Securing fingerprint templates by enhanced minutiae ‐ based encoding scheme in Fuzzy Commitment

Fingerprint authentication has gained attention in recent years due to its distinctiveness, low ‐ cost sensors, and user willingness to submit them. Its extensive deployment in our automated world raises major concerns regarding the secrecy of biometric templates and the privacy of rightful owners in biometric systems. Fuzzy Commitment (FC) focuses on securing the biometric templates by performing authentication based on the validity of secret keys from biometric features. However, the major challenge in designing Fingerprint ‐ based FC is the requirement of efficient binary representation for unordered and variable minutiae points in fingerprint images. Additionally, its leakage can compromise an intrinsic characteristic of the individual. The paper proposes Fingerprint ‐ based FC incorporating an encoding scheme dependent on the number and type of minutiae points present near the fingerprint's core point. The biometric templates are never identical thereby, this approach allows fuzziness in minutiae points by incorporating Bose–Chaudhuri–Hocquenghem (BCH) codes for error ‐ correction and secures random codeword of the error ‐ correcting scheme as secret key by SHA ‐ 256 hash mapping. The proposed approach is evaluated on FVC2000 ‐ DB2, FVC2002 ‐ DB1, FVC2002 ‐ DB2, and FVC2004 ‐ DB1, and the results illustrate the efficiency of the proposed scheme. Furthermore, the security analysis of stored helper data and hash mapping demonstrates that the proposed approach is secure.


| INTRODUCTION
The advancements in technology from traditional authentication systems relying on passwords and tokens, to biometric authentication raises several security and privacy concerns hindering its public acceptance. One of the potential privacy concerns of rightful owners is the usage of their stored biometric templates other than intended purposes. Additionally, biometric traits represent the intrinsic characteristics of an individual hence, they cannot be reissued or revoked if compromised.
Biometric Cryptosystem (BCS), one of the emerging biometric template protection schemes, focuses on securing biometric templates while sustaining the rightful owners' privacy. The BCS technique performs biometric matching based on the secret key extracted from helper data and query biometric template [1]. This helper data either stores information about biometric template only (Key-generation BCS) or information about both biometric template and secret key (Key-binding BCS). In both cases, helper data should store only significant information about biometric templates to sustain the rightful owners' privacy. The BCS techniques are quite useful in cryptographic applications, for instance, they are often combined with smart cards and passwords to provide multi-factor user authentication mechanism over insecure channels [2][3][4].
The helper data of BCS technique is stored in a smart card in the user's registration phase. This registered user presents password, smart card, and biometric in the authentication phase of biometric systems. The smart card uses stored helper data and query biometric template to generate the secret key. The user is authenticated if the password, smart card, and secret key belong to the legitimate user [5]. Recently, several researchers have proposed remote user authentication and key agreement schemes using BCS techniques for Internet of Things (IoT) [6][7][8], wireless sensor networks (WSNs) [9][10][11], cloud [5,12] environment, and so on.
Fuzzy Commitment (FC), one of the emerging approaches in Key-binding BCS, binds codeword of error-correcting code (ECC) c with biometric feature x as helper data in the enrolment phase. The same codeword c is extracted from query biometric template x 0 and helper data in the authentication phase [13]. This scheme is further elaborated in Section 2.
Research efforts have been put in designing FC for iris recognition in studies [14][15][16][17][18] as iris offers a high accuracy rate, high reliable bits and is resistant to external noise such as sweat, cuts, and bruises, unlike fingerprints. The major challenges in designing FC for fingerprint are: � The generation of fixed-size binary representation for Fingerprint-based FC is challenging as it incorporates the presence of unordered and variable minutiae points (ridge termination and ridge bifurcation). � Matching of fingerprints in FC is performed by errorcorrection schemes, thereby eliminating several efficient matching algorithms and reducing the accuracy of authentication systems. Moreover, associating binary representation of fingerprint with the error-correction scheme is another major difficulty in designing Fingerprint-based FC. � Achieving the same binary representation for intra-user variations is quite challenging due to the rotation, translation, and non-linear deformation in fingerprint images of the same user.
