{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T06:33:09Z","timestamp":1769149989578,"version":"3.49.0"},"reference-count":51,"publisher":"MDPI AG","issue":"13","license":[{"start":{"date-parts":[[2019,7,6]],"date-time":"2019-07-06T00:00:00Z","timestamp":1562371200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"Remote user authentication for Internet of Things (IoT) devices is critical to IoT security, as it helps prevent unauthorized access to IoT networks. Biometrics is an appealing authentication technique due to its advantages over traditional password-based authentication. However, the protection of biometric data itself is also important, as original biometric data cannot be replaced or reissued if compromised. In this paper, we propose a cancelable iris- and steganography-based user authentication system to provide user authentication and secure the original iris data. Most of the existing cancelable iris biometric systems need a user-specific key to guide feature transformation, e.g., permutation or random projection, which is also known as key-dependent transformation. One issue associated with key-dependent transformations is that if the user-specific key is compromised, some useful information can be leaked and exploited by adversaries to restore the original iris feature data. To mitigate this risk, the proposed scheme enhances system security by integrating an effective information-hiding technique\u2014steganography. By concealing the user-specific key, the threat of key exposure-related attacks, e.g., attacks via record multiplicity, can be defused, thus heightening the overall system security and complementing the protection offered by cancelable biometric techniques.<\/jats:p>","DOI":"10.3390\/s19132985","type":"journal-article","created":{"date-parts":[[2019,7,8]],"date-time":"2019-07-08T03:01:31Z","timestamp":1562554891000},"page":"2985","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":27,"title":["A Cancelable Iris- and Steganography-Based User Authentication System for the Internet of Things"],"prefix":"10.3390","volume":"19","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7800-2215","authenticated-orcid":false,"given":"Wencheng","family":"Yang","sequence":"first","affiliation":[{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]},{"given":"Song","family":"Wang","sequence":"additional","affiliation":[{"name":"Department of Engineering, La Trobe University, Melbourne, VIC 3083, Australia"}]},{"given":"Jiankun","family":"Hu","sequence":"additional","affiliation":[{"name":"School of Engineering and Information Technology, University of New South Wales, Canberra, ACT 2600, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4760-3533","authenticated-orcid":false,"given":"Ahmed","family":"Ibrahim","sequence":"additional","affiliation":[{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2307-9562","authenticated-orcid":false,"given":"Guanglou","family":"Zheng","sequence":"additional","affiliation":[{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]},{"given":"Marcelo Jose","family":"Macedo","sequence":"additional","affiliation":[{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]},{"given":"Michael N.","family":"Johnstone","sequence":"additional","affiliation":[{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]},{"given":"Craig","family":"Valli","sequence":"additional","affiliation":[{"name":"Security Research Institute, Edith Cowan University, Perth, WA 6207, Australia"}]}],"member":"1968","published-online":{"date-parts":[[2019,7,6]]},"reference":[{"key":"ref_1","first-page":"97","article-title":"That \u2018internet of things\u2019 thing","volume":"22","author":"Ashton","year":"2009","journal-title":"RFID J."},{"key":"ref_2","unstructured":"Habib, K., Torjusen, A., and Leister, W. (2014, January 20\u201324). A novel authentication framework based on biometric and radio fingerprinting for the IoT in eHealth. Proceedings of the 2014 International Conference on Smart Systems, Devices and Technologies (SMART), Paris, France."},{"key":"ref_3","unstructured":"Macedo, M.J., Yang, W., Zheng, G., and Johnstone, M.N. (2017, January 5\u20136). A comparison of 2D and 3D Delaunay triangulations for fingerprint authentication. Proceedings of the 2017 Australian Information Security Management Conference, Perth, Australia."