Securing Cloud Storage by Transparent Biometric Cryptography

With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The security issues, nevertheless, have been the intense debate within the cloud community. Significant attacks can be taken place, the most common being guessing the (poor) passwords. Given weaknesses with verification credentials, malicious attacks have happened across a variety of well-known storage services (i.e. Dropbox and Google Drive) – resulting in loss the privacy and confidentiality of files. Whilst today's use of third-party cryptographic applications can independently encrypt data, it arguably places a significant burden upon the user in terms of manually ciphering/deciphering each file and administering numerous keys in addition to the login password. The field of biometric cryptography applies biometric modalities within cryptography to produce robust bio-crypto keys without having to remember them. There are, nonetheless, still specific flaws associated with the security of the established bio-crypto key and its usability. Users currently should present their biometric modalities intrusively each time a file needs to be encrypted/decrypted – thus leading to cumbersomeness and inconvenience while throughout usage. Transparent biometrics seeks to eliminate the explicit interaction for verification and thereby remove the user inconvenience. However, the application of transparent biometric within bio-cryptography can increase the variability of the biometric sample leading to further challenges on reproducing the bio-crypto key. An innovative bio-cryptographic approach is developed to non-intrusively encrypt/decrypt data by a bio-crypto key established from transparent biometrics on the fly without storing it somewhere using a backpropagation neural network. This approach seeks to handle the shortcomings of the password login, and concurrently removes the usability issues of the third-party cryptographic applications – thus enabling a more secure and usable user-oriented level of encryption to reinforce the security controls within cloud-based storage. The challenge represents the ability of the innovative bio-cryptographic approach to generate a reproducible bio-crypto key by selective transparent biometric modalities including fingerprint, face and keystrokes which are inherently noisier than their traditional counterparts. Accordingly, sets of experiments using functional and practical datasets reflecting a transparent and unconstrained sample collection are conducted to determine the reliability of creating a non-intrusive and repeatable bio-crypto key of a 256-bit length. With numerous samples being acquired in a non-intrusive fashion, the system would be spontaneously able to capture 6 samples within minute window of time. There is a possibility then to trade-off the false rejection against the false acceptance to tackle the high error, as long as the correct key can be generated via at least one successful sample. As such, the experiments demonstrate that a correct key can be generated to the genuine user once a minute and the average FAR was 0.9%, 0.06%, and 0.06% for fingerprint, face, and keystrokes respectively. For further reinforcing the effectiveness of the key generation approach, other sets of experiments are also implemented to determine what impact the multibiometric approach would have upon the performance at the feature phase versus the matching phase. Holistically, the multibiometric key generation approach demonstrates the superiority in generating the bio-crypto key of a 256-bit in comparison with the single biometric approach. In particular, the feature-level fusion outperforms the matching-level fusion at producing the valid correct key with limited illegitimacy attempts in compromising it – 0.02% FAR rate overall. Accordingly, the thesis proposes an innovative bio-cryptosystem architecture by which cloud-independent encryption is provided to protect the users' personal data in a more reliable and usable fashion using non-intrusive multimodal biometrics.Higher Committee of Education Development in Iraq (HCED

On the Development of Novel Encryption Methods for Conventional and Biometric Images

Information security refers to the technique of protecting information from unauthorized access, use, disclosure, disruption and modification. Governments, military, corporations, financial institutions, hospitals, and private businesses amass a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic media and transmitted across networks to other computers. Encryption clearly addresses the need for confidentiality of information, in process of storage and transmission. Popular application of multimedia technology and increasingly transmission ability of network gradually leads us to acquire information directly and clearly through images and hence the security of image data has become inevitable. Moreover in the recent years, biometrics is gaining popularity for security purposes in many applications. However, during communication and transmission over insecure network channels it has some risks of being hacked, modified and reused. Hence, there is a strong need to protect biometric images during communication and transmission. In this thesis, attempts have been made to encrypt image efficiently and to enhance the security of biometrics images during transmission. In the first contribution, three different key matrix generation methods invertible, involuntary, and permutation key matrix generation have been proposed. Invertible and involuntary key matrix generation methods solves the key matrix inversion problem in Hill cipher. Permutation key matrix generation method increases the Hill system’s security. The conventional Hill cipher technique fails to encrypt images properly if the image consists of large area covered with same colour or gray level. Thus, it does not hide all features of the image which reveals patterns in the plaintext. Moreover, it can be easily broken with a known plaintext attack revealing weak security. To address these issues two different techniques are proposed, those are advanced Hill cipher algorithm and H-S-X cryptosystem to encrypt the images properly. Security analysis of both the techniques reveals superiority of encryption and decryption of images. On the other hand, H-S-X cryptosystem has been used to instil more diffusion and confusion on the cryptanalysis. FPGA implementation of both the proposed techniques has been modeled to show the effectiveness of both the techniques. An extended Hill cipher algorithm based on XOR and zigzag operation is designed to reduce both encryption and decryption time. This technique not only reduces the encryption and decryption time but also ensures no loss of data during encryption and decryption process as compared to other techniques and possesses more resistance to intruder attack. The hybrid cryptosystem which is the combination of extended Hill cipher technique and RSA algorithm has been implemented to solve the key distribution problem and to enhance the security with reduced encryption and decryption time. Two distinct approaches for image encryption are proposed using chaos based DNA coding along with shifting and scrambling or poker shuffle to create grand disorder between the pixels of the images. In the first approach, results obtained from chaos based DNA coding scheme is shifted and scrambled to provide encryption. On the other hand in the second approach the results obtained from chaos based DNA coding encryption is followed by poker shuffle operation to generate the final result. Simulated results suggest performance superiority for encryption and decryption of image and the results obtained have been compared and discussed. Later on FPGA implementation of proposed cryptosystem has been performed. In another contribution, a modified Hill cipher is proposed which is the combination of three techniques. This proposed modified Hill cipher takes advantage of all the three techniques. To acquire the demands of authenticity, integrity, and non-repudiation along with confidentiality, a novel hybrid method has been implemented. This method has employed proposed modified Hill cipher to provide confidentiality. Produced message digest encrypted by private key of RSA algorithm to achieve other features such as authenticity, integrity, and non-repudiation To enhance the security of images, a biometric cryptosystem approach that combines cryptography and biometrics has been proposed. Under this approach, the image is encrypted with the help of fingerprint and password. A key generated with the combination of fingerprint and password and is used for image encryption. This mechanism is seen to enhance the security of biometrics images during transmission. Each proposed algorithm is studied separately, and simulation experiments are conducted to evaluate their performance. The security analyses are performed and performance compared with other competent schemes

