biometric encryption
DESCRIPTION
Basic presentation about Biometric Encryption, Algorithm used and its advantages.TRANSCRIPT
BIOMETRIC ENCRYPTION
PRESENTED BY
Divya Kottikkal
• INTRODUCTION• BIOMETRICS• CRYPTOGRAPHY• BIOMETRIC ENCRYPTION• BIOMETRIC ENCRYPTION ALGORITHM• ADVANTAGES• APPLICATION• SUMMARY
INTRODUCTION
• There are billions of computers in the world and they are connected to each other.
• Security becomes a critical problem that must be solved by new reliable and robust identification, verification or cryptographic techniques
• Traditional password or user-id systems are not secure enough to provide full access control to a system.
• In order to improve the security of such systems biometric information could be incorporated into the passwords.
BIOMETRICS
• A biometric is defined as a unique, measurable, biological characteristic for recognizing or verifying the identity of a human being.
• Statistically analyzing these biological characteristics is known as the science of biometrics.
• Biometric technologies for security includes recognition of
• Faces• Fingerprints• Voice• Signature strokes• Iris and retina scans• Keystroke patterns• Ear shape• DNA• Body odor • Gait.
• Biometric identification consists of two stages
Enrollment Verification/identification
ENROLLMENT
• In enrollment stage, a sample of the biometric is acquired.
• In order to decrease the high dimensionality ,a feature extraction phase is applied and form a template of the biometric.
VERIFICATION
• In verification phase, these features are compared with the previously generated biometric template.
CRYPTOGRAPHY
• Cryptography is an important feature of computer security.
• Encryption refers to algorithmic schemes that encode plain text into non-readable form or cyphertext using a “key” providing privacy.
• The receiver of the encrypted text uses a "key" to decrypt the message, returning it to its original plain text form.
• In this scheme ,the security is dependent on the secrecy of the secret or private key.
• Security of the cryptographic key is weak due to practical problems of remembering various passcodes or writing them down to avoid data loss.
• Since the passcode is not directly tied to a user, the system is unable to differentiate between the legitimate user and the attacker.
• Solution for this problem is ‘Biometric Encryption’.
BIOMETRIC ENCRYPTION (BE)
• Biometric Encryption is a process that securely binds a PIN or a cryptographic key to a biometric, so that neither the key nor the biometric can be retrieved from the stored template.
• The key is re-created only if the correct live biometric sample is presented on verification.
• Two phasesENROLLMENTVERIFICATION
ENROLLMENT
110011001011………………..110
01011001…01
Randomly generated key
Biometrically-encrypted key is stored
Biometric Image
100110100010…………………010
Biometric Template
BE binding algorithm
VERIFICATION
101100101010…………………000
Fresh Biometric Template
110011001011………………..110
Biometrically-encrypted key
BE retrieval algorithm
01011001…01
Key retrieved
Fresh Biometric Image
BIOMETRIC ENCRYPTION ALGORITHM
• The objective of the Biometric Encryption algorithm is to provide a mechanism for the linking and retrieval of a digital key using a biometric.
• Biometric might be fingerprint, palmprint, face, iris or retina.
• The resulting digital key is then used as a cryptographic key.
ALGORITHM
• Correlation function
• Enrollment phase
• Verification phase
CORRELATION
• Algorithm uses the entire image instead of using a feature-based approach.
• In order to present the biometric input ,a correlation mechanism is applied.
• The correlation between the input image f1(x) and the obtained image during the verification phase f0(x) is formally defined as
c x FT− 1F1 X F0 X FT -Fourier Transform
• The process of the Biometric Encryption does not extract a simple True/False system
• It produces a more sophisticated output pattern which is linked during enrollment
with a digital key and subsequently regenerated during verification to retrieve the same key.
ENROLLMENT
• Enrollment phase contains three stages.
E-1: Image Processing E-2: Key linking E-3: Identification code creation
FT
FT-1
Hstored(u) id0filter function identification code
LinkAlgorithm
STAGEE-2
k0 n-bit key of filter
c 0(x)outputpattern
Sbits
offilter
STAGE E-3
Identification code creation
STAGE E-1
IMAGE PROCESSING
• E-1: Image Processing Combine a series of input fingerprint images with a random (phase) array to create two output arrays: Hstored(u) and c0(x).
• E-2: Key linking Link a cryptographic key, k0, to the pattern, c0(x), via the link algorithm.
• E-3: Identification code creation Create an identification code, id0, derived from the key, k0.
VERIFICATION
• Verification phase contains three stagesV-1: Image Processing V-2: Key Retrieval V-3: Validation
RetrievalAlgorithm
FT
STAGE
C1(x)output pattern
STAGE V-1
IMAGE PROCESSING
STAGE V-3
k1
bitsS
offilter
id1compareid0
Hstored(u)filter function
FT-1
V-2
• V-1: Image Processing Combine Hstored(u), from the Bioscrypt, with a new
series of input fingerprint images to create an output pattern, c1(x).
• V-2: Key Retrieval Extract a key, k1,
from c1(x) using the retrieval algorithm.
• V-3: Validate the key.
ADVANTAGES
BE technologies can enhance privacy and security.
Some key advantages offered:
1. NO Retention of biometric image or template
2. Multiple / cancelable / revocable identifiers
3. Improved authentication security: stronger binding of user biometric & system identifier
4. Improved security of personal data and communications
5. Greater public confidence, acceptance, use à compliance with privacy & data protection laws
1.No Retention of biometric image or template
• Most privacy and security concerns derive from storage and misuse of the biometric data.
• User retains control and use of their own biometric
2.Multiple / cancelable / revocable identifiers
• BE allows individuals to use one biometric for multiple accounts and identifiers without fear that identifiers will be linked together.
• If an account identifier becomes compromised, there is less risk that all the other accounts will be compromised, i.e., no need to change one's fingers.
• BE technologies make possible the ability to change or recomputed account identifiers; identifiers can be revoked or cancelled, and substituted for newly generated ones calculated from the same biometric.
3.Improved authentication security
• Stronger binding of user biometric & system identifier
• Results are much stronger account identifiers: – longer, more complex identifiers– no need for user memorization– less susceptible to security attacks
4.Improved security of personal data and communications
• Since the key is one's own biometric, used locally, this technology could place a powerful tool in the hands of individuals
APPLICATIONS
• Biometric ticketing for events• Biometric boarding cards for air travel• Identification, credit and loyalty card systems• “Anonymous” (untraceable) labeling of sensitive
records (medical, financial)• Consumer biometric payment systems• Access control to personal computing devices• Personal encryption products• Local or remote authentication to access files held
by government and other various organizations
SUMMARY
• BE technologies exemplify the fundamental privacy and data protection principles
• Although introducing biometrics into information systems may result in considerable benefits, it can also introduce many new security and privacy vulnerabilities, risks, and concerns.
• Novel Biometric Encryption techniques can overcome many of those risks and vulnerabilities, resulting distinct advantages to both security and privacy.