Shi et al. [19] proposed a fingerprint sector minutiae coding for FC; however, their approach considers different binary representations for maximum of two minutiae points in a sector. In other words, the sectors having three or more minutiae points in any sector are encoded by the same binary representation. To illustrate this drawback, Figure 1 provides a closer view of sectors in two sample fingerprints (from FVC2004) highlighted with red boundaries. These red highlighted sectors incorporate three or more minutiae points in them, that is, have different distinctive features but are encoded by the same binary representation as per [19]. The recognition of biometric systems can be improved by enhancing the distinctive features representation in fingerprint templates [20] thus, in case of the existing approach [19], the inclusion of more number and type of minutiae points in a sector. The paper focuses on enhancing the encoding scheme for the better performance of Fingerprintbased FC. The paper proposes an enhanced minutiae-based encoding scheme incorporating different binary representations for maximum of five minutiae points to provide a better distinctive feature representation of the sectors in fingerprint templates. The proposed approach includes BCH codes for error correction and the random codeword, also termed as secret key, is secured by SHA-256 hash mapping. The proposed approach's performance is measured in terms of false reject rate (FRR) and false accept rate (FAR). The FRR denotes the percentage measure of incorrectly rejected genuine users and FAR denotes the percentage measure of falsely accepted impostors in the biometric system.
The major contributions of this paper are: � The paper proposes an enhanced minutiae-based encoding scheme for different combinations of minutiae points (ridge endings and ridge bifurcations) by considering the presence of maximum of five minutiae points in a sector of the fingerprint. � The experiment is conducted on four public-domain fingerprint databases: FVC2000-DB2, FVC2002-DB1, FVC2002-DB2, and FVC2004-DB1 incorporating BCH (31,21,2) for correcting corrupted minutiae points in the sector thereby, increasing helper data size while sustaining the performance of the proposed scheme. � The paper discusses the security analysis of helper data and hash of codewords stored in the database. The proposed scheme maintains the privacy of rightful owners by ensuring that stored data in itself reveals no significant information related to biometric templates. Additionally, the security analysis discusses that it is difficult for an adversary to perform a brute-force attack on information stored in the database.
The paper is organised as follows: Section 2 discusses previous work related to FC in biometric systems and Section 3 discusses proposed Fingerprint-based FC incorporating the enrolment phase and authentication phase of biometric systems. Sections 4 and 5 covers experimental results and security analysis of the proposed scheme, respectively. Finally, the paper is concluded in Section 6.

| RELATED WORK
The FC was first introduced by Juels et al. [13] to combine the concept of ECC and cryptography. The FC methodology stores commitment of biometric templates in the enrolment phase. This commitment is opened or de-committed, provided if the authentication phase's biometric query template is sufficiently close to one in the enrolment phase. Figure 2 depicts traditional FC where the user presents biometric template b in the enrolment phase, represented by fixed-size binary string x. The ECC generates a random codeword c and computes helper data δ as δ = x ⊕ c. This helper data δ and the hash of codeword h(c) are stored in the database. In the authentication phase, the user presents a biometric template b 0 represented as fixed-size binary string x 0 . Using stored helper data δ, the system computes c 0 = δ ⊕ x 0 . This calculated codeword c 0 is decoded as c 00 using the same ECC (as in the enrolment phase), and its hash h(c 00 ) is calculated. If the biometric templates b and b 0 are sufficiently close, then h(c) = h(c 00 ) else not. Thereby, the error-correcting capacity of ECC eliminates the difference in bits of fixed-size representation x and x 0 .
