Biometric Cryptosystems. Seminar by Sylvain Blais for COMP4109

Similar documents
Template and Database Security in Biometrics Systems: A Challenging Task

Two-Factor Authentication or How to Potentially Counterfeit Experimental Results in Biometric Systems

Analysis of Multimodal Biometric Fusion Based Authentication Techniques for Network Security

Cryptographic key generation using handwritten signature

ERROR TOLERANCE TECHNIQUES FOR BINDING CRYPTOGRAPHIC KEY WITH BIOMETRICS

Review Article Biometric Template Security

addressed. Specifically, a multi-biometric cryptosystem based on the fuzzy commitment scheme, in which a crypto-biometric key is derived from

Application of Biometrics to Obtain High Entropy Cryptographic Keys

Three Factor Scheme for Biometric-Based Cryptographic Key Regeneration Using Iris

Identity theft is a growing concern

Accuracy and Security Evaluation of Multi-Factor Biometric Authentication

Biometric Authentication using Online Signature

MULTIMEDIA CONTENT PROTECTION VIA BIOMETRICS-BASED ENCRYPTION. Umut Uludag and Anil K. Jain

Personal Identification Techniques Based on Operational Habit of Cellular Phone

Application-Specific Biometric Templates

Dr.R.Venkatesan Professor and Head, Department of CSE, PSG College of Technology Coimbatore, Tamilnadu, India

Multimodal Biometric Recognition Security System

Biometrics is the use of physiological and/or behavioral characteristics to recognize or verify the identity of individuals through automated means.

Multimedia Document Authentication using On-line Signatures as Watermarks

Ensuring Privacy of Biometric Factors in Multi-Factor Authentication Systems

A Generic Framework for Three-Factor Authentication

BIOMETRIC AUTHENTICATION SECURITY AND USABILITY

Development of Attendance Management System using Biometrics.

Security & Privacy in Biometric Systems Two Hindering Requirements?

Biometric Based Cryptographic Key Generation from Faces

Multi-Factor Authentication

Public Auditing & Automatic Protocol Blocking with 3-D Password Authentication for Secure Cloud Storage

Lecture VII : Public Key Infrastructure (PKI)

INVESTIGATIVE STUDY FOR ENHANCING SECURITY, PRIVACY USING AMBIENT INTELLIGENCE IN CONTEXT SENSITIVE SYSTEMS

956 IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 4, NO. 4, DECEMBER 2009

Security of Biometric Authentication Systems Parvathi Ambalakat

Opinion and recommendations on challenges raised by biometric developments

How To Secure A Computer System From A Hacker

Biometrics for payments. The use of biometrics in banking

Advanced Authentication

Implementation of Biometric Techniques in Social Networking Sites

Implementation of biometrics, issues to be solved

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Vulnerabilities of Biometric Authentication Threats and Countermeasures

Interoperable Protected Fingerprint Minutiae Templates. Xue Li

Automatic Biometric Student Attendance System: A Case Study Christian Service University College

May For other information please contact:

SFWR ENG 4C03 - Computer Networks & Computer Security

Biometrics for Payment Applications. The SPA Vision on Financial Match-on-Card

Fingerprint-based crypto-biometric system for network security

A Generic Framework to Enhance Two- Factor Authentication in Cryptographic Smart-card Applications

WHITE PAPER AUGUST Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords

Spanish Certification Body. Challenges on Biometric Vulnerability Analysis on Fingerprint Devices. New. Technical Manager September 2008

IDRBT Working Paper No. 11 Authentication factors for Internet banking

Biometrics & Authentication Technologies: security issues. Andy Adler Systems and Computer Engineering Carleton University, Ottawa

Authentication Scheme for ATM Based On Biometric K. Kavitha, II-MCA IFET COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER APPLICATIONS

Secure Personal Recognition System based on Hashes Keys

Mathematical Model Based Total Security System with Qualitative and Quantitative Data of Human

NIST E-Authentication Guidance SP and Biometrics

SECURE BIOMETRIC SYSTEMS

CSC Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

Measuring Performance in a Biometrics Based Multi-Factor Authentication Dialog. A Nuance Education Paper

Application of Automatic Variable Password Technique in Das s Remote System Authentication Scheme Using Smart Card

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

How To Improve Security Of An Atm

Article. Electronic Notary Practices. Copyright Topaz Systems Inc. All rights reserved.

Multi-Factor Biometrics: An Overview

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Smart Cards and Biometrics in Privacy-Sensitive Secure Personal Identification Systems

Support Vector Machines for Dynamic Biometric Handwriting Classification

Towards the Security Evaluation of Biometric Authentication Systems

Secure Biometric Key Generation Scheme for Cryptography using Combined Biometric Features of Fingerprint and Iris

Journal of Electronic Banking Systems

Integration of Biometric authentication procedure in customer oriented payment system in trusted mobile devices.

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Cryptography & Digital Signatures

Strong Encryption for Public Key Management through SSL

Alternative authentication what does it really provide?

Research Article. Research of network payment system based on multi-factor authentication

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

White Paper: Multi-Factor Authentication Platform

BehavioSec participation in the DARPA AA Phase 2

Using Strong Authentication for Preventing Identity Theft

Voice Authentication for ATM Security

Keywords: fingerprints, attendance, enrollment, authentication, identification

Authentication Protocols Using Hoover-Kausik s Software Token *

Method of Combining the Degrees of Similarity in Handwritten Signature Authentication Using Neural Networks

Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology

CS 758: Cryptography / Network Security

Online Voting System Using Three Factor Authentication

Framework for Biometric Enabled Unified Core Banking

True Identity solution

User Authentication Methods for Mobile Systems Dr Steven Furnell

A Comparative Study on ATM Security with Multimodal Biometric System

I. INTRODUCTION. of the biometric measurements is stored in the database

NFC & Biometrics. Christophe Rosenberger

Secure communications via IdentaDefense

Detecting Credit Card Fraud

ISO Biometric Template Protection

An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Understanding and Integrating KODAK Picture Authentication Cameras

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Transcription:

Biometric Cryptosystems Seminar by Sylvain Blais for COMP4109

INTRODUCTION All cryptosystems requires some sort of user authentication Key management system needs a way to release a cryptographic key. Are current systems secure enough? Biometrics solves many security issues but it is very challenging Encryption/Decryption using biometrics

CONTENT Background on biometrics Overview of key concepts in biometric cryptosystems(bcs) Description of current schemes including examples Quiz

BACKGROUND ON BIOMETRICS Science of measuring and analyzing human characteristics Physiological traits Behavioural traits

BACKGROUND ON BIOMETRICS Specific hardware are used to extract those features Mostly used as form of identity authentication They are UNIQUE!! and they CAN T BE LOST!!

BACKGROUND ON BIOMETRICS Information need to be shared with a trusted 2nd-party Biometric data need to be stored in a secure database More than one biometric templates might be required No biometrics are optimal

BACKGROUND ON BIOMETRICS Comparison of Various Biometric Technologies[2] High / Medium / Low

BACKGROUND ON BIOMETRICS New research field: Biometric cryptosystems Research goals: How to generate cryptographic keys out of biometric measurements how to hide and retrieve user-specific cryptographic keys in and out of biometric data how to generate several forms of biometric templates from a single biometric measurement

KEY CONCEPTS IN BCS Current cryptosystems depends on the secrecy of the secret or private key and authentication is possession-based Systems don t know if the user is a legitimate person or an attacker. Biometrics replaces password-based authentication They can also be used to generate a cryptographic key or biometric hash

KEY CONCEPTS IN BCS - Biometric Variance - Matching process in a password-based authentication system is not difficult to engineer because the result is perfectly calculated In biometrics, two measurements of the same person s biometrics cannot be expected to be equal The challenge lies in finding the trade-off between amount of fuzziness the system can handle and the security it provides One way to deal with fuzziness => finding significant biometric features

KEY CONCEPTS IN BCS - Biometric Authentication Systems - Biometric Sensor Feature Extraction Database Biometric Matcher - Two processes are involved: Enrollment and Authentication

KEY CONCEPTS IN BCS Biometric Authentication system diagram[4]

KEY CONCEPTS IN BCS - Performance Measurement - Two type of errors: False Acceptance and False Rejection Measure Description False Acceptance Rate (FAR) Ratio between numbers truly non-matching samples which are matched by the system and total number of tests (including to first two rates as well) False Rejection Rate (FRR) Ratio of truly matching samples, which are not matched by the system and total numbers of tests (including to first two rates as well) Equal Error Rate (EER) The point on the error rate diagrams where FAR and FRR are equivalent.

KEY CONCEPTS IN BCS - Biometric Key - Biometric component performs user authentication while a generic cryptosystem handles the other components => Biometric key release But this can method creates a few issues...

KEY CONCEPTS IN BCS - Biometric Key - Hide a cryptographic key within the user s biometric template => Biometric key generation and key binding Again no solution is perfect

DESCRIPTION OF BCS SCHEMES 3 type of schemes in BCS: Key Release Scheme Key Binding Scheme Key Generation Scheme

DESCRIPTION OF BCS SCHEMES - Key Release Scheme - Biometric authentication decoupled from the cryptographic part of the system. Easy to implement but not used frequently because of major vulnerabilities: Template needs to be stored in database which means it can be stolen Change to the biometric matching process Cryptographic key has to be stored as part of the template Not appropriate for high security application

DESCRIPTION OF BCS SCHEMES - Key Generation and Binding Schemes - User s key is directly derived from the user s biometric data so it doesn t have to be stored anywhere! Helper data: public biometric-dependent information Helper data doesn t contain anything about the original biometric template Helper data are derived using either Key Generation systems or Key Binding systems

DESCRIPTION OF BCS SCHEMES - Key Binding Scheme - Helper data are obtained by binding a secret key to a biometric template. Keys are obtained at authentication by applying a key retrieval algorithm One of the most popular BCS is a key binding system called Fuzzy Vault

DESCRIPTION OF BCS SCHEMES - Key Binding Scheme: Fuzzy Vault - Introduced by Ari Juels and Madhu Sudan from RSA Laboratories in 2002. Alice place a secret value k in a fuzzy vault and lock it using a set of A elements from some public universe U. If Bob tries to unlock the vault using a set B of similar length, he obtains k only if B overlap substantially over A. Fuzzy vault is a form of error-tolerant encryption operation where keys consists of sets which are biometric templates in a biometric implementation.

DESCRIPTION OF BCS SCHEMES - Key Binding Scheme: Fuzzy Vault - Enrollment Authentication Secret k Biometric Input Template Biometric Input Feature Set A Polynom p Vault Feature Set B Error Correcting Code Chaff Points Polynom p Secret k

DESCRIPTION OF BCS SCHEMES - Key Binding Scheme: Fuzzy Vault - The security of the whole scheme lies with the unfeasibility of the polynomial reconstruction and the number of applied chaff points. Multiple schemes based on Fuzzy Vault have been proposed using different biometrics. Results are measured using FRR and FAR

DESCRIPTION OF BCS SCHEMES - Key Generation Schemes - Generating keys directly out of biometric templates No implementation of this scheme as of now exist Biometric characteristics doesn t provide enough information to extract a reliable, updatable key without the use of any helper data. The Quantization schemes were proposed by various authors, each using the same basics idea.

DESCRIPTION OF BCS SCHEMES - Quantization Schemes - Enrollment Authentication Biometric Inputs Template Hash or Key Biometric Input Feature Extraction Interval Definition Intervals Interval Mapping Feature Extraction Interval Encoding

CONCLUSION There are other concepts and approaches in biometric cryptography which are currently researched. Ex. Cancelable biometric Most BCS are still in the development phases but some first deployments are available. Ex Genkey - fingerprint-key generation solutions Identity theft and fraud will rise the demands for stronger security schemes involving biometrics Research still need to be conducted in the field of biometric cryptosystems

Questions?

REFERENCES [1] Uludag U., Pankanti S., Prabhakar S., Jain A.K. Biometric Cryptosystems: Issues and Challenges, Preceeding of the IEEE, vol 92, no.6 June 2004 [2] Rathgeb C., Uhl C., A survey on biometric cryptosystems and cancelable biometrics, EURASIP Journal on Information Security, 2011 [3] Rathgeb C., Iris-based Biometric Cryptosystems Doctorat thesis presented to the Department of Computer Science at the University of Salzburg, Autria, November 2008 [4]Biometric system diagram.png from Wikimedia Commons. Permission granted under the GNU Free Documentation Licence. http://en.wikipedia.org/wiki/file:biometric_system_diagram.png

QUIZ 1. Name 1 physiological and 1 behavioural trait used in biometric cryptosystems? 2. Name the 2 main processes involved in biometric cryptosystems? 3. True or False. You improved your biometric cryptosystem algorithm by adjusting your error threshold to lower both your false acceptance rate(far) and false rejecting rate(frr). 4. What is one of the greatest challenge when dealing with biometric cryptosystems? (hint: think about biometrics measurements) 5. In the biometric cryptosystem Fuzzy Vault scheme, how is the vault created?

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information