Evaluating the Security of Handwriting Biometrics
Lucas Ballard
Department of Computer Science
Johns Hopkins University
Abstract
Ongoing interest in biometric security has resulted in much work on
systems that exploit the individuality of human behavior. In this
talk, we study the use of handwritten passphrases in the context of
authentication or cryptographic key generation. We demonstrate that
accurate generative models for a targeted user's handwriting can be
developed based only on captured static (offline) samples combined
with pen-stroke dynamics learned from general population
statistics. Our work suggests that such automated attacks are nearly
as effective as skilled human forgers and hence deserve serious
consideration when evaluating the security of systems that use
handwriting as a biometric.