2025-11-18T05:55:12.881479

A Dual-Level Cancelable Framework for Palmprint Verification and Hack-Proof Data Storage

Yang, Kang, Teoh et al.
In recent years, palmprints have been widely used for individual verification. The rich privacy information in palmprint data necessitates its protection to ensure security and privacy without sacrificing system performance. Existing systems often use cancelable technologies to protect templates, but these technologies ignore the potential risk of data leakage. Upon breaching the system and gaining access to the stored database, a hacker could easily manipulate the stored templates, compromising the security of the verification system. To address this issue, we propose a dual-level cancelable palmprint verification framework in this paper. Specifically, the raw template is initially encrypted using a competition hashing network with a first-level token, facilitating the end-to-end generation of cancelable templates. Different from previous works, the protected template undergoes further encryption to differentiate the second-level protected template from the first-level one. The system specifically creates a negative database (NDB) with the second-level token for dual-level protection during the enrollment stage. Reversing the NDB is NP-hard and a fine-grained algorithm for NDB generation is introduced to manage the noise and specified bits. During the verification stage, we propose an NDB matching algorithm based on matrix operation to accelerate the matching process of previous NDB methods caused by dictionary-based matching rules. This approach circumvents the need to store templates identical to those utilized for verification, reducing the risk of potential data leakage. Extensive experiments conducted on public palmprint datasets have confirmed the effectiveness and generality of the proposed framework. Upon acceptance of the paper, the code will be accessible at https://github.com/Deep-Imaging-Group/NPR.
academic

A Dual-Level Cancelable Framework for Palmprint Verification and Hack-Proof Data Storage

Basic Information

  • Paper ID: 2403.02680
  • Title: A Dual-Level Cancelable Framework for Palmprint Verification and Hack-Proof Data Storage
  • Authors: Ziyuan Yang, Ming Kang, Andrew Beng Jin Teoh, Chengrui Gao, Wen Chen, Bob Zhang, Yi Zhang
  • Classification: cs.CR (Cryptography and Security)
  • Publication Date: March 2024 (arXiv preprint)
  • Paper Link: https://arxiv.org/abs/2403.02680

Abstract

This paper addresses privacy protection and data security issues in palmprint verification systems by proposing a Dual-Level Cancelable Palmprint Verification (DCPV) framework. The framework implements dual-layer protection through competitive hashing networks and Negative Database (NDB) technology, effectively mitigating security risks of traditional cancelable biometrics in database breach scenarios. Experimental results demonstrate that the method significantly enhances system security while maintaining verification performance.

Research Background and Motivation

Problem Definition

The core security challenges faced by palmprint verification systems include:

  1. Template Immutability: Once biometric templates are compromised, they cannot be changed, creating permanent security risks
  2. Database Attack Threats: Attackers with database access can directly exploit stored templates for malicious verification
  3. Privacy Leakage Risks: Palmprint data contains rich personal information requiring robust protection mechanisms

Limitations of Existing Methods

Traditional cancelable biometrics (CB) techniques have the following shortcomings:

  • Provide only single-layer protection, unable to counter direct database access attacks
  • Stored templates and verification templates share identical formats, risking direct exploitation
  • Lack consideration for storage-level security

Research Motivation

To address these issues, this paper proposes a dual-layer protection strategy:

  1. First Layer: Generate cancelable templates through competitive hashing networks
  2. Second Layer: Further protect stored templates using negative database technology

Core Contributions

  1. Proposed a novel dual-level cancelable palmprint verification framework achieving fine-grained template protection
  2. Introduced the negative database concept to palmprint verification, effectively mitigating threats from dataset breaches
  3. Designed a matrix operation-based NDB matching algorithm, significantly improving efficiency over traditional dictionary matching
  4. Validated the method's effectiveness on multiple public datasets, demonstrating framework generalizability and practicality

Methodology Details

Task Definition

Input: Raw palmprint images Output: Verification result (match/non-match) Constraints: Compliance with four ISO/IEC 30136 requirements (cancelability, non-linkability, non-invertibility, accuracy)

Model Architecture

1. Hashing Competitive Palmprint Network

The network comprises two core components:

Competitive Feature Extraction Backbone:

  • Employs learnable Gabor filters to capture texture features
  • Integrates comprehensive competitive mechanisms to generate robust competitive features

Template Transformation Head:

qj = ⟨u, M⊥⟩  (1)

where u ∈ R^mf is the unprotected feature vector, and M⊥ is an orthogonal matrix generated based on first-layer token k1.

Binarization Processing:

b(h) = {0 if q(h) ≤ β, 1 if q(h) > β}  (2)

Hybrid Loss Function:

L = w × LCE + (1-w) × LTC  (5)

Combines cross-entropy loss and supervised contrastive loss, with w set to 0.8.