Hao et al. [14] proposed FC for iris-recognition by classifying iris-code errors into two categories, random errors occurring because of CCD camera pixel, iris distortion, and so on, and burst errors occurring because of specular reflections SHUKLA AND PATEL -257 and undetected or out-of-focus eyelashes. To deal with such errors, the authors [14] proposed a concatenated-coding scheme where Hadamard code deals with background errors and Reed-Solomon code deals with burst errors. Hao et al. [14] extracted iris-code of 256-byte by utilising the algorithm in [25]. This iris-code is XORed with an encoded key via Hadamard and Reed-Solomon code to generate helper data in the biometric system. This approach computes FRR = 0.47% and FAR = 0% for key size of 140 bits. The authors [14] implemented this approach using their own database, however, Bringer et al. [15] reported an increment in FRR and FAR on public ICE iris database.
Bringer et al. [15] proposed a 2D iterative min-sum decoding algorithm based on the concept that probabilities of error and erasure for each bit in iris-code are independent. The erasures are an unknown bit at known location. The authors [15] computes iris-code using algorithm [25] and calculates the maximum number of errors and erasures by the capacity in Shannon sense [26]. For fingerprint, the authors [15] used binarisation and reliable component selection on fingerprint templates. Adamovic et al. [16] proposed FC for iris-recognition by incorporating the concept of interleaving. It reduces burst errors in iris-code and mutual information between two different iriscodes. The authors [16] generated iris-code for FC by utilising 1D Gabor wavelet on iris templates followed by interleaving. Rathgeb et al. [17] proposed iris-code error analysis and bit rearrangements for iris-based FC. The methodology [17] performs an error-analysis by computing intra-class comparison on training sets to detect the number of errors occurring in each bit position. The iris-code bits are rearranged to obtain a uniform distribution of errors. Thus, error at bit positions of high probability is rearranged with bit positions of low probability and vice-versa. Rathgeb et al. [18] incorporated the usage of maximal intra-class distance (ICD) on existing iris recognition algorithms in [21,22] to propose FC for iris-recognition. The authors [18] concatenated Reed-Solomon and Hadamard codes for iris-code generated by [21] for error correction as maximal ICD is between 48% and 85%. For iris-code generated by [22], the authors [18] used only Reed Solomon for error-correction as maximal ICD is less than 44%.
For Fingerprint-based FC, Teoh et al. [23] proposed Randomized Dynamic Quantization Transformation (RDQT) F I G U R E 1 Presence of three or more minutiae points in red highlighted sectors of fingerprint samples from FVC2004 F I G U R E 2 Traditional Fuzzy Commitment proposed by Juels et al. [13] 258 -SHUKLA AND PATEL wherein multichannel Gabor filter [27] extracts feature vector from fingerprints. This feature vector of length 1226 bits is reduced to 750 bits by random projection methodology. Furthermore, this feature vector is further reduced to 375 bits by dynamic quantization. The authors [23] perform core detection manually to crop the fingerprint image for feature extraction. However, the performance of this approach [23] can vary if the existing algorithms are utilised for core detection as it is difficult to extract the core point exactly on noisy fingerprints. Nandakumar [24] proposed Binarised Phase Spectrum (BiPS) for Fingerprint-based FC, wherein the Fourier phase spectrum of minutiae points is sampled on a logpolar grid to obtain fixed-size minutiae representation. The authors [24] extracted reliable bits of size 2048 bits present in this fixed-size minutiae representation. One of the major advantages of this approach [24] is the privacy enhancement of fingerprint by discarding the magnitude spectrum of minutiae points thereby, it is challenging to compute the location and orientation of minutiae points from helper data.
