Enhanced Biometric Recognition for Secure Authentication using Iris Preprocessing and Hyper Elliptic Curve Cryptography

: Biometrics combined with cryptography can be employed to solve the conceptual and factual identity frauds in digital authentication. Biometric traits are proven to provide enhanced security for detecting crimes because of its interesting features such as accuracy, stability and uniqueness. Although diverse techniques have been raised to address this objective, limitations such as higher computational time, minimal accuracy and maximum recognition time remain. To overcome these challenges an enhanced iris recognition approach has been proposed based on Hyper Elliptic Curve Cryptography (HECC). The proposed study uses 2D Gabor filter approach for perfect feature extraction in iris preprocessing. Light weight cryptographic scheme called HECC was employed to encrypt the iris template to avoid intentional attack by the intruders. The benchmark CASIA Iris V-4 and IITD Iris datasets were used in the proposed approach for experimental analysis. The result analysis witnessed that the prime objective of the research such as lesser false acceptance rate, lesser false rejection rate, maximum accuracy of 99.74%, maximum true acceptance rate of 100%, and minimal recognition time of 3 seconds has been achieved. Also it has been identified that the proposed study outperforms other existing well known techniques.


Introduction
With the advancement of information technology, there is a gradual increase in crime and identity fraud. To address the issues related to identity fraud heightened security mechanism is needed. Biometric recognition is the most eminent technology for person authentication in identification systems. Biometric traits accurately determine the identity of a person either by means of their physiological characteristics (finger, iris, hand, face) and behavioral characteristics (gait, signature, voice). One of the most reliable and leading biometric technology is iris recognition system. Iris authentication is most accurate and domain-bounded recognition approach which uses distinctive patterns of human iris. The unique nature of iris is set between lens and cornea of the eye. The iris diameter is about 12 mm and pupil size varies from 10% to 80% of iris. The texture details of iris such as furrows, cornea, filaments, flecks and arching ligaments etc makes iris unique. The unique feature of iris is extracted after proper preprocessing techniques such as localization, normalization, segmentation. The proposed research uses 2D Gabor filter for exact feature extraction from iris.
In addition to the feature extraction of iris, proper encryption is also a major demand. The need for encryption in iris recognition is when original template is stored in database; the intruder may compromise and give access to sensitive data of a user. To overcome these challenges HECC is proposed for encrypting the iris template. HECC is a light weight cryptographic approach [25] that uses very less key size of 80 bits. HECC provides higher security with very less computational time hence it is more suitable for real time applications such as military, E-passport, credit card services, banking applications etc. To address all the security related issues and to obtain an enhanced accuracy, present research work proposes a novel, hybrid iris recognition with HECC encryption [23]. This study shows very less recognition time, less false acceptance and false rejection rate. Till now no applications have been proposed in combination with iris recognition with HECC encryption. The proposed work provides a novel enhanced iris recognition with higher accuracy and less recognition time.

Related Works
This section provides the brief overview of various iris recognition and encryption techniques. Aparna et al [9] discussed stable biometric characteristics to recognize a person. Result analysis shows that their scheme shows good performance on CASIA database. Kalka et al [12] used various metrics for iris recognition. Their scheme was based on occlusion, gaze deviation and light reflection based on ICE database. Sun et al [13] specifies iris recognition based on three approaches i.e. coarse iris classification, iris aliveness detection and coarse iris classification. Yongqiang et al [14] proposed a iris recognition model based on global and local iris features. Their scheme uses privacy projection algorithm which converts high dimensional data into lower dimensional data. Vani Rajasekar et al. [15] have proposed an authentication scheme based on signcryption with HECC. It is shown in their work that HECC provides much higher security than other cryptographic algorithms. Zhou et al [17] proposed an enhanced iris recognition model that outperforms the Daugman's model [21]. Their scheme uses snake model and vector field convolution technique to accurately determine the inner edge of the iris. Poursaberi et al [18] proposed an iris recognition approach based on hamming and harmonic mean distance. The dataset used in their method in CASIA V1 and feature extraction method used were wavelet daubechies2. Their observation includes rather than smaller part of iris, more reliable part produces more accuracy.
Galbally et al [19] developed a mechanism that not only for iris authentication but also used for immediate liveliness detection of iris. Burak et al [20] developed an iris recognition system in which the performance greatly depends on coding bits and noise level. Daugman et al [16] used Gaussian filter for segmentation of iris image. Their performance greatly varies due to light illumination and reflections. Neda et al [22] developed a hybrid robust iris recognition approach that uses 2D Gabor filter for feature extraction and neural network, PSO algorithm was employed to improve the generalization performance. Kalka et al uses different metrics for iris recognition such as iris occlusion, amount of reflection and gaze deviation. Their estimation was mainly on the bottom portion of iris and datasets used were ICE, CASIA, and WVU. Ch SA et al developed a signcryption scheme based on HECC. Their analysis shows that encryption using HECC provides much higher security compared to other cryptographic algorithms. Reyes et al [24] focused mainly on the iris texture and variability. Their scheme uses pseudo polar arrangement for matching and biomechanical model to improve the recognition rate and accuracy.
From the observations of above literatures, it has been studied that optimal iris recognition approach can be designed using iris localization, segmentation and normalization. 2D Gabor kernel filter acts as a perfect feature extraction mechanism in iris. There is a need for encryption of original iris template before stored in the database because there is a possibility for an intruder to compromise the template database. The problem identified and literature survey has motivated the research in following ways.
• Iris preprocessing with 2D Gabor filter can be used on normalized iris image for feature extraction.
• A novel approach called HECC can be used for encryption of original iris template as this is a lightweight cryptographic mechanism which provides much higher security in less computational time. • To design an efficient iris recognition approach with higher accuracy and reduced recognition time.

