Efficient Multi-Biometric Secure-Storage Scheme Based on Deep Learning and Crypto-Mapping Techniques

Abstract

Cybersecurity has been one of the interesting research fields that attract researchers to investigate new approaches. One of the recent research trends in this field is cancelable biometric template generation, which depends on the storage of a cipher (cancelable) template instead of the original biometric template. This trend ensures the confidential and secure storage of the biometrics of a certain individual. This paper presents a cancelable multi-biometric system based on deep fusion and wavelet transformations. The deep fusion part is based on convolution (Conv.), convolution transpose (Conv.Trans.), and additional layers. In addition, the deployed wavelet transformations are based on both integer wavelet transforms (IWT) and discrete wavelet transforms (DWT). Moreover, a random kernel generation subsystem is proposed in this work. The proposed kernel generation method is based on chaotic map modalities, including the Baker map and modified logistic map. The proposed system is implemented on four biometric images, namely fingerprint, iris, face, and palm images. Furthermore, it is validated by comparison with other works in the literature. The comparison reveals that the proposed system shows superior performance regarding the quality of encryption and confidentiality of generated cancelable templates from the original input biometrics.

1. Introduction

The use of human biometric data, including fingerprints, face, and iris scans, has grown in prominence in recent years, affecting almost every area of our life. The challenge is that, unlike passwords and credit cards, biometric traits are irrevocably linked to their owners and cannot be altered if compromised. Fingerprint recognition is a well-established technique with a high rate of user recognition [1,2]. Additionally, fingerprint recognition is the elementary job of the integrated automatic fingerprint identification service (IAFIS) for security organizations [3].

All out-of-date biometric systems depend on users providing images, extracting features from those images, and then matching those features with those stored in a database [4,5,6]. The main drawback of this trend is that all persons must provide their biometrics for features to be extracted. The challenge is that biometric traits are associated with their legitimate owners, and they cannot be changed. If a biometric trait is stolen, unlike passwords and credit cards, it cannot be replaced. Consequently, the biometric recognition scheme must assure the users’ secrecy, and the biometric data must be ciphered. Biometric pattern defense systems can be classified as cancelable biometric systems, if they meet two main requirements of biometric protection, which are given below:

• Irreversibility: It means that reconstructing the original biometric pattern from the deposited reference pattern must be computationally impractical [7,8,9,10,11].
• Unlinkability: Secure biometric patterns can be produced in dissimilar versions based on the biometric information (renewability), but secure patterns should not enable cross-matching (diversity) [12,13,14]. Cancelable biometrics is a promising trend in the direction of more secure biometric systems [15,16,17].

Recovering the original biometric data from the cancelable biometric transformations should be computationally hard. As illustrated in Figure 1, a non-invertible transform of the image is used rather than using the original image. If the transformed version of the image is stolen, the original image can be re-enrolled using a different transformation, i.e., the biometric template is updated. This maintains privacy, since recovering the original image from a transformed one becomes computationally difficult. In addition, it avoids database cross-matching, because each application should have a distinct transformation. In addition, the matching system performance is not degraded, because statistical characteristics are approximately maintained after transformation [18,19,20].

This paper presents a cancelable biometric recognition system based on deep fusion and random kernel generation. The process of kernel generation depends on two different chaotic maps: a 2D Baker map and a modified logistic map. These techniques are applied in two transform domains, namely IWT and DWT. When the data representing a transformed fingerprint is compromised, it is replaced with another encrypted version of the fingerprint, ensuring that the original fingerprint information is not altered or revealed. Furthermore, rather than using the original fingerprint templates, fingerprint matching is performed on the encrypted versions. This eliminates the risk of fingerprints being exposed during the decryption process. Additionally, the transformations offer the irreversibility and unlinkability of biometric patterns. The performed experiments reveal that the proposed cancelable fingerprint recognition system using a modified logistic map guarantees remarkably low equal error rate (EER), a large area under the receiver operating characteristic curve (AUC-ROC), noise immunity, and robustness compared to the case of using the Baker map only, according to the simulation results and comparisons. The following items summarize the key contributions of the presented research work.

• Fusion of the input human biometrics including face, fingerprint, iris, and palm images based on deep learning.
• Generation of random kernels based on chaotic maps.
• Convolution of the generated kernels with the fused images to generate the cancelable biometrics.
• Introduction of an extensive comparative study among the proposed methods in each phase of the proposed system.
• Evaluation of the proposed system and selection of the optimal modalities based on performance metrics.
• Comparison of the proposed system with state-of-the-art works.

The remaining parts of this paper are rearranged as follows. Section 2 gives a review of the related work. The proposed cancelable biometric recognition system and its components are explained in Section 3. The experimental results are presented in Section 4. Finally, the conclusion and future work are introduced in Section 5.

2. Related Work

Fingerprints have been used to provide cancelable biometrics in some cases. Wang and Hu [21] proposed a cancelable fingerprint recognition scheme that involves the generation of binary representations for pair-minutiae vectors and an identification stage based on frequency samples from these binary strings. This scheme is appropriate for applications with resource constraints, such as smart cards. It performed well over the FVC2002 DB1, DB2, and DB3 datasets.

Wei-Chao et al. [22] introduced a cancelable fingerprint recognition method that requires fingerprint pattern segmentation into local zones and modification of the guides of all minutiae within the same local zone, using a Fourier-like transform. The storage of fingerprint records is not required with this method. This method gained popularity on many distinct databases, as it achieved EERs ranging from 0.19% to 9% in the case of lost tokens.

A cancelable fingerprint recognition scheme based on binary fingerprint minutiae designed by the Hadamard transform was introduced by Wang et al. [23]. The Hadamard transform is used to produce complex vectors from the Fourier transform of a binary series representing the biometric, while the spacing between the vectors is specified before the transform is applied. On various standard databases, EERs ranging from 1% to 5% have been achieved with this scheme. Several studies for cancelable finger-vein and fingerprint multi-biometric systems have also been presented [24].

To secure fingerprint minutiae, Jin et al. [25] presented a fingerprint protection approach, which depends on a minutiae descriptor, namely minutiae vicinity decomposition (MVD), to combine randomized graph-based Hamming embedding (RGHE) with arbitrary geometric invariant features. In addition, they used an arbitrary projection to produce a set of arbitrary geometric invariant characteristics. The user minutiae vicinity collection (UMVC) system improves the discernment of randomized MVD, and the graph-based Hamming embedding works on the Hamming space. EER values of 4.36%, 1.77%, 24.71%, and 21.825% have been achieved on FVC2002-DB1, FVC2002-DB2, FVC2004-DB1 and FVC2004-DB2 databases, respectively.

Wang et al. [26] introduced an alignment-free cancelable fingerprint recognition system. To create the cancelable templates, the authors used a limited version of circular convolution. First, the singular points are extracted from fingerprint images. Then, by multiplying the discrete Fourier transformation (DFT) of two series, truncated convolution is applied. The authors carried out their experiments on the FVC2002 DB1, DB2, and DB3 databases, and obtained EERs of 2%, 3%, and 6.12%, respectively.

Das et al. [27] proposed a sequencing fingerprint hashing technique defined as the minimum distance graph of inter-minutiae minimum distance vectors. A search methodology that resembles hash matching was applied. In their experiment, they implemented tests on the databases of FVC2002 DB1a and DB2a and obtained an EER of 2.27%.

Yang et al. [28] connected two arrangements, a local arrangement, and a distant arrangement, at the feature level to produce binary-valued features that were subsequently safeguarded by an arbitrary-projection-based cancelable biometric system.

Lacharme et al. [29] presented a PIN-based cancelable biometric system for fingerprint patterns. They realized a biometric authentication system that uses a secret personal identification number (PIN) or a variety of passwords that are only known by the user. The minutiae are extracted using Gabor filters. The characteristics of these minutiae are stored in a feature vector with n components. This feature vector is called finger code with size n = 128, where all components are real numbers in the range of [−128, 128]. Consequently, a pseudo-random matrix composed of 128 pseudo-random vectors, each of length 128, is generated from the random seed during the bio-code generation. The first simulation experiment, where the random seed is unknown, attained a 0 EER and a 0 false acceptance rate (FAR). In the second simulation experiment, where the impostor has the entire knowledge of the random seed, the FAR was not null, and the EER was around 20%.

L₁-minimization was utilized by Liu and Zhao [30] to secure and save fingerprint templates in an encrypted form. The user is authenticated, when the requested fingerprint matches a stored fingerprint pattern in the encrypted domain. Because the pattern is formed from the minutiae cylinder code (MCC) with the appropriate implementation of the security approach as in Kaur and Khanna, (2017), the system achieved high security and identification accuracy. With FAR = 0, the system achieved 91.4 %, 84.0 %, and 65.6% genuine accept rate (GAR) on FVC2002 DB1, FVC2002 DB2, and FVC2004 DB1, respectively.

Karthi and Azhilarasan [31] used both the Finite Element (FE) technique for key generation and the salting technique for feature transformation. The authentication method in this system depends on fingerprint and iris features. The iris code is generated first, and then the FE is applied to the iris code to create the key. After that, the FE key is utilized as a user-specific token for the random projection (RP). The fingerprint feature set is entered into the RP, and a protected template is created to be kept in the database. The pattern is compromised if a user-specific symbol is revealed. During the authentication process, the user-specific key is extracted from that person’s biometric features rather than being stored. As a result, the database templates have a high level of privacy.