Shi et al. [19] proposed a Fingerprint-based FC that incorporates sector minutiae coding with short and long strategies. The region near fingerprint's core point is divided into several sectors. These sectors are further encoded as fixed-size binary string depending on the number of minutiae points present in them. The only difference between long strategy and short strategy is the inclusion of directional information of minutiae points in long strategy. However, different encoding representations are used for a maximum of two minutiae points in the short strategy. Thus, any sector having three or more minutiae points is encoded by the same representation. Table 1 summarises the comparison of various FC schemes incorporating their biometric traits, key size, performance, database, and approach. The remarks of Table 1 points out the limitation in some of the existing methodologies. The paper aims to enhance the encoding scheme in [19] by incorporating a different representation for maximum of five minutiae points. This enhanced minutiae-based encoding scheme provides a better representation of distinctive features present in the sector of fingerprint templates. The proposed methodology constructs 72 sectors near the fingerprint's core point and includes BCH (31,21,2) for error correction in each of these sectors. Thus, the proposed methodology has key-size of 1512 bits, and the performance is evaluated on databases: FVC2000-DB2, FVC2002-DB1, FVC2002-DB2, and FVC2004-DB1. The proposed methodology and experimental results are elaborated in Sections 3 and 4, respectively.

| PROPOSED FINGERPRINT-BASED FUZZY COMMITMENT
The FC technique demands representation of unique features of biometric templates in the form of a fixed-size binary string. The error-correcting scheme of FC allows fuzziness in this fixed-size binary string as biometric templates are never accurate. Representation of unique features in the form of fixed-size binary string for fingerprints is challenging due to varying minutiae points in terms of number, location, and orientation because of translation, rotation, and non-linear deformation of fingerprint images. This section presents the detailed design of proposed Fingerprint-based FC. Section 3.1 discusses the generation of FingerCode, that is, fixed-size binary string for fingerprint templates. Section 3.2 elaborates deployment of this FingerCode in FC wherein random codewords are binded with FingerCode as helper data in enrolment phase. Section 3.3 discusses the authentication phase wherein codewords are retrieved from query biometric template and stored helper data.

| FingerCode generation
The fingerprint template incorporates ridge endings and ridge bifurcations, collectively termed as minutiae points. The point where ridge ends abruptly is termed as ridge ending, whereas the point where ridge diverges into branch ridges is termed as ridge bifurcation [28]. These minutiae points and their relationships define the uniqueness of fingerprint templates. The proposed methodology enhances the fingerprint provided and extracts minutiae points represented as ( The core point can be defined as the point of maximum curvature of concave ridges in the fingerprint template [27]. The proposed framework uses an algorithm [29] to calculate the core point represented as (x c , y c , θ c ) where (x c , y c ) represents position and θ c represents direction of core point. The coordinate transformation of minutiae points is performed using Equation (1) considering the fingerprint's core point as origin of the coordinate.
where (x c , y c , θ c ) denotes core point of the fingerprint, (x i , y i , θ i , T i ) denotes original minutiae points in the fingerprint and After the coordinate conversion of minutiae points, sector construction is performed on the fingerprint template. Several concentric circles having the same width between them are constructed by using core point as centre. These circles are further partitioned by their radii having constant angle θ between them, thereby forming sectors. Figure 3 depicts five concentric circles having radii R = {50, 80, 110, 140, 170} and each circle is partitioned by their radii having constant angle θ = 30°between them. These sectors are numbered in an anticlockwise direction, as depicted in Figure 3. Based on the sector construction, the fingerprint image can be parted into n � (360/θ) sectors where n denotes the number of concentric circles, and θ denotes the angle between radii of circles. This sector construction is helpful in analysing minutiae distribution SHUKLA AND PATEL -259 in fingerprint templates, for instance, this minutiae distribution should be almost similar if the two fingerprint images belong to the same user.