2. Negative Cancelable Palmprint Template

Negative Template Transformation Algorithm:

  • Generates negative database using K-hidden method
  • Controls negative string generation probability via second-layer token k2
  • Each negative code bg comprises "0", "1", and "*" characters

String to Real Number Conversion:

  • "*" and "0" convert to 0 and -1 respectively
  • "1" directly converts to 1
  • Forms real-valued matrix Bg^r ∈ R^(N×m)

Matrix Matching Algorithm:

d = arccos(-sum(Bg^r · bq))  (6)

Technical Innovations

  1. Dual-Layer Protection Mechanism: First implementation in palmprint verification where stored and verification templates have completely different formats
  2. NP-hard Security Guarantee: Leverages theoretical security of negative databases to provide robust privacy protection
  3. Efficient Matching Algorithm: Replaces traditional dictionary matching with matrix operations, substantially improving verification efficiency
  4. End-to-End Training: Achieves network optimization through hybrid loss function

Experimental Setup

Datasets

Three public palmprint datasets were used:

  1. PolyU: 7,752 images, 386 palmprints, 193 individuals
  2. Multi-Spectral: Four sub-datasets (red, green, blue, near-infrared), each with 600 palmprints
  3. IITD: 2,601 images, contact-based acquisition

Evaluation Metrics

  • Equal Error Rate (EER): Error rate when FAR equals FRR
  • ROC Curve: Relationship between GAR and FAR
  • Non-Linkability Measure: Local measure D↔(s) and global measure D^sys↔

Comparison Methods

  • Baseline: Palmprint verification without protection measures
  • DCPV†: First-layer protection only
  • DCPV‡: Second-layer protection only
  • DCPV: Complete dual-layer protection framework

Implementation Details

  • Optimizer: Adam, learning rate 0.01
  • Training epochs: 3000 for IITD and PolyU, 1000 for Multi-Spectral
  • Hardware: AMD Ryzen 7 5800X CPU, NVIDIA GTX 3080 Ti GPU

Experimental Results

Main Results

DatasetBaselineDCPV†DCPV‡DCPV
IITD0.15448%0.22924%0.47101%0.36232%
PolyU0.00044%0.00123%0.00094%0.00794%
Red0%0%0%0%
Green0%0%0%0%
Blue0%0%0%0%
NIR0%0%0.00005%0.00007%

Key Findings:

  1. Achieved perfect performance (0% EER) on Red, Green, and Blue datasets
  2. DCPV shows minimal performance degradation compared to Baseline, validating method effectiveness
  3. Dual-layer protection mechanism maintains acceptable verification accuracy while ensuring security

Ablation Studies

Impact of Weight Parameter w:

  • Performance significantly degrades when w=1.0 (no contrastive loss)
  • Optimal balance achieved at w=0.8
  • Contrastive loss effectively enhances discriminability of binarized features

Validation on Different Network Architectures: Experiments on CO3Net demonstrate DCPV's generalizability and portability.

Security Analysis

Theoretical Guarantees:

  • Proved that K-hidden NDB is difficult to invert when ∑(K-2i)pi > 0
  • Non-linkability analysis shows D^sys↔ = 0.0062, approaching complete non-linkability

Experimental Findings

  1. Performance-Security Trade-off: Dual-layer protection significantly enhances security with minimal performance loss
  2. Spectral Robustness: Method performs excellently across different spectral conditions
  3. Matching Efficiency: Matrix operations substantially outperform dictionary matching in verification speed

Related Work

Palmprint Verification Technology Development

  1. Traditional Methods: Gabor filter-based encoding methods such as PalmCode
  2. Competitive Mechanisms: Extracting robust features through directional competition
  3. Deep Learning Methods: CNN, deep hashing networks, and other modern approaches

Cancelable Biometrics Technology

  1. Transformation Methods: BioHashing, random projection, etc.
  2. Deep Learning CB: Deep hashing, MLP hashing, etc.
  3. Negative Database Applications: First systematic application in biometrics

Conclusions and Discussion

Main Conclusions

  1. The dual-layer protection framework effectively addresses security vulnerabilities of traditional CB techniques
  2. Negative database technology provides novel security protection approaches for biometrics
  3. Matrix matching algorithm substantially improves the practicality of NDB methods

Limitations

  1. Computational Overhead: Dual-layer protection increases system complexity
  2. Storage Requirements: Negative database requires additional storage space
  3. Parameter Tuning: Multiple hyperparameters require careful adjustment

Future Directions

  1. Scenario Extension: Expand from verification to identification tasks
  2. Multimodal Fusion: Combine dual-layer protection with other biometric modalities
  3. Edge Computing Optimization: Optimization for resource-constrained environments

In-Depth Evaluation

Strengths

  1. Strong Innovation: First dual-layer cancelable framework addressing critical security issues
  2. Solid Theoretical Foundation: Provides security guarantees based on NP-hard theory
  3. Comprehensive Experiments: Validates method effectiveness and generalizability across multiple datasets
  4. High Practical Value: Solves real-world database security problems

Weaknesses

  1. High Complexity: Dual-layer protection increases system complexity
  2. Parameter Sensitivity: Selection of multiple hyperparameters may affect performance
  3. Limited Large-Scale Validation: Lacks verification on ultra-large-scale datasets

Impact

  1. Academic Contribution: Provides new research directions for biometric security
  2. Practical Value: Directly applicable to existing palmprint verification systems
  3. Reproducibility: Authors commit to releasing source code for research reproducibility

Applicable Scenarios

  1. High-Security Requirements: Applications in finance, government with extreme security demands
  2. Cloud Verification Systems: Cloud environments requiring user privacy protection
  3. Multi-Application Scenarios: Systems requiring cross-application non-linkability

References

The paper cites 63 relevant references covering biometrics, cancelable technology, deep learning, and other important domains, providing solid theoretical foundation for the research.

Overall Assessment: This is a high-quality security technology paper making significant contributions to solving security problems in palmprint verification systems. The dual-layer protection framework design is novel and practical, with comprehensive experimental validation and considerable academic value and application prospects.