HEC and Selection of Genus 2 Curve
For efficient communication to be established among mobile devices, the major requirement is higher security and less power constraints. The existing cryptographic algorithms such as RSA, AES, DES and Elliptic Curve Cryptography have not satisfied such requirements because of its larger key size and complex mathematical calculations involved in encryption and decryption process. HECC is a light weight cryptographic scheme that has lesser key size and provides higher security than the existing schemes. The most attractive feature of HEC is that Genus 2 of HEC is mainly bounded on finite fields and algebraic geometry. Let S be a finite field and S − be algebraic closure of S. The HEC with genus 2 over S is given by (1) Where, h(x) ε S(x) defined as polynomial of degree g and f(x) denotes a monic polynomial of degree 2g+1. The most important point in HEC is choosing of appropriate curve for application. The proposed research work uses a method called Extended Complex Multiplication (ECM) over P (prime field) and length of p is 64 bits. Hence the time taken for executing brute force attack by the attacker in the proposed system will be much higher than the time taken for cryptanalysis.

Selection of genus 2 group elements and group operations
The group elements of HEC is not a rational point as in case of Elliptic curve instead a divisor. In proposed research work, a divisor of HEC is identified by combining certain number of points using a technique called Mumford representation. Generally HECC allows addictive group which involves divisor addition, divisor doubling and divisor inversion. The proposed research uses a technique called Cantor algorithm for divisor addition and divisor Inversion.

Dataset used:
There are two datasets used in the proposed research work. One of which is Chinese Academy of Science and Institute of Automation (CASIA) Iris Image Database Version 4.0 [10]. This dataset is an extension of CASIA Iris Image Database Version 3.0. The dataset contains 54,600 iris images captured from 2,800 distinct subjects. All images are jpeg files of 8 bit grey scale. One of the subset of CASIA V4 is Iris Thousand image dataset which contains 20,000 high quality iris images. Another dataset used in this research is Indian Institute of Technology Delhi (IITD) iris image dataset [1]. This contains about 2240 iris image acquired from 224 different users of age group 14-55 years comprising of 176 males and 48 females. The resolution of these images is 320X240 pixels. Because of this high resolution both the datasets are well suited for analysis of real time biometric authentication models.

Proposed Methodology
Iris is a unique physiological biometric trait of a person that can be used for authentication in many applications. The proposed study employs iris preprocessing as the initial step. The preprocessed 64 bit original noise removed templates are converted to cipher templates using encryption in HECC approach and all obtained cipher templates are stored in the database. For authentication, one of the test iris image from the database is taken and it is preprocessed, cipher templates are created using HECC. The resultant cipher template is compared with the one stored in the database using Euclidean distance (ED). ED is used to compare the cipher templates in database with the cipher template of test iris given in equation (2). If the comparison meets the threshold value biometric authentication success else authentication fails and procedure will be terminated. The overall block diagram of proposed methodology is specified in Fig.1.
Where i s is cipher template stored in database i t is cipher template of test iris image

Iris Pre processing
High quality of iris image acquisition generally results in higher accuracy for any authentication procedure. The Iris image pre processing consists of two phases. 1. Iris localization 2.Iris Normalization. These were performed to identify the ROI (Region of Interest) of iris and also to minimize the noise present in iris image.

A) Iris Localization:
This procedure detects the border internally and externally without error that separates the Sclera and Pupil part of iris. The proposed work uses Circular Hough Transform Algorithm (CHTA) for localization. The grey scale format can be applied to the captured image. In iris the region where dim pixels surrounded by light pixels are known as holes. An edge detection operator known as canny edge detector is used to locate the edge map on gray image. The CHTA is applied on the specific areas to perfectly identify the inner and outer circle iris parameters given in Fig.2. b).

B) Iris Normalization:
Conversion of iris image in Cartesian products to polar coordinates is called normalization. The proposed work used Daugman's Rubber Sheet model for normalization shown in Fig.3. Here the ring of iris image is transformed to rectangular projection of size (64X512). The images of iris area are I(X,Y), Cartesian coordinates are (X,Y), polar coordinates are specified as (r,θ), (X1,Y1) and (X2,Y2) represents the iris and pupil boundaries in θ direction.
C) Iris Segmentation: Segmentation is considered to be the most important step in iris pre processing given in Fig.2 c). The proposed work uses centroid and bounding box method to identify the center and radius of located pupil. To fix the lower and upper column in both horizontal and vertical direction, the center coordinate value of pupil is added to and subtracted from radius respectively. The iris part is segmented to 50 pixels from either side of pupil boundary to generate iris template based on CASIA Iris dataset [11]. 2D Gabor Kernel filter is the excellent feature extraction mechanism of iris. The more prominent features of this filter are the decomposition of input image into various images based on their textural information. A Gabor filter bank was employed to explain the channels present in frequency domain and spatial domain simultaneously. The filter parameters are precisely chosen for the determination of human visualization. The superfluous nature of Gabor filter reduces the feature dimension. The Gabor kernel approach was chosen in which each trained samples are twisted with the other Gabor channels. The distance between and within the gabor channels are calculated. The 2D Gabor filter representation in spatial domain are given as (5) λ is the sinusoidal function wavelength, θ is the orientation of Gabor filter, ψ is the offset of Gabor filter, Ω is the bandwidth and γ is the aspect ratio.

Hyper Elliptic Curve Cryptographic approach
The steps involved in HECC approach are a) Extended Complex Multiplication (ECM) to select the proper genus 2 HEC with cardinality N. b) Restricted Iris Template (RIT) to reduce the template size within 64 bits. c) Point to Divisor Conversion (PDC) algorithm to convert HEC points to Divisors which is based on Mumford representation. Once the divisors are generated the next step is d) Randomized Construction of Divisors (RCD) to generate random divisor which then combines with sequence of divisors from step c) forms the Cipher Divisors by the procedure Divisor Addition based on Cantor Algorithm (DACA). e) Cipher Divisors are converted to Cipher points using the algorithm Divisor to Point Conversion (DPC). The cipher templates are retrieved from cipher points as this is the final step in HECC approach. The cipher templates are stored in database. The block diagram of HECC approach is shown in Fig.4 and entire step involved in encryption is specified in algorithm 7 (Iris Template Encryption) ITE.

Designing of HEC using ECM
The security of the proposed system can be enhanced by concept of Discrete Logarithmic Problem (DLP) of HEC. This denotes the selection of suitable prime number of size 64 bits and group order should be the product of this 64 bit prime number. The curve selection of HEC based on ECM is given in algorithm 1. The proposed system is designed to have iris image of size 64 bits. The genus 2 HEC must generate to include all possible binary sequence of size 64 bits. As HEC is based on genus-2 over GF (P), it may not be possible to generate all sequence of 64 bits. Hence iris segmented image after 2D Gabor filter applied is restricted to generate the points within the prime field which is depicted in algorithm 2.

HEC points and HEC Divisors
HEC with genus 2 over 2g+1 is given in equation (1) and all non trivial elements in HEC are specified as divisors. The divisors are symbolized with the monic polynomials u(x) and v(x). It is based on three conditions a) u is monic b) Degree of v should be less than degree of u c) degree of u and v < genus-2. The group operation of HEC is based on divisors hence there is a need for conversion of HEC points to Divisors and Divisors to HEC points. And because of group property HECC it is faster than Elliptic Curve Cryptography (ECC). Hence, HECC is well suited for Light weight cryptographic applications. Algorithm 3 represents the conversion of HEC points to divisors. The divisor of HEC based on Mumford representation with two pair of polynomials u and v.

Randomized Divisor Construction:
The proposed biometric crypto system is a non deterministic one in which for the same iris and key pair it produces different cipher template every time. It is the most desirable property of the proposed system as it eliminates the known cipher text attack. Therefore there is a need to construct randomized divisor every time and it is specified in algorithm 4.

