Biometric identity-based cryptography for e-Government environment

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols

Modelling and simulation of a biometric identity-based cryptography

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols

Service Integration for Biometric Authentication

Unimodaalsete biomeetriliste süsteemide kasvav kasutuselevõtt era- ja riigiasutustes näitab biomeetriliste autentimissüsteemide edu. See aga ei tähenda, et biomeetrilised süsteemid pakuvad terviklikku autentimislahendust. Unimodaalsetes biomeetrilistes süsteemides ilmneb hulk piiranguid, mida on võimalik ületada kasutades multimodaalseid biomeetrilisi autentimissüsteeme. Multimodaalseid süsteeme peetakse töökindlamaks ja võimeliseks rahuldama rangeid jõudlusvajadusi. Lisaks võimaldavad multimodaalsed süsteemid arvestada mitteuniversaalsuse probleemiga ja tõhusalt tõrjuda võltsimisrünnakuid. Vaatamata suhtelistele eelistele on multimodaalsete biomeetriliste süsteemide realisatsioon ja kasutusmugavus jäänud fundamentaalseks väljakutseks tarkvaraarenduses. Multimodaalsed süsteemid on enamasti sulam unimodaalsetest süsteemidest, mis on valitud vastavalt äriprotsessi ja vaadeldava keskkonna nõuetele. Nende süsteemide mitmekesisus, lähtekoodi kättesaadavus ja juurutamisvajadused muudavad nende arenduse ja kasutuselevõtu oluliselt kulukamaks. Tarkvaraarendajatena üritame me lihtsustada arendusprotsessi ja minimeerides selleks vajamineva jõupingutuse suurust. Seetõttu keskendub see töö olemasolevate biomeetriliste süsteemide taaskasutatavaks muutmisele. Eesmärgiks on kirjeldada teenuste integratsiooni raamistik, mis automatiseerib heterogeensete biomeetriliste süsteemide sujuvat seadistamist ja paigaldust ning vähendab arenduse töömahtu ja sellega seotud kulutusi. Selle eesmärgi saavutamiseks kõrvaldame me vajaduse korduva stsenaariumipõhise ühilduvate süsteemide arenduse ja integratsiooni järgi. Biomeetriliste süsteemide arendus muudetakse ühekordseks tööks. Me esitleme ka vahendeid heterogeensetest avatud lähetekoodiga ja kommerts biomeetrilistest süsteemidest koosnevate multimodaalsete biomeetriliste süsteemide seadistamiseks ja paigaldamiseks lähtuvalt valdkonnaspetsiifilistest autentimisvajadustest. Võrreldes levinud praktikatega vähendab meie lähenemine stsenaariumi-spetsiifilise biomeetrilise autentimissüsteemi arendusele ja paigaldusele kuluvat töö hulka 46,42%.The success of biometric authentication systems is evident from the increasing rate of adoption of unimodal biometric systems in civil and governmental applications. However, this does not imply that biometric systems offer a complete authentication solution. Unimodal biometric systems exhibit a multitude of limitations which can be overcome by using multimodal biometric authentication systems. Multimodal systems are considered more reliable, and capable of meeting stringent performance needs and addressing the problem of non-universality and spoof attacks effectively. Despite the relative advantages, implementation and usability of multimodal biometric systems remain a fundamental software engