Abstract:
Biometrics based aut hentication systems have garnered widespread popularity due
to their various ac\vantages over contemporary token based systems. The core of a
typical biometric framework consists of a database wherein the biometric data of
the registered users get. stored. This database can either be stored locally ( e.g. in
smart cards), or in a centralized manner ( e.g. servers). From a security point of
view, the risks associated with such databases are alarmingly high. Theoretically,
they can be subjecte<l to a wide variety of external attacks by an adversary, thereby
compromising both the security and privacy aspects of the users. Some primary
examples of these user predicaments include unauthorized access, privacy breach and
even identity theft iu t he worst case. Considering the fact that biometric entries are
mostly invariant with time, (i.e. they cannot be re-issued like passwords on being
compromised) the stakes for protecting these unique entries become much higher.
