Expert Systems with Applications 40 (2013) 1888–1901

Contents lists available at SciVerse ScienceDirect

Expert Systems with Applications

journal homepage: www.elsevier.com/locate/eswa

Biometric cryptosystem based on discretized fingerprint texture descriptors

Yadigar Imamverdiyev a,b,2, Andrew Beng Jin Teoh a,1, Jaihie Kim a,⇑
a
Biometric Engineering Research Center, School of Electrical and Electronic Engineering, Yonsei University, Seoul 120-749, Republic of Korea
b
Institute of Information Technology of ANAS, Baku, Azerbaijan

a r t i c l e i n f o a b s t r a c t

Keywords: This paper focuses on a biometric cryptosystem implementation and evaluation based on a number of
Fuzzy commitment scheme fingerprint texture descriptors. The texture descriptors, namely, the Gabor filter-based FingerCode, a local
Fingerprint texture descriptors binary pattern (LBP), and a local direction pattern (LDP), and their various combinations are considered.
Local binary pattern These fingerprint texture descriptors are binarized using a biometric discretization method and used in a
Biometric discretization
fuzzy commitment scheme (FCS). We constructed the biometric cryptosystems, which achieve a good
Error-correcting code
performance, by fusing discretized fingerprint texture descriptors and using effective error-correcting
codes. We tested the proposed system on a FVC2000 DB2a fingerprint database, and the results demon-
strate that the new system significantly improves the performance of the FCS for texture-based
fingerprints.
Ó 2012 Elsevier Ltd. All rights reserved.

1. Introduction cryptosystems offer solutions for template protection or crypto-

One of the most urgent tasks for biometric systems is the reli-
able protection of biometric templates. By using a poorly protected
or unprotected biometric template, an attacker can compromise a
biometric authentication system, recover the original biometric
data, and extract private information from this data, among other
actions. Although numerous methods have been proposed for bio-
metric template protection, according to the authors of Jain,
Nandakumar, and Nagar (2012), ‘‘most of the available template
protection techniques fail to meet all the desired requirements of
a practical biometric system like revocability, security, privacy,
and high matching accuracy’’. This conclusion is entirely true for
fingerprint recognition systems, which are the most widely used
biometric systems in practice.
A biometric cryptosystem is the most encouraging technique
for biometric template protection (Rathgeb & Uhl, 2011). Biometric
Abbreviations: BCH, Bose–Chaudhuri–Hocquenghem; BPA, belief propagation
algorithm; DROBA, detection rate optimized bit allocation; ECC, error-correcting
code; EER, error equal rate; FAR, false accept rate; FCS, fuzzy commitment scheme;
FRR, false reject rate; GAR, genuine acceptance rate; LCM, least common multiple;
LBP, local binary pattern; LDerivP, local derivative pattern; LDP, local direction
pattern; LDPC, low-density parity-check; MPA, message-passing algorithm; PEG,
progressive edge-growth; ROI, region of interest; SPA, sum-product algorithm.
⇑ Corresponding author. Address: B619, 2nd Engineering-building, Yonsei Uni-
versity, 134 Sinchon-dong, Seodaemun-gu, Seoul 120-749, Korea. Tel.: +82 2 2123
2869; fax: + 82 2 312 4584.
E-mail addresses: yadigar@lan.ab.az (Y. Imamverdiyev), bjteoh@yonsei.ac.kr
(A.B.J. Teoh), jhkim@yonsei.ac.kr (J. Kim).
1 of discretized fingerprint texture descriptors. We also consider the
Tel.: +82 02 2123 2869; fax: +82 02 312 4584.
2
Tel.: +994 12 539 0167; fax: +994 12 539 6121.
graphic key release by binding a key to or generating a key from
a biometric sample. The performance of existing biometric crypto-
systems is significantly lower than ordinary biometric systems.
There is an urgent need for the development of biometric crypto-
systems with high performance for practical applications. The per-
formance of existing biometric cryptosystems is strongly affected
by such factors as feature extraction, feature representation,
error-correcting code (ECC), biometric database, and the number
of training and testing samples (Jain et al., 2012; Kelkboom et al.,
2010; Rathgeb & Uhl, 2011).
In this study, we concentrate on a practical implementation of
the fuzzy commitment scheme (FCS). We consider a fingerprint tex-
ture-based feature extractor and fusion scheme of different binary
features that captures most of the discriminatory and reliable infor-
mation. Specifically, we use three well-known texture descriptors
for fingerprint representation: Gabor filters (Jain, Prabhakar, Hong,
& Pankanti, 2000), a local binary pattern (LBP) (Pietikäinen, Hadid,
Zhao, & Ahonen, 2011), and a recently proposed texture descriptor
called a local direction pattern (LDP) (Jabid, Kabir, & Chae, 2010).
We use a reliability based discretization scheme (Kevenaar,
Schrijen, van der Veen, Akkermans, & Zuo, 2005) for the binary rep-
resentation of fingerprint texture descriptors. Unfortunately, the
use of a single discretized fingerprint descriptor does not allow a
biometric cryptosystem to be constructed with the desired perfor-
mance for numerous reasons, including insufficient accuracy of
texture descriptors and loss in the discrimination power of the dis-
cretization scheme. To overcome this problem, we propose a fusion
appropriate selection of ECCs in light of recent developments in

