research article a fingerprint encryption scheme based on

Research ArticleA Fingerprint Encryption Scheme Based on IrreversibleFunction and Secure Authentication

Yijun Yang Jianping Yu Peng Zhang and Shulan Wang

ATR Key Laboratory of National Defense Technology Shenzhen University Shenzhen 518060 China

Correspondence should be addressed to Jianping Yu yujpszueducn

Received 27 June 2014 Accepted 24 August 2014

Academic Editor Shengyong Chen

Copyright copy 2015 Yijun Yang et al This is an open access article distributed under the Creative Commons Attribution Licensewhich permits unrestricted use distribution and reproduction in any medium provided the original work is properly cited

A fingerprint encryption scheme based on irreversible function has been designed in this paper Since the fingerprint templateincludes almost the entire information of usersrsquo fingerprints the personal authentication can be determined only by the fingerprintfeaturesThis paper proposes an irreversible transforming function (using the improved SHA1 algorithm) to transform the originalminutiae which are extracted from the thinned fingerprint image Then Chinese remainder theorem is used to obtain the biokeyfrom the integration of the transformed minutiae and the private key The result shows that the scheme has better performance onsecurity and efficiency comparing with other irreversible function schemes

1 Introduction

Biometric feature recognition is the technology using differ-ent biometric features or personal behaviors from an indi-vidual to identify one person Comparing to other biometricfeatures fingerprint recognition technology hasmany advan-tages It is common stable and precise and cannot be easilyfaked The probability of finding two selfsame fingerprintsis merely one in five billion Therefore it becomes the mostwidely applied technology in the biometric feature recog-nition field and it makes life more convenient and secureHowever since the fingerprint recognition has been appliedin many fields more and more attackers have emergedand the security has been fiercely threatened Furthermorefingerprint will stay the same in all lifetime which meansin case the fingerprint information has been revealed itis no longer safe permanently To assure the security offingerprint recognition fingerprint encryption technologyhas been developed

There are some significant achievements on Fuzzy Vaultin the past several years In 2002 the conception of FuzzyVault was proposed by Juels and Sudan [1] who providean effective private key combining algorithm Then thebiometric encryption becomes a hot issue in the worldBased on that Clancy et al [2] bring up the conception

of ldquofingerprint vaultrdquo although the hypothesis of its noisedistribution may not be practicable Uludag and Jain give thedefinition of Fuzzy Vault for fingerprint [3] and point out thatthe fingerprint vault in Clancyrsquos authentication algorithmwillbe affected if the image has beenmoved or rotatedTheyfirstlyuse the helper data to verify the fingerprint

All of these researches have not considered the security offingerprint template itself Subsequently Nandakumar et al[4] propose a Fuzzy Vault encryption algorithm based onpassword where the transformed fingerprint vault stores thetransformed minutiae not the original ones The systemis under double protection and the private key will notbe revealed until the attackers have breached this doubleprotection at the same time Caixia and Lin [5] encrypt theminutiae with password Their encryption algorithm is justto do simple exclusive-or calculation to the coordinate ofeach minutia and then joint the transformed minutiae inseries However the property of irreversibility has not beenproved in their paper Zhang et al [6] propose a cancelablefingerprint Fuzzy Vault scheme and build an irreversiblefunction based on password Then they use the transformedminutiae to compose the fingerprint vault The principalpart of the irreversible function is SHA256 which cannotguarantee the irreversibility In order to decrease the FRR

Hindawi Publishing CorporationComputational and Mathematical Methods in MedicineVolume 2015 Article ID 673867 10 pageshttpdxdoiorg1011552015673867

2 Computational and Mathematical Methods in Medicine

(false reject rate) and FAR (false accept rate) the timecomplexity is increased in all above-mentioned Fuzzy Vaultscheme based on password

This paper is organized as follows Firstly the minutiaeare extracted from the thinned fingerprint image In orderto weaken the influence from noises a threshold is set toremove the fake minutiae Secondly an irreversible functionis designed to protect the security of fingerprint At lastthe Chinese remainder theorem (CRT) is used for both theprivate key binding and the private key recovering Then thecancelable fingerprint vault is encrypted in order to guaranteethe security of private key and fingerprint vault in storage

2 Preliminary

21 Fuzzy Vault The Fuzzy Vault algorithm can be dividedinto two steps Figures 1 and 2 show the encryption processingand decryption processing of Fuzzy Vault respectively

Encryption 119878 is the private key It is encrypted by user 1 withvault 119860 (short for fingerprint vault 119860) Firstly 119878 is dividedinto 119899 average parts each part becomes a coefficient of thepolynomial Use that polynomial to calculate119875(119860) and obtainthe pair set (119860 119875(119860))Then a large amount of random noisesare created (the number of noises is 10 times larger than thereal minutiae) the real minutiae and noises are mixed up tocompose vault 119860

Decryption In order to obtain the private key that user 1 hidesin vault 119860 user 2 has to guarantee that set 119861 used to unlockvault 119860 has enough superposition with vault 119860 Otherwise itis quite difficult to rebuild the polynomial 119875 Finally the RScode is used for decreasing the noise

22TheHash Function Thehash function has been deployedas an important component in information security andcryptography It takes a message 119872 less than 264 bits andproduces a hash value with fixed length It can be defined asfollows

119867 119872 997888rarr ℎ (1)

A good hash function should be irreversible and anticol-lision

If a hash function is anti-strong collision it is alsoirreversible Assume that ℎ is a hash function and Λ is theoracle which can obtain 119909 when the input 119910 = ℎ(119909) isgiven In other words this oracle can break the property ofirreversibility and can obtain another 119909

0to the same input

where 119910 = ℎ(1199090) Since the input of hash function is random

a strong collision of ℎ is found when 119909 = 1199090

There are some common hash functions such as MDRIPEMD and SHA The SHA1 algorithm has been designedby NIST in 1995 It has been applied widely The following isthe process of SHA1

Step 1 The input message should be padded and thenprocessed in 512-bit blocks Each block is divided into 16parts of 32-bit length and finally obtain 80 message words119882[119895] (0 le 119895 le 79)

Step 2 Initialize the five 32-bit registers 119860 119861 119862 119863 and 119864 asthe temporary memorizer of the 160-bit output

Step 3 There are 80 iterations in 4 rounds where each roundhas 20 iterationsThe iteration of the 119895th step in the 119894th roundcan be described as

119860119895+1= (119860

119895119877119874119879119871

5) + 119891119894(119861119895 119862119895 119863119895) + 119864119895+119882[119895] + 119870

119894

119861119895+1= 119860119895

119862119895+1= 119861119895119877119874119879119871

30

119863119895+1= 119862119895

119864119895+1= 119863119895

(2)

119877119874119879119871119908 denotes a left bit rotation by 119908 places 119882[119895] is the

expanded message word of round 119895 and 119870119894is the round

constant of round 119894 119891119894(119861119895 119862119895 119863119895) is a nonlinear function

which is different in 4 rounds

Step 4 The 160-bit output of the last block becomes the inputof the next block After processing the last block the registers119860 119861 119862119863 and 119864 add their original value respectively Thenthe 160-bit chaining variable is the final outcome of SHA1

23 The Small Integer Solution Problem 119878119868119878119901119898120594

Let 119896 be thesecurity parameter Define an integer 119901 a matrix 119865 isin 119885

119896

119901

and a real number 120594 The solution of this problem is to finda nonzero integral vector 119911 isin 119885119898 (119911 le 120594) which makes119865 times 119911 = 0 mod 119901

24 The 11986611986011987511987811988111987514120587radic119896120594

Problem Let 119896 be the security para-meter The input of 119866119860119875119878119881119875

14120587radic119896120594is a 119896-dimension lattice

with the basis of 119861 If 120582(119861) le 119889 the output is ldquoYESrdquo If 120582(119861) gt120574 times 119889 120574 gt 1 the output is ldquoNOrdquo

To any random polynomial function 120594(119896) 119898(119896) 119901(119896) =119896119874(1) if 119901 ge 4radic119898119896

15120594 and 120574 = 14120587radic119896120594 the security of

119866119860119875119878119881119875120574is equivalent to the difficulty of 119878119868119878

119901119898120594

25 CRT CRT is one of the famous theorems in mathemat-ics It can be described as follows Let 119872 = 119898

1times 1198982times

sdot sdot sdottimes119898119896These 119896 positive integers119898

1 1198982 119898

119896are relatively

prime to each other For any big integer 119883 mod 119898119894=

119886119894(119894 = 1 2 119896) it can be calculated as 119883 = (sum

119896

119894=1

(119872119898119896)119890119896119886119896) mod119872 where (119872119898

119894)119890119894= 1 mod 119898

119894

3 The Proposed Irreversible FingerprintEncryption Scheme

In order to resist the multiple templates attack a cancelableFuzzy Vault scheme based on irreversible function hasbeen proposed in this section Firstly the real minutiae areextracted from the registered fingerprint image and thenan irreversible function using different parameters has beendesigned An improved SHA1 function has been proposed totransform the original minutiae In the following section the

Computational and Mathematical Methods in Medicine 3

Polynomialprojection

01001101 0100110110

CRCconstruction

Template

Chaff(generation +

List

Secret(S) encoding(SC)Polynomial(P)

minutiae(T)

Vault(V)scrambling(VS)

C)

Figure 1 Encryption of Fuzzy Vault for fingerprint

Query

Candidate pointidentification

Combination setsidentification

Lagrangeinterpolation

middot middot middot

YesNo

01001101

CRC ok

minutiae(Q)

Vault(V)

Extract S

Figure 2 Decryption of Fuzzy Vault for fingerprint

positive integers which are relatively prime to each other arecreated and the CRT is used to combine the private key withthe transformed fingerprint vault and finally the cancelablefingerprint vault is obtained

31 The Improved Fingerprint Minutiae Extraction Algorithm

311 The Traditional Minutiae Extraction Algorithm Theminutiae extraction algorithm canmainly be divided into twodifferent categories extracting minutiae from the thinnedfingerprint image or extracting minutiae from the originalfingerprint image directly Besides [7] also provides a newimage extracting method The disadvantage of the first cate-gory is that it will create lots of fake minutiae and consume alot of time The disadvantage of the second category is that ithas a poor performance on low-quality fingerprint image

Since the low-quality images are very common this paperextracts minutiae from the thinned fingerprint image As

P1 P2 P3

P4

P5P6P7

P8 P

Figure 3 The 8 adjacent pixels of 119875

shown in Figure 3 let 119875 be the object pixel and then thereare 1198751 119875

8surrounding it These eight points are defined

as the eight adjacent pixels of 119875


Table 1 The contrast between the traditional algorithm and this paper (in 20 images)

Minutiae detected Fake minutiae Lost minutiae FAR FRRBased on thinned fingerprint image 496 66 21 146 47After removing the fake minutiae 411 4 44 09 98

Burr

Conjoint lines

Short line

Hole

Gap

Figure 4 Noises of the thinned fingerprint image

Define

119879sum (119875) =8

sum

119894=1

119875119894

119879sub (119875) =8

sum

119894=1

1003816100381610038161003816119875119894+1 minus 1198751198941003816100381610038161003816 (1198759 = 1198751)

(3)

For any random pixel 119875 if 119879sum(119875) = 1 or 119879sub(119875) = 2 119875is the termination minutia of the ridge line If 119879sum(119875) = 3 or119879sub(119875) = 6 119875 is the bifurcation minutia of the ridge line

312 The Removal of Fake Minutiae The minutiae afterextractionmay containmany fakeminutiae In this paper thefake minutiae can be removed after the minutiae extractionfrom the thinned fingerprint image Defining a threshold 119863when the distance of any two minutiae is less than 119863 thesetwo minutiae should be removed as follows

(1) If the two minutiae are both termination minutiaeand have almost the same orientation these two fakeminutiae are formed from short lines or gap

(2) If the two minutiae are both bifurcation minutiaethese two fake minutiae are formed from holes orconjoint lines

(3) If one minutia is a termination minutia and the otheris a bifurcation minutia these two fake minutiae areformed from burr

All the above-mentioned fake minutiae have been shownin Figure 4

As it is shown in Table 1 although the fake minutiaeremoval processing will remove a few real minutiae it

can remove almost the entire fake minutiae and therebyeffectively decrease the FAR

The noise can also be characterized by data processingwhich aims to extract useful information from mass dataand eliminate redundancy Li [8 9] proposes a class ofnegatively fractal dimensional Gaussian random functions toeliminate the useless data The properties of the generalizedCauchy distribution have been analyzed in his earlier paper[10] Cattani et al have built a low-complexity separablemathematical model and then they discuss the efficiency intheir paper [11] The noise in fingerprint can be suppressedonce its character is extracted

32 The Irreversible Function

321The ImprovedHash Function Here is an essential on thecollapse to SHA1 As long as step function (4) can be denotedby a formula containing message word119882[119895] the differentialcan always be eliminated gradually by modular differentialmethod In 2005 ProfessorWang et al [12] successfully founda local collision and consequently obtained the collision toSHA1 with less time complexity than the birthday attackThelocal collision in the second round iteration of SHA1 can beshown as follows

The step function of SHA1 in the second round is

119860119895+1= (119860

119895119877119874119879119871

5) + (119861

119895oplus 119862119895oplus 119863119895) + 119864119895+119882[119895] + 119870

2

(4)

119861119895+1= 119860119895 (5)

119862119895+1= 119861119895119877119874119879119871

30 (6)

119863119895+1= 119862119895 (7)

119864119895+1= 119863119895 (8)

Suppose there is no differential from the beginning to the(119895 minus 1)th step of the second round Then in the 119895th step ofthe second round a 1-bit differential is brought in The firstbit of the register 119860 changes from 0 to 1 (or 1 changes to0) According to formulae (4)ndash(8) it is obvious that thereis merely differential in register 119860 In registers 119861 119862 119863 and119864 there will only be the evaluation or circularly left-shiftcalculation which cannot create any differential Formula(4) contains the message word119882[119895] therefore119882[119895] can bedenoted by

119882[119895] = 119860119895+1minus (119860119895119877119874119879119871

5) minus (119861

119895oplus 119862119895oplus 119863119895) minus 119864119895minus 1198702

(9)

In this formula the differential in the right side can beinferred from the last chaining variables The attacker can


Table 2 An example of local collision

Step 119860 119861 119862 119863 119864 119882[119895]

119895 1119895 + 1 1 6119895 + 2 1 1119895 + 3 31 31119895 + 4 31 31119895 + 5 31 31119895 + 6

+

+

+ +

f

⋘30

⋘5

⋘17

A EDCB

A EDCB

KjW[j]

W[j]

Figure 5 The iteration of improved SHA1

modify the message word 119882[119895] to eliminate the differentialstep by step According to Table 2 the differential of step 119895can be eliminated gradually in step 119895 + 6

In Table 2 119882[119895] indicates the bits which the attackermodifies in119882[119895]

The security has been fiercely threatened by above-mentioned local collision and therefore the SHA1 algorithmshould be improved to resist this modular differential attackConsequently an anticollision SHA1 algorithm has beenproposed In this paper formula (4) has been changed into

119860119895+1= ((119860

119895+119882[119895]) 119877119874119879119871

5) + 119891119895(119861119895 119862119895 119863119895)

+ ((119864119895+119882[119895]) 119877119874119879119871

17) + 119870119895

(10)

Formulae (5)sim(8) remain unchanged In formula (10)since there are two message words in 119860

119895+1 it becomes very

difficult to denote 119882[119895] by a formula 17 (the circularlyleft-shift bit in formula (10)) is relatively prime to 5 30(the circularly left-shift bit in formulae (4) and (6)) and32 (the length of chaining variables) In this condition itbecomes more difficult to eliminate the modular differentialby modular differential attack The iteration of improvedSHA1 has been shown in Figure 5

322 The Construction of Minutiae Irreversible Transform-ing Function Suppose the minutiae set is 119909

119894 119910119894 120579119894 119894 =

1 2 119896 (119909119894 119910119894) and 120579

119894are the coordinate and orientation

of the 119894th real minutia respectively The value of minutiae

can be set into an appropriate range according to differentrequirements In this paper the value of 119909

119894 119910119894 120579119894is restricted

from 0 to 255 (let 119902 = 256)Let 119877 be a random number and let119872 be a times 119899matrix

In this paper the size of119872 has been defined as 3 times 3 Firstlycalculate ℎ = 119867(119877) where the hash function is the improvedSHA1 algorithm described in Section 321 The length of ℎis 160 bits Then create a three-dimensional array (119886 119887 119888)Define the lowest bit of ℎ as bit 1 and 119886 is a 24-bit variablecreated from the first 24 bits of ℎ The variables 119887 and 119888 arecreated from bits 25ndash48 and bits 49ndash72 of ℎ respectively

Afterwards execute the following transforming to everyminutia 119909

119894 119910119894 120579119894 119894 = 1 2 119896 as follows

(

119906119894

V119894

120593119894

) = [

[

119872(

119909119894

119910119894

120579119894

) + (

119886

119887

119888

)]

]

mod 119902 (11)

The transformed set 119906119894 V119894 120593119894 119894 = 1 2 119896 is

treated as the new real minutiae set Randomly choose119877 = 119894119904119888119887119906119901119905 119872 = [

1 2 1

1 2

1] (different parameters

can be chosen in other applications) and (119886 119887 119888)

can be obtained using the improved SHA1 Thenℎ = DFEC03870B9D479F7E56AD6A0CECE62724D8F984119886=1198638119865984

119887=11986462724

119888=61198600119862119864119862

Figures 6(b) and 6(d) are the contrary betweenthe original minutiae and transformed minutiae from thesame fingerprint image in Figure 6(a)

33The Fingerprint Encryption Algorithm 119899 positive integerswhich are relatively prime to each other are chosen inthe encryption processing During the decryption process-ing CRT is used to obtain the private key from the pairset (119886

119894 119891(119886119894)) Assuming that the transformed minutiae of

Section 32 are (119909 119910 120579) the combination of 119909 119910 120579 in series[119909 | 119910 | 120579] is defined as 119886

119894 whose length is 24 bits

331 The Private Key Combining Assume that the privatekey is 119870 Let 119898

1 1198982 119898

119899be 119899 positive integers which

are relatively prime to each other One has 1198720= 119898

1

1198982 119898

119899 119872119894= 1198720119898119894(1 le 119894 le 119899)

Define 119896119894= 119870 mod 119898

119894(119894 isin [1 119899]) (119896

119894 119898119894) is called

a recovering pair Take 119896119894as coefficients to obtain the

polynomial 119891(119909) = sum119899minus1119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot + 119896

119899minus1119909119899minus1

and use the pair (119886119894 119891(119886119894)) to form the real minutiae set 119862 =

(119886119894 119891(119886119894))119897

119894=1 119897 is the number of real minutiae

Choose the noise pair (119887119894 119888119894) andmake sure 119887

119894= 119886119894 119891(119887119894) =

119888119894 Then obtain the fake minutiae set 119875 = (119887

119894 119888119894)119905

119894=119897+1 119905 is the

sumof fakeminutiae and realminutiaeThen define the vaultset as 119881 = 119862 cup 119875 = 119883

119894 119884119894119905

119894=1

332 Private Key Recovering Compare the fingerprintminu-tiae after being transformed in Section 32 with minutiae invault 119881 If there are coincident minutiae between these twosets then these minutiae should be put into the unlocking set119880 If there are over 119899minutiae in119880 the legal user can rebuildthe polynomial 1198911015840(119909) = sum119899minus1

119895=01198961015840

119895119909119895= 1198961015840

0+ 1198961015840

1119909+ sdot sdot sdot + 119896

1015840

119899minus1119909119899minus1

and then use CRT to recover 119870 through the recovering pair(1198961015840

119894 119898119894)


(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)(b)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(c)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(d)

Figure 6 The original fingerprint image and its minutiae (a) The original fingerprint image (b) The minutiae of the original minutiae (c)The minutiae after transforming (d) The combination of two templates

4 Experimental Analyses

This chapter has discussed the efficiency and the securityof irreversible transforming and the security of fingerprintencryption algorithm

41 The Efficiency Analysis of Improved SHA1 In theimproved SHA1 the complexity has been slightly increasedbecause of the extra circularly left-shift and additional cal-culation In a computer with Intel (R) Pentium (R) D CPU30GHz and RAM 512M the hash value is calculated forthe same character string ldquoiscbuptrdquo with two different hashfunctions The running time of improved SHA1 and originalSHA1 has been shown in Figure 7(a)

The running time is different when we use differentinputs According to Figure 7(b) the running time of SHA1increases linearly when the file size is increased Comparingto the original SHA1 the running time of improved SHA1 hasbeen increased by nearly 8

42 Security Analysis of Irreversible Transforming Reference[13] indicates that properties of irreversible transforming arerequired as follows

(1) Irreversibility if the attacker has no idea of the trans-forming function and the parameters he cannot recover theoriginal fingerprint vault from the transformed fingerprintvault The differential in the original SHA1 can be transferredto the highest bit and then be eliminated in some certainsteps Therefore a collision is found Relatively step function(9) in improved SHA1 has two message words119882[119895] Accord-ing to Table 4 there are two different circularly left-shiftcalculations which makes it difficult to move the differentialto the highest bit and therefore eliminate the differentialEven if the attacker can eliminate 1-bit differential it willcreate a 2-bit new differential If the differential has not beeneliminated in time the formula containing119882[119895]will becomemore complex and make the attacker even harder to find acollision (Table 3)

In this paper Blank1= 32 30 10 8 26 6 Blank

2= 17

15 27 25 11 23In addition since the irreversible function contains mod-

ule calculation the data has been transformed from thedomain (0 sim 2

24) to a smaller domain (0 sim 256) This

reflection froma domain to a smaller domain can increase theuncertainty It seems that the irreversible function proposedby this paper has great irreversibility The security proof hasbeen shown as follows


1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500

Size of the message file (M)

(b)

Figure 7 (a) The comparison between improved SHA1 and original SHA1 (b) The efficiency of improved SHA1 and original SHA1

Table 3

ℎ (160 bits)160 sdot sdot sdot 73 72 sdot sdot sdot 49 48 sdot sdot sdot 25 24 sdot sdot sdot 2 1

119888 (24 bits) 119887 (24 bits) 119886 (24 bits)

According to Section 22 the most important property ofa hash function is anti-strong collision In other words if thehash function possesses the property of anti-strong collisionit also possesses the property of irreversibility

Let 120594 = 119903radic119898 119904 = (119886 119887 119888)119879 and 119901 ge 4radic11989811989615120594 1198721015840 isin119885119896times119898

119901is a random matrix with the size of 119896 times 119898 and 119872 =

1205821198721015840isin 119885119896times119898

119902(120582 = 119902119901) If there is an algorithmwhich can find

two different vectors V1 V2isin 0 1 119902 minus 1

119898 which make119872V1+ 119904 = 119872V

2+ 119904 (mod 119902) then there must be an algorithm

which can solve all cases in 11986611986011987511987811988111987514120587radic119896120594

These two different vectors V

1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod

119902) The definition of matrix1198721015840 isin 119885119896times119898119901

can be described as

1205821198721015840(V1minus V2) = 0 mod 120582119901 997904rArr exist119905 isin 119885

119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)

Let 119911 = V1minus V2 119911 le 120594 120594 = 119903radic119898 Since 1198721015840 isin 119885119896times119898

119901

is random and the coordinate of 119911 is between minus(119902 minus 1) +(119902 minus1) 119911 is a solution to 119878119868119878

119901119898120594 According to Section 24 this

solution can solve all cases in11986611986011987511987811988111987514120587radic119896120594

However thereis no such algorithm at present and the irreversible functionproposed by this paper is antistrong collision(2) Local smoothness in order to decrease the FRR the

transformation should guarantee that a small change in theoriginal fingerprint image will also cause a small change in

the transformed fingerprint image Fingerprint recognition isa fuzzy technique Due to the influence from moving sweatdifferent finger pressure orientation difference and noiseand so forth there are different for the extracting results inevery two different experiments from the same fingerprintHowever as cryptology is an accurate technique a tiny errorcan lead to the failure of decryption How to combine theaccuracy of cryptology with the fuzzy property of fingerprintrecognition becomes more and more important A relativelysmall threshold is requiredThe twominutiae can bematchedif the difference between the registered minutiae and theauthentication minutiae is smaller than this threshold Thismatching method is called the tolerance box matching algo-rithm

The value of119872 is fatal to the local smoothness propertyLet the maximum element of 119872 be max (119898

119894119895) = 119903 Figures

8(a) and 8(b) show the comparison among the four finger-print templates from three different authentication exper-iments (there will be difference among the authenticationprocessing) and the registered fingerprint template whentheir 119903 have different values Figures 8(b) and 8(d) showthe distance between minutiae and the orientation differ-ence from transformed and original templates According toFigure 8 if 119903 = 2 the three fingerprint templates transformedfrom the same fingerprint in three different experiments arealmost coincident with each other The distance betweenminutiae of these three templates and the registered templateis less than 8 pixels and the orientation difference is lessthan 5∘ If 119903 = 4 the distance between minutiae of thesethree templates and the registered template is less than 14


Table 4 Local collision against improved SHA1

Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)

Figure 8The comparison of four fingerprint templates in three different authentication experiments using different 119903 (a)Three transformedtemplates with the same fingerprint when 119903 = 2 (b) Three transformed templates with the same fingerprint when 119903 = 4 (c) The distancebetween transformed and original templates (d) The orientation difference between transformed and original templates

pixels and the orientation difference is less than 9∘ Accordingto Table 5 with the increasing of 119903 the distance betweenminutiae and the orientation difference will be increasedlinearly Let 119903 le 2 then the average distance of minutiaebetween two templates is no more than 54 pixels which isless than the boxmatcher threshold (8 pixels)This can ensurethat the legal user can pass the authentication processingusing the tolerance box matching algorithm

(3) Transformation the transformed minutiae must beoutside the matcher tolerance box and cannot be matchedwith the original minutiae According to Figures 6(d) and9 the transformed minutiae are totally different from theoriginal ones The distance is far farther than 8 pixels And itis hard to find the relativity of these two templatesThereforethe irreversible function proposed by this paper can satisfythis principle


Table 5 The minutiae difference among many experiments afterbeing transformed

119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5

The average distance betweenminutiae (pixel) 35 54 76 95 119

The average orientationdifference between minutiae(degree)

16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250

Sequence number of minutiae

Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)