Kaur and Khanna [32] introduced a random distance technique for generating cancelable biometric templates. They used this technique with a variety of modalities. It satisfies the essential revocability and non-inevitability requirements. By fusing structures at the feature level, cancelable fingerprint templates are created. To generate fused bit strings, distance and local structures are built using fingerprint minutiae points. The DFT is then used to create the cancelable fingerprint templates in the next stage. On the FVC2002 DB2 database, this approach achieved an EER of 1.6%, while it achieved an EER of 12.7% on the FVC 2004 DB2 database.

Kho et al. [33] created another cancelable template design employing randomized non-negative least squares. The authors created a unique permutated randomized non-negative least-square (PR-NNLS) descriptor for non-invertible transformations, but instead of using it on the minutiae descriptor, they used it on the partial local structure (PLS) descriptor dictionary to keep the accuracy high. However, because no investigation of distance preservation has been undertaken, the complete non-inevitability of this scheme cannot be determined.

A non-invertible transform for data gleaned from the Delaunay triangulation of minutiae points was employed by Trivedi et al. [34]. For generating cancelable templates, a random binary string was used with a user-specific key. However, this scheme was only tested on a single dataset, which is insufficient for validating the accuracy requirements and other cancelable biometric aspects.

The partial DWT and the window-shift-XOR model were used by Shahzad et al. [35] to create a dual-protection alignment-free cancelable fingerprint recognition scheme. When compared on public databases, the designed cancelable templates meet the requirements of non-inevitability, diversity, and revocability, as well as improved recognition accuracy. For example, the EER of that scheme is 0%, on both FVC2002 DB1 and DB2, 1.63% on FVC2002 DB3, 7.35% on FVC2004 DB1, and 4.69% on FVC2004 DB2. The generated cancelable templates are immune to record multiplicity attacks. A comparison of the characteristics of all related works is introduced in

Table 1. Comparison of the characteristics of related studies.

Authors–Year	Methodology	Performance
Wei-Chao et al. (2014)	This technique uses a Fourier-like transform for all minutiae within the same local zone, and segments the fingerprint pattern into localized zones.	EER ranges from 0.19% to 9%.
Wang et al. (2017)	In this system, the Hadamard transform is used to apply the binary design of the fingerprint minutiae in the system.	Various databases have been used and EERs ranging from 1% up to 5% have been obtained.
Jin et al. (2014)	In this approach, RGHE has been combined with a minutiae classifier called MVD to construct a collection of arbitrary projections in addition to the arbitrary geometrical invariant features.	Tests have been performed on the FVC2002DB1 and DB2 datasets, achieving EERs of 4.36% and 1.77%. On FVC2004 DB1 and DB2 datasets, EER values of 24.71% and 21.825% have been achieved, respectively.
Wang et al. (2017)	A constrained form of circular convolution has been used. To begin, single points are selected to capture fingerprint patterns. Then, by multiplying the DFT of two series, truncated convolution is applied.	The experiments were performed on the FVC2002 DB1, DB2, and DB3 databases achieving EERs of 2%, 3%, and 6.12%, respectively.
Das et al. (2012)	As a feature set, an alignment-free fingerprint hashing approach was created based on a minimum distance graph of the inter-minutiae minimum distance vectors.	The experiments were performed on the FVC2002-DB1a and DB2a datasets achieving an EER of 2.27%.
Yang et al. (2018)	Two arrangements have been realized, namely local arrangement and distant arrangement at the characteristic level.	Binary-valued characteristics have been produced. They are subsequently protected by an arbitrary-projection-based cancelable biometric recognition system.
Lacharme and Plateaux (2011)	A PIN-based cancelable biometric system for fingerprint patterns has been presented. A biometric authentication system has been realized. It uses a secret PIN code or a variety of passwords that are only known by the user. The minutiae are extracted using Gabor filters.	In the simulation tests, the FAR is not null and is sometimes high and EER is around 20%.
Liu and Zhao (2017)	L1-minimization was utilized to secure and save fingerprint templates in encrypted form. The user is authenticated, when the query fingerprint matches a stored fingerprint pattern. The MCC has been utilized.	The system achieved 91.4%, 84.0% and 65.6% Genuine Accept Rate (GAR) with FAR = 0 on FVC2002DB1 and DB2 and FVC2004 DB1, respectively.
Karthi and Azhilarasan (2013)	Both the FE technique for key generation and the salting technique for feature transformation have been used.	Instead of keeping the key, a user-specific key is produced from the person’s biometric characteristics during the authentication procedure. As a result, this improves the privacy of users.
Kaur and Khanna (2018)	The system is based on blind cancelable fingerprint recognition.	The results were obtained on FVC2002 DB1, DB2, and DB3 databases, achieving acceptable results.
Kho et al. (2019)	A designed algorithm employing randomized non-negative least squares has been presented. The authors created a unique PR-NNLS descriptor for non-invertible transformations, but instead of using it on the minutiae descriptor, it has been used on the PLS descriptor dictionary	The descriptor has been implemented on the PLS descriptor dictionary to keep the accuracy high.
Trivedi et al. (2020)	A non-invertible technique based on the data from the Delaunay triangulation of minutiae points has been introduced.	The scheme has only been tested on a single dataset, which is insufficient for testing the accuracy.
Shahzad et al. (2021)	Alignment-free cancelable fingerprint templates have been created with dual protection using the partial DWT and the window-shift-XOR model.	The EER of this scheme is 0% for both FVC2002 DB1 and DB2, 1.63% for FVC2002 DB3, 7.35% for FVC2004 DB1 and 4.69% for FVC2004 DB2.

.

3. Preliminaries

This section includes the definitions and formulas, which are used in the proposed system, including IWT, DWT and types of kernel generation.

3.1. Integer Wavelet Transform (IWT)

The IWT of a signal separates it into a set of integer components from which the inverse IWT may extract the signal without causing any damage. The IWT filtering methods are designed effectively in the system presented in Figure 2a,b. The round-off function Int is used as follows [36,37,38]:

$$d_i^{l+1}=S_{2i+1}^l-Int\left(\frac{9}{16}\left(S_{2i}^l+S_{2i+2}^l\right)-\frac{1}{16}\left(S_{2i-2}^l+S_{2i+4}^l\right)\right)$$

(1)

$$S_i^{l+1}=S_{2i}^l+Int\left(\frac{1}{4}\left(d_{i-1}^{l+1}+d_i^{l+1}\right)\right)$$

(2)

where $S_i^l$ denotes the input signal at the l+1-th decomposition level at the time i, $d_i^{l+1}$ denotes the high-frequency output at level l+1 and time i and $S_i^{l+1}$ is the low-frequency output at level l+1 and time i.

3.2. Discrete Wavelet Transform (DWT)

The DWT, on the other hand, is carried out using multi-level filter banks, as shown in Figure 3. The following is a mathematical expression for a 1D signal x(k) of a single-level decomposition.

$$y_{low}\left(k\right)={{\displaystyle \sum }}_{n}x\left(k\right)h\left(2k-n\right)$$

(3)

$$y_{high}\left(k\right)={{\displaystyle \sum }}_{n}x\left(k\right)g\left(2k-n\right)$$

(4)

As a consequence, after two sub-samplings, y_low (k) and y_high (k) are the results of the low-pass and high-pass filters, respectively. The DWT is performed on images, starting with rows and ending with columns. The image is separated into four bands after wavelet decomposition: a low-frequency band LL and three high-frequency bands HL, LH, and HH [36,37,38]. Encryption is conducted on each band using a unique key.

3.3. Random Kernel Generation

The implementation of chaos-based cryptography is achieved by chaotic maps. A chaotic map is a function that has the same domain (input space) and range (output space). Chaotic maps are dynamic systems in which time is discrete instead of being continuous, and each map displays chaotic characteristics for particular parameter values.

3.3.1. Baker Map

Chaotic Baker map is used in the proposed system for generating random kernels that are convolved with the fingerprint images for encryption. We suppose that each kernel is obtained from an image, and the chaotic Baker map is used to scramble this kernel. The original image pixels are randomly rearranged via chaotic image encryption methods, and adjacent pixels in the encrypted version are no longer related [37,38]. The image is stretched horizontally and then folded vertically in the Baker map output. This process is repeated to modify the positions of all pixels in the original image.

The associated mathematical statements illustrate the Baker map operation. The discretized map is denoted by B [n₁, …, n_k], while the secret key S is represented by the vector [n₁, …, n_k]. The number of data elements in a single row is denoted by N. We divide N by each integer n_i to obtain the secret key, where N = [n₁ + … + n_k]. It is assumed that n₁ + … + n_i = N_i. The pixels at the (q, z) indices are relocated to the indices $\left(\stackrel{`}{q},\stackrel{`}{z}\right)$ as follows:

$$B\left(\stackrel{`}{q},\stackrel{`}{z}\right)=\left(\frac{N}{n_i}\left(q-N_i\right)+zmod\left(\frac{N}{n_i}\right),\frac{n_i}{N}\left(z-zmod\left(\frac{N}{n_i}\right)\right)+N_i\right)$$

(5)

where 0 ≤ z< N, and N_i ≤ q < N_i + n_i.

The phases of the permutation with chaotic Baker map are as follows:

• The N × N square image is split into k rectangles, each having a width n_i and N components.
• In the permuted version, the elements of each rectangle are remapped into a row.
• These rectangles are dragged from left to right, starting with the top rectangles and finishing with the bottom rectangles.
• The scan begins at the lowest-left corner and progresses upward in each rectangle.

Figure 4 depicts an 8 × 8 square image with its chaotic-permuted version as an example. S_key = [n₁, n₂, n₃] = [2, 2, 4] is the secret key.

The IWT and the DWT are used to execute the 2D Baker map encryption on the images with similar or different keys. Finally, the encrypted image is obtained using an inverse transform with a high degree of diffusion in the lower rectangles.

3.3.2. The Modified Logistic Map

The modified logistic chaotic map is an extension of the classical logistic map given in Equation (7), in which two polynomial component ${(1.2-2\times X_{n-1})}^2$, and $(1-X_{n-1})$ are incorporated into the logistic map equation to widen the range of the parameter r that guarantees chaotic behavior. The equations of the modified logistic chaotic map are given as follows [38,39,40]:

X_n+1= r X_n (1 − X_n)

(6)

X_n = r X_n−1 (1 − X_n−1) (1 − X_n−1) (1.2 − 2 (X_n−1)) (1.2 − 2 (X_n−1))

(7)

where X_n is a positive integer between 0 and 1, n is the number of iterations, X₀ is the starting value, and r is a positive integer between 0 and 13.8.

• Analysis of Modified Logistic Map

The range of the parameter r may be split into three regions, which can be investigated using the MATLAB simulation as follows. When r $\in$ [0, 3.4], as shown in Figure 5a, the computation yields the same result after multiple rounds, with no chaotic behavior. When r $\in$ [3.4, 5.2], as illustrated in Figure 5b, the phase space terminates at many places where the system exhibits periodic behavior. When r $\in$ [5.2, 13.8], the system becomes chaotic, as shown in Figure 5c.

• Bifurcations

Figure 6 shows the modified logistic map bifurcation diagram. This figure is divided into three regions: convergence, bifurcation, and chaos. The convergence region is located at r $\in$ [0, 3.4], the bifurcation region is located at r $\in$ [3.4, 5.2], and the chaotic behavior happens at r $\in$ [5.2, 13.8] in the chaos region.

• Lyapunov exponents

Figure 7 shows the plot of the modified logistic map Lyapunov exponent. It is shown that all Lyapunov exponents are less than or equal to zero, when r$\in$ [0, 5.2]. The dynamic behavior is chaotic and the Lyapunov exponents are positive, when r$\in$ [5.2, 13.8]. The modified logistic map maximal Lyapunov exponent is 1.0317 at r = 13.8, which is greater than the maximal Lyapunov exponent of the classical modified logistic map. The following is clear from the preceding explanation:

• When r $\in$ [0, 5.2], the points are focused on various values that cannot be used in the image cryptosystem.

The modified logistic map exhibits a chaotic behavior, and therefore, the feature of sensitive dependency is achieved for r $\in$ [5.2, 13.8], which is a wide range for r, and so it may be utilized for a broad array of image cryptosystem applications and analysis.

The greater the maximal Lyapunov exponent, the more sensitive the modified logistic map to the initial conditions is, and the smaller the number of iterations necessary to attain the desired level of information diffusion or confusion is.

4. Proposed Cancelable Biometric Recognition Framework

This paper presents a multi-biometric cancelable framework for the secure and confidential storage of human biometrics based on deep fusion and wavelet transformation. Deep fusion is based on performing both convolutional, convolution transpose, and additional layers, while the wavelet transformations comprise both IWT and DWT. The proposed system consists of two main stages. The first stage is fusion, which is based on the deep fuse algorithm. The second stage is the kernel generation, which consists of image transformation and random kernel generation.

In the fusion stage, the human biometrics, including fingerprint, face, iris, and palm images, are enrolled into a sequence of deep fusion phases. The objective is to fuse each pair of input biometrics using the deep fuse stage. The first pair of images is enrolled into convolutional layers for feature extraction and an additional layer to fuse the generated features. In addition, the reconstructed image is obtained by a sequence of transposed convolutional layers.

In the kernel generation stage, the fused image transformation is carried out using both DWT and IWT to obtain a transformed template of the fused image. In addition, the transformed image is enrolled into the random kernel generation process, which is performed using a chaotic map with two methods. The first one is the Baker map, while the second is the modified logistic map.

Figure 8 shows the phases of the proposed framework. The objective of cancelable biometric systems is to generate cancelable templates through one-way encryption of the original biometric images. This process comprises two main sub-processes, namely enrollment and authentication. During the enrollment step, fingerprint images are captured using a fingerprint-capturing equipment. After acquiring the fingerprint, it is encrypted using convolution with a random kernel derived through the chaotic Baker map encryption of another image. The randomization purpose is performed to disguise the features’ intricacies. The encrypted templates that result can be stored in a database and used to certify the user’s identity.

If the system database is hacked, a second encrypted fingerprint can be generated using an alternative convolution kernel. An opponent will need the convolution kernel used in the enrolment stage, if he wishes to rebuild a person’s fingerprint from a hacked database. Furthermore, the attacker must perform image de-convolution to recover the original fingerprint without knowing the user’s PIN, encryption procedure, or the size of the convolution kernel, which is extremely a difficult task. As a result, this is thought to provide a high level of fingerprint protection and security [41,42,43,44]. The user enters his or her PIN at the authentication stage. This PIN is used to generate the convolution kernel that is used to encrypt the user’s fingerprint. The encrypted fingerprint is compared to the encrypted fingerprint templates in the database for authentication, and the correlation results are assessed. It is worth noting that the authentication method takes place entirely within the encrypted domain, with no need for decryption [45,46,47].

The correlation values indicate how similar a test fingerprint is to those in the database. Only if a test user’s score meets a specific threshold selected at the EER, which is derived by aggregating the actual and fraud distributions, the user grants access to the system. The wrong rejection and incorrect acceptance errors are equal at the intersection point for both distributions.

The score of a genuine user should always be higher than that of a fake user. The fingerprint with a high correlation score is not always a genuine fingerprint. If the system scans a fingerprint that does not match one in the database, the fingerprint with the highest correlation may be mistakenly labeled as the correct one. To overcome this issue, before looking for the fingerprint with the highest correlation, an EER value should be utilized to discriminate between acceptable and unacceptable values. Because the fingerprint in the above scenario does not belong to the database, the resulting correlation should be poor. The correlation threshold value selected at the intersection point between distributions is used to establish if a correlation is appropriate or not.

If the greatest correlation is smaller than the threshold, the system will not recognize the fingerprint (not in the database). If the correlation value exceeds the threshold, the system will select the fingerprint with the highest correlation. If an impostor fingerprint exceeds a genuine one in terms of score, the impostor fingerprint will be misidentified as a genuine one. A valid fingerprint with a correlation score less than the threshold, on the other hand, will be wrongly rejected.

Both imposter and real fingerprints are included in the test data for the proposed fingerprint identification system. As a result, the correlation values for every fingerprint will be distributed around a mean. Hence, the probability distribution of the correlation metric is used to define the score distribution of imposter and legitimate fingerprints. The probability of false distribution (PFD) is the probability distribution of correlation scores of imposter encrypted fingerprints, whereas the PTD is the probability distribution of true (genuine) encrypted fingerprints. For the PFD and PTD curves, the smaller the intersection area between the two curves, the better the results are. The smaller area means smaller error, as this area represents the possibility of recognizing the original fingerprint.

Deep Fusion Process

Each pair of biometric images goes through a CNN-based deep fusion procedure. In three phases, this is accomplished as shown in Figure 9. The input images are initially processed to extract specific features. During the second step, the input images are fused, and then a feature map is obtained. Finally, a reconstruction network is employed to reassemble the fused feature map in the third step. The feature extraction phase has two channels, when it comes to setup. For the second branch, C1 and C2 each have two convolution layers (C1,1, C1,2, and C2,1, C2,2). The fusion layer, for its part, merges feature maps F1 and F2 via an addition operation. Finally, three convolution layers, C3, C4, and C5, make up the reconstruction step. The multi-exposure deep fusion process, which feeds the deep dream cancelable biometric unit of the proposed system, is accomplished by combining these phases. In the sequel, we benefit from multi-exposure deep fusion and deep dream concepts in the proposed cancelable biometric system.

5. Simulation Results

In the simulation experiments, we used images from the Fingerprint Verification Competition (FVC) database to validate the proposed cancelable fingerprint recognition system. The FVC is an international competition concentrating on fingerprint verification software evaluation. The description of the database is shown in

Table 2. Fingerprint database description.

Dataset Name	Sensor Type	Image Size	Resolution (dpi)
FVC2002DB1	Optical sensor	388 × 374	500
FVC2002DB2	Capacitive sensor	296 × 560	569
FVC2002DB3	Capacitive sensor	300 × 300	500
FVC2002DB4	Synthetic	288 × 384	500
FVC2004DB1	Optical	640 × 480	500
FVC2004DB2	Optical sensor	328 × 364	500
FVC2004DB3	Thermal sweeping sensor	300 × 480	512
FVC2004DB4	SFinGe v3.0	288 × 384	500
FVC2006DB1	Electric Field sensor	96 × 96	250
FVC2006DB2	Optical Sensor	400 × 560	569
FVC2006DB3	Thermal sweeping Sensor	400 × 500	500
FVC2006DB4	SFinGe v3.0	88 × 384	500

, and the image samples of the database are shown in Figure 10.

During the enrolment stage, each user enters his PIN, which provides an analogous kernel that may be convolved with his fingerprint. The kernel can be viewed as a patch of another image that has been encrypted with a suitable algorithm. In our simulation experiment, we will take a patch of Cameraman image of size 8 × 8. This patch is encrypted using different algorithms such as circular encryption, encryption in the DWT domain, and encryption in the IWT domain. Figure 11 shows some sample kernel outputs. The biometrics themselves are encrypted through convolution with the generated kernel. The system database saves the encrypted biometric fingerprints that result. Samples of encrypted fingerprints are shown in Figure 12. During the authentication stage, two fingerprints were examined: one is for a genuine user, while the other is for a fake one. The test users input the PIN and produce the random convolution kernel in both circumstances. The impostor user is assumed to know the correct PIN that any authorized user would use to check the system security level. The correlation coefficients between the two encrypted fingerprints and the encrypted fingerprints in the database are calculated. Only if the test fingerprint score exceeds the threshold value, access is guaranteed. The error probability is used to calculate the probability of accurate detection. The system efficiency improves as the error probability decreases.

5.1. The Proposed Recognition System in the Absence of Noise

In this section, the results for the proposed system in the absence of noise using various encryption methods, such as circular encryption, encryption in the IWT domain with similar keys for all sub-bands, encryption in the IWT domain with different keys for sub-bands, encryption in the DWT domain with similar keys for all sub-bands, and finally encryption in the DWT domain with different keys for sub-bands, are presented.

5.1.1. The Proposed Recognition System Using Baker Map

In this section, we plot the genuine and imposter correlation distributions for the proposed system based on encryption using Baker map with kernels developed using different encryption methods to determine the error probability and the threshold value, as shown in Figure 13. In this study, the ROC curve is utilized to assess the efficacy of biometric systems. It is presented in Figure 14.

Table 3. The encryption domain effect using several transforms.

Domain	Mean of		EER	Error Probability	Correct Detection Probability	Authentication Time (Sec)
	Imposter Patterns	Genuine Patterns
Spatial domain	0.102	0.864	0.002	2 %	98%	0.282
IWT domain	0.229	0.988	0.020	2.2%	97.8%	0.554
IWT domain with different keys	0.2280	0.989	0.026	1.8%	98.2%	0.477
DWT domain	0.230	0.989	0.002	1%	99%	0.279
DWT domain with different keys	0.128	0.989	0.001	0.8%	99.2%	0.264

numerically gives a comparison of the proposed cancelable biometric system in different transform domains, employing kernel encryption, taking the mean of the impostor and real patterns, threshold, probability of accurate detection, and authentication time into consideration. The table shows that the DWT domain for kernel encryption with different keys gives high recognition performance, while maintaining a high level of protection.

5.1.2. The Proposed Recognition System Using Modified Logistic Map

The genuine and imposter correlation distributions for the proposed encryption system using a modified logistic map with kernels developed using different encryption methods to determine the error probability and the threshold value are shown in Figure 15. In this study, the ROC curve is utilized to assess the effectiveness of biometric systems as shown in Figure 16.

Table 4. The encryption domain effect using a modified logistic map.

Domain	Mean of		EER	Error Probability	Probability of Correct Detection	Authentication Time (Sec)
	Imposter Patterns	Genuine Patterns
Spatial domain	0.102	0.864	0.012	1.8 %	98.2%	0.273
IWT domain	0.229	0.988	0.014	1.7%	98.4%	0.351
IWT domain with different keys	0.228	0.989	0.026	1.6%	98.4%	0.462
DWT domain	0.230	0.989	0.004	1%	99%	0.276
DWT domain with different keys	0.128	0.989	0.011	0.7%	99.3%	0.285

shows a comparison of the suggested cancelable fingerprint recognition systems. The table indicates that the DWT domain for kernel encryption with various keys leads to good performance, while retaining a high level of security.

5.2. The Proposed Recognition System in the Existence of Noise

In this section, the results for the proposed system in the presence of noise using various encryption methods, such as circular encryption, encryption in the IWT domain with similar keys for all sub-bands, encryption in the IWT domain with different keys for sub-bands, encryption in the DWT domain with similar keys for all sub-bands, and finally encryption in the DWT domain with different keys for all sub-bands, are presented. The proposed recognition system robustness in the presence of noise was checked by adding Gaussian noise with zero mean and various noise variances.

5.2.1. The Proposed Recognition System Using the Baker Map in the Existence of Noise

The ROC curves in the presence of different levels of noise in the system, while utilizing the Baker map, are illustrated in Figure 17, Figure 18, Figure 19, Figure 20 and Figure 21 in this section. The results indicate that the noise effect is adequate at moderate noise levels.

Table 5. Metrics for evaluating encryption in different transform domains in noisy environments.