0957-4174/$ - see front matter Ó 2012 Elsevier Ltd. All rights reserved.
http://dx.doi.org/10.1016/j.eswa.2012.10.009
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
security analysis of biometric cryptosystems, particularly attacks
that exploit the output statistics of ECCs (Stoianov, Kevenaar, &
van der Veen, 2009). A fusion of the most reliable bits from discret-
ized fingerprint texture descriptors and the use of effective ECCs
allow FCS to be implemented with a state-of-the-art key length
and verification performance.
1.1. Related works
Depending on the purpose of the application, we can distin-
guish two kinds of biometric cryptosystems (Rathgeb & Uhl,
2011): (1) key binding and (2) key generation cryptosystems.
In key binding cryptosystems, the key is combined with a bio-
metric sample into helper data during the enrolment. During the
verification, a new biometric sample and the stored helper data
are used to release the same key. Examples of key binding tech-
niques are the FCS (Juels & Wattenberg, 1999), fuzzy vaults (Juels
& Sudan, 2002), helper data systems (Kevenaar et al., 2005), and se-
cure sketches (Sutcu, Li, & Memon, 2007). Note that helper data
systems are fuzzy commitment-based schemes. In addition to a
commitment, these systems store some user-specific helper data
for reliable bit selection.
Key generation techniques extract a cryptographic key from a
biometric sample during the enrollment, with helper data if neces-
sary. During the verification, the same key has to be extracted
using a new biometric sample, and when available, the helper data.
Fuzzy extractors (Dodis, Reyzin, & Smith, 2004) are the most com-
mon type of key generation method used. A few reports have been
published on fuzzy extractor implementation for fingerprints
(Arakala, Jeffers, & Horadam, 2007; Tong, Sibert, Lecoeur, & Girault,
2007). However, the results of the implementation were not re-
ported in Tong et al. (2007), while the results of Arakala et al.
(2007) show a 15% false acceptance rate (FAR) and false rejection
rate (FRR), which are unacceptable for practical applications.
An FCS was the first example of a key binding cryptosystem. The
fuzzy commitment concept was introduced by Juels and Watten-
berg (Juels & Wattenberg, 1999) in 1999. It combines an error-
correcting code and a cryptographic hash function to embed a
secret. An FCS may be based on any (linear) error-correcting code,
and it works as follows:
Assume that an error-correcting code and a secure crypto-
graphic hash function, h, are chosen, and the input biometric fea-
ture vector is represented in a binary form as x e {0, 1}n. During
the enrollment, cryptographic key K is mapped by an ECC encoder
to a random codeword c e C, where C is a set of codewords of
length n. The offset d = x  c and hash value h(c) are then stored
as a commitment.
During the verification, for a decommitment the system ac-
quires a query biometric x0 , computes d + x0 , and if possible, de-
codes to the nearest codeword c0 . Decommitment is successful if
hash value h(c0 ) of decoded codeword c0 is equal to stored hash va-
lue h(c), and the secret codeword, c, is then released.
One requirement of an FCS is that the biometric feature vector
needs to be in an ordered binary form. This condition is well satis-
fied for IrisCode, which uses a 2048-bit binary string representa-
tion. In Hao, Anderson, & Daugman (2006), the authors were able
to generate 140-bit cryptographic keys from IrisCode with a
99.5% verification rate.
The main obstacle in the implementation of an FCS for finger-
prints is that fingerprint recognition is typically based on specific
features of the fingerprint pattern – minutiae (ridge endings and
bifurcations). This representation is an unordered set with a vari-
able length and is accompanied by a variety of errors in the minu-
tiae, including frequent insertions, deletions, and re-ordering,
which create various difficulties in the development of biometric
template protection techniques. To overcome the drawbacks of
1889
an FCS that cannot handle unordered data, the fuzzy vault scheme
was proposed (Juels & Sudan, 2002). A fuzzy vault can tolerate the
above-mentioned errors and is therefore preferred for minutiae-
based fingerprint recognition.
A fuzzy vault is constructed as follows: During the locking stage,
a user, Alice, selects a polynomial p of variable x that encodes a se-
cret k. The polynomial projections, p(A), for the elements of an
unordered set, A, are then computed. Alice adds some randomly
generated chaff points (for increased security) that do not lie on
p to obtain the final set R. During the unlocking stage, another user,
Bob, uses his own unordered set B to learn the secret k. If B sub-
stantially overlaps with A, Bob can locate the necessary number
of points in R that lie on p, and can successfully reconstruct poly-
nomial p (and hence find k).
Several implementations of the fuzzy vault for fingerprints have
been reported. Clancy, Kiyavash, and Lin (2003) were the first to
apply a fuzzy vault for protecting fingerprint templates. Their con-
struction uses only minutiae locations. Their reported FRR was
around 20% to 30%. One drawback of their implementation is that
it assumes that the template and query fingerprints have been pre-
aligned. In fact, the requirement of a pre-alignment is one of the
major drawbacks of fingerprint fuzzy vaults: the corresponding
minutiae positions of two compared fingerprints should be identi-
cal, and thus the fingerprints should be pre-aligned prior to the
fuzzy vault construction. Most of the recent research into finger-
print fuzzy vaults deals with this major weakness.
Yang and Verbauwhede (2005) proposed using reference minu-
tiae to handle the pre-alignment issue. The reference minutia was
extracted by combining multiple fingerprint impressions during
the fuzzy vault construction and verification. The evaluated FRR
using small private fingerprint database of 100 images was 17%.
Uludag and Jain (2006), Uludag et al. (2005) also used minutiae
location information only, and proposed an automatic fingerprint
alignment algorithm using the locations of the highest curvature
of the fingerprint ridges as additional helper data (Uludag & Jain,
2006). But both of these systems have a high FRR (20% for the sys-
tem in Uludag, Pankanti, and Jain (2005), and 16.5% for the one in
Uludag and Jain (2006)).
Nandakumar, Jain, and Pankanti (2007) further improved the
helper data extraction and alignment algorithm presented in
Uludag and Jain (2006). The authors use the minutiae location
and orientation information to implement the fuzzy vault, and
helper data extracted from the orientation field to align the tem-
plate and query minutiae sets. Moreover, they used more than
one fingerprint impression for encoding and decoding. An evalua-
tion using the FVC2002 DB2 database demonstrated an FRR of 9%
with an FAR of 0.01% when matching one query with one template.
One limitation of the fuzzy vault is its inability to effectively uti-
lize rich texture information of a fingerprint other than the minu-
tiae. The authors in Nagar, Nandakumar, and Jain (2008) addressed
this limitation by incorporating minutiae descriptors, i.e. the ridge
frequency and ridge orientation information, around a minutia
during the fuzzy vault construction. Experimental results from
the FVC2002 DB2 database show that minutiae descriptors allow
reducing the FAR from 0.7% to 0.01% without affecting the genuine
acceptance rate (GAR) of 95%, as compared with the results in
Nandakumar (2007).
There has been recent interest in the implementation of an FCS
for fingerprints (Nandakumar, 2010; Teoh & Kim, 2007; Xu,
Veldhuis, Kevenaar, Akkermans, & Bazen, 2008). The main advan-
tage of an FCS for practical implementation is that it is the simplest
and most studied biometric cryptosystem, and its security is based
on well-formulated assumptions (Juels & Wattenberg, 1999;
Kelkboom, Breebaart, Kevenaar, Buhan, & Veldhuis, 2011). As
shown in Merkle, Niesing, Schwaiger, Ihmor, and Korte (2010),
the entropy loss in a FCS is much lower than in a fuzzy vault
1890 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
scheme. Furthermore, it should be noted that a number of fixed-
length binary representations based on a minutiae set have
recently been proposed (Bringer & Despiegel, 2010; Farooq, Bolle,
Jea, & Ratha, 2007; Nandakumar et al., 2010; Xu et al., 2008).
Unfortunately, these methods suffer from various problems:
they need either an exhaustive search on the orientation/transla-
tion (Xu et al., 2008), or too long a binary presentation (Bringer
& Despiegel, 2010; Farooq et al., 2007), or they tolerate only a small
number of missing or spurious minutiae (Nandakumar et al., 2010).
A biometric cryptosystem should allow to store and release of
keys with the minimum length required for symmetric cryptosys-
tems (128-bit for the AES standard). However, this possibility has
been demonstrated only for IrisCode, which managed to embed
140-bit keys at a level of error FRR = 0.0047% (Hao et al., 2006).
The results for fingerprint-based FCSs thus far have been modest
in comparison with IrisCode, with the best result being 76-bit
key with an FAR of 5.4%, and FRR of 5.2% (Tuyls, Akkermans,
Kevenaar, Schrijen, Bazen, & Veldhuis (2005)).
1.2. Motivation and contributions
This paper comparatively studies the implementation of an FCS
using a number of fingerprint texture descriptors and their combi-
nations. The implementation of an FCS using fingerprints has re-
ceived relatively little attention (Nandakumar et al., 2010; Teoh
& Kim, 2007; Tuyls et al., 2005; Xu et al., 2008) because a fuzzy
vault is a native scheme that can be used for the same purpose.
As mentioned in the previous section, fuzzy vault implementations
usually do not completely use rich discriminatory information in a
fingerprint image other than minutiae. Texture-based descriptors
for fingerprints are potentially useful in fingerprint recognition
based on a number of merits: these methods can extract richer dis-
criminatory information, and therefore, have a satisfactory level of
accuracy; they do not require pre- or post-processing for minutiae
extraction and have a fast processing speed; texture-based descrip-
tors provide a fixed-length fingerprint feature vector, which can be
easily used in other systems including FCS. Therefore, FCS imple-
mentation based on fingerprint texture descriptors is worth
studying.
Despite the above-mentioned advantages, the performance of
fingerprint recognition methods based on fingerprint texture
descriptors, is generally lower than that of minutiae-based finger-
print recognition methods. The selected fingerprint texture
descriptors are real-valued; however, an FCS requires real-valued
features to be discretized, and discretization methods deteriorate
the classification performance of such features. Unlike traditional
fingerprint recognition methods that use a threshold value for
comparison, the verification in an FCS is deterministic, further
deteriorating the system performance. As a result, biometric cryp-
tosystems built using a single texture descriptor have an unaccept-
able performance for practical applications.
A possible solution to this is a fusion of two or more discretized
texture descriptors for the implementation of an FCS. As in multi-
biometric systems, we can expect that a fusion of different texture
descriptors will help improve the performance of a biometric cryp-
tosystem in comparison with the use of only a single texture
descriptor. Furthermore, for the fusion of discretized texture
descriptors, we formulate a simple rule that takes into account
the Hamming distance-based recognition accuracy of the descrip-
tors and the number of reliable bits available from the fused
descriptors.
This paper also discusses the biometric discretization method
selection and substantiates the appropriate ECC selection to pro-
vide a high error correction capacity and avoid reported security
attacks, including attacks based on ECC output statistics. The selec-
tion of the ECC depends on two contradictory criteria: high code
rate and high error correction capacity. It is particularly difficult
to satisfy these criteria simultaneously with a single ECC, and
therefore, in existing implementations, two ECCs are used in a con-
catenated mode, which has been subsequently proven to be sensi-
tive to a number of attacks (Stoianov et al., 2009). Low-density
parity-check (LDPC) codes are promising for an FCS implementa-
tion since they may have a low code rate and large minimum dis-
tance (high error correction capacity) simultaneously.
The main contributions of this paper can be summarized as
follows.
1. We propose the use of discretized fingerprint texture descrip-
tors and their fusion for the implementation of an FCS. We pres-
ent the results from several experiments to justify the selection
of the best combination of discretized texture-based descriptors
providing a high performance in an FCS implementation.
2. The biometric cryptosystem is constructed by appropriately
choosing of ECCs that provide a high error correction capacity
and allows preventing reported security attacks. We imple-
mented biometric cryptosystems using different ECCs and com-
pared the performances based on the experimental results.
3. The fusion of discretized fingerprint texture descriptors and the
appropriate selection of ECCs and their parameters in the pro-
posed biometric cryptosystem allows the generation of up to
120- bit keys with an acceptable error level. To the best of
our knowledge, this is the best result for an FCS based on tex-
ture-based fingerprints.
This paper is organized as follows. In Section 2, we provide an
overview of the proposed system and a description of feature
extraction methods. In Section 3, we discuss the selection of the
biometric discretization method. In Section 4, BCH and LDPC codes
are described for the construction of an effective biometric crypto-
system. In Section 5, we report the experimental results obtained
from various fingerprint texture descriptors and ECCs using the
FVC2000 DB2a fingerprint database. Finally, in Section 6, we offer
some concluding remarks and discuss the directions for future
research.
2. Proposed biometric cryptosystem for texture-based
fingerprint representation
In this section, we present a general overview of the proposed
biometric cryptosystem for fingerprints, which consists of finger-
print enhancement/pre-processing; core (reference) point detec-
tion; fingerprint image cropping and tessellation; fingerprint
texture feature extraction; including FingerCode, LBP, and LDP fea-
tures; biometric discretization; reliable bits fusion; and an FCS.
Fig. 1 shows a block diagram of the proposed biometric cryptosys-
tem. A detailed explanation of the diagram in Fig. 1 is provided in
Sections 3.1, 3.2, and 4.
2.1. Fingerprint image enhancement, core point detection and
tesselation
Fingerprint images vary in quality, and the first step in finger-
print recognition systems is usually an enhancement to improve
the clarity of the ridge and valley structures of the input fingerprint
image (Maltoni, Maio, Jain, & Prabhakar, 2009). To enhance finger-
print images, the technique from Chikkerur, Wu, and Govindaraju
(2004) is used, which divides the image into 16  16 overlapping
blocks and filter blocks using a frequency and orientation selective
filter, the parameters of which are based on the estimated local
ridge frequency and orientation using a Fourier domain analysis.
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901 1891

Circular region Finger Code Cryptographic

Discretization
Fingerprint tessellation Generation Key

Fuzzy
Image Core point LDP Reliable Bits
Discretization Commitment
Enhancement detection Histogram Fusion Scheme

LBP
Sub-windows Discretization Secure
Histogram
tesselation Template

Fig. 1. Block diagram of the proposed biometric cryptosystem.