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1016\/j.patcog.2016.10.035","article-title":"Cancellable iris template generation based on Indexing-First-One hashing","volume":"64","author":"Lai","year":"2017","journal-title":"Pattern Recognit."},{"key":"ref_5","unstructured":"Masek, L. (2019, April 19). Iris Recognition. Available online: https:\/\/www.peterkovesi.com\/studentprojects\/libor\/."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"El-hajj, M., Fadlallah, A., Chamoun, M., and Serhrouchni, A. (2019). A Survey of Internet of Things (IoT) Authentication Schemes. Sensors, 19.","DOI":"10.3390\/s19051141"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Blasco, J., and Peris-Lopez, P. (2018). On the Feasibility of Low-Cost Wearable Sensors for Multi-Modal Biometric Verification. Sensors, 18.","DOI":"10.3390\/s18092782"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Arjona, R., Prada-Delgado, M., Arcenegui, J., and Baturone, I. (2018). A PUF-and Biometric-Based Lightweight Hardware Solution to Increase Security at Sensor Nodes. Sensors, 18.","DOI":"10.3390\/s18082429"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Kantarci, B., Erol-Kantarci, M., and Schuckers, S. (2015, January 5\u20137). Towards secure cloud-centric internet of biometric things. Proceedings of the 2015 IEEE 4th International Conference on Cloud Networking (CloudNet), Niagara Falls, ON, Canada.","DOI":"10.1109\/CloudNet.2015.7335286"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Karimian, N., Wortman, P.A., and Tehranipoor, F. (2016, January 1\u20137). Evolving authentication design considerations for the internet of biometric things (IoBT). Proceedings of the Eleventh IEEE\/ACM\/IFIP International Conference on Hardware\/Software Codesign and System Synthesis, Pittsburgh, PA, USA.","DOI":"10.1145\/2968456.2973748"},{"key":"ref_11","unstructured":"Ma\u010dek, N., Franc, I., Bogdanoski, M., and Mirkovi\u0107, A. (2016, January 15). Multimodal Biometric Authentication in IoT: Single Camera Case Study. Proceedings of the 8th International Conference on Business Information Security, Belgrade, Serbia."},{"key":"ref_12","unstructured":"Shahim, L.-P., Snyman, D., du Toit, T., and Kruger, H. (2016, January 24\u201328). Cost-Effective Biometric Authentication using Leap Motion and IoT Devices. Proceedings of the Tenth International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2016), Nice, France."},{"key":"ref_13","first-page":"255","article-title":"A lightweight biometrics based remote user authentication scheme for IoT services","volume":"34","author":"Dhillon","year":"2017","journal-title":"J. Inf. Secur. Appl."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Punithavathi, P., Geetha, S., Karuppiah, M., Islam, S.H., Hassan, M.M., and Choo, K.-K.R. (2019). A Lightweight Machine Learning-based Authentication Framework for Smart IoT Devices. Inf. Sci.","DOI":"10.1016\/j.ins.2019.01.073"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1179","DOI":"10.1109\/TIFS.2014.2328095","article-title":"A Delaunay Quadrangle-Based Fingerprint Authentication System with Template Protection Using Topology Code for Local Registration and Security Enhancement","volume":"9","author":"Yang","year":"2014","journal-title":"IEEE Trans. Inf. Forensics Sec."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"1309","DOI":"10.1016\/j.patcog.2013.10.001","article-title":"An Alignment-free Fingerprint Bio-cryptosystem based on Modified Voronoi Neighbor Structures","volume":"47","author":"Yang","year":"2014","journal-title":"Pattern Recognit."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"295","DOI":"10.1016\/j.patcog.2017.01.019","article-title":"Design of Alignment-Free Cancelable Fingerprint Templates with Zoned Minutia Pairs","volume":"66","author":"Wang","year":"2017","journal-title":"Pattern Recognit."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"614","DOI":"10.1147\/sj.403.0614","article-title":"Enhancing security and privacy in biometrics-based authentication systems","volume":"40","author":"Ratha","year":"2001","journal-title":"IBM Syst. J."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"561","DOI":"10.1109\/TPAMI.2007.1004","article-title":"Generating cancelable fingerprint templates","volume":"29","author":"Ratha","year":"2007","journal-title":"IEEE Trans. Pattern Anal. Mach. Intell."