On the security of biohashing
Biohashing algorithms map biometric features randomly onto binary strings with user-specific tokenized random numbers. In order to protect biometric data, these binary strings, the Biohashes, are not allowed to reveal much information about the original biometric features. In the paper we analyse two Biohashing algorithms using scalar randomization and random projection respectively. With scalar randomization, multiple bits can be extracted from a single element in a feature vector. The average information rate of Biohashes is about 0.72. However, Biohashes expose the statistic information about biometric feature, which can be used to estimate the original feature. Using random projection method, a feature vector in n dimensional space can be converted into binary strings with length of m (m <= n). Any feature vector can be converted into 2m different Biohashes. The random projection can roughly preserve Hamming distance between Biohashes. Moreover, the direction information about the original vector can be retrieved with Biohashes and the corresponding random vectors used in the projection. Although Biohashing can efficiently randomize biometric features, combining more Biohashes of the same user can leak essential information about the original feature.