Fig. 2. (a) Reference point (+) and tessellation into sectors, and (b) corresponding FingerCode.

Existing texture-based fingerprint recognition approaches re-
quire the pre-alignment of fingerprint images to achieve transla-
tion invariance. The FingerCode generation method uses a
reference (core) point for this purpose. In our implementation,
the core point localization algorithm based on a multi-resolution
direction field, which was proposed in Zhang and Wang (2002),
is used. First, a low-resolution direction field is used to find the
area that includes the core point, and a high-resolution direction
field is then used to search the position of this point.
After core point localization, a circular region of interest around
the core point is determined and tessellated into concentric bands,
each of which is divided into sectors (Fig. 2). Depending on the fin-
gerprint image size and resolution the following parameters were
selected:
 number of concentric bands (B = 4);
 width of each band in pixels (b = 20);
 number of sectors in each band (k = 16); and
 inner radius in pixels (r = 12).
For extraction of the LBP and LDP features, the central part of
the fingerprint image around the core point is cropped. The height
and width of the cropped image in pixels is r + 2  B  b + 16 = 188.
This region of interest (ROI) is divided into 4  4 overlapping sub-
windows of equal size, and the LBP and LDP features are calculated
for each sub-window. After conducting several experiments and
testing a range of overlapping ratios, the overlapping was set at
60%.
To provide invariance to the deformation of the fingerprint im-
age, parts of the sectors and sub-windows are normalized using the
procedure described in Jain et al. (2000).
2.2. FingerCode feature extraction
The texture-based fingerprint features used in the proposed
biometric cryptosystem are described below.
To experimentally test of the proposed approach, a well-known
texture-based fingerprint image representation, called FingerCode,
is used. First introduced in Jain et al. (2000), FingerCode is a fixed-
size real-valued vector that can be used for fingerprint matching
and classification. The matching is handled using a simple Euclid-
ean distance.
Gabor filters efficiently capture both the local orientation and
frequency information in a texture image. As pointed out in Jain
et al. (2000), four orientations are sufficient to capture the global
structure of a fingerprint image, while eight orientations are re-
quired to capture the local characteristics (Jain et al., 2000).
To obtain a FingerCode, the images in the sectors are filtered in
eight different orientations using the following bank of even sym-
metric Gabor filters:
( " #)
1 x02 y02 0
Gh;f ðx; yÞ ¼ exp  þ 2 cosð2pfx Þ;
2 d2x dy
x0 ¼ x sin h þ y cos h; y0 ¼ x cos h  y sin h;
where h e {0°, 22.5°, 45°, 67.5°, 90°, 112.5°, 135°, 157.5°}, f- is the fre-
quency of the sinusoidal plane wave along the direction h from the
x-axis, and dx and dy are the standard deviations of the Gaussian
envelope along the x- and y-axes, respectively. According to the ori-
ginal paper (Jain et al., 2000), for a 500 dpi fingerprint image, f is set
to 0.1, and dx and dy are both set to 4.0.
1892 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
example thresholding weights
200 165 142 1 0 0 1 2 4
174 200 180 0 0 128
228 234 243 1 1 1 64 32
Pattern = 0111001 LBP = 1 + 16 + 32 + 64 = 113
Fig. 3. Calculating the original LBP code.
The average absolute deviation of the gray values in the sectors
of the filtered images is computed to form a feature vector or
FingerCode.
The size of the FingerCode depends on the number of the con-
centric bands, the number of sectors in each band, and the number
of Gabor filters in the filter-bank. A total of 4  16 = 64 sectors and
a FingerCode length of 64  8 = 512 were the chosen parameter
values.
2.3. LBP features extraction
An LBP is a powerful feature for texture classification and it
was first introduced in 1996 by Ojala, Pietikäinen, and Harwood
(1996). The important properties of an LBP are its invariance to
any monotonic gray level and its computational simplicity. LBP
patterns allow microstructures such as edges, line ends, corners,
spots, and flat areas to be detected (Ojala, Pietikäinen, & Mäenpää,
2002).
LBP features have been successfully used in various applications
including texture classification, face detection (Hadid, Pietikäinen,
& Ahonen, 2004), face recognition (Ahonen & Pietikainen, 2006),
face expression recognition (Choi, Lee, Lee, Park, & Kim, 2011),
and gender and age classification (Shan, Gong, & McOwan, 2009).
In Nanni & Lumini (2008), a hybrid fingerprint matching system
based on an LBP was proposed, in which the best experimental re-
sults for FVC2002 databases were an EER (equal error rate) of 6.2%
(the LBP operator is applied directly to the grey image) and an EER
of 2.4% (the LBP is applied to the Gabor filter responses). The sim-
ilarity between two LBP feature vectors is evaluated based on their
Euclidean distance.
The original LBP operator is defined by thresholding the 3  3
neighborhood of each pixel value using the value of the central pix-
el. Pixels with values greater than the central pixel (or equal to)
take a value of 1, while those that are less central take a value of
0. Thus, an 8-bit binary LBP code describes the neighborhood of a
pixel. Fig. 3 illustrates the basic LBP operation.
Fig. 4. Fingerprint image, and the corresponding LBP image and its histogram.
After calculating the LBP pattern of each pixel, the texture im-
age is represented by a histogram. The number of histogram bins
for the original LBP is 281 = 255. Fig. 4 shows a fingerprint image,
as well as the corresponding LBP image and its histogram.
8 The original LBP was later extended to arbitrary circular neigh-
borhoods, and a number of extensions (uniform, rotation invariant,
16 multi-scale, etc.) for this have been developed.
The LBPP,R operator describes the texture at gc using a local
neighborhood of P equally spaced pixels in a circle of radius
R (R > 0). The coordinates of the neighbors gp are given by
(xc + Rcos(2pp/P), ycRsin(2pp/P)), where (xc, yc) are the coordi-
nates of the central pixel. The value of the LBPP,R code of pixel
gc is given by:
X
P1 
1; if x P 0
LBP P;R ðg c Þ ¼ Sðg p  g c Þ  2p where SðxÞ ¼
p¼0
0; otherwise
where gc is the gray value of the central pixel and gp(p = 0, . . . , P1)
is the grey value of its neighbors. When a neighbor does not fall ex-
actly within the center of a grid, its value is computed through bilin-
ear interpolation. Fig. 5 shows examples of circularly symmetric
neighbor sets for different values of P and R.
Uniform LBP patterns was first introduced in Maenpaa, Ojala,
Pietikäinen, and Soriano (2000), where it was observed experimen-
tally through texture images that certain patterns account for
about 90% of all patterns when using an (8, 1) neighborhood, and
70% for a (16, 2) neighborhood. These patterns are deemed ‘‘uni-
form’’, and have at most two bitwise 1 ? 0 or 0 ? 1 transitions.
For example, the LBP pattern 11111111 (no transition) or
01100000 (two transitions) is uniform, where the pattern
10101011 (six transitions) is not uniform. There are 58 uniform
patterns in the case of 8 sampling points. A single bin is assigned
to all non-uniform patterns. Therefore, the uniform pattern con-
cept reduces the number of LBP patterns from 256 to 59.
The rotation invariance of the LBP pattern can be achieved by
defining (Ojala et al., 2002) the following:
LBPriP;R ¼ minfRORðLBP P;R ; iÞji ¼ 0; . . . ; P  1g;
where ROR(x, i) (ROR – rotate right) performs a circular bit-wise
right shift on the P-bit number x i times. For example,
00011101 ? 10001110 ?    ? 00111010. In short, the LBPriP;R oper-
ator is computed by considering all circular rotations of the original
LBP code and taking its minimum value. LBPriP;R is invariant with re-
spect to any monotonic gray-scale transformation and rotation
along the circular neighborhood. It is somewhat difficult to count
the number of rotation-invariant LBPriP;R patterns in general cases.
For LBPri8;1 , there are 36 possible rotation-invariant patterns. There-
fore, LBPri8;1 produces 36-bin histograms.
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
P = 8, R = 1.0 P = 8, R = 2.0
Fig. 5. Circularly symmetric neighbor sets for different (P, R).
We used the following LBP features:
 LBP with P = 8, R = 1. The number of histogram bins is set to 32.
The resulting feature vector is termed LBP8. The size of the LBP8
feature vector in our experiments is 32  16 = 512.
 LBP with P = 16, R = 2. The number of histogram bins is set to 32.
The resulting feature vector is termed LBP16. The size of the
LBP16 feature vector in our experiments is 32  16 = 512.
 LBP with P = 24, R = 3. The number of histogram bins is set to 32.
The resulting feature vector is termed LBP24. The size of the