Encryption Domain	Evaluation Metric	Noise Variance
		0.01	0.02
Spatial domain	EER	-	0.011
	AROC	-	0.968
IWT domain	EER	0.455	0.354
	AROC	0.982	0.869
IWT domain with different keys	EER	0.455	0.354
	AROC	0.977	0.868
DWT domain	EER	0.455	0.344
	AROC	0.977	0.869
DWT domain with different keys	EER	0.454	0.354
	AROC	0.977	0.877

displays the numerical results of the sensitivity-to-noise test at various noise levels. The results show that the proposed system gives a low EER value and a high AROC. So, it can identify the biometric image, even in the presence of noise, efficiently and effectively, especially with unique key encryption and different keys provided in the DWT domain.

5.2.2. The Proposed Recognition System Using a Modified Logistic Map in the Existence of Noise

The ROC curves in the existence of different amounts of noise in the system, while employing the modified logistic map are illustrated in Figure 22, Figure 23, Figure 24, Figure 25 and Figure 26. The results indicate that the noise effect is adequate at moderate noise levels.

Table 6. Metrics for evaluating different domains of encryption in the cancelable biometric system in noisy environments.

Encryption Domain	Evaluation Metric	Noise Variance
		0.01	0.02
Spatial domain	EER	-	0.054
	AROC	-	0.767
IWT domain	EER	0.345	0.354
	AROC	0.883	0.773
IWT domain with different keys	EER	0.355	0.366
	AROC	0.988	0.8284
DWT domain	EER	0.303	0.365
	AROC	0.928	0.869
DWT domain with different keys	EER	0.201	0.387
	AROC	0.987	0.986

displays the numerical results of the sensitivity-to-noise test at various noise levels. The results show that the proposed system gives a low EER value and a high AROC. So, it is possible to identify the pattern, even in the presence of noise, efficiently and effectively, especially with unique key encryption and different keys provided in the DWT domain.

After adding noise to the encrypted input image to be authenticated, the relationship between the noise variance and the encrypted image correlation score with its corresponding image stored in the database is determined. The results of the noise immunity studies are depicted in Figure 27. Regardless of the noise variance, the authorized fingerprint image has the highest correlation, revealing that the system succeeds in detecting the right fingerprint.

Finally,

Table 7. The EER comparison for various cancelable biometric recognition systems.

System	EER (%)
	FVC2002				FVC2004				FVC2006
	DB1	DB2	DB3	DB4	DB1	DB2	DB3	DB4	DB1	DB2
Wang et al., 2017	1	2	5.2	-	-	-	-	-	-	-
Jin et al., 2014	4.36	1.77	-	-	24.71	21.82	-	-	-	-
Wang et al., 2017	2	3	6.12	-	-	-	-	-	-	-
Das et al., 2012	2.27	3.97	-	-	-	-	-	-	-	-
Kaur et al., 2018	-	1.6	-	-	-	12.7	-	-	-	-
Shahzad et al., 2021	0	0	1.63	-	7.35	4.69	-	-	-	-
Proposed system using Baker map	0.001	0.4	1	0.6	1	0.8	0	0.4	0.34	0.47
Proposed system using modified logistic map	0.004	0.36	1.38	0.45	1	0.8	0.3	0.2	0.34	0.77

gives a comparison of the proposed cancelable biometric system, which uses the DWT domain with various keys, with other current systems. The obtained results indicate the superiority of the proposed system.

6. Conclusions and Future Work

This paper presented a system for recognizing encrypted multi-biometric images that have been re-formed in multiple encryption domains using deep fusion, image transformation, and random kernel generation. Within the encrypted domain, this system authenticates users (i.e., it is not required to decrypt the fingerprint images throughout authentication). This prevents threats that try to grab the decrypted image during the authentication stage, as is the case with conventional recognition. Moreover, if the encrypted version of a fingerprint is publicly revealed, we may easily substitute it with a fingerprint encrypted with a different transform domain or key. When compared to other traditional systems, the two recommended cancelable biometric systems achieve low EER values and a high possibility of correct detection, according to the simulation and comparison results. Finally, the findings demonstrate that the proposed recognition system based on modified logistic maps is more noise-resistant and robust.

Unfortunately, there are some limitations to the proposed system, including hardware implementation and embedding. The proposed system can be utilized as a software solution using Python and the involved tools. On the other hand, the hardware implementation is hard due to the computational facilities. The proposed system requires advanced computational facilities, such as GPUs, which are not provided by embedded systems, such as Arduino and Raspberry Pi. The manufacturing technologies may fulfill these requirements in the future.

The following points could be included in future work:

• Studying the realization of the proposed systems.
• Investigation of other non-invertible transforms for cancelable template generation.
• Extension of the suggested systems in this paper for other biometrics.
• Exploitation of deep learning concepts for cancelable biometric systems.
• Utilization of fusion techniques for multi-biometric security.
• Investigation of the presented techniques for remote-access systems.