Secret locking: Exploring new approaches to biometric key encapsulation (original) (raw)
Related papers
Biometric cryptosystems: issues and challenges
Proceedings of the IEEE, 2000
In traditional cryptosystems, user authentication is based on possession of secret keys, which falls apart if the keys are not kept secret (i.e., shared with nonlegitimate users). Further, keys can be forgotten, lost, or stolen and, thus, cannot provide nonrepudiation. Current authentication systems based on physiological and behavioral characteristics of persons (known as biometrics), such as fingerprints, inherently provide solutions to many of these problems and may replace the authentication component of the traditional cryptosystems. In this paper, we present various methods that monolithically bind a cryptographic key with the biometric template of a user stored in the database in such a way that the key cannot be revealed without a successful biometric authentication. We assess the performance of one of these biometric key binding/generation algorithms using the fingerprint biometric. We illustrate the challenges involved in biometric key generation primarily due to drastic acquisition variations in the representation of a biometric identifier and the imperfect nature of biometric feature extraction and matching algorithms. We elaborate on the suitability of these algorithms for the digital rights management systems.
A biometric-based scheme for enhancing security of cryptographic keys
2004
In public key cryptography, the security of private keys is of vital importance. If a private key is ever compromised, it can be used to sign forge documents or to decrypt secret messages. Conventional methods such as password-based encryption that are used for safe custody of private keys do not provide adequate security due to very low entropy in user chosen passwords. In order to enhance the security of private keys, we propose a novel biometric-based method that dynamically regenerates the private key of a user rather than storing it directly in an encrypted form. Our proposed algorithm is capable of regenerating key lengths that can meet the current security requirements of any public key algorithm and is more secure than conventional methods of protecting private keys using password-based encryption.
Keynote Paper: Biometric Encryption: Technology for Strong Authentication, Security and Privacy
The International Federation for Information Processing
This paper looks at privacy-enhanced uses of biometrics, with a particular focus on the privacy and security advantages of Biometric Encryption (BE). It considers the merits of Biometric Encryption for verifying identity, protecting privacy, and ensuring security. In doing so, it argues that BE technologies can help to overcome the prevailing "zero-sum" mentality, which posits that adding privacy to identification and information systems will necessarily weaken security and functionality. It explains how and why BE technology promises a "win-win" scenario for all stakeholders. 1 Biometrics and Privacy During the past decade we have witnessed a rapid evolution and maturation of biometric (and other) information technologies. Biometric technologies are now being deployed in a wide range of public and private sector uses and applications, including: physical and logical access controls, attendance recording, payment systems, crime and fraud prevention/detection, and border security controls. Biometric technologies are now reaching an important threshold in terms of general awareness, acceptance and widespread use. Biometric technologies promise many benefits, including stronger user authentication, greater user convenience, and improved security and operational efficiencies. Biometric technologies are not, however, without their challenges and their risks. These include some important technological challenges (such as accuracy, reliability, data security, user acceptance, cost, and interoperability), as well as challenges associated with ensuring effective privacy protections. Of particular concern when we talk about biometrics is the concept of informational privacy, referring generally to an individual's personal control over the collection, use and disclosure of recorded information about them, as well as to an organization's responsibility for data protection and the safeguarding of personally identifiable information (PII), in its custody or control. A lack of informational privacy can have profound negative impacts on user confidence, trust, and the usage of a given information technology, specific application or deployment, or even an entire industry.
2018
Recent years have witnessed an increase in demand for biometrics based identification, authentication and access control (BIA) systems, which offer convenience, ease of use, and (in some cases) improved security. In contrast to other methods, such as passwords or pins, BIA systems face new unique challenges; chiefly among them is ensuring long-term confidentiality of biometric data stored in backends, as such data has to be secured for the lifetime of an individual. Cryptographic approaches such as Fuzzy Extractors (FE) and Fuzzy Vaults (FV) have been developed to address this challenge. FE/FV do not require storing any biometric data in backends, and instead generate and store helper data that enables BIA when a new biometric reading is supplied. Security of FE/FV ensures that an adversary obtaining such helper data cannot (efficiently) learn the biometric. Relying on such cryptographic approaches raises the following question: what happens when helper data is lost or destroyed (e....
