exploitation of smart cards and human biometrics attributes rndr. luděk smolík martin drahanský
TRANSCRIPT
Exploitation of smart Exploitation of smart cards and human cards and human
biometrics attributesbiometrics attributes
RNDr. Luděk Smolík
Martin Drahanský
Smart CardA card-shaped portable data carrier that contains one or more integrated circuits for data storage and processing. A typical smart card chip includes a microprocessor or CPU, ROM (for storing operating instructions), RAM (for storing data during processing) and EPROM (or
EEPROM) memory for nonvolatile storage of information.
BiometricsThe automated technique of measuring a physical characteristic or personal trait of an individual and comparing that characteristic to a comprehensive
database for purposes of identification.
Biometrics
Physical Behavioural
Hand
Face
Finger Signature Keystroke
VoiceRetina
Iris
Usage of the Different Biometric Characteristics (1999)
Fingerprint Sensors
Optical sensor
Ultrasonic sensor
E-field sensor
Polymer TFT sensor (Thin Film Transistor)
Thermal sensor
Capacitive sensor
T
R
papillary lines
Ultrasonic method of acquiring fingerprint representation is based on sending acoustic signals towards the finger surface and detecting the echo.
Ultrasonic Transducer short pulse ~ 20 ns
Ultrasonic Receiver
0.3 - 0.9 mm
ridge
valey
= =
SW1 SW2+
VCC
VRef
Comparator
Counter0.......255CC
Finger surface CP
224
288
8-bit per pixel
Capacitive Sensor in CMOS Technology(infineon)
2550wat
er air
N
Fingerprint classes
Plain Arch Left Loop Right Loop
Tended Arch Whorl
Minutiae
Ridge Ending
Bifurcation
Island
Lake
Dot
Back
Bridge
Diagonal
X
Trifurcation
Hook
Break
DiversionDelta
Double Bifurcation
How the Technology Works
Original Orientation Binarized Thinned Minutiae Minutia Graph
Vectors:
V1.....Vn
Template
one way
Identification / Verification
Identification (One-to-Many)
Verification (One-to-One)
Fingerprint search that compares the minutiae from a candidate
fingerprint image against the fingerprint minutiae database to
determine whether or not the candidate exists in the database.
Fingerprint search that compares the minutiae from an individual's
live fingerprint image against fingerprint minutiae stored on a card
or in a specific database record to determine whether or not the
individual is who he or she claims to be.
ABCDEFF ,
ABCDEF
Smart Card - Logical Structure
NPU RAM
CPU EEPROM
ROM
I/OCLKRSTVCC
GND
NPU : numerical processing unit (cryptographic co-processor),
Smart Card - File Structure
Container for data (cryptographic key)or “programs”
Access with PIN
Problem & Solution
SensorSmart Card Microprocessor
Problem & Solution
NPU RAM
CPU EEPROM
ROM
I/O
Readout
Cryptography
Com.
“VP-Channel”
Conclusion• Protection of the users “private keys” is very important
• PKI solutions store keys in a PSE (Personal Security Environment) or on smart card
• Access control is traditionally done by password or PIN
• Biometrics can replace password and PIN
• Access to the private keys can be controlled by a biometric characteristic
• Non-transferability of biometric characteristics is important for Electronic Signature
• There is no “real” smart card with fingerprint sensor “on board”
• There is no “real matching” on a smart card, existing CPU for smart card have not sufficient computing power (~20 mips needed)
• The existing recognition algorithms are not faulty tolerant enough
f ( ) = 010......0100101