Figure 3 - available via license: Creative Commons Attribution 4.0 International
Content may be subject to copyright.
Source publication
The numerical world is under a fast development generating facilities and threats. The recommended solu-tions are especially the protection of information in all its states. The levels of protection show a discrepancy from an application to another; governmental, commercial or even cybercriminal. The infrastructure used in modern cryptography is ba...
Context in source publication
Context 1
... this second phase, the user's smart card will receive the essential data that is the encrypted private key. The process of the private key encryption follows the scheme represented in Figure 3. In this figure one notices that the first 512 bits of the template T have been used like encryption ...
Similar publications
![Figure. 8. Cross sectional profiles of veins [10]](profile/S-Mahaboob-Hussain/publication/283459603/figure/fig2/AS:695010106294272@1542714730049/Cross-sectional-profiles-of-veins-10_Q320.jpg)
In our day to day life, many new technologies are introduced to provide the security of the data and identity. Now a day’s recognizing humans by their identity and protecting information security is a social key problem to be solved. However, identity security plays a crucial role for an accurate authentication purposes. Biometric technologies such...
The role of substitution boxes is very important in block ciphers. Substitution boxes are utilized to create confusion in the cryptosystem. However, to create both confusion and diffusion in any cryptosystem p-boxes and chaos base substitution boxes are designed. In this work, a simple method is presented that serves both ways. This method is based...
Citations
... The first approach is very easy to implement and might offer better security then classic tokens, because the user doesn't need to remember a password. Various biometrics are used to accomplish this task such as: fingerprints [34], iris [35], two distinct fingerprints [36]. ...
Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing two or more biometrics would be very hard. This notion, of increased security of multi-modal biometric systems, was disproved for authentication and matching, studies showing that not only multi-modal biometric systems are not more secure, but they introduce additional vulnerabilities. This paper is a study on the implications of spoofing biometric data for retrieving the derived key. We demonstrate that spoofed biometrics can yield the same key, which in turn will lead an attacker to obtain the private key. A practical implementation is proposed using fingerprint and iris as biometrics and the fuzzy extractor for biometric key extraction. Our experiments show what happens when the biometric data is spoofed for both uni-modal systems and multi-modal. In case of multi-modal system tests were performed when spoofing one biometric or both. We provide detailed analysis of every scenario in regard to successful tests and overall key entropy. Our paper defines a biometric PKI scenario and an in depth security analysis for it. The analysis can be viewed as a blueprint for implementations of future similar systems, because it highlights the main security vulnerabilities for bioPKI. The analysis is not constrained to the biometric part of the system, but covers CA security, sensor security, communication interception, RSA encryption vulnerabilities regarding key entropy, and much more.
... Many research is done for the effective usage of biometrics in cryptography. In [7] a complete system is proposed for encrypt and secure the private key of any public key infrastructure is given. Flexible ICA algorithm is used for extracting features from IRIS and Hamming distance is used for matching. ...
The AES algorithm is most widely used algorithm for various security based applications. Security of the AES algorithm can be increased by using biometric for generating a key. To further increase the security, in this paper a 128 bit blended key is generated from IRIS and arbitrary key. An IRIS based 128 bit key is generated from IRIS features. Generated key is concealed using arbitrary key to form a blended key using Fuzzy Commitment scheme. Brute force attack is widely used against the encrypted data. This attack searches the entire key space. If the key is more random , then chances for getting attack is less. In this paper Generated key randomness is verified and compared with biometric key randomness. Blended key is 10% more random than IRIS based biometric key.
Biometric recognition refers to an automated identification of individuals based on a feature vector(s) extracted from their physiological or behavioral trait. A multimodal biometric authentication system can be taken as a traditional information fusion so that we can improve the overall decision accuracy for the system. Those biometric authentication system that use more than one physiological trait for enrolment or identification in applications such as entry/exit on the border, ATM or access control, multi-modal biometric systems are looked reducing false acceptance and false rejection rates, presenting an ancillary means of enrolment, and identification if adequate data cannot be obtained from a given biometric specimen and disputing attacks to fool the biometric systems through counterfeit data sources such as synthetic iris images. In this research paper, proposed model provides high security in authentication which protects service user from unauthorized access. In this proposed model, user is required to authenticate himself with biometric identification (Iris recognition) and Personal Identification Number (PIN). This model reduces complexity with authentication as “authentication is always with you” with high security. It also saves time and efforts compared with card based ATMs and also saves environmental pollution problem of excess number of plastic cards.
It is self-evident that the game changer of our modern world – the “internet” has endowed the twenty first century man with enormous potentials and possibilities. Ranging from enhanced capabilities in business (e-business), governance (e-governance), politics, social interaction and information exchange. The internet has indeed shrinked the global distance that once posed a great barrier and limited man’s endeavours in the preceding centuries. Amidst the great advantages derivable from the use of internet for various purposes lie inherent security threats. To a large extent, these security hindrances have been addressed in advanced nations of the world, as a result, internet phenomenon has pervaded all aspects of the advanced nations economy. This is evident in different electronic platforms that are available for the delivery of various products and services. On the contrary, the application of internet in various aspects of commerce has been hampered by the challenges of security limitations due to identity issues in the developing/emerging economies. Due to these security threats, business owners and the general public in less-developed world demonstrate great sense of apathy in the use of available electronic options for the purpose of commerce. Against the backdrop of the above, and the poor infrastructure basis of the developing nations, this research paper analyses and proposes the implementation of multimodal biometric technology frameworks with novel server architecture to tackle the security threats inherent with e-commerce in the developing world.
Privacy policy based on biometric data, in conjunction with cryptography is very important as it provides unique
protection of biometric data. The usual solutions use only one biometric template, analyzing its entropy and defining the method for
error correction, because biometric data are nosy by its nature. The main disadvantage of these methods is a limited quantity of
information that template contains. We propose an original approach using two independently created templates, which significantly
increase the total amount of information (the entropy of two templates) and thereby reduce the errors. Using our approach, the more
reliable and more secure system for privacy protection and using biometrics in cryptographic operations can be achieved.
In this paper we propose the practical and secure solution how to integrate the fingerprint biometric into cryptographic applications. A binary string which could be reproduced unambiguously, practically, a cryptographic key, can reliably protected with originally fingerprint codes. The key is generated using random number generator, such as HSM device. In that way we are keeping coincidence of cryptographic key, also keeping its entropy, and what is more important if the key is compromised, we can easily use the new one. For the key encoding we are proposing Slepian Wolf coding, basically defined in Slepian Wolf theorem. Like a method for converting fingerprint into minutiae and after that to a binary string we propose Rajarshi Guha method, detail encoded in C programming language and approved in practice. After combining two mentioned binary strings we get an unique data set and place them onto the chip card. The some other kinds of tamper resistant tokens can be used as well. The key revelation process is strictly conditioned by the presence of fingerprint and the chip card. Proposed solution provides maximum security of fingerprint and the lowest possible errors that can be occurred. Also the degree of false positive and false negative authentication is reduced to a minimum.