LBP24 feature vector in our experiments is 32  16 = 512.
 Uniform LBP. The number of histogram bins is 59. The resulting
feature vector is termed LBPu2. The size of the LBPu2 feature
vector in our experiments is 59  16 = 944.
 Rotation-invariant LBP. The number of histogram bins is 36. The
resulting feature vector is termed LBPri. The size of the LBPri
feature vector in our experiments is 36  16 = 576.
2.4. LDP feature extraction
The original LBP and its extensions are sensitive to random
noise and non-monotonic illumination variations. Zhang, Gao,
Zhao, and Liu (2010) proposed a new local pattern descriptor called
a local derivative pattern (LDerivP), which extracts high-order local
information by encoding various distinctive spatial relationships
contained in a given neighborhood. The authors extensively inves-
tigated the effectiveness of LDerivP patterns for face recognition in
comparison with an LBP, which uses a first-order local pattern. Lee,
Jung, and Kim (2011) applied the LDerivP technique for finger vein
pattern recognition. In a similar way, Jabid et al. (2010, 2011) pro-
posed a local directional pattern (LDP), which is based on eight
directional edge responses computed using Kirsh masks. Since
edge responses change less and are more stable than intensity val-
ues, LDerivP and LDP patterns are expected to be more stable val-
ues in the presence of a gray-level distortion. As shown in Ferrer,
Vargas, Morales, and Ordóñez (2012), LDerivP feature extraction
is computationally more expensive, and we therefore prefer to
use the LDP feature extraction.
The LDP technique uses only the k-most predominant directions
of the Kirsh mask responses. Here, the k bits of an 8-bit LDP pattern
which correspond to the k predominant direction responses are set
example
Mask Iindex
85 32 26
Mask Value
53 50 10 Rank
60 38 45 Code Bit
LDP Code
Fig. 6. LDP pattern generation (Nanni & Lumini, 2008).
1893
P = 16, R = 2.0 P = 24, R = 3.0
to 1. The remaining (8-k) bits are set to 0. The LDP pattern gener-
ation is illustrated in Fig. 6.
In our case, the LDP pattern is obtained by setting k = 3 predom-
inant directions to 1, and thus there are only 56 possible values
(7, 11, . . . , 208, 224). We therefore calculate a 56-bin histogram
for each sub-window. The histograms of each sub-window are con-
catenated, resulting in a 56  16 = 896 component length LDP fea-
ture vector.
3. Feature discretization
An FCS scheme demands the presentation of biometric features
in a fixed-length binary form. However, in many biometric sys-
tems, biometric features are expressed in real-valued vectors. It
is therefore necessary to use methods of biometric discretization,
which strongly affects the performance of the biometric
cryptosystem.
Several biometric discretization methods have been proposed in
recent years (Chen, Veldhuis, Kevenaar, & Akkermans, 2009;
Kevenaar et al., 2005; Lee, Teoh, Jung, & Kim, 2012; Lim, Teoh, &
Toh, 2012; Tuyls et al., 2005). A concise overview of the existing
biometric discretization methods can be found in Lim et al.
(2012), Lee et al. (2012). These techniques can be roughly catego-
rized into static and dynamic schemes according to the bit alloca-
tion mode. A static discretization scheme allocates a fixed number
of bits to every feature element (Kevenaar et al., 2005; Tuyls et al.,
2005). Dynamic discretization schemes allocate a varying number
of bits based on the statistical distinctiveness of the feature (Chen
et al., 2009; Lee et al., 2012; Lim et al., 2012).
We tested the following static and dynamic biometric discreti-
zation schemes experimentally for fingerprint features: the train-
ing bit statistics-based reliability discretization scheme by Tuyls
et al. (2005), the reliability function-based discretization scheme
by Kevenaar et al. (2005), the detection rate optimized bit alloca-
tion (DROBA) scheme by Chen et al. (2009), and the dynamic reli-
ability-dependent bit allocation scheme by Lim et al. (2012). Note
that in Lim et al. (2012), the dynamic reliability-dependent bit allo-
cation scheme was tested only for face feature vectors.
The EER value is used as a classification performance measure
for comparing the accuracy of the biometric discretization schemes
described herein, that is, the error rate is FAR = FRR. The lower the
achieved EER, the better is the biometric discretization scheme.
m7 m6 m5 m4 m3 m2 m1 m0
161 97 161 537 313 97 -503 -393
6 7 5 1 4 8 2 3
0 0 0 1 0 0 1 1
169
1894 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
Fig. 7. EER performance of the biometric discretization schemes for FingerCode.
The EER performance of a number of discretization schemes for the
FingerCode feature vectors from the FVC2000 DB2a database is
shown in Fig. 7.
In our experiments, the reliability function-based discretization
scheme and the dynamic reliability-dependent bit allocation
scheme turned out to be more accurate methods for fingerprint
features discretization. With a length of 250–450 bits, they each
achieve the same performance, although the first scheme is com-
putationally less expensive. For this reason, we chose the reliability
function-based discretization scheme to implement our biometric
cryptosystem.
The reliability function-based discretization scheme is a static
one-bit discretization scheme that uses simple threshold-based
binarization for the quantization of a feature element (Kevenaar
et al., 2005). The feature mean (median) of the entire training set
is chosen as the threshold. The more reliable components of the ex-
tracted bits are then chosen based on the error function. The posi-
tions of these reliable components and the threshold are stored as
helper data. These helper data are used for discretization of a query
biometric sample.
The EER performance of the reliability function-based discreti-
zation scheme for various fingerprint texture descriptors from
the FVC2000 DB2a dataset is shown in Fig. 8.
FingerCode exhibits the best EER performance, and attains the
lowest EER of approximately 2.5% at a bit length of k = 250, and
Fig. 8. EER performance of the reliability function-based discretization scheme for
fingerprint features.
remains below 5% for all values of k. The EER performance of Fin-
gerCode outperforms the other fingerprint texture descriptors by
approximately 3–5%. From Fig. 8, it is clear that when bit length
k > 200, almost all fingerprint texture descriptors exhibit an EER
performance of below 10%. As the bit length increases from the ini-
tial 64 bits to 200 bits, an EER performance of the fingerprint tex-
ture descriptors improves (decreases), and after 200–250 bits an
EER performance stabilizes; the EER performance does not deteri-
orate significantly with an increase in bit length.
We used the following simple rule for the fusion of the discret-
ized fingerprint feature descriptors: The relative number of bits, se-
lected from the discretized features to produce a bit string of a given
length, was determined according to the EER performance and
number of reliable bits available. To produce a bit-string with a gi-
ven length from two discretized descriptors, we selected more bits
from the descriptor with a lower EER. Let us denote the relative
number of bits (weight) allocated to the first and second fused
descriptors from the total number of bits as w1 and w2, respectively.
The optimal weights of the fused descriptors were determined
experimentally for each pair of descriptors. For example, to produce
a bit-string of 255 bits from FingerCode and LBP24, the optimal
weights were w1 = 0.65 (for FingerCode) and w1 = 0.35 (for
LBP24). In other words, a bit-string of 255 bits was obtained by
concatenating round (255  0.65) = 166 bits from the discretized
FingerCode and round (255  0.35) = 89 bits from the discretized
LBP24. Our experiments show that most of the discretized finger-
print texture descriptors have more than 250 reliable bits. Mainly
for this reason, for most pairs of combined descriptors used to
produce 511 bits, the optimal weights were equal to w1 = w2 = 0.5.
4. ECC selection for biometric cryptosystem construction
One of the important critical and non-trivial tasks in the devel-
opment of biometric cryptosystems is the correct choice of ECCs
and their parameters. Biometric cryptosystems are susceptible to
some practical security attacks (Bringer & Despiegel, 2010; Farooq
et al., 2007; Kelkboom et al., 2011; Merkle et al., 2010; Stoianov
et al., 2009; Xu et al., 2008). Some of the attacks are associated
with the ECCs used. The most important types of such attacks
are running an ECC in a soft decoding or erasure mode attack,
and an ECC histogram attack. A general overview of these attacks
is given in Stoianov et al. (2009).
Reference Stoianov et al., 2009 discusses various security at-
tacks on an FCS, particularly those that are caused by the ‘‘encoding
by splitting’’ approach normally practiced by researchers in this