We propose an enhanced minutiae-based encoding scheme to analyse the minutiae distribution in the sectors of fingerprint templates. Based on this scheme, each sector is represented by FingerCode depending on the number and type of minutiae points present in it. This encoding scheme has different Fin-gerCode representations for different combinations for maximum of five minutiae points present in these sectors. This encoding scheme incorporates corruption of one or two minutiae points using BCH (31,21,2) for error correction. These sectors in the fingerprint template are small regions hence, the maximum count of minutiae points is limited to five minutiae points. Likewise, it is unlikely that the fingerprint templates belonging to the same user are corrupted by more than two minutiae points in a sector. This increment in number and type of minutiae points via enhanced minutiae-based encoding scheme increases the representation of distinctive features in the sectors. Figure 4 depicts the structure of Fin-gerCode incorporating 2 bits as flag indicating absence or presence of minutiae points in the sector. The next 5 bits indicate minutiae count, that is, the number of minutiae points present in sector, and the next 20 bits represent the type of minutiae point present in the sector. We need to append extra 6 bits in FingerCode to XOR with ECC's random codeword (size 31 bits) to generate helper data. It should be noted that flag bits are not XORed with ECC's codeword; however, they are useful in calculating sectors with the absence of minutiae points in the authentication phase. Table 2 discusses the enhanced minutiae-based encoding scheme for generating FingerCode based on type and number of minutiae points present in a sector. For instance, if the sector of fingerprint image has two ridge ending and one ridge bifurcation, then its FingerCode is represented as 110011100000000000000000011000000. Similarly, if the sector has four ridge ending and zero ridge bifurcation points present, the FingerCode is represented as 110111100000000000000001 111000000.
This enhanced minutiae-based encoding scheme is designed to incorporate corruption of one or two minutiae points in a sector, that is, sectors varying by one or two minutiae points can generate the same codeword by utilising BCH(31, 21, 2) for error correction. The sectors are small regions, and it is unlikely that the fingerprint templates belonging to the same user are corrupted by more than two minutiae points. For instance, consider in enrolment phase, the first sector of fingerprint image has three ridge termination and zero ridge bifurcation, thereby its Fin-gerCode FC E 1 = 110011100000000000000000111000000. As fingerprint images are never accurate, the same sector in query template during authentication incorporates two ridge termination and zero ridge bifurcation that is, FingerCode FC Q1 1 = 110001100000000000000000011000000. The hamming distance between FC E 1 and FC Q1 1 is 2, that is, within the error correction capacity of BCH code, authentication phase can decode the same codeword as in enrolment phase using stored helper data. Similarly, in case the same sector in query template incorporates four ridge termination and zero ridge bifurcation (FingerCode FC Q2 1 = 110111100000000000000001111000000), BCH code can decode the same codeword as the hamming distance between FC E 1 and FC Q2 1 is within its error correction capacity. However, in case the sector has corruption of more than two minutiae points, for instance having one termination and two bifurcation (FingerCode FC Q3 1 = 110011101000 000000000000001000000) or zero termination and three bifurcation (FingerCode FC Q4 1 = 1100111111000000000000000010 00000), the hamming distance exceeds the error correction capacity, resulting in decoding of different codeword at the time of authentication.

| Enrolment phase
In the enrolment phase, a new user presents his/her biometric template converted to FingerCode using sector construction and encoding scheme. For each user, helper data are generated by binding the ECC's random codeword with FingerCode of the biometric template. Furthermore, random codewords of ECC are securely stored in the database by hash mapping. It should be noted that only helper data and the hash of codewords are stored in the database. The other information is discarded to sustain the user's privacy in biometric systems. Figure 5 depicts the block diagram of the enrolment and authentication phases in the proposed Fingerprint-based FC.
In this phase, minutiae points and core points are extracted from the enhanced fingerprint template. Further, minutiae transformation is performed, and sectors are constructed as discussed in Section 3.1. Depending on the number and type of minutiae present in sectors, the fingerprint template is transformed to FingerCode FC = {FC 1 , FC 2 , FC 3 , …, FC N } where N denotes the number of sectors constructed in fingerprint template. Considering BCH (31,21,2) for error correction, the system generates random codeword C = {C 1 , After generating helper data of the fingerprint, hash of each random codeword C i is calculated as H(C) = {H(C 1 ), H(C 2 ), H(C 3 ), …, H(C N )} using SHA-256 as one-way hash function. This hash H(C) and helper data δ are stored in the biometric database, later used for authenticating users in the proposed Fingerprint-based FC system.