},{"key":"ref_20","unstructured":"Zuo, J., Ratha, N.K., and Connell, J.H. (2008, January 8\u201311). Cancelable iris biometric. Proceedings of the 2008 19th International Conference on Pattern Recognition, Tampa, FL, USA."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"H\u00e4mmerle-Uhl, J., Pschernig, E., and Uhl, A. (2009, January 7\u20139). Cancelable iris biometrics using block re-mapping and image warping. Proceedings of the 12th International Conference on Information Security, Pisa, Italy.","DOI":"10.1007\/978-3-642-04474-8_11"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Kanade, S., Petrovska-Delacr\u00e9taz, D., and Dorizzi, B. (2009, January 20\u201325). Cancelable iris biometrics and using error correcting codes to reduce variability in biometric data. Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Miami, FL, USA.","DOI":"10.1109\/CVPR.2009.5206646"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Pillai, J.K., Patel, V.M., Chellappa, R., and Ratha, N.K. (2010, January 14\u201319). Sectored random projections for cancelable iris biometrics. Proceedings of the IEEE International Conference on Acoustics Speech and Signal Processing (ICASSP), Dallas, TX, USA.","DOI":"10.1109\/ICASSP.2010.5495383"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Jenisch, S., and Uhl, A. (2011, January 11\u201314). Security analysis of a cancelable iris recognition system based on block remapping. Proceedings of the 2011 18th IEEE International Conference on Image Processing (ICIP), Brussels, Belgium.","DOI":"10.1109\/ICIP.2011.6116352"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"H\u00e4mmerle-Uhl, J., Pschernig, E., and Uhl, A. (2013, January 4\u20137). Cancelable iris-templates using key-dependent wavelet transforms. Proceedings of the 2013 International Conference on Biometrics (ICB), Madrid, Spain.","DOI":"10.1109\/ICB.2013.6612960"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Rathgeb, C., Breitinger, F., and Busch, C. (2013, January 4\u20137). Alignment-free cancelable iris biometric templates based on adaptive bloom filters. Proceedings of the 2013 International Conference on Biometrics (ICB), Madrid, Spain.","DOI":"10.1109\/ICB.2013.6612976"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Quan, F., Fei, S., Anni, C., and Feifei, Z. (2008, January 20\u201322). Cracking cancelable fingerprint template of Ratha. Proceedings of the 2008 International Symposium on Computer Science and Computational Technology, Shanghai, China.","DOI":"10.1109\/ISCSCT.2008.226"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"1593","DOI":"10.1002\/cpe.3042","article-title":"Attacks via record multiplicity on cancelable biometrics templates","volume":"26","author":"Li","year":"2014","journal-title":"Concurr. Comput. Pract. Exp."},{"key":"ref_29","unstructured":"Tran, Q.N., Wang, S., Ou, R., and Hu, J. (2017). Double-layer secret-sharing system involving privacy preserving biometric authentication. User-Centric Privacy and Security in Biometrics, Institution of Engineering and Technology."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1109\/MC.1998.4655281","article-title":"Exploring steganography: Seeing the unseen","volume":"31","author":"Johnson","year":"1998","journal-title":"Computer"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"739","DOI":"10.1109\/TIP.2004.827237","article-title":"Efficient iris recognition by characterizing key local variations","volume":"13","author":"Ma","year":"2004","journal-title":"IEEE Trans. Image Process."},{"key":"ref_32","unstructured":"VeriEye, S.D.K. (2019, April 19). Neuro Technology. Available online: http:\/\/www.neurotechnology.com\/verieye.html."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"242","DOI":"10.1016\/j.patcog.2018.01.026","article-title":"A Fingerprint and Finger-vein Based Cancelable Multi-biometric System","volume":"78","author":"Yang","year":"2018","journal-title":"Pattern Recognit."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"447","DOI":"10.1016\/j.patcog.2016.08.017","article-title":"A partial Hadamard transform approach to the design of cancelable fingerprint templates containing binary biometric representations","volume":"61","author":"Wang","year":"2017","journal-title":"Pattern Recognit."