area. The authors in Stoianov et al. (2009) stressed that ‘‘eccs con-
sisting of a series of small chunks, such as in Hao et al. (2006), seem
to be the most vulnerable to attacks exploiting the output statistics
of the ECC.’’ The authors indicated that biometric cryptosystems
that use a single-block ECC, are by definition secure against these
types of attacks, and in Schipani and Rosenthal (2010), LDPC codes
are identified as possible candidates to overcome them.
The following should be taken into account when selecting an
ECC to implement a biometric cryptosystem. For some ECCs, the
number of bits that can be corrected depends on the error pattern.
For example, based on a detailed study of IrisCode error patterns, a
Hadamard code was chosen in Hao et al. (2006) to correct random
bit errors, while a Reed–Solomon code was chosen to correct errors
at the block level, i.e., burst errors. Modeling the exact error pat-
terns of biometric discretization schemes for fingerprint features
is out of the scope of this paper. We are instead limited to the
use of ECC codes for correcting random bit errors.
Considering the above arguments for the construction of a bio-
metric cryptosystem, we used BCH and LDPC codes, both of which
can correct random bits errors. Some authors have reported error
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
performance comparisons of LDPC and BCH codes (Kim, Cho, &
Sung, 2010).
4.1. BCH codes
Bose–Chaudhuri–Hocquenghem (BCH) codes are cyclic ECCs.
The most commonly used BCH codes employ a binary alphabet.
Binary BCH codes were discovered by Hocquenghem in 1959 and
independently by Bose and Chaudhuri in 1960. BCH codes are a
popular choice for different applications including biometric cryp-
tosystems (Arakala et al., 2007; Kevenaar et al., 2005; Tuyls et al.,
2005) because they outperform most existing block codes at the
same code rate with a block length of a few hundred bits (Sklar,
2001).
Herein, we adopt a narrow sense binary BCH code (Moon,
2005). A cyclic code can be specified by its generating polynomial,
g(x), which divides all of its codewords. The generator polynomial
of a narrow sense binary BCH code over a GF(2m) of length n = 2m
1, capable of correcting at least t errors, is constructed through
the following method.
Let a be a primitive element in GF(2m). Let /2i1(x) be the min-
imum polynomial of the element a2i1, 1 6 i 6 t. The generator
polynomial of a narrow sense binary BCH code over a GF(2m) of
length n = 2m 1, capable of correcting at least t errors, is given by
gðxÞ ¼ LCMf/1 ðxÞ; /3 ðxÞ; . . . ; /2t1 ðxÞg;
where LCM means least common multiple. Since the degree of each
minimal polynomial /2i1(x) is m or less, the degree of g(x) is not
greater than mt. It means that, the code has at most mt parity check
bits.
The decoding procedure of the BCH codes includes three steps
(Moon, 2005): (1) syndrome computation; (2) error locator polyno-
mial determination, whose roots provide an indication of where
the errors are located; (3) and finding the roots of the error locator
polynomial using the Chien search algorithm. There are several dif-
ferent ways to find an error locator polynomial from the computed
syndromes, and the Berlekamp–Massey algorithm for BCH codes is
widely used.
A binary BCH code is usually denoted by a triplet (n, k, t), where
n = 2m 1 (for a certain value of m P 3) is the block length (binary
biometric template length), k is the message length (length of the
secret key), and t is the error-correcting capacity (n  k 6 mt).
4.2. LDPC codes
Low-density parity-check (LDPC) codes are linear error-
correcting codes. Their binary parity-check matrix contains a small
number of 1s in each row and column. LDPC codes were invented
by (Gallager, 1962); they were ignored for several decades mainly
owing to their highly complex computation requirements, but they
were rediscovered by MacKay & Neal (1996) and Wiberg (1996) in
the 1990s. These codes have been demonstrated as being capable
of approaching the Shannon limit (Kim et al., 2010). Other
advantages are their simple and effective encoding methods, and
the fact that they provide linear time complex algorithms for
decoding.
At present, LDPC codes are included in several standards, such
as DVB-S2 (Digital Video Broadcasting – Second Generation), IEEE
802.11n (for WLANs), IEEE 802.16e (for WiMAX), and IEEE
802.3an (for 10GBase-T Ethernet) (Otsuki, 2007).
The structure of an LDPC code is completely described by parity
check matrix H. If H has wc 1s per column and wr = wc(n/m) 1s per
row, the resulting LDPC codes are deemed regular. The above def-
inition implies that wc << m, wr << n. wc P 3 is necessary condition
for good LDPC codes. When the number of 1s per column or row is
not constant, the code is deemed an irregular LDPC code. Irregular
1895
LDPC codes generally outperform regular LDPC codes (Richardson,
Shokrollahi, & Urbanke, 2001).
Along with the parity-check matrix H, LDPC codes are often rep-
resented using a bipartite Tanner graph. A bipartite graph is an
undirected graph, the nodes of which can be divided into two clas-
ses such that no edge connects two nodes from the same class. The
two classes of nodes in a Tanner graph are called variable nodes (v-
nodes) and check nodes (c-nodes). (In the literature, variable nodes
are also called symbol or bit nodes and check nodes are also called
function nodes.) The Tanner graph of a LDPC code is created
straightforward: check node j is connected to symbol node i if ele-
ment hji in H has a value of 1.
The encoding algorithm in LDPC codes can be expressed by
x = uG, where G is the generator matrix, u is the message bits,
and x is the resulting codeword. All codewords must satisfy
xHT = 0. Encoding exploits the fact that any generator matrix for a
linear block code can be represented in a systematic form. Gener-
ator matrix G and parity-check matrix H share a relation as GHT = 0.
One way to construct G is to convert H into a reduced row echelon
form, H = [PT I], through Gaussian elimination, where H is m  n in
size and P is m  (nm). Generator matrix G can then be formed as
G = [I PT], where G is (nm)  n in size.
Unlike BCH codes, LDPC codes generally use a probability
decoding strategy. For decoding, LDPC codes use message-passing
algorithms (MPAs) Ryan, 2004 (messages are probabilities (or like-
lihood) of 1 or 0 have been transmitted). At all algorithm iterations,
messages are passed from symbol nodes to check nodes, and from
check nodes back to symbol nodes. Different MPAs are named
depending on the type of passed messages or operations per-
formed at the nodes (belief propagation algorithm (BPA), sum-
product algorithm (SPA), etc.).
The performance of an LDPC code depends on the length of
the shortest cycles (the girth of the code) in the Tanner graph.
MPAs assume independence of posterior probabilities. Short cy-
cles hurt the performance of MPAs as they invalidate the
assumption of independence. The shortest possible cycle in bipar-
tite graphs has a length of 4. The absence of cycles with this
length can be determined by the scalar product of all columns
(or rows) of the parity-check matrix. If each pair-wise inner prod-
uct of the columns (or rows) of the matrix is not greater than 1,
it indicates that there is no cycle with a length of 4. Although we
can eliminate all cycles with this length, we may still have cycles
with a length of 6. There have been a number of papers devoted
to algorithms used for searching and removing the minimum
length of cycles in a parity-check matrix of LDPC codes, for exam-
ple (Djidjev, 2010; Kim, Chung, & Shin, 2005; Wu, You, & Zhao,
2006).
For the construction of an LDPC code parity-check matrix, a
large number of design techniques exist in the literature. LDPC
codes can be categorized into random codes and structured codes
based on the construction methods. Random LDPC codes are con-
structed based on certain structural properties of their Tanner
graphs, such as the girth and the degree distributions of the nodes
(Richardson & Urbanke, 2001; Richardson et al., 2001). Structured
LDPC codes are constructed based on certain algebraic or combina-
torial principles (Fossorier, 2004; Tai, Lan, Zeng, Lin, & Abdel-
Ghaffar, 2006; Tanner, 1999; Vasic & Milenkovic, 2004).
In this paper, for the construction of the parity-check matrix
of LDPC codes, a progressive edge-growth (PEG) algorithm, intro-
duced by Hu, Eleftheriou, and Arnold (2005), is used. The PEG
algorithm establishes edges between symbol nodes and check
nodes consecutively in an edge-by-edge manner. The PEG algo-
rithm can be used to construct regular and irregular LDPC codes
with arbitrary parameters. Given the number of symbol nodes, n,
the number of check nodes, m, and the symbol node degree dis-
tribution, the PEG algorithm allows progressively constructing of
1896 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901

a Tanner graph such that with the addition of the next edge the Table 1
largest possible local girth is achieved (Hu et al., 2005). A good Selected BCH code parameters.

irregular degree distribution can be obtained with the density n k t Code rate Bit-error n k t Code rate Bit-error
evolution method (Chung, Forney, Richardson, & Urbanke, 2001). (k/n) rate (t/n) (k/n) rate (t/n)
255 107 22 0.419 0.086 511 130 55 0.254 0.216
255 91 25 0.357 0.098 511 103 61 0.202 0.239
5. Experimental results 255 71 29 0.278 0.114 511 85 63 0.166 0.247
255 63 30 0.247 0.118 511 76 85 0.149 0.333
255 47 42 0.184 0.165 511 67 87 0.131 0.341
5.1. Fingerprint database
255 37 45 0.145 0.176 511 49 93 0.096 0.365

For performance testing of the proposed approach, we used the

FVC 2000 DB2a fingerprint database (FCV2000, xxxx). The FVC
2000 DB2a database contains 8 images of 100 different fingers;
the image size is 256  364 pixels, the resolution is 500 dpi, with
an 8-bit depth. We use the first five fingerprints per finger for se-
cure template generation, and the last three fingerprints per finger
for verification.
5.2. Matching results based on fingerprint texture descriptors
For comparison, we implemented a fingerprint-matching sys-
tem based on fingerprint texture descriptors using the Euclidian
distance, the results of which are shown in Fig. 9. Note that in
the original paper (Jain et al., 2000), to ensure the rotation invari-
ance for each fingerprint during enrollment, ten FingerCode tem-
plates are generated and stored in the database, corresponding to
all rotations of the fingerprint image in steps of 11.25°. The final
matching distance score is taken as the minimum value of the
ten scores, i.e., matching of the input FingerCode with each of
the ten templates (Jain et al., 2000). In our implementation, we
used only one template and our results for the FingerCode corre-
spond to one template.
The EER performance of the fingerprint texture descriptors on
the FVC2000 DB2a dataset for FingerCode, LBP8, LBP16, LBP24,
LBPu2, LBPri, and LDP are 10.96%, 22.79%, 19.54%, 24.6%, 22.88%,
29.56%, and 15.95%, respectively.
5.3. Performance of the biometric cryptosystem constructed using BCH
code
In this section, we provide the results of the proposed biometric
cryptosystem constructed using a BCH code for the FVC2000 DB2a
fingerprint image database.
BCH codes do not exist for all triplets (n, k, t), and we choose
from the list of possible BCH codes for block lengths of n = 255
Fig. 9. Matching performance of the fingerprint texture features based on FVC2000
DB2a.
and n = 511 (Table 1). For a comparison, Table 1 also shows the cor-
responding code and bit-error rates.
Note that for a block length of n = 255, the maximum number of
bits that can be corrected by BCH with the selected parameters lies
between 8.6% and 17.6% of the binary vector. BCH codes with a
block length of n = 511 and the chosen parameters has better bit-
error rates of between 21.6% and 36.5%.
Note that because one user has several training samples, and
a fuzzy commitment operation leads to different secured tem-
plates (codewords) Ci, these templates have to be merged into
one reference template, which is done by taking the mean of
all Ci’s.
Three hundred genuine and 29,700 impostor comparisons
were conducted in the experiments. The biometric cryptosystem
performance was evaluated in terms of the GAR (where
GAR = 1  FRR) and FAR. In our experiments, the FAR value was
0. This can be explained as follows. The error correction capacity
of the ECC acts as a verification threshold. Increasing the error
correction capacity is equivalent to increasing the verification
threshold. Therefore, the FRR can be decreased by increasing the
error correction capacity. However, increasing this capacity will
also increase the FAR.
The Hamming distance distribution curves for genuine and
impostor comparisons based on discretized fingerprint texture
descriptors are shown in Fig. 10. From these distance distribution
curves, it is clear that genuine and impostor distances have an
overlap only when the Hamming distance is greater than 100.
The error correction capacity (parameter t) of the selected BCH
codes is less than 100 (see Table 1). Therefore, none of the key gen-
eration attempts for the impostor can be successful, resulting in a
zero FAR. Note that the Hamming distance distribution for genuine
and impostor comparisons behaves similarly for other fingerprint
features (Fig. 10).
Fig. 11 shows the dependence of the GAR from the key length
for BCH codes with n = 255 using single and fused fingerprint
features.
As might be expected from the EER performance of a biometric
system without template protection (Fig. 9), the best performance
is from an FCS based on FingerCode and LDP. Among the LBP-
based fingerprint features, the best performance was achieved
by LBPu2 and LBP24. The BCH (255, 47, 42)-code can correct about
16.5% of the bit errors, resulting in almost all of the selected
features being able to generate a key with a length of k = 47
and a GAR of above 90%. The error-correcting capacity of the
BCH code with n = 255 is low. With an increase in the key length,
the error-correcting capacity decreases and consequently, GAR
falls very quickly.
The fusion of reliable bits from two fingerprint features allows a
significant increase in the key length at an acceptable GAR for BCH
codes with n = 255. For example, the fusion of discretized features
allows a key with a length of 80 bits to be generated with a GAR of
90–92% for all combinations of fused features. The FingerCode-
LBPu2, FingerCode-LDP, and FingerCode-LBPri combinations
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901 1897

Fig. 10. Distribution of Hamming distances for the discretized fingerprint texture descriptors.

Fig. 11. GAR performance of the proposed biometric cryptosystem using fingerprint texture features and BCH codes with a block length of n = 255.

achieve high performances in comparison with the other feature
combinations.
Fig. 12 shows the dependence of the GAR based on the key
length for a BCH code of n = 511 using single and fused fingerprint
features. The error-correcting capacity of this code is high, and is
more than 21% as a worst case (Table 1). Among single fingerprint
features, LBPu2 feature achieves the best performance, as this fea-
ture is more stable and more accurately reflects the micro-textural
elements of fingerprint images.
The fusion of two fingerprint features allows keys with a length
of 80 bits to be obtained with a GAR of 92–94% for all combinations
of fused features. The FingerCode-LBPu2, FingerCode-LBP24 and
FingerCode-LBPri combinations achieve a high performance in
comparison with the other feature combinations within the range
of 50–80 bits. The FingerCode-LBPu2 fusion can also generate 100-
bit keys with a GAR of 89%.
5.4. Performance of the biometric cryptosystem constructed using
LDPC codes
Let LDPC (n, k) represent an LDPC code with block length n and
information bit length k. For the LDPC, we also conducted experi-
ments with block lengths of n = 255 and n = 511. We chose an LDPC
with a code parameter k of within 50 to 120 in steps of 5 or 10 for
n = 255. For a block length of n = 511, an LDPC with an information
bit length k of within 60 to 140 in steps of 5 or 10 was chosen.
Based on the selected parameters, the code rate varies within the
range of 0.13–0.27. Irregular parity-check matrices for the experi-
ments were generated using the PEG algorithm3.
3
The PEG C++ code is available at http://www.telecom.tuc.gr/~alex/software/
peg.zip.
1898 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901

Fig. 12. GAR performance of the proposed biometric cryptosystem using fingerprint texture features and BCH codes with a block length of n = 511.

Fig. 13. GAR performance of the proposed biometric cryptosystem for LDPC codes with a block length of n = 255.

Fig. 13 shows the GAR performance of an FCS implementation
using single and fused fingerprint features for an LDPC code with
n = 255. The error-correcting capacity of the LDPC code is higher
than a BCH code with the same block length. The GAR performance
of single features for an LDPC code with a block length of n = 255 is
similar to a BCH code with a block length of n = 255, while Finger-
Code, LDP and LBPu2 features achieve a higher performance.
The GAR performance of an FCS using fingerprint texture fea-
tures for an LDPC code with n = 511 is shown in Fig. 14. The LBP
features, with the exception of LBPu2, have a lower GAR perfor-
mance for the selected LDPC codes. The FingerCode-LBPu2 combi-
nation has the best GAR performance. This fusion allows 120-bit
keys to be generated with a GAR of about 92%. This is the best-
known result for a fingerprint-based FCS implementation.
5.5. Performance comparison with other biometric cryptosystems
The best-known biometric cryptosystem for a texture-based
fingerprint representation was proposed by Tuyls et al. (2005).
Their system uses two types of feature vectors for fingerprint
images: (1) a squared directional field and (2) four complex Gabor
filter responses of the fingerprint. The resulting feature vector was
formed through concatenation of these feature vectors, and it con-
sists of 1536 elements. A static one-bit discretization scheme with
reliable bit detection was used for feature discretization. The reli-
able bits are chosen based on the training-bit statistics and sig-
nal-to-noise ratio. For the performance test, one public-domain
database (FVC2000 DB2a) and one non-public domain database
were used. Six fingerprints per person were used during the
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901 1899

Fig. 14. GAR performance of the proposed biometric cryptosystem for LDPC codes with a block length of n = 511.

Table 2
Performance comparison of the proposed biometric cryptosystems with similar systems from Tuyls et al. (2005).

BCH(n, k, t) Tuyls et al. (2005), Fig. 5 FCode-LBPu2 FCode-LDP LBPu2-LDP

GAR (%) FAR (%) GAR (%) FAR (%) GAR (%) FAR (%) GAR (%) FAR (%)
(511, 85, 63) 90.1 2.5 90.4 0.0 87.3 0.0 88.0 0.0
(511, 76, 85) 94.6 5.2 95.3 0.0 94.7 0.0 94.1 0.0
(511, 67, 87) 94.8 5.5 95.7 0.0 95.0 0.0 94.7 0.0

Table 3 other systems in terms of the key size, FRR, and FAR, except for a
Comparison between the proposed and other biometric cryptosystems. cryptosystem based on IrisCode (Hao et al., 2006).
Method Modality Key size (bits) GAR (%) FAR(%) In Table 3, the proposed biometric cryptosystem with a key
Hao et al. (2006) Iris 140 99.53 0.0
length of k = 76 is constructed based on a fusion of the discretized
Zhou (2007) Face 107 99.6 12.0 fingerprint text descriptors FingerCode and LBPu2, or FingerCode
Maiorana (2010) Signature 29 93.05 6.95 and LBPri, and for error correction, a BCH (511, 76, 85)-code was
Nandakumar (2007) Fingerprint 40 99.98 17.5 used. The proposed biometric cryptosystem with key lengths of
Arakala et al. (2007) Fingerprint 34 85.0 15.0
k = 100, 120, and 140, was constructed based on a fusion of the dis-
Li et al. (2012) Fingerprint 50 95.15 0.0
Tuyls et al. (2005) Fingerprint 76 94.6 5.2 cretized texture descriptors FingerCode and LBPu2, and using the
Proposed Fingerprint 76 95.3 0.0 LDPC (511, 100), LDPC (511, 120), and LDPC (511, 140) codes. Note
100 92.67 0.0 that the fusion of the discretized fingerprint texture descriptors,
120 92.0 0.0
FingerCode and LDP, also allows a biometric cryptosystem with
140 89.33 0.0
key length of k = 100 to be built at the same GAR (see Fig. 14(b)).