An enhanced fuzzy commitment scheme in biometric template protection

Biometric template protection consists of two approaches; Feature Transformation (FT) and Biometric Cryptography (BC). This research focuses on Key-Binding Technique based on Fuzzy Commitment Scheme (FCS) under BC approach. In FCS, the helper data should not disclose any information about the biometric data. However, literatures showed that it had dependency issue in its helper data which jeopardize security and privacy. Moreover, this also increases the probability of privacy leakage which lead to attacks such as brute-force and cross-matching attack. Thus, the aim of this research is to reduce the dependency of helper data that can caused privacy leakage. Three objectives have been set such as (1) to identify the factors that cause dependency on biometric features (2) to enhance FCS by proposing an approach that reduces this dependency, and (3) to evaluate the proposed approach based on parameters such as security, privacy, and biometric performance. This research involved four phases. Phase one, involved research review and analysis, followed by designing conceptual model and algorithm development in phase two and three respectively. Phase four, involved with the evaluation of the proposed approach. The security and privacy analysis shows that with the additional hash function, it is difficult for adversary to perform brute‐force attack on information stored in database. Furthermore, the proposed approach has enhanced the aspect of unlinkability and prevents cross-matching attack. The proposed approach has achieved high accuracy of 95.31% with Equal Error Rate (EER) of 1.54% which performs slightly better by 1.42% compared to the existing approach. This research has contributed towards the key-binding technique of biometric fingerprint template protection, based on FCS. In particular, this research was designed to create a secret binary feature that can be used in other state-of-the-art cryptographic systems by using an appropriate error-correcting approach that meets security standards

A Hybrid Multibiometric System for Personal Identification Based on Face and Iris Traits. The Development of an automated computer system for the identification of humans by integrating facial and iris features using Localization, Feature Extraction, Handcrafted and Deep learning Techniques.