Biometric Key Capsulation Technique Based on Fingerprint Vault: Anatomy and attack
2008 3rd International Conference on Information and Communication Technologies: From Theory to Applications, 2008
All cryptographic algorithms have a proven security but they suffer from the key management problems: hiding a key and unlocking it with biometric or other approximately matching data. We propose a practical key capsulation mechanism with a simple and intuitive design concept to overcome the management and security issues. Capsulation process solved the problems of key management and distributes level of security on capsulation shields. Keys entropy depends on level of shielding, secret key depend on degree of polynomial, while encryption key depend on constructed vault entropy, and it is slightly more efficient in terms of encryption/decryption speed because it used a heading capsulation technique on covering the ciphertexts. Our results in term of attack computation complexity analysis are encouraging, while it is acceptable for the authorized users.
A Proposal for a Biometric Key Dependent Cryptosystem
Global journal of computer science and technology, 2010
With the increasing reliance on electronic information, which needs to be exchanged across the internet or stored on open networks, cryptography is becoming an increasingly important feature of computer security. A biometric key dependent cryptosystem is proposed, to ensure the security of the whole system by using fingerprint features as a key in a cryptosystem, like, key-dependent Advanced Encryption Standard (KAES). KAES is used to ensure that no trapdoor is present in cipher and to expand the key-space to slow down attacks.
Privacy preserving multi-factor authentication with biometrics
Journal of Computer Security, 2007
An emerging approach to the problem of identity theft is represented by the adoption of biometric authentication systems. Such systems however present several challenges, related to privacy, reliability and security of the biometric data. Inter-operability is also required among the devices used for authentication. Moreover, very often biometric authentication in itself is not sufficient as a conclusive proof of identity and has to be complemented with multiple other proofs of identity such as passwords, SSN, or other user identifiers. Multi-factor authentication mechanisms are thus required to enforce strong authentication based on the biometric and identifiers of other nature.
Biometrics, Access Control, Smart Cards: A Not So Simple Combination
Smart Card Research and Advanced Applications, 2000
Although biometrics can be an useful component for access control, the security they procure is often overestimated, as if they were a magic tool whose simple use will automatically prevent each and every type of attack. Biometrics are not secure unless they are embedded in a strong cryptographic protocol, whose design pays special attention to their specificities. In particular, smart card reveals to be an useful and efficient partner of biometrics for such a protocol. This paper reviews and discusses the most important issues raised by biometrics and presents a secure authentication protocol skeleton. * Work partially done within the European IST project BANCA
Biometric Key Capsulation Technique Based on Fingerprint Vault: Analysis and attack
All cryptographic algorithms have a proven security but they suffer from the key management problems: hiding a key and unlocking it with biometric or other approximately matching data. We propose a practical key capsulation mechanism with a simple and intuitive design concept to overcome the management and security issues. Capsulation process solved the problems of key management and distributes level of security on capsulation shields. Keys entropy depends on level of shielding, secret key depend on degree of polynomial, while encryption key depend on constructed vault entropy, and it is slightly more efficient in terms of encryption/decryption speed because it used a heading capsulation technique on covering the ciphertexts. Our results in term of attack computation complexity analysis are encouraging, while it is acceptable for the authorized users.
Enhancing Information Security and Privacy by Combining Biometrics with Cryptography
2012
Securing information during its storage and transmission is an important and widely addressed issue. Generally, cryptographic techniques are used for information security. In cryptography, the general idea is to transform the information during a phase called encryption, before being stored or transmitted, based on a secret key. This secret key is required in order to retrieve the information from the transformed data during decryption. These secret keys are generally too long for a user to remember, and therefore, need to be stored somewhere. The drawback of cryptography is that these keys are not strongly linked to the user identity. In order to strengthen the link between iii I would like to thank Ashish Gupta for his help, support, and encouragement throughout my stay here. I also thank Dr. Sandoche Balakrishnan, Dr. Mahendiran Prathaban, and Dr. Manoj Panda for making my stay in France easier. I also thank my friends Bhushan Patil, Baghyesh Patil, Dhiraj Magare, and Bapusaheb Chavan for their help during various stages of my career. I also thank my friends Avinash, Yogesh, Prashant, Chandra, and Dipak for the emotional support. Finally, I owe whatever I am to my parents Mr. Ganesh and Mrs. Mangala Kanade, and also to other members of my family, my grandmother Triveni, brothers Deepak and Ajay, sisters-in-law Savita and Snehal, nephews Dhruv and Avaneesh, and niece Krutika. Their constant support and sacrifices have made this thesis possible.