enrollment, and two fingerprints per person were used for verifica-
tion. As the ECC, a binary BCH code with a block length of n = 511
was used for the FVC2000 DB2a database.
Table 2 compares the performance of the proposed biometric
cryptosystem with the biometric cryptosystem for fingerprints
from Tuyls et al. (2005). This biometric cryptosystem achieves
the best performance in terms of the key length and verification
performance of fingerprint cryptosystems. The fusion of a discret-
ized FingerCode with LBPu2 and LDP texture descriptors using the
proposed biometric cryptosystem achieves a slightly better perfor-
mance than that in Tuyls et al. (2005).
Table 3 compares the performance of the proposed biometric
cryptosystem with other biometric cryptosystems found in the lit-
erature. The proposed biometric cryptosystem outperforms the
6. Conclusions
In this paper, we proposed an effective biometric cryptosystem
construction for biometric template protection using a number of
discretized fingerprint texture descriptors and appropriate error-
correcting codes. Although fingerprint texture descriptors provide
a fixed-length fingerprint feature vector, their moderate discrimi-
natory power does not allow a biometric cryptosystem to be
implemented using a single texture descriptor. Fusion the most
reliable bits from different discretized fingerprint representations
and using LDPC codes with good error correcting capacity allows
an FCS with a state-of-the-art cryptographic key length and verifi-
cation performance to be implemented. The ability of LDPC codes
to process large blocks may be promising for future developments
1900 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
of fingerprint biometric cryptosystems using large-sized minutiae-
based binary representations.
Acknowledgments
This work was supported by the National Research Foundation
of Korea (NRF) grant funded by the Korea government (MEST).
References
Ahonen, T., & Pietikainen, M. (2006). Face description with local binary patterns:
Application to face recognition. IEEE Transactions on Pattern Analysis and
Machine Intelligence, 28(12), 2037–2041.
Arakala, A., Jeffers, J., & Horadam, K. J. (2007). Fuzzy extractors for minutiae-based
fingerprint authentication. In Proceedings of the 2nd international conference on
biometrics (ICB 2007) (Vol. 4642, pp. 760–769), LNCS , Seoul, South Korea.
Bringer, J., & Despiegel, V. (2010). Binary feature vector fingerprint representation
from minutiae vicinities. In Proceedings of the 4th international conference on
biometrics: Theory, applications, and systems (BTAS’10) (pp. 1–6).Washington DC,
USA.
Chen, C., Veldhuis, R. N. J., Kevenaar, T. A. M., & Akkermans, A. H. M. (2009).
Biometric quantization through detection rate optimized bit allocation.
EURASIP Journal on Advances in Signal Processing 2009, Article ID:784834.
http://dx.doi.org/10.1155/2009/784834.
Chikkerur, S., Wu, C., & Govindaraju, V. (2004). A systematic approach for feature
extraction in fingerprint images. In Proceedings international conference on
bioinformatics and its applications (ICBA2004) (pp. 344–350). Florida, USA.
Choi, S. E., Lee, Y. J., Lee, S. J., Park, K. R., & Kim, J. (2011). Age estimation using a
hierarchical classifier based on global and local facial features. Pattern
Recognition, 44, 1262–1281.
Chung, S.-Y., Forney, G. D., Richardson, T. J., & Urbanke, R. L. (2001). On the design of
low-density parity-check codes within 0.0045 dB of the Shannon limit. IEEE
Communications Letters, 5(2), 58–60.
Clancy, C., Kiyavash, N., & Lin, D. (2003). Secure smartcard based fingerprint
authentication. In ACM SIGMM 2003 workshop on biometrics methods and
applications (WBMA’03) (pp. 45–52). Berkeley, CA, USA.
Djidjev, H. N. (2010). A faster algorithm for computing the girth of planar and
bounded genus graphs. ACM Transactions on Algorithms, 7(1). http://dx.doi.org/
10.1145/1868237.1868240.
Dodis, Y., Reyzin, L., & Smith, A. (2004). Fuzzy extractors: How to generate strong
keys from biometrics and other noisy data. In Cachin, C., Camenisch, J. L. (Eds.),
Proceedings of EUROCRYPT’2004, LNCS , (Vol. 3027, pp. 523–540).
Farooq, F., Bolle, R. M., Jea, T.-Y., & Ratha, N. K. (2007). Anonymous and revocable
fingerprint recognition. In Proceedings of IEEE conference on computer vision and
pattern recognition (CVPR07) (pp. 1–7), Minneapolis, Minnesota, USA.
FVC2000: The first international fingerprint verification competition. Available
from: <http://bias.csr.unibo.it/fvc2004/databases.asp>.
Ferrer, M. A., Vargas, J. F., Morales, A., & Ordóñez, A. (2012). Robustness of offline
signature verification based on gray level features. IEEE Transactions on
Information Forensics and Security, 7(3), 966–977.
Fossorier, M. (2004). Quasi-cyclic low density parity check codes from circulant
permutation matrices. IEEE Transactions on Information Theory, 8, 1788–1793.
Gallager, R. G. (1962). Low density parity check codes. IRE Transactions
InformationTheory, 21–28. IT-8.
Hadid, A., Pietikäinen, M., & Ahonen, T. (2004). A discriminative feature space for
detecting and recognizing faces. In Proceedings IEEE conference on computer
vision and pattern recognition (CVPR 2004) (Vol. 2, pp.II-797–II-804).
Washington, DC, USA.
Hao, F., Anderson, R., & Daugman, J. (2006). Combining crypto with biometrics
effectively. IEEE Transactions on Computers, 55(9), 1081–1088.
Hu, X. Y., Eleftheriou, E., & Arnold, D. M. (2005). Regular and irregular progressive
edge-growth Tanner graphs. IEEE Transactions on Information Theory, 51(1),
386–398.
Jabid, T., Kabir, M. H., & Chae, O. (2010). Local directional pattern (LDP) – A robust
image descriptor for object recognition. In Proceedings the 7th IEEE international
conference on advanced video signal based surveillance (pp. 482–487). Boston,
USA.
Jabid, T., Mohammad, T., Ahsan, T., Abdullah-AI-Wadud, M., & Chae, O. (2011). An
edge-texture based moving object detection for video content based
application. In Proceedings of 14th international conference on computer and
information technology (ICCIT 2011) (pp. 1–5). Dhaka, Bangladesh.
Jain, A. K., Nandakumar, K., & Nagar, A. (in press). Fingerprint Template Protection:
From Theory to Practice. In P. Campisi (Ed.), Security and privacy in biometrics.
Springer, in press. Available from: <http://www.cse.msu.edu/rgroups/
biometrics/Publications/SecureBiometrics/
Jainetal_FpTemplateProtection_FromTheorytoPractice_2012.pdf>.
Jain, A. K., Prabhakar, S., Hong, L., & Pankanti, S. (2000). Filterbank-based fingerprint
matching. IEEE Transactions on Image Processing, 9, 846–859.
Juels, A., & Sudan, M. (2002). A fuzzy vault scheme. In Proceedings of IEEE
international symposium on information theory (ISIT) (pp. 408). Lausanne,
Switzerland.
Juels, A., & Wattenberg, M. (1999). A fuzzy commitment scheme. In Proceedings of
the 6th ACM conference on computer and communications security (CCS ’99) (pp.
28–36). Singapore.
Kelkboom, E. J. C., Breebaart, J., Kevenaar, T. A. M., Buhan, I., & Veldhuis, R. N. J.
(2011). Preventing the decodability attack based cross-matching in a fuzzy
commitment scheme. IEEE Transactions on Information Forensics and Security,
6(1), 107–121.
Kelkboom, E. J. C., Molina, G. G., Breebaart, J., Veldhuis, R. N. J., Kevenaar, T. A. M., &
Jonker, W. (2010). Binary biometrics: An analytic framework to estimate
the performance curves under Gaussian assumption. IEEE Transactions on
Systems, Man, and Cybernetics, Part A: Systems and Humans, 40(3),
555–571.
Kevenaar, T. A. M., Schrijen, G. J., van der Veen, M., Akkermans, A. H. M., & Zuo, F.
(2005). Face recognition with renewable and privacy preserving binary
templates. In Proceedings of the 4th IEEE workshop on automatic identification
advanced technologies (pp. 21–26). Buffalo, NY, USA.
Kim, S., Chung, H., & Shin, D.-J. (2005). Girth analysis of tanners (3,5) QC LDPC codes.
In Proceedings of IEEE international symposium on information theory (ISIT’05)
(pp. 1632–1636). Adelaide, Australia.
Kim, J., Cho, J., & Sung, W. (2010). Error performance and decoder hardware
comparison between EG-LDPC and BCH codes. In Proceedings of the IEEE