},{"key":"ref_35","unstructured":"Boncelet, C.G.J., Marvel, L.M., and Retter, C.T. (2003). Spread Spectrum Image Steganography. (No. 6,557,103), U.S. Patent."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Agrawal, N., and Gupta, A. (2009, January 16\u201318). DCT domain message embedding in spread-spectrum steganography system. Proceedings of the Data Compression Conference, Snowbird, UT, USA.","DOI":"10.1109\/DCC.2009.86"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"1995","DOI":"10.1109\/TSP.2003.812753","article-title":"Detection of LSB steganography via sample pair analysis","volume":"51","author":"Dumitrescu","year":"2003","journal-title":"IEEE Trans. Signal Process."},{"key":"ref_38","unstructured":"Qi, X., and Wong, K. (2005, January 11\u201314). An adaptive DCT-based mod-4 steganographic method. Proceedings of the 2005 IEEE International Conference on Image Processing, Genova, Italy."},{"key":"ref_39","unstructured":"(2019, April 19). Online Steganography Program. Available online: https:\/\/stylesuxx.github.io\/steganography\/."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"234","DOI":"10.1049\/el.2014.4182","article-title":"Mutual dependency of features in multimodal biometric systems","volume":"51","author":"Yang","year":"2015","journal-title":"Electron. Lett."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Yang, W., Wang, S., Zheng, G., Chaudhry, J., and Valli, C. (2018). ECB4CI: An enhanced cancelable biometric system for securing critical infrastructures. J. Supercomput.","DOI":"10.1007\/s11227-018-2266-0"},{"key":"ref_42","unstructured":"(2019, April 15). CASIA-IrisV3. Available online: http:\/\/www.cbsr.ia.ac.cn\/IrisDatabase.htm."},{"key":"ref_43","unstructured":"(2019, June 10). MMU-V1 Iris Database. Available online: https:\/\/www.cs.princeton.edu\/~andyz\/irisrecognition."},{"key":"ref_44","unstructured":"Proen\u00e7a, H., and Alexandre, L.A. (2005, January 6\u20138). UBIRIS: A noisy iris image database. Proceedings of the 13th International Conference on Image Analysis and Processing, Cagliari, Italy."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1016\/j.icte.2018.03.001","article-title":"Impact of feature proportion on matching performance of multi-biometric systems","volume":"5","author":"Yang","year":"2018","journal-title":"ICT Express"},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"7107295","DOI":"10.1155\/2018\/7107295","article-title":"Biometrics based Privacy-Preserving Authentication and Mobile Template Protection","volume":"2018","author":"Yang","year":"2018","journal-title":"Wirel. Commun. Mob. Comput."},{"key":"ref_47","unstructured":"Zhao, D., Luo, W., Liu, R., and Yue, L. (2015). Negative iris recognition. IEEE Trans. Dependable Secur. Comput."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1049\/iet-bmt.2015.0071","article-title":"Searching for doppelg\u00e4ngers: Assessing the universality of the IrisCode impostors distribution","volume":"5","author":"Daugman","year":"2016","journal-title":"IET Biom."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Ouda, O., Tsumura, N., and Nakaguchi, T. (2010, January 23\u201326). Tokenless cancelable biometrics scheme for protecting iris codes. Proceedings of the 2010 20th International Conference on Pattern Recognition (ICPR), Istanbul, Turkey.","DOI":"10.1109\/ICPR.2010.222"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"4519548","DOI":"10.1155\/2018\/4519548","article-title":"Iris Template Protection Based on Local Ranking","volume":"2018","author":"Zhao","year":"2018","journal-title":"Secur. Commun. Netw."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1049\/iet-ipr.2012.0452","article-title":"Fast and reliable iris segmentation algorithm","volume":"7","author":"Radman","year":"2013","journal-title":"IET Image Process."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/19\/13\/2985\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:03:13Z","timestamp":1760187793000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/19\/13\/2985"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,7,6]]},"references-count":51,"journal-issue":{"issue":"13","published-online":{"date-parts":[[2019,7]]}},"alternative-id":["s19132985"],"URL":"https:\/\/doi.org\/10.3390\/s19132985","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,7,6]]}}}