A biometric recognition system can operate in two distinct modes, identification or verification. In the first mode, the system recognizes an individual by searching the enrolled templates of all the users for a match. In the second mode, the system validates a user's identity claim by comparing the fresh provided template with the enrolled template. The biometric transformation schemes usually produce binary templates that are better handled by cryptographic schemes, and the comparison is based on a distance that leaks information about the similarities between two biometric templates. Both the experimentally determined false match rate and false non-match rate through recognition threshold adjustment define the recognition accuracy, and hence the security of the system. To the best of our knowledge, few works provide a formal treatment of the security under minimum leakage of information, i.e., the binary outcome of a comparison with a threshold. In this paper, we rely on probabilistic modelling to quantify the security strength of binary templates. We investigate the influence of template size, database size and threshold on the probability of having a near-collision. We highlight several untargeted attacks on biometric systems considering naive and adaptive adversaries. Interestingly, these attacks can be launched both online and offline and, both in the identification mode and in the verification mode. We discuss the choice of parameters through the generic presented attacks.

翻译：生物特征识别系统可运行于两种不同模式：辨识模式或验证模式。在第一种模式下，系统通过搜索所有用户已注册模板以寻找匹配项来识别个体；在第二种模式下，系统通过比较新提供的模板与已注册模板来验证用户的身份声明。生物特征变换方案通常生成更易于密码学方案处理的二进制模板，其基于泄露两个生物特征模板相似度信息的距离进行比较。通过识别阈值调整实验确定的错误匹配率与错误非匹配率共同定义了识别精度，进而决定了系统的安全性。据我们所知，在最小信息泄露条件（即与阈值比较的二元结果）下对安全性进行形式化处理的研究尚属少数。本文基于概率建模量化二进制模板的安全强度，研究了模板规模、数据库规模及阈值对发生近碰撞概率的影响。考虑到朴素攻击者与自适应攻击者，我们揭示了对生物特征系统的若干非针对性攻击。值得注意的是，这些攻击可在线上及离线模式下发起，并同时适用于辨识模式与验证模式。通过提出的通用攻击范式，我们讨论了参数选择问题。