Figure 9 Distance between transformed and original minutiae

(4)Distinctiveness it cannot bematched to each other forthe different transformed templates from the same originalfingerprint template applied in different systems Otherwisethe systemwill suffer frommultiple templates attack Accord-ing to Figures 10 and 11 if the samematrix119872 and yet differentrandom number 119877 have been used in the transformation thecoordinate of fingerprint minutiae transformed fingerprinttemplates has great distinctiveness characteristic Howeverthe orientation still has certain relativity When differentmatrix 119872 and different random number 119877 have been usednot only the coordinate but also the orientation informationwill have great distinctiveness property

To sum up even if the attackers have obtained the rightldquominutiaerdquo from the transformed fingerprint template theycannot use the transformed minutiae to recover the originalfingerprint template since the system has the distinctive-ness and irreversibility properties After transformation thefingerprint minutiae are no longer related to the originalminutiae and the system can resist the multiple templatesattack In addition the fingerprint templates are cancelablewhen the system is under attack A new template can berebuilt through creating new parameters (random number 119877and matrix119872)

43 Security Analysis of Encryption Algorithm The inter-national standard fingerprint database FVC2002 has beenchosen to verify the efficiency of the scheme proposed inthis paper The fingerprint images have been put in the sameorientation before the experiment in order to decrease theinfluence from the image moving and other noises This

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

Figure 10 The comparison between 2 transformed templates withthe same119872 and different 119877

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

Figure 11 The comparison between 2 transformed templates withdifferent119872 and different 119877

section mainly focuses on discussing the performance of thetransformed function

Choose the parameter 119899 = 20 119897 = 8 The maximumpower 119899 in polynomial 119891(119909) = sum119899minus1

119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +

119896119899minus1119909119899minus1 is decided by the length of the private key 119870 if the

length of 119870 is fixed and the matching number of minutiaeis determined too Users have to use the recovering pair toobtain 119870 An illegal user does not know 119898

119894(119894 = 1 2 119899)

In order to obtain119870 he has to use the exhaustivemethod Onthe other hand it is impossible to find the real minutiae in thefingerprint vault through the exhaustivemethodThenumberof noise points is ten times than the real minutiae (200 20)in this experimentThe probability that the private key can berecovered from the exhaustive method is 1198629

201198629

220= 705 times

10minus9 In order to obtain the private119870 the user has to unlock

the fingerprint vault through providing the legal fingerprintThe comparison between [6] and this paper is listed

in Table 6 The database of both [6] and this paper is thefingerprints in FVC2002 DB2

According to Table 6 this paper costs less time duringverifying process Its security is based on the well-known119866119860119875119878119881119875

14120587radic119896120594problem At present there is no effective


Table 6 The comparison between [6] and this paper

Time ofverification

The securityhypothesis

119899 = 7 119899 = 9 119899 = 11

GAR FAR GAR FAR GAR FAR[6] 42ms SHA256 9650 030 9357 010 9005 0This paper 20ms 119866119860119875119878119881119875

14120587radic1198961205949588 014 9335 002 8961 0

algorithm to solve this problem The GAR (genuine acceptrate) of this paper is close to [6] and the FAR is much betterthan [6] With the increasing of 119899 it becomes harder to getsuccessful authentication In this case both GAR and FARwill decrease simultaneously

5 Conclusions

In this paper an irreversible function has been proposedto protect the original fingerprint template and the CRT isused for combining the private key with the transformedfingerprint vault Even if the system is under attack theirreversible function can also guarantee the security of theoriginal fingerprint after the transformed fingerprint vaultwas filched The security analysis shows that the finger-print encryption system proposed by this paper has betterefficiency and security and the complexity is only slightlyincreased

Conflict of Interests

The authors declare that there is no conflict of interestsregarding the publication of this paper

Acknowledgments

This work was supported by the National Nature ScienceFoundation of China under Grants 61171072 61170283 and61001058 National High-Technology Research and Devel-opment Program (ldquo863rdquo Program) of China under Grant2013AA01A212 Ministry of Education in the New CenturyExcellent Talents Support Program under Grant NCET-12-0649 and Shenzhen Technology Plan under GrantsJCYJ20120613102750045 and JCYJ20120615100614529

References

[1] A Juels and M Sudan ldquoA fuzzy vault schemerdquo in Proceedingsof the IEEE International Symposium on Information Theory p408 July 2002

[2] T C Clancy N Kiyavash and D J Lin ldquoSecure smartcard-based fingerprint authenticationrdquo in Proceedings of the ACMSIGMM Workshop on Biometrics Methods and Applications(WBMA rsquo03) pp 45ndash52 New York NY USA 2003

[3] U Uludag and A Jain ldquoSecuring fingerprint template fuzzyvault with helper datardquo in Proceedings of the Conference onComputer Vision and Pattern Recognition Workshops (CVPRWrsquo06) pp 163ndash169 Washington DC USA June 2006

[4] K Nandakumar A K Jain and S Pankanti ldquoFingerprint-based fuzzy vault implementation and performancerdquo IEEETransactions on Information Forensics and Security vol 2 no4 pp 744ndash757 2007

[5] Q Caixia and Y Lin ldquoEncrypted fuzzy vault based on pass-wordrdquo Bulletin of Science and Technology vol 27 no 2 pp 282ndash287 2011

[6] R Zhang E Liu H Zhao and L Pang ldquoImproved cancelablefingerprint fuzzy vault systemrdquo Journal of Xidian University vol38 no 4 pp 173ndash180 2011

[7] C Cattani and G Pierro ldquoOn the fractal geometry of DNA bythe binary image analysisrdquoBulletin ofMathematical Biology vol75 no 9 pp 1544ndash1570 2013

[8] M Li ldquoA class of negatively fractal dimensional Gaussianrandom functionsrdquoMathematical Problems in Engineering vol2011 Article ID 291028 18 pages 2011

[9] M Li ldquoPower spectrum of generalized fractional Gaussiannoiserdquo Advances in Mathematical Physics vol 2013 Article ID315979 3 pages 2013

[10] M Li and S C Lim ldquoPower spectrum of generalized Cauchyprocessrdquo Telecommunication Systems vol 43 no 3-4 pp 219ndash222 2010

[11] C Cattani A Ciancio and B Lods ldquoOn a mathematical modelof immune competitionrdquo Applied Mathematics Letters vol 19no 7 pp 678ndash683 2006

[12] X Wang Y L Yin and H Yu ldquoFinding collisions in the fullSHA-1rdquo in Advances in CryptologymdashCRYPTO 2005 vol 3621 ofLecture Notes in Computer Science pp 17ndash36 Springer BerlinGermany 2005

[13] N K Ratha S Chikkerur J H Connell and R M Bolle ldquoGen-erating cancelable fingerprint templatesrdquo IEEE Transactions onPattern Analysis andMachine Intelligence vol 29 no 4 pp 561ndash572 2007

