lustrated in Section 3. The experimental framework and theobtained results are shown in Section 4.

2. BIOMETRIC TEMPLATE SECURITY

The unauthorized copy of the stored biometric data is prob­ably the most dangerous threat regarding users' privacy andsecurity. Therefore, many solutions have been investigatedin the recent past to secure the biometric templates. Amongthem, the most promising approaches consist in the imple­mentation of what has been called cancelable biometrics [2].This expression is commonly referred to the application ofnon-invertible and repeatable modifications to the originalbiometric templates. A classification of the approaches al­ready proposed for the generation of secure and renewablebiometric has been presented in [3]. Specifically, two macro­categories, referred to as biometric cryptosystem and featuretransformation approaches, have been introduced. Biomet­ric cryptosystems [4] typically employ binary keys to securethe biometric templates, and during the process some publicinformation, usually referred to as helper data, is used. Thiscategory can be further divided in key binding systems, wherethe helper data are obtained by binding a random binarykey with the biometric template [5, 6], and key generationsystems, where both the helper data and the cryptographickey are directly generated from the biometric template [7].Typically, these approaches are able to manage the intra-uservariations in biometric data through the use oferror correctingcodes. However, it is generally not possible to use dedicatedmatchers, thus reducing the system matching accuracy.

Feature transformation approaches modify the originaltemplates according to a key-dependent transform. It ispossible to distinguish two sub-categories: salting [8] andnon-invertible transform approaches [9]. A salting methodemploys invertible transforms: the security of the templatesthus relies in the secure storage of the transformation keys.

DSP 2009

Authorized licensed use limited to: BIBLIOTECA D'AREA SCIENTIFICO TECNOLOGICA ROMA 3. Downloaded on January 14, 2010 at 05:05 from IEEE Xplore. Restrictions apply.

On the other hand, when non-invertible transforms are consi­dered, it is computationally hard to recover the original datafrom the transformed templates, even if the transformation'skeys are known. Feature transformation approaches typicallyproduce transformed templates which remain in the same(feature) space of the original ones: it is therefore possibleto employ, in the authentication stage, the matchers designedfor the original biometric templates. This allows to guaranteeperformances which are similar to those of an unprotectedapproach. It is also worth pointing out that, having the pos­sibility of employing dedicated matchers, a score can beobtained as the output of the protected recognition process:secure multibiometric systems can therefore be implementedthrough score-level fusion techniques [10]. The first practicalnon-invertible transform-based approach for the protection ofbiometric data was presented in [11], where the minutiae pat­tern extracted from a fingerprint undergoes a key-dependentgeometric transform. Generalizing the approach in [11],three different non-invertible transforms, namely a cartesian,a polar and a functional transform, were proposed in [9] forgenerating cancelable fingerprint templates. Applying thetransformation to the minutiae pattern, each fingerprint re­gion undergoes a random displacement, thus obtaining thattwo minutiae, belonging to different regions of the inputimage, are mapped into the same region in the transformedtemplate. Considering a minutia relying in such a zone, itis impossible to determine which of the original disjoint in­put regions it then belongs to. A geometric approach forfingerprint template protection has also been presented in[12], where the fingerprint minutiae are mapped on a circlecentered on their centroid, and the obtained projections areorganized into bins according to their position to create afingerprint code.

Signature template protection has been first considered in[13] and [14], where a set of parametric features is extractedfrom the acquired dynamic signatures, and a hash functionis applied to the feature binary representation, obtained fromthe analysis of some statistical properties estimated duringenrollment. This method provides protection for the signa­ture templates, although the cancelability property is notconsidered. In [15] an adaptation of the fuzzy vault [6] tosignature protection is proposed. A salting approach hasbeen proposed in [16] as an adaptation of the Bio-phasoringmethod to signature templates, while a user-adaptive versionof the fuzzy commitment [5] has been proposed in [17] toprovide security to the on-line signature features. Each ofthese approaches provide protection to a set of parametricfeatures extracted from the considered on-line signatures. Onthe contrary, the approach proposed in this paper directlyemploys the time sequences, acquired by touch screens ordigitizing tablets, as signature representation. Specifically,a non-invertible transform based approach is applied to theavailable time sequences, in order to generate transformedversions ofthe original functions, from which recovering any

information about the original biometrics is as much hardas random guessing. The generated templates remain in thesame space of the original ones, thus allowing to employ thesame matchers designed for the original biometrics. Specif­ically, a Dynamic Time Warping (DTW) matching strategyis here exploited to compare the transformed templates. Thisapproach allows us to obtain authentication performancesfar better than those achievable with the already proposedsignature template protection schemes.