Algorithm 4: Randomized Construction of Divisors (RCD)
Input: p prime number and HEC curve C Output: Randomized divisor e1 Process: While true do Let a1, a2 be the two numbers such that  

Divisor Grouping:
The divisor grouping in HEC is based on Cantor algorithm. This algorithm takes two randomized divisor as input and produces unique divisor. As hyper elliptic operation is generally based on additive group, the necessary method for proposed cryptosystem is Divisor Addition in template encryption. Algorithm 5 depicts the steps involved in Divisor Addition.

Iris Template encryption:
The main question of template encryption in the proposed scheme is to avoid the eavesdropping of sensitive data by the attacker or sometimes the compromising of original template database by the attacker. One possible solution for this challenge is to ensure the privacy preserving of biometric template by means of cryptographic primitives. The direct employment of such cryptographic primitive is encryption of biometric template using HECC. The cipher divisors are converted to cipher points using the algorithm 6 DPC. The proposed encryption method converts the original iris template into cipher iris template. The steps involved in the proposed encryption are depicted in algorithm 7.

Results and Discussion
The proposed method is implemented in Anaconda 3 (Spyder) using Python programming language with the system having i5 processor and 8 GB RAM. The experimental set up of proposed method is divided into training set and test set. From the two datasets CASIA and IITD iris, 9 images were taken for training and one image is used for testing. The following five metrics are considered for determining the effectiveness of the proposed research. They are False Acceptance Rate (FAR), False Rejection Rate (FRR), True Acceptance Rate (TAR), Equal Error Rate (EER) and Accuracy.
• False Acceptance Rate (FAR): It is the probability in which the biometric system fallaciously accepts the unauthorized user. It happens when biometric system inaccurately matches the cipher template of user with the stored cipher template in database. • False Rejection Rate (FRR): It is the probability in which the biometric system denies access to the authorized user. It happens when biometric system fails to match the cipher template of user with the stored cipher template in database. • True Acceptance Rate (TAR): It is the probability in which the biometric system correctly identifies the authorized user.
• Equal Error Rate (EER): The Rate in which FAR is equal to FRR is known as ERR • Accuracy: Refers to number of legitimate users granted access to the number of attempts for authentication

Performance evaluation of proposed method on CASIA Iris Thousand dataset
To understand the feasibility of proposed method, 50 persons iris samples from CASIA Iris Thousand dataset are taken and parameters such as FAR, FRR, ERR, TAR and accuracy are computed for variation of threshold values as shown in Table 1. From the analysis it is witnessed that the proposed method has maximum TAR of 100% and optimum TAR of 90%. The average EER in the proposed method on CASIA dataset is 10% at threshold 0.70. The graphical representation of performance metrics is specified in the Fig 5 and

Performance evaluation of proposed method on IITD Iris dataset
To understand the feasibility of proposed method, 50 persons iris samples from IITD Iris dataset are taken and parameters such as FAR, FRR, ERR, TAR and accuracy are computed for variation of threshold values as shown in Table 2. From the analysis on IITD iris data it is inferred that the proposed method have maximum TAR of 100%. The EER of 11% is identified at the threshold 0.70 with optimum TAR of 89%. The graphical representation of performance metrics is specified in the Fig 7 and The table 3 shows the EER, maximum TAR, optimum TAR and accuracy of proposed method on both CASIA Iris and IITD Iris dataset. The comparison also shows the recognition time of proposed method in seconds. The performance metrics of the proposed scheme is compared with the existing scheme in terms of accuracy and maximum TAR as shown in table 4.

Conclusion and Future work
The proposed study presented a two novel approach such as 2D gabor kernel for feature extraction and HECC approach for encrypting original iris template to cipher templates. The major need of encrypting the iris template is to avoid the compromising of template database by the attacker. The research has been implemented on CASIA Iris V4 and IITD iris dataset. More attention has been given on evaluating the efficiency of the proposed algorithm. The result analysis witnessed that the proposed research has maximum TAR of 100%, accuracy of 99.74% with very less recognition time of 3 seconds. The method also outperforms the existing iris authentication techniques by means of accuracy and maximum TAR. Because of such higher accuracy and security the proposed study will find it applications in Military applications, Border control applications, Banking, Aadhar etc. Future work will investigate on implementing signcryption technique in iris recognition so as to improve accuracy and security in much better way.

Availability of supporting data
No supporting data is associated in this research

Conflicts of Interest
The authors declare here that they have no conflict of interest.

Data Availability Statement
The dataset used for experimental analysis are CASIA Iris V-4 and IITD Dataset which is publically available.

Funding Statement
The authors declare here that no funding has been got for this research work