| Authentication phase
In the authentication phase of proposed Fingerprint-based FC, minutiae points and core points are extracted, and coordinate transformation is performed on the query template. Similar to the enrolment phase, several sectors are constructed using core point as the centre, and Fin-gerCode FC 0 are generated depending on number and type of minutiae points present in the sector of query template. This FingerCode in the authentication phase is represented as FC 0 = {FC 1 0 , FC 2 0 , FC 3 0 , ‥., FC N 0 } where N denotes the number of sectors constructed in fingerprint template.

F I G U R E 6
The generation of helper data in enrolment phase and decoding codeword in authentication phase SHUKLA AND PATEL -263 decoded codeword as C 00 ¼ fC 00 1 ; C 00 2 ; C 00 3 ; ‥C 00 N g. Thus, hash of each decoded codeword is calculated as HðC 00 Þ ¼ fHðC 00 1 Þ; HðC 00 2 Þ; HðC 00 3 Þ; ‥HðC 00 N Þg using the same hash function as in the enrolment phase of biometric system.
The comparison between biometric templates is performed using two parameters, that is, Comp Score and σ defined in Equations (2) and (3).
where N m denotes the total number of matched hash of codewords in enrolment and authentication phase, N denotes the total number of sectors constructed in the fingerprint template, α and β denotes the number of sectors with absence of minutiae points in enrolment phase and authentication phase respectively and γ denotes common sectors with absence of minutiae points both in enrolment and authentication phase.
It should be noted that the flag bits F i of helper data δ i indicates absence of minutiae points in the i th sector of enrolment template. The threshold is defined as combination of Comp Score and σ, where the user is accepted if threshold is satisfied else rejected.

| EXPERIMENTAL RESULTS
The performance evaluation of proposed Fingerprint-based FC is conducted on four public-domain fingerprint databases: FVC2000-DB2, FVC2002-DB1, FVC2002-DB2, and FVC2004-DB1. Each of these databases incorporates fingerprint images of 100 users and eight impressions per user, that is, a total of 800 fingerprint images. Table 3 presents detailed information on these fingerprint databases. For evaluation of the proposed Fingerprint-based FC, FRR and FAR are computed. For experimentation, four images per user are utilised in the enrolment phase, and two images per user are utilised in the authentication phase. However, two images per user from each database are not utilised in experiments as they are of low quality. It is reasonable to assume that users in the BCS are cooperative and provide good quality fingerprint images for binding secret keys with biometric templates [30,31]. Thus, the experiment incorporates a total count of 200 genuine attempts and 19,800 impostor attempts in the authentication phase of biometric system.
The algorithm proposed in [29] is utilised for detection of the core point in fingerprint images. For experimentation, six concentric circles are constructed having radii R = {8, 31, 54, 77, 100, 123} and further partitioned into sectors by radii having constant angle θ = 30°between them thereby, constructing 72 sectors on the fingerprint image. The enrolment and authentication of users are performed, as mentioned in Sections 3.2 and 3.3, respectively. The BCH (31,21,2) are utilised for error correction, and their codewords in the enrolment and authentication phase are secured by SHA-256 hash mapping. The comparison between biometric templates are performed using two parameters, that is, Comp Score and σ defined by Equations (2) and (3), respectively, in Section 3.3. Table 4 summarises FRR and FAR for different values of Comp Score and σ as the performance of proposed Fingerprintbased FC for FVC2000-DB2, FVC2002-DB1, FVC2002-DB2, and FVC2004-DB1. The threshold condition varies with varying sizes and quality of different images. Table 5 compares the performance of proposed approach with other existing Fingerprint-based FC [15,19,24]. We have not considered Teoh et al. [23] approach for comparison as the results in [23] incorporate manual detection of fingerprint's core point. This result can degrade if the existing algorithms are utilised for core detection as it is difficult to extract the core point exactly on noisy fingerprints. The proposed Fingerprint-based FC performs better than Bringer et al. [15]. In comparison with Nandakumar [24] and Shi et al. [19], the FRR of proposed Fingerprint-based FC is reduced, due to better representation of distinctive features by the enhanced minutiae-based encoding scheme of the proposed approach. However, the FAR of proposed Fingerprint-based FC is more than [19,24] due to strong ECC in the enhanced encoding scheme of the biometric system. This enhanced minutiae-based encoding scheme incorporates different FingerCode representation for different combinations for maximum of five minutiae points. The proposed approach deploys strong ECC by allowing minutiae corruption of one or two points out of five minutiae points in each sector of the fingerprint template. Thus, the proposed Fingerprint-based FC provides acceptable performance in comparison to the other existing schemes. sectors constructed on fingerprint image, in the database and discards rest of the information. The security of FC has been studied theoretically in [13]. This section provides the security analysis of stored information, that is, helper data and codewords in the proposed Fingerprint-based FC.