workshop on signal processing systems (SIPS) (pp. 392–397). San Francisco, USA.
Lee, E. C., Jung, H., & Kim, D. (2011). New finger biometric method using near
infrared imaging. Sensors, 11, 2319–2333.
Lee, H., Teoh, A. B. J., Jung, H. G., & Kim, J. (2012). A secure biometric discretization
scheme for face template protection. Future Generation Computer Systems, 28,
218–231.
Li, P., Yang, X., Qiao, H., Cao, K., Liu, E., & Tian, J. (2012). An effective biometric
cryptosystem combining fingerprints with error correction codes. Expert
Systems with Applications, 39, 6562–6574.
Lim, M.-H., Teoh, A. B. J., & Toh, K.-A. (2012). An efficient dynamic reliability-
dependent bit allocation for biometric discretization. Pattern Recognition, 45(5),
1960–1971.
MacKay, D., & Neal, R. (1996). Near Shannon limit performance of low density parity
check codes. IEEE Electronics Letters, 32(18), 1645–1646.
Maenpaa, T., Ojala, T., Pietikäinen, M., & Soriano, M. (2000). Robust texture
classification by subsets of local binary patterns. In Proceedings 15th
international conference on pattern recognition (Vol. 3, pp. 947–950). Barcelona,
Spain.
Maiorana, E. (2010). Biometric cryptosystem using function based on-line signature
recognition. Expert Systems with Applications, 37(4), 3454–3461.
Maltoni, D., Maio, D., Jain, A. K., & Prabhakar, S. (2009). Handbook of fingerprint
recognition (2nd ed.). London: Springer-Verlag (Chapter 3).
Merkle, J., Niesing, M., Schwaiger, M., Ihmor, H., & Korte, U. (2010). Provable
Security for the Fuzzy Fingerprint Vault. In Proceedings of the 5th international
conference on Internet monitoring and protection (ICIMP 2010), Barcelona, Spain
(pp. 65–73).
Moon, T. K. (2005). Error correction coding – mathematical methods and algorithms.
Hoboken, New Jersey: John Wiley & Sons Inc., pp. 235–280. (Chapter 6).
Nagar, A., Nandakumar, K., & Jain, A. K. (2008). Securing fingerprint template: Fuzzy
vault with minutiae descriptors. In Proceedings of the 19th international
conference on pattern recognition (ICPR) (pp. 1–4). Tampa, Florida, USA.
Nandakumar, K. (2010). A Fingerprint cryptosystem based on minutiae phase
spectrum. In Proceedings of IEEE workshop on information forensics & security
(WIFS) (pp. 1–6). Seattle, WA, USA.
Nandakumar, K., Jain, A. K., & Pankanti, S. (2007). Fingerprint based fuzzy vault:
Implementation and performance. IEEE Transactions on Information Forensics
and Security, 2(4), 744–757.
Nanni, L., & Lumini, A. (2008). Local binary patterns for a hybrid fingerprint
matcher. Pattern Recognition, 41, 3461–3466.
Ojala, T., Pietikäinen, M., & Harwood, D. (1996). A comparative study of texture
measures with classification based on feature distribution. Pattern Recognition,
29(1), 50–51.
Ojala, T., Pietikäinen, M., & Mäenpää, T. (2002). Multiresolution gray-scale and
rotation invariant texture classification with local binary patterns. IEEE
Transactions on Pattern Analysis and Machine Intelligence, 24(7), 971–987.
Otsuki, T. (2007). LDPC codes in communications and broadcasting. IEICE
Transactions on Communications, E90-B(3), 440–453.
Pietikäinen, M., Hadid, A., Zhao, G., & Ahonen, T. (2011). Vision using local binary
patterns. London: Springer (Chapter 1).
Rathgeb, C., & Uhl, A. (2011). A survey on biometric cryptosystems and cancelable
biometrics. EURASIP Journal on Information, Security 3, 25 <http://dx.doi.org/
10.1186/1687-417X-2011-3>.
Richardson, T. J., Shokrollahi, M. A., & Urbanke, R. L. (2001). Design of capacity-
approaching irregular low-density parity-check codes. IEEE Transactions on
Information Theory, 47(2), 619–637.
Richardson, T., & Urbanke, R. L. (2001). The capacity of low-density parity-check
codes under message-passing decoding. IEEE Transactions on Information Theory,
47(2), 599–618.
Ryan, W. E. (2004). An introduction to LDPC codes. In E. M. Kurtas & B. Vasic (Eds.),
Coding and signal processing for magnetic recoding systems. CRC Press (Section VI,
Chapter 36).
Schipani, D., & Rosenthal, J. (2010). Coding solutions for the secure biometric
storage problem. In IEEE information theory workshop (ITW), Dublin, Ireland (pp.
1–4).
 Y. Imamverdiyev et al. / Expert Systems with Applications 40 (2013) 1888–1901
Shan, C., Gong, S., & McOwan, P. W. (2009). Facial expression recognition based on
local binary patterns: A comprehensive study. Image and Vision Computing, 27,
803–816.
Sklar, B. (2001). Digital communications: fundamentals and applications (2nd ed.).
Prentice Hall, pp. 370-371.
Stoianov, A., Kevenaar, T. A. M., & van der Veen, M. (2009). Security issues of
biometric encryption. In IEEE Toronto international conference science and
technology for humanity (TIC-STH), Toronto, Canada (pp. 34–39).
Sutcu, Y., Li, Q., & Memon, N. (2007). Protecting biometric templates with sketch:
Theory and practice. IEEE Transactions on Information Forensics and Security –
Part 2, 2(3), 503–512.
Tai, Y. Y., Lan, L., Zeng, L., Lin, S., & Abdel-Ghaffar, K. A. S. (2006). Algebraic
cconstruction of quasi-cyclic LDPC codes for the AWGN and erasure channels.
IEEE Transactions on Communications, 54(10), 1765–1774.
Tanner, R. M. (1999). On quasi-cyclic repeat-accumulate codes. In Proceedings of the
37th annual Allerton conference on communication, control, computing,
Monticello, IL, USA (pp. 249–259).
Teoh, A. B. J., & Kim, J. (2007). Secure biometric template protection in fuzzy
commitment scheme. IEICE Electron Express, 4(23), 724–730.
Tong, V. V. T., Sibert, H., Lecoeur, J., & Girault, M. (2007). Biometric fuzzy extractors
made practical: A proposal based on FingerCodes. In Proceedings of the 2nd
International Conference on Biometrics (ICB 2007), Seoul, South Korea, LNCS, (Vol.
4642, pp. 604–613).
Tuyls, P., Akkermans, A. H. M., Kevenaar, T. A. M., Schrijen, G. J., Bazen, A. M., &
Veldhuis, R. N. J. (2005). Practical biometric authentication with template
protection. In Proceedings of international conference on audio- and video based
biometric person authentication (AVBPA), LNCS, (Vol. 3546 , pp. 436–446).
Uludag, U., & Jain, A. K. (2006). Securing fingerprint template: Fuzzy vault with
helper data. In IEEE workshop on privacy research in vision (PRIV), (pp. 163–169).
New York City, NY, USA.
1901
Uludag, U., Pankanti, S., & Jain, A. K. (2005). Fuzzy vault for fingerprints. In
Proceedings of audio- and video-based biometric person authentication (AVBPA)
(Vol. 3546, pp. 310–319), LNCS, Hilton Rye Town, NY, USA.
Vasic, B., & Milenkovic, O. (2004). Combinatorial construction of low density parity-
check codes for iterative decoding. IEEE Transactions on Information Theory,
50(6), 1156–1176.
Wiberg, N. Codes and decoding on general graphs. Ph.D. dissertation. Linkoping
University, Sweden, 1996.
Wu, X., You, X., & Zhao, C. (2006). An efficient girth-locating algorithm for quasi-
cyclic LDPC codes. In Proceedings of IEEE international symposium on information
theory (ISIT’06) (pp. 817–820). Seattle, USA.
Xu, H., Veldhuis, R. N. J., Kevenaar, T. A. M., Akkermans, A. H. M., & Bazen, A. M.
(2008). Spectral minutiae: A fixed-length representation of a minutiae set. In
Proceedings of computer vision and pattern recognition workshop (pp. 1–6).
Anchorage, Alaska, USA.
Yang, S., & Verbauwhede, I. (2005). Automatic secure fingerprint verification system
based on fuzzy vault scheme. In Proceedings of IEEE 2005 international conference
on acoustics, speech and signal processing (ICASSP 2005) (pp. 609–612).
Philadelphia, PA, USA.
Zhang, W. & Wang Y. (2002). Singular point detection in fingerprint image. In
Proceedings of the 5th Asian conference on computer vision (pp. 1–4). Melbourne,
Australia.
Zhang, B., Gao, Y., Zhao, S., & Liu, J. (2010). Local derivative pattern versus local
binary pattern: Face recognition with high-order local pattern descriptor. IEEE
Transactions on Image Processing, 19(2), 533–544.
Zhou, X. (2007). Template protection and its implementation in 3D face recognition
systems. In Proceedings of SPIE 07 biometric technology for human identification
IV, Paper 65390L. Available from: <http://dx.doi.org/10.1117/12.719845>.