3. ON-LINE SIGNATURE RECOGNITION WITHPROTECTED TEMPLATES

In this Section, the proposed template protected on-line signa­ture based authentication system is illustrated. Specifically,in Section 3.1 the template to protect, consisting of a set ofsignature discrete time sequences (e.g., position trajectories,pressure, etc.), is characterized. The non-invertible transformemployed to protect the considered signature templates hasbeen proposed by the authors in [18], and its description issummarized in Section 3.2. The enrollment and authentica­tion stages are then sketched in Section 3.3. The proposedimplementation employs a Dynamic Time Warping (DTW)based matching strategy to compare the biometric templates.The employed DTW algorithm [19] is briefly outlined in 3.4.In Section 4, the performance of the proposed approach em­ploying DTW based matching strategy are given, and theyare compared with the performance obtained in [18], where aHidden Markov Model (HMM) based matching strategy hasbeen employed. It is shown that better results can be achievedemploying DTW, in both an unprotected and a protected on­line signature authentication system.

3.1. Feature extraction

The acquired on-line signatures can be represented by thehorizontal x[n] and vertical y[n] position trajectories, andthe pressure signal p[n] (where n == 1, ... ,N is the discretetime index, and N is the time duration of the signature insampling units). A geometric normalization, consisting ofposition normalization followed by rotation alignment, isapplied to the pen-position functions x[n] and y[n]. Otherfour discrete time sequences are derived from x[n] andy[n], and used as an additional set of functions, namelythe path-tangent angle B[n], the path velocity magnitudev[n], the log curvature radius p[n], and the total acceler­ation magnitude a[n] . In this paper, we have consideredtwo different sets of functions as possible original signaturetemplates: R7 == {x[n], y[n],p[n],B[n], v[n], p[n], a[n]} and

7<-14 = {7<-7' R7 } where the upper dot notation denotes

the first order derivative. In the following, we indicate withr(i) [n], i E {I, ... , F}, the generic i-th function belongingto the set Rp (with F == 7 or F == 14), which represents theoriginal signature template.

Authorized licensed use limited to: BIBLIOTECA D'AREA SCIENTIFICO TECNOLOGICA ROMA 3. Downloaded on January 14, 2010 at 05:05 from IEEE Xplore. Restrictions apply.

2D

w(k) ~(ij) ..·---------:-:-i

II

Warping function...:

w(K) ~(I,J)3 1 -------------------- ------~

Sakoe/Chiba ... I

Band . :I

Transformed SignaturesOriginal Functions Transformed FunctionsOriginal Signature

Fig. 1. Two different transformations, governed by the keyvectors d(1) = 30 and d(2) = 75, are applied to the originalx [n ] and y [n ] coordinate functions. The original and trans­formed signatures are also shown.

3.2. Non-invertible Transform

In the employed protection scheme, a non-invertible transformis applied to the original set offunctions RF, in order to gen­erate a new set TF . Specifically, the transformed template TF

consists of F discrete sequences J( i) [n], i = 1, ... , F, eachofwhich is obtained from the corresponding original functionr(i) [n ] E R F, i = 1, .. . , F. The key of the proposed non­invertible transform consists of (W - 1) different integervalues d j , randomly selected between I and 99. These val­ues are arranged in an ascending way, such that dj > dj - i ,

j = 1, . . . , W, in a vector d = [do, . .. , dw jT, where do anddw are respectively set to 0 and 100. Considering a genericoriginal sequence r( i) [n ] E R F , this function is divided intoW segments r(i)j ,Nj [n] oflength N j = bj - bj - i ,

r( i)j ,Nj [n] = r(i) [n + bj - i ], j = 1, ... , W, (I)

where bj = l-Mo .N J, j = 1, . .. , W. Basically, the functionr( i) [n ] is split into W separated parts according to the ran­domly generated vector d. A transformed function J(i) [n],n = 1, ... , K, is then obtained through the linear convolu­tion of the functions r( i) j ,Nj [n ], j = 1, ... , W:

J(i) [n] = r(i)l ,N, [n] * ... * r(i)W,Nw [n]. (2)

Fig. 2. Warping function and Sakoe/Chiba band definition(adapted from [21]).

the attacker collects more than a single transformed tem­plate, and try to recover the original biometric informationby using them all together. It is worth pointing out that otheralready proposed non-invertible transform based protectionschemes, like those in [11] and [9], are vulnerable to a recordmultiplicity attack.

3.3. Enrollment and Authentication stages

In the proposed template protected on-line signature based au­thentication system, E signatures are acquired from each userduring enrollment. From each signature, the original repre­sentation R'F is evaluated, and then the protected templatesTF, e = 1, . . . , E , are computed and stored in a database.During authentication, the user claims his identity providing atest signature, which is processed to generate its transformedtemplate T~. This test sample is then compared to all theE templates in the reference set. The comparisons are per­formed employing the DTW algorithm described in Section3.4, whose output is the distance b..(TF,T~) between the testsample T~ and the reference sample TF. The minimum ofthe E distances between the test sample T~) and the E ref­erence samples TF), e = 1, . .. , E, is taken as representativeof the verification process. A decision regarding whether thesignature is authentic or a forgery is made by comparing theresult of the matching to a threshold.

Different realizations can be obtained from the same orig­inal functions, simply by varying the size or the values of theparameter key d. The effects of the employed transforms areshown in Figure I, where the horizontal and vertical positiontrajectories extracted from an original signature are trans­formed according to different decomposition vectors, andthen recombined to reconstruct the transformed signature.

In [18] it has been shown that recovering an originalsequence r(i) [n] from its transformed counterpart J(i) [n] iscomputationally as hard as random guessing. Moreover, thedifficulty of inverting the employed transform has been dis­cussed also considering a record multiplicity attack, where

3.4. Dynamic Time Warping

Dynamic Time Warping (DTW) [19] is a well known methodto compare sequences of different lengths. The use of DTWfor template matching is encouraged by the results obtainedduring the Signature Verification competition in 2004 (SVC2004) [20], where the algorithm [19], employing DTWmatching, has given the best performances in terms of EqualError Rate (EER), when tested with skilled forgeries.

The DTW algorithm finds the optimal alignment betweentwo sequences, such that the sum of the differences betweeneach pair of aligned points is minimal. Formally, having in­dicatedwithA = {ad,i = 1, ... , I , and B = {bj},j =

Authorized licensed use limited to: BIBLIOTECA D'AREA SCIENTIFICO TECNOLOGICA ROMA 3. Downloaded on January 14, 2010 at 05:05 from IEEE Xplore. Restrictions apply.

104 6EER(in %)

5 .

,......, 25 ..

'"""~ 20 ·

§~ 15 .

° 10

o10 04 6

EER(i n %)

,-., 25 ·

'""e"" 20

~t: 15 .§o 10 .

o10 04 6

EER(in %)

II CJEERRF_ EERSF

'

'T ] E

35

30

_ 25

'""~ 20

~ 15

8 10

o10 0

o '-----~----'-

o 4 6EER(in %)

(a) (b) (e) (d)

Fig. 3. Normalized histograms for the EERs obtained repeating 20 times the authentication process. The employed systemparameters are W = 2, D = 10%.(a) E = 5,F = 7; (b) E = 5,F = 14; (c) E = 1O,F = 7; (d) E = 1O,F = 14.

1, ... , J , two sequences of feature vectors, representing re­spectively the biometric template employed as reference andthe biometric sample to be verified, a point-to-point distanceJ (i , j) between the elements a, and b j can be evaluated, fori = 1, ... ,Iandj = 1, ... , J . Typically,J(i,j) is computedas the Euclidean distance between the vectors a, and b j . Withreference to Figure 2, where the patterns A and B are devel­oped along in an i - j plane, the DTW algorithms finds theoptimal warping function W = {w(kn = {(i(k) ,j(k)n,k = 1, ... , K, which connects the points w(l) = (1,1) andw(K) = (1, J), minimizing the total distance

K K

L\w(A, B) = L J(w(k)) = L J(i(k) ,j(k)) (3)k=l k = l

The minimum accumulated distance minW EW{L\w(A,B)},where W represents the set of all properly defined distor­tion paths W for A and B, is employed to characterize thedissimilarity of the considered sequences. In order to com­pensate the effect of the summation of K terms in (3), anormalization has to be done on the minimum accumu­lated distance. Specifically, we normalized the distanceminwEw{L\w(A,Bn with respect of the length I of thereference sequence A, thus defining the asymmetric distanceL\(A,B) = minwEw{L\w(A,BnjI as the dissimilaritymeasure between the sequences A and B.

The paths in W have to satisfy the necessary mono­tonic and continuity requirements [21]. Moreover, only thepaths which remain in the so-called Sakoe/Chiba band [21],depicted in Figure 2, are taken into account. Differentlyfrom [19], no additional slope constraint has been conside­red. Eventually, instead of using the normalized minimum,maximum, and template distance values as in [19], only theminimum accumulated distance minwEw{L\w(A,Bn isconsidered as matching score, without any user dependentscore normalization,

It is worth pointing out that, when employing DTWas matcher in an unprotected signature based recognitionsystem, the stored templates permit to perfectly reconstructboth the shape and the dynamics of the signatures. This

important privacy and security issue gives a remarkable rele­vance to the proposed signature template protection approach.

4. EXPERIMENTAL RESULTS

An extensive set of experiments is performed to test the ef­fectiveness of the proposed non invertible transform based si­gnature protection scheme. The tests are conducted using thepublic version of the MCYT on-line signature corpus [22],which comprises 100 users, for each of which 25 genuinesignatures and 25 skilled forgeries have been captured dur­ing five different sessions. Forgers were asked to performthe imitation after observing the static image of the signa­tures to imitate, having tried to copy them at least 10 times ,and by then writing the forgeries naturally without breaks orslowdowns. We first verify the variability of the authentica­tion performance with respect to the selection of the trans ­formation key d. To accomplish this task, we perfonned theauthentication process over the available database 20 times,randomly varying at each iteration the transformation param­eters d for each user. The values dj , j = 1, ... , W - 1, whichdefine the decomposition vector d, are taken in the range ofintegers [5, 95] to guarantee a minimum segment's length. Wekeep fixed the number of segments W = 2 in which thesignature time sequences are divided, and the width of theSakoe/Chiba band employed in the DTW algorithm [21], asindicated in 3.4 (D = 10%, expressed as percentage of theminimum length between the test and reference signature).

For each user, the enrollment is performed taking E sig­natures from the first two available sessions, while signaturesbelonging to the other three sessions are employed to test theauthentication performances, in terms of False RecognitionRate (FRR). The False Acceptance Rate (FAR) for skilledforgeries (FARsF) is computed using the available 25 skilledforgeries. The FAR for random forgeries (FAR R F ) is com­puted taking, for each user, ten signature from each of theremaining users. In Figure 3 the dependence of the matchingperformance from the employed transformation parameters isshown. Specifically, the normalized histograms of the EERsobtained considering both random (EERRF) and skilled for-

Authorized licensed use limited to: BIBLIOTECA D'AREA SCIENTIFICO TECNOLOGICA ROMA 3. Downloaded on January 14, 2010 at 05:05 from IEEE Xplore. Restrictions apply.

30 1fT'~r=======:::;""]

_ 20

~c

-=--.... 15o?~ 10

10 15 20 25 30FRR(in %)

(a)

oo 25 30

(b) (e)

oo 10 15 20 25

FRR(in %)

(d)

30

Fig. 4. ROC curves for an unprotected system, and for protected systems with W = 2,3,4, considering skilled forgeries. Theemployed system parameter is D = 10%. (a) E = 5, F = 7; (b) E = 5, F = 14; (c) E = 10, F = 7; (d) E = 10, F = 14.

EER (in %) Unprotected Protected approachapproach W - 2 W - 3 W -4

HMM 9.75 12.55 15.70 20 .05DTW 5.53 8 .13 11.07 14.09

Table 1. EERs achieved employing HMM and DTW basedmatching strategies, considering skilled forgeries. E 5signatures are considered for the enrollment , and F = 7functions for the signature representation RF.

geries (EERs F) are given. Moreover, different test cases aretaken into account, varying both the number E of signaturesconsidered during enrollment (E E {5, 10}), and the numberF of functions which are considered in the original signaturerepresentation R F (F E {7,14}).