Submit your manuscripts athttpwwwhindawicom

Stem CellsInternational

Hindawi Publishing Corporationhttpwwwhindawicom Volume 2014


MEDIATORSINFLAMMATION

of


Behavioural Neurology

EndocrinologyInternational Journal of



Disease Markers


BioMed Research International

OncologyJournal of



Oxidative Medicine and Cellular Longevity


PPAR Research

The Scientific World JournalHindawi Publishing Corporation httpwwwhindawicom Volume 2014

Immunology ResearchHindawi Publishing Corporationhttpwwwhindawicom Volume 2014

Journal of

ObesityJournal of



Computational and Mathematical Methods in Medicine

OphthalmologyJournal of


Diabetes ResearchJournal of



Research and TreatmentAIDS


Gastroenterology Research and Practice


Parkinsonrsquos Disease

Evidence-Based Complementary and Alternative Medicine

Volume 2014Hindawi Publishing Corporationhttpwwwhindawicom


(false reject rate) and FAR (false accept rate) the timecomplexity is increased in all above-mentioned Fuzzy Vaultscheme based on password

This paper is organized as follows Firstly the minutiaeare extracted from the thinned fingerprint image In orderto weaken the influence from noises a threshold is set toremove the fake minutiae Secondly an irreversible functionis designed to protect the security of fingerprint At lastthe Chinese remainder theorem (CRT) is used for both theprivate key binding and the private key recovering Then thecancelable fingerprint vault is encrypted in order to guaranteethe security of private key and fingerprint vault in storage

2 Preliminary

21 Fuzzy Vault The Fuzzy Vault algorithm can be dividedinto two steps Figures 1 and 2 show the encryption processingand decryption processing of Fuzzy Vault respectively

Encryption 119878 is the private key It is encrypted by user 1 withvault 119860 (short for fingerprint vault 119860) Firstly 119878 is dividedinto 119899 average parts each part becomes a coefficient of thepolynomial Use that polynomial to calculate119875(119860) and obtainthe pair set (119860 119875(119860))Then a large amount of random noisesare created (the number of noises is 10 times larger than thereal minutiae) the real minutiae and noises are mixed up tocompose vault 119860

Decryption In order to obtain the private key that user 1 hidesin vault 119860 user 2 has to guarantee that set 119861 used to unlockvault 119860 has enough superposition with vault 119860 Otherwise itis quite difficult to rebuild the polynomial 119875 Finally the RScode is used for decreasing the noise

22TheHash Function Thehash function has been deployedas an important component in information security andcryptography It takes a message 119872 less than 264 bits andproduces a hash value with fixed length It can be defined asfollows

119867 119872 997888rarr ℎ (1)

A good hash function should be irreversible and anticol-lision

If a hash function is anti-strong collision it is alsoirreversible Assume that ℎ is a hash function and Λ is theoracle which can obtain 119909 when the input 119910 = ℎ(119909) isgiven In other words this oracle can break the property ofirreversibility and can obtain another 119909

0to the same input

where 119910 = ℎ(1199090) Since the input of hash function is random

a strong collision of ℎ is found when 119909 = 1199090

There are some common hash functions such as MDRIPEMD and SHA The SHA1 algorithm has been designedby NIST in 1995 It has been applied widely The following isthe process of SHA1

Step 1 The input message should be padded and thenprocessed in 512-bit blocks Each block is divided into 16parts of 32-bit length and finally obtain 80 message words119882[119895] (0 le 119895 le 79)

Step 2 Initialize the five 32-bit registers 119860 119861 119862 119863 and 119864 asthe temporary memorizer of the 160-bit output

Step 3 There are 80 iterations in 4 rounds where each roundhas 20 iterationsThe iteration of the 119895th step in the 119894th roundcan be described as

119860119895+1= (119860

119895119877119874119879119871

5) + 119891119894(119861119895 119862119895 119863119895) + 119864119895+119882[119895] + 119870

119894

119861119895+1= 119860119895

119862119895+1= 119861119895119877119874119879119871

30

119863119895+1= 119862119895

119864119895+1= 119863119895

(2)

119877119874119879119871119908 denotes a left bit rotation by 119908 places 119882[119895] is the

expanded message word of round 119895 and 119870119894is the round

constant of round 119894 119891119894(119861119895 119862119895 119863119895) is a nonlinear function

which is different in 4 rounds

Step 4 The 160-bit output of the last block becomes the inputof the next block After processing the last block the registers119860 119861 119862119863 and 119864 add their original value respectively Thenthe 160-bit chaining variable is the final outcome of SHA1

23 The Small Integer Solution Problem 119878119868119878119901119898120594

Let 119896 be thesecurity parameter Define an integer 119901 a matrix 119865 isin 119885

119896

119901

and a real number 120594 The solution of this problem is to finda nonzero integral vector 119911 isin 119885119898 (119911 le 120594) which makes119865 times 119911 = 0 mod 119901

24 The 11986611986011987511987811988111987514120587radic119896120594

Problem Let 119896 be the security para-meter The input of 119866119860119875119878119881119875

14120587radic119896120594is a 119896-dimension lattice

with the basis of 119861 If 120582(119861) le 119889 the output is ldquoYESrdquo If 120582(119861) gt120574 times 119889 120574 gt 1 the output is ldquoNOrdquo

To any random polynomial function 120594(119896) 119898(119896) 119901(119896) =119896119874(1) if 119901 ge 4radic119898119896

15120594 and 120574 = 14120587radic119896120594 the security of

119866119860119875119878119881119875120574is equivalent to the difficulty of 119878119868119878

119901119898120594

25 CRT CRT is one of the famous theorems in mathemat-ics It can be described as follows Let 119872 = 119898

1times 1198982times

sdot sdot sdottimes119898119896These 119896 positive integers119898

1 1198982 119898

119896are relatively

prime to each other For any big integer 119883 mod 119898119894=

119886119894(119894 = 1 2 119896) it can be calculated as 119883 = (sum

119896

119894=1

(119872119898119896)119890119896119886119896) mod119872 where (119872119898

119894)119890119894= 1 mod 119898

119894

3 The Proposed Irreversible FingerprintEncryption Scheme

In order to resist the multiple templates attack a cancelableFuzzy Vault scheme based on irreversible function hasbeen proposed in this section Firstly the real minutiae areextracted from the registered fingerprint image and thenan irreversible function using different parameters has beendesigned An improved SHA1 function has been proposed totransform the original minutiae In the following section the



01001101 0100110110

CRCconstruction

Template

Chaff(generation +

List


minutiae(T)


C)


Query





YesNo

01001101

CRC ok

minutiae(Q)

Vault(V)

Extract S






P1 P2 P3

P4

P5P6P7

P8 P








Burr

Conjoint lines

Short line

Hole

Gap


Define

119879sum (119875) =8

sum

119894=1

119875119894

119879sub (119875) =8

sum

119894=1

1003816100381610038161003816119875119894+1 minus 1198751198941003816100381610038161003816 (1198759 = 1198751)

(3)













119860119895+1= (119860

119895119877119874119879119871

5) + (119861

119895oplus 119862119895oplus 119863119895) + 119864119895+119882[119895] + 119870

2

(4)

119861119895+1= 119860119895 (5)

119862119895+1= 119861119895119877119874119879119871

30 (6)

119863119895+1= 119862119895 (7)

119864119895+1= 119863119895 (8)


119882[119895] = 119860119895+1minus (119860119895119877119874119879119871

5) minus (119861


(9)




Step 119860 119861 119862 119863 119864 119882[119895]

119895 1119895 + 1 1 6119895 + 2 1 1119895 + 3 31 31119895 + 4 31 31119895 + 5 31 31119895 + 6

+

+

+ +

f

⋘30

⋘5

⋘17

A EDCB

A EDCB

KjW[j]

W[j]





119860119895+1= ((119860

119895+119882[119895]) 119877119874119879119871

5) + 119891119895(119861119895 119862119895 119863119895)

+ ((119864119895+119882[119895]) 119877119874119879119871

17) + 119870119895

(10)





119894 119910119894 120579119894 119894 =

1 2 119896 (119909119894 119910119894) and 120579




119894 119910119894 120579119894is restricted




119894 119910119894 120579119894 119894 = 1 2 119896 as follows

(

119906119894

V119894

120593119894

) = [

[

119872(

119909119894

119910119894

120579119894

) + (

119886

119887

119888

)]

]

mod 119902 (11)



1 2 1

1 2




119887=11986462724

119888=61198600119862119864119862







1 1198982 119898



1

1198982 119898

119899 119872119894= 1198720119898119894(1 le 119894 le 119899)

Define 119896119894= 119870 mod 119898

119894(119894 isin [1 119899]) (119896

119894 119898119894) is called



119899minus1119909119899minus1


(119886119894 119891(119886119894))119897



119894= 119886119894 119891(119887119894) =


119894 119888119894)119905

119894=119897+1 119905 is the


119894 119884119894119905

119894=1


119895=01198961015840

119895119909119895= 1198961015840

0+ 1198961015840

1119909+ sdot sdot sdot + 119896

1015840

119899minus1119909119899minus1


119894 119898119894)


(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)(b)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(c)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(d)









2= 17






1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500


(b)


Table 3


119888 (24 bits) 119887 (24 bits) 119886 (24 bits)




1205821198721015840isin 119885119896times119898



119898 which make119872V1+ 119904 = 119872V




1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod


can be described as


119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)


119901








119894119895) = 119903 Figures




Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of


















01001101 0100110110

CRCconstruction

Template

Chaff(generation +

List


minutiae(T)


C)


Query





YesNo

01001101

CRC ok

minutiae(Q)

Vault(V)

Extract S






P1 P2 P3

P4

P5P6P7

P8 P








Burr

Conjoint lines

Short line

Hole

Gap


Define

119879sum (119875) =8

sum

119894=1

119875119894

119879sub (119875) =8

sum

119894=1

1003816100381610038161003816119875119894+1 minus 1198751198941003816100381610038161003816 (1198759 = 1198751)

(3)













119860119895+1= (119860

119895119877119874119879119871

5) + (119861

119895oplus 119862119895oplus 119863119895) + 119864119895+119882[119895] + 119870

2

(4)

119861119895+1= 119860119895 (5)

119862119895+1= 119861119895119877119874119879119871

30 (6)

119863119895+1= 119862119895 (7)

119864119895+1= 119863119895 (8)


119882[119895] = 119860119895+1minus (119860119895119877119874119879119871

5) minus (119861


(9)




Step 119860 119861 119862 119863 119864 119882[119895]

119895 1119895 + 1 1 6119895 + 2 1 1119895 + 3 31 31119895 + 4 31 31119895 + 5 31 31119895 + 6

+

+

+ +

f

⋘30

⋘5

⋘17

A EDCB

A EDCB

KjW[j]

W[j]





119860119895+1= ((119860

119895+119882[119895]) 119877119874119879119871

5) + 119891119895(119861119895 119862119895 119863119895)

+ ((119864119895+119882[119895]) 119877119874119879119871

17) + 119870119895

(10)





119894 119910119894 120579119894 119894 =

1 2 119896 (119909119894 119910119894) and 120579




119894 119910119894 120579119894is restricted




119894 119910119894 120579119894 119894 = 1 2 119896 as follows

(

119906119894

V119894

120593119894

) = [

[

119872(

119909119894

119910119894

120579119894

) + (

119886

119887

119888

)]

]

mod 119902 (11)



1 2 1

1 2




119887=11986462724

119888=61198600119862119864119862







1 1198982 119898



1

1198982 119898

119899 119872119894= 1198720119898119894(1 le 119894 le 119899)

Define 119896119894= 119870 mod 119898

119894(119894 isin [1 119899]) (119896

119894 119898119894) is called



119899minus1119909119899minus1


(119886119894 119891(119886119894))119897



119894= 119886119894 119891(119887119894) =


119894 119888119894)119905

119894=119897+1 119905 is the


119894 119884119894119905

119894=1


119895=01198961015840

119895119909119895= 1198961015840

0+ 1198961015840

1119909+ sdot sdot sdot + 119896

1015840

119899minus1119909119899minus1


119894 119898119894)


(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)(b)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(c)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(d)









2= 17






1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500


(b)


Table 3


119888 (24 bits) 119887 (24 bits) 119886 (24 bits)




1205821198721015840isin 119885119896times119898



119898 which make119872V1+ 119904 = 119872V




1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod


can be described as


119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)


119901








119894119895) = 119903 Figures




Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of



















Burr

Conjoint lines

Short line

Hole

Gap


Define

119879sum (119875) =8

sum

119894=1

119875119894

119879sub (119875) =8

sum

119894=1

1003816100381610038161003816119875119894+1 minus 1198751198941003816100381610038161003816 (1198759 = 1198751)

(3)













119860119895+1= (119860

119895119877119874119879119871

5) + (119861

119895oplus 119862119895oplus 119863119895) + 119864119895+119882[119895] + 119870

2

(4)

119861119895+1= 119860119895 (5)

119862119895+1= 119861119895119877119874119879119871

30 (6)

119863119895+1= 119862119895 (7)

119864119895+1= 119863119895 (8)


119882[119895] = 119860119895+1minus (119860119895119877119874119879119871

5) minus (119861


(9)




Step 119860 119861 119862 119863 119864 119882[119895]

119895 1119895 + 1 1 6119895 + 2 1 1119895 + 3 31 31119895 + 4 31 31119895 + 5 31 31119895 + 6

+

+

+ +

f

⋘30

⋘5

⋘17

A EDCB

A EDCB

KjW[j]

W[j]





119860119895+1= ((119860

119895+119882[119895]) 119877119874119879119871

5) + 119891119895(119861119895 119862119895 119863119895)

+ ((119864119895+119882[119895]) 119877119874119879119871

17) + 119870119895

(10)





119894 119910119894 120579119894 119894 =

1 2 119896 (119909119894 119910119894) and 120579




119894 119910119894 120579119894is restricted




119894 119910119894 120579119894 119894 = 1 2 119896 as follows

(

119906119894

V119894

120593119894

) = [

[

119872(

119909119894

119910119894

120579119894

) + (

119886

119887

119888

)]

]

mod 119902 (11)



1 2 1

1 2




119887=11986462724

119888=61198600119862119864119862







1 1198982 119898



1

1198982 119898

119899 119872119894= 1198720119898119894(1 le 119894 le 119899)

Define 119896119894= 119870 mod 119898

119894(119894 isin [1 119899]) (119896

119894 119898119894) is called



119899minus1119909119899minus1


(119886119894 119891(119886119894))119897



119894= 119886119894 119891(119887119894) =


119894 119888119894)119905

119894=119897+1 119905 is the


119894 119884119894119905

119894=1


119895=01198961015840

119895119909119895= 1198961015840

0+ 1198961015840

1119909+ sdot sdot sdot + 119896

1015840

119899minus1119909119899minus1


119894 119898119894)


(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)(b)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(c)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(d)









2= 17






1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500


(b)


Table 3


119888 (24 bits) 119887 (24 bits) 119886 (24 bits)




1205821198721015840isin 119885119896times119898



119898 which make119872V1+ 119904 = 119872V




1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod


can be described as


119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)


119901








119894119895) = 119903 Figures




Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of


















Step 119860 119861 119862 119863 119864 119882[119895]

119895 1119895 + 1 1 6119895 + 2 1 1119895 + 3 31 31119895 + 4 31 31119895 + 5 31 31119895 + 6

+

+

+ +

f

⋘30

⋘5

⋘17

A EDCB

A EDCB

KjW[j]

W[j]





119860119895+1= ((119860

119895+119882[119895]) 119877119874119879119871

5) + 119891119895(119861119895 119862119895 119863119895)

+ ((119864119895+119882[119895]) 119877119874119879119871

17) + 119870119895

(10)





119894 119910119894 120579119894 119894 =

1 2 119896 (119909119894 119910119894) and 120579




119894 119910119894 120579119894is restricted




119894 119910119894 120579119894 119894 = 1 2 119896 as follows

(

119906119894

V119894

120593119894

) = [

[

119872(

119909119894

119910119894

120579119894

) + (

119886

119887

119888

)]

]

mod 119902 (11)



1 2 1

1 2




119887=11986462724

119888=61198600119862119864119862







1 1198982 119898



1

1198982 119898

119899 119872119894= 1198720119898119894(1 le 119894 le 119899)

Define 119896119894= 119870 mod 119898

119894(119894 isin [1 119899]) (119896

119894 119898119894) is called



119899minus1119909119899minus1


(119886119894 119891(119886119894))119897



119894= 119886119894 119891(119887119894) =


119894 119888119894)119905

119894=119897+1 119905 is the


119894 119884119894119905

119894=1


119895=01198961015840

119895119909119895= 1198961015840

0+ 1198961015840

1119909+ sdot sdot sdot + 119896

1015840

119899minus1119909119899minus1


119894 119898119894)


(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)(b)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(c)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(d)









2= 17






1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500


(b)


Table 3


119888 (24 bits) 119887 (24 bits) 119886 (24 bits)




1205821198721015840isin 119885119896times119898



119898 which make119872V1+ 119904 = 119872V




1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod


can be described as


119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)


119901








119894119895) = 119903 Figures




Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of

















(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)(b)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(c)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(d)









2= 17






1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500


(b)


Table 3


119888 (24 bits) 119887 (24 bits) 119886 (24 bits)




1205821198721015840isin 119885119896times119898



119898 which make119872V1+ 119904 = 119872V




1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod


can be described as


119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)


119901








119894119895) = 119903 Figures




Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of

















1 2 3 4 5 6 7 8 9 10

times10minus3

Sequence number

Runn

ing

time (

ms)

Improved SHA1

Original SHA1

8

82

84

86

88

9

92

94

96

98

10

(a)

Improved SHA1

Original SHA1

Runn

ing

time (

ms)

0 5 10 15 20 25 30 350

500

1000

1500


(b)


Table 3


119888 (24 bits) 119887 (24 bits) 119886 (24 bits)




1205821198721015840isin 119885119896times119898



119898 which make119872V1+ 119904 = 119872V




1 V2isin 0 1 119902 minus 1

119898

make119872V1+119904 = 119872V

2+119904 (mod 119902)Then119872(V

1minusV2) = 0 (mod


can be described as


119896

1205821198721015840(V1minus V2) = 120582119905119901

997904rArr 1198721015840(V1minus V2) = 0 mod 119901

(12)


119901








119894119895) = 119903 Figures




Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of


















Step A B C D E 119882[119895]

119895 28119895 + 1 1 13 1 13

119895 + 2 18 30 1 13 18 30 28 8

119895 + 3 3 15 13 25 18 30 31 11 3 15 26 6

119895 + 4 20 32 11 23 3 15 13 25 16 28 31 11 Blank1119895 + 5 Blank2 20 32 11 23 1 13 11 23 16 28 31 11

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(a)

0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)

(b)

1 2 3 4 5 6 7 8 9 100

2

4

6

8

10

12

14

16

18

Sequence number

Dist

ance

bet

wee

n m

inut

iae (

pixe

l)

r = 1

r = 2

r = 3

r = 4r = 5

(c)

The o

rient

atio

n di

ffere

nce (

deg)

1 2 3 4 5 6 7 8 9 10

Sequence number

r = 1

r = 2

r = 3

r = 4r = 5

12

10

8

6

4

2

0

(d)






119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of


















119903 = 1 119903 = 2 119903 = 3 119903 = 4 119903 = 5



16 25 53 47 58

0 5 10 15 20 25 30 350

50

100

150

200

250


Dist

ance

bet

wee

n or

igin

alan

d tr

ansfo

rmed

min

utia

e (pi

xel)





0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)


0 50 100 150 200 2500

50

100

150

200

250

x (pixel)

y(p

ixel

)




119895=0119896119895119909119895= 1198960+ 1198961119909 + sdot sdot sdot +



119894(119894 = 1 2 119899)


201198629

220= 705 times








Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of


















Time ofverification


119899 = 7 119899 = 9 119899 = 11


14120587radic1198961205949588 014 9335 002 8961 0


5 Conclusions




Acknowledgments


References



















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of





















of






Disease Markers



OncologyJournal of





PPAR Research



Journal of

ObesityJournal of
















research article a fingerprint encryption scheme based on

Documents