T A B L E 3 Detailed information of the database incorporated in our experiment
� Codeword: For the security of codeword stored in database, the proposed Fingerprint-based FC deploys SHA-256 hash mappings. The security of codeword can be analysed in two cases: in case 1, the adversary gains knowledge about hash mappings deployed in the biometric system, and in case 2, the adversary gains knowledge about error correction scheme utilised in the biometric system. Case 1: The hash mappings are one-way functions that are computationally difficult to invert thereby, secures codewords in the database. However, the birthday attack is the most effective method to find a collision in q-bit hash function which requires 2 q/2 operations [32].
The proposed methodology incorporates SHA-256 therefore, the security parameter is q = 256 corresponds to the minimum of 2 128 operations to find a colliding pair of codewords. The proposed scheme constructs 72 sectors in the fingerprint image therefore, the adversary requires 2 128 � 72 colliding pairs of codewords for the proposed Fingerprint-based FC. Case 2: If the adversary gains knowledge about errorcorrecting scheme utilised in biometric system then, the security depends on the codeword space size of ECC. The proposedschemeutilisesBCH (31,21,2)

| CONCLUSION
For authenticating individuals in real-world applications, biometric recognition systems offer authentication of the individual based on their distinctive traits of biometric. As these traits are intrinsic in nature, these recognition system calls for secure storage of biometric templates. The BCS techniques address rightful owners' security and privacy concerns by utilising significant information about biometric templates to retrieve or generate secret keys. FC is one of the techniques in Key-binding BCS. The paper proposes Fingerprint-based FC wherein helper data are generated by utilising the number and type of minutiae points present near the fingerprint's core point. This approach deploys BCH codes for error correction, and their codewords are secured by SHA-256 hash function. This approach's performance is evaluated on four publicdomain fingerprint databases: FVC2000-DB2, FVC2002-DB1, FVC2002-DB2, and FVC2004-DB1. The proposed Fingerprint-based FC provides acceptable performance in terms of FRR and FAR. Furthermore, we have analysed the security of helper data and codewords stored in the database.  The proposed Fingerprint-based FC can be utilised for remote user authentication and key agreement schemes in the cloud environment. The user provides a fingerprint template for which helper data and secret keys are generated using the proposed Fingerprint-based FC in the registration phase. This helper data is stored in the smart card along with the hash of identity, password, and secret key of the proposed Fingerprintbased FC. Later in the authentication phase, the registered user can log in by providing identity, password and query fingerprint template. The secret key is re-generated by the authentication phase of proposed Fingerprint-based FC, using query fingerprint template and helper data stored in the smart card. Thus, the registered user is authenticated by comparing the hash of identity, password, and secret key in the registration and authentication phase of the biometric system.
The performance of proposed methodology can be further enhanced by utilising multiple fingerprints for authenticating users in the biometric system. Apart from increasing the number and type of minutiae present near the fingerprint's core point, additional attributes, such as minutiae orientation, it is distance with the core point, and so on, can also be incorporated for better performance of Fingerprint-based FC. The major limitation in designing FC is the usage of errorcorrecting codes for matching biometric templates. Thereby, depending on the types of features incorporated in the encoding scheme of FC accordingly, error-correcting codes should be deployed in the biometric system.