As requested for a properly designed non-invertibletransform method, varying the employed transform pa­rameters does not result in significant modifications of thematching performances. The variance of the obtained EERsdecreases when the number of enrollment signatures E ishigher. When E = 10 signature are taken for the enrollment,and R F consists of F = 14 signature sequences, the EERobtained considering skilled forgeries has a mean value of5.7%, and a variance of 0.41 %. The EER for random for­geries has a mean value of 3.4% and a standard variation of0.62%.

The performances of an unprotected and a protectedsystem where DTW is used as matching algorithm are alsocompared. In Figure 4 the achieved authentication perfor­mances, where the FAR is referred to the situation withskilled forgeries (FARs F), are presented. Considering thecase when E = 10 and F = 14, the EER for skilled forgeriesin an unprotected system is equal to 3.93%, and it decreasesonly slightly to 5.7% when template protection is provided,considering W = 2. When W = 3 an EER of about 7.4% isobtained, while if each signature function is divided in W = 4segments before performing the convolutions, the EER raisesto 9.7%. It can be also seen how increasing the number Fof employed functions in the signature representation R F

greatly improves the recognition performances, and produces

F D(in %) Unprotected Protected approachapproach W -2 W - 3 W -4

I 6.53 7.07 9.07 11.137 5 4.20 5 .95 8.80 10.73

10 4 .00 6.33 8.67 11.4015 4.00 7.00 8 .60 11.40

I 6.00 6.70 8.80 10.9314 5 4.07 5 .22 7.20 9 .20

10 3 .93 5.71 7.40 9.7315 4.00 5.97 7.13 9.47

Table 2. EERs (in %) considering skilled forgeries. E = 10signatures are considered for the enrollment.

enhancements comparable to those achieved increasing thenumber E of signature taken during enrollment.

The recognition rates achieved employing the proposedDTW based matching strategy are also compared to those ob­tained employing HMM modeling for template matching, asin [18]. Specifically, in Table 1 the EERs achievable usingthe two matching algorithms , related to a test case with E = 5and F = 7, are shown. The tests are performed using the pub­lic MCYT database, and considering skilled forgeries. As itcan be seen, when considering both unprotected and protectedsystems, the DTW based matching strategy outperforms theHMM based one.

The reported recognition rates represent the best achiev­able performances for the HMM based approach, with respectto the selection of the HMM parameters (number of statesand number of Gaussian densities for each state). The perfor­mances related to the use of a DTW strategy can still be op­timized with respect to the width D ofthe Sakoe/Chiba bandemployed during the matching.

Specifically, the EERs achievable considering skilled for­geries, and varying the parameters F , W, D while keep­ing fixed the number of signature taken during enrollment(E = 10), are listed in Table 2. The best authentication ratesachievable for protected and unprotected systems, conside­ring both F = 7 and F = 14, are reported in bold in Table 2.When a protected system with W = 2 is taken into account ,the best performances are obtained for D = 5%.

Authorized licensed use limited to: BIBLIOTECA D'AREA SCIENTIFICO TECNOLOGICA ROMA 3. Downloaded on January 14, 2010 at 05:05 from IEEE Xplore. Restrictions apply.

When comparing HMM and DTW based matchers, it isworth reporting that a DTW based matcher usually requiresmore time to perform authentication than a HMM based one,depending on the number ofenrollment acquisitions E. How­ever, being signatures usually employed for verification in­stead of for identification, the computational velocity is not apractical issue for real world applications.

5. CONCLUSIONS

In this paper a biometric authentication system, where noninvertible transforms are employed to protect the employed si­gnature templates, has been proposed. A DTW based matcheris exploited to compare the transformed templates. Exper­imental results, evaluated on the public MCYT signaturedatabase, illustrate that the performances of the proposed pro­tected approach are comparable with those of an unprotectedsystem, and that the employed DTW matcher outperformsthe HMM strategy proposed in [18].

Employing the proposed non invertible transform basedprotection approach, the system described in this paper can befused with the one presented in [18] by exploiting score fusiontechniques [10]. In this way, it is possible to further improvethe authentication performances, while properly guaranteeingthe security of the employed biometric data.

6. REFERENCES

[1] S. Prabhakar, S. Pankanti, A.K. Jain, "Biometric Recog­nition: Security and Privacy Concerns", IEEE Security &Privacy Magazine, Vol. 1, No.2, pp: 33-42,2003.

[2] N.K. Ratha, J.H. Connell, R. Bolle, "Enhancing Securityand Privacy ofBiometric-based Authentication Systems",IBM Systems Journal, Vol. 40, No.3, pp. 614-634,2001.

[3] A.K. Jain, K. Nandakumar, A. Nagar, "Biometric Tem­plate Security", EURASIP JASP, January 2008.

[4] U. Uludag, S. Pankanti, A.K. Jain, "Biometric cryptosys­tems: Issues and Challenges", IEEE Multimedia Securityfor Digital Rights Managmement, Vol. 92, No.6, pp: 948­960,2004.

[5] A. Juels, M. Wattenberg, "A Fuzzy CommitmentScheme", ACM Conf. Computer and Comm. Sec., 1999.

[6] A. Juels, M. Sudan, "A Fuzzy Vault Scheme", Des. CodesCryptography, Vol. 38, No.2, pp. 237-257,2006.

[7] Y. Sutcu, Q. Li, N. Memon, "Protecting Biometric Tem­plates with Sketch: Theory and Practice", IEEE Trans. onInformation Forensensic and Security, Vol. 2, No.3, pp.503-512, 2007.

[8] A.B.J. Teoh, D.C.L. Ngo, A. Goh, "Random MultispaceQuantization as an Analytic Mechanism for BioHashing

of Biometric and Random Identity Inputs", IEEE Trans.on PAMI, Vol. 28, No. 12, pp. 1892-1901,2006.

[9] N. Ratha, S. Chikkerur J. H. Connell, R. M. Bolle, "Gen­erating Cancelable Fingerprint Templates", IEEE Trans.on PAMI, Vol. 29, No.4, pp. 561-572, April 2007.

[10] A.A. Ross, K. Nandakumar, A.K. Jain, Handbook ofMultibiometrics, Springer, USA, 2006.

[11] R. Ang, R. Safavi-Naini, L. McAven, "Cancelable Key­Based Fingerprint Templates", Australian Conference In­formation Security and Privacy, pp. 242-252, July 2005.

[12] Y. Sutcu, H.T. Sencar, N. Memon, "A Geometric Trans­formation to Protect Minutiae-Based Fingerprint Tem­plates", SPIE Defense & Security, 2007.

[13] C. Vielhauer, R. Steinmetz, A. Mayerhofer, "BiometricHash based on statistical Features of online Signatures",ICPR, Vol.1, pp. 123-126,2002.

[14] H. Feng, C.W. Chan, "Private Key Generation from On­line Handwritten Signatures", Information Managementand Computer Security, pp: 159-164, 2002.

[15] M. Freire-Santos, J. Fierrez-Aguilar, J. Ortega-Garcia,"Cryptographic key generation using handwritten signa­ture", SPIE Defense & Security, Vol. 6202, pp. 225-231,2006.

[16] W.K. Yip, A. Goh, D.C.L. Ngo, A.B.J. Teoh, "Gener­ation of Replaceable Cryptographic Keys from DynamicHandwritten Signatures", ICB, pp. 509-515,2006

[17] E. Maiorana, P. Campisi, A. Neri, "User Adaptive FuzzyCommitment for Signature Templates Protection and Re­newability," SPIE JEI, Special Section on Biometrics,2008.

[18] E. Maiorana, M. Martinez-Diaz, P. Campisi, J. Ortega­Garcia, A. Neri, "Template Protection for HMM-basedOn-line Signature Authentication", CVPR, June 2008.

[19] A. Kholmatov, B. Yanikoglu, "Identity AuthenticationUsing Improved Online Signature Verification Method",Pattern Recognition Letters, Vol. 26, No. 15, 2005.

[20] D.-Y. Yeung et aI., "SVC2004: First International Si­gnature Verification Competition", ICBA, July 2004.

[21] H. Sakoe, S. Chiba, "Dynamic programming algorithmoptimization for spoken word recognition", IEEE Trans.on Acoustics, Speech and Signal Processing, Vol. 26, No.1, pp. 43-49, 1978.

[22] J. Ortega-Garcia et al. "MCYT baseline corpus: A bi­modal biometric database", lEE VISp, Special Issue onBiometrics on the Internet, Vol. 150, No.6, 2003.

Authorized licensed use limited to: BIBLIOTECA D'AREA SCIENTIFICO TECNOLOGICA ROMA 3. Downloaded on January 14, 2010 at 05:05 from IEEE Xplore. Restrictions apply.