Multimodal biometric systems have been widely applied in many real-world applications due to its ability to deal with a number of significant limitations of unimodal biometric systems, including sensitivity to noise, population coverage, intra-class variability, non-universality, and vulnerability to spoofing. This PhD thesis is focused on the combination of both the face and the left and right irises, in a unified hybrid multimodal biometric identification system using different fusion approaches at the score and rank level. Firstly, the facial features are extracted using a novel multimodal local feature extraction approach, termed as the Curvelet-Fractal approach, which based on merging the advantages of the Curvelet transform with Fractal dimension. Secondly, a novel framework based on merging the advantages of the local handcrafted feature descriptors with the deep learning approaches is proposed, Multimodal Deep Face Recognition (MDFR) framework, to address the face recognition problem in unconstrained conditions. Thirdly, an efficient deep learning system is employed, termed as IrisConvNet, whose architecture is based on a combination of Convolutional Neural Network (CNN) and Softmax classifier to extract discriminative features from an iris image. Finally, The performance of the unimodal and multimodal systems has been evaluated by conducting a number of extensive experiments on large-scale unimodal databases: FERET, CAS-PEAL-R1, LFW, CASIA-Iris-V1, CASIA-Iris-V3 Interval, MMU1 and IITD and MMU1, and SDUMLA-HMT multimodal dataset. The results obtained have demonstrated the superiority of the proposed systems compared to the previous works by achieving new state-of-the-art recognition rates on all the employed datasets with less time required to recognize the person’s identity.Multimodal biometric systems have been widely applied in many real-world applications due to its ability to deal with a number of significant limitations of unimodal biometric systems, including sensitivity to noise, population coverage, intra-class variability, non-universality, and vulnerability to spoofing. This PhD thesis is focused on the combination of both the face and the left and right irises, in a unified hybrid multimodal biometric identification system using different fusion approaches at the score and rank level. Firstly, the facial features are extracted using a novel multimodal local feature extraction approach, termed as the Curvelet-Fractal approach, which based on merging the advantages of the Curvelet transform with Fractal dimension. Secondly, a novel framework based on merging the advantages of the local handcrafted feature descriptors with the deep learning approaches is proposed, Multimodal Deep Face Recognition (MDFR) framework, to address the face recognition problem in unconstrained conditions. Thirdly, an efficient deep learning system is employed, termed as IrisConvNet, whose architecture is based on a combination of Convolutional Neural Network (CNN) and Softmax classifier to extract discriminative features from an iris image. Finally, The performance of the unimodal and multimodal systems has been evaluated by conducting a number of extensive experiments on large-scale unimodal databases: FERET, CAS-PEAL-R1, LFW, CASIA-Iris-V1, CASIA-Iris-V3 Interval, MMU1 and IITD and MMU1, and SDUMLA-HMT multimodal dataset. The results obtained have demonstrated the superiority of the proposed systems compared to the previous works by achieving new state-of-the-art recognition rates on all the employed datasets with less time required to recognize the person’s identity.Higher Committee for Education Development in Ira

Entropy in Image Analysis III

Image analysis can be applied to rich and assorted scenarios; therefore, the aim of this recent research field is not only to mimic the human vision system. Image analysis is the main methods that computers are using today, and there is body of knowledge that they will be able to manage in a totally unsupervised manner in future, thanks to their artificial intelligence. The articles published in the book clearly show such a future

Mejora de la seguridad y la privacidad de los sistemas biométricos

Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Tecnología Electrónica y de las Comunicaciones. Fecha de lectura: 02-06-2016This Thesis was printed with the financial support from EPS-UAM and the Biometric Recognition Group-ATVS

Privacy-Preserving Biometric Authentication

Biometric-based authentication provides a highly accurate means of authentication without requiring the user to memorize or possess anything. However, there are three disadvantages to the use of biometrics in authentication; any compromise is permanent as it is impossible to revoke biometrics; there are significant privacy concerns with the loss of biometric data; and humans possess only a limited number of biometrics, which limits how many services can use or reuse the same form of authentication. As such, enhancing biometric template security is of significant research interest. One of the methodologies is called cancellable biometric template which applies an irreversible transformation on the features of the biometric sample and performs the matching in the transformed domain. Yet, this is itself susceptible to specific classes of attacks, including hill-climb, pre-image, and attacks via records multiplicity. This work has several outcomes and contributions to the knowledge of privacy-preserving biometric authentication. The first of these is a taxonomy structuring the current state-of-the-art and provisions for future research. The next of these is a multi-filter framework for developing a robust and secure cancellable biometric template, designed specifically for fingerprint biometrics. This framework is comprised of two modules, each of which is a separate cancellable fingerprint template that has its own matching and measures. The matching for this is based on multiple thresholds. Importantly, these methods show strong resistance to the above-mentioned attacks. Another of these outcomes is a method that achieves a stable performance and can be used to be embedded into a Zero-Knowledge-Proof protocol. In this novel method, a new strategy was proposed to improve the recognition error rates which is privacy-preserving in the untrusted environment. The results show promising performance when evaluated on current datasets

Investigation of Multimodal Template-Free Biometric Techniques and Associated Exception Handling

The Biometric systems are commonly used as a fundamental tool by both government and private sector organizations to allow restricted access to sensitive areas, to identify the criminals by the police and to authenticate the identification of individuals requesting to access to certain personal and confidential services. The applications of these identification tools have created issues of security and privacy relating to personal, commercial and government identities. Over the last decade, reports of increasing insecurity to the personal data of users in the public and commercial domain applications has prompted the development of more robust and sound measures to protect the personal data of users from being stolen and spoofing. The present study aimed to introduce the scheme for integrating direct and indirect biometric key generation schemes with the application of Shamir‘s secret sharing algorithm in order to address the two disadvantages: revocability of the biometric key and the exception handling of biometric modality. This study used two different approaches for key generation using Shamir‘s secret sharing scheme: template based approach for indirect key generation and template-free. The findings of this study demonstrated that the encryption key generated by the proposed system was not required to be stored in the database which prevented the attack on the privacy of the data of the individuals from the hackers. Interestingly, the proposed system was also able to generate multiple encryption keys with varying lengths. Furthermore, the results of this study also offered the flexibility of providing the multiple keys for different applications for each user. The results from this study, consequently, showed the considerable potential and prospect of the proposed scheme to generate encryption keys directly and indirectly from the biometric samples, which could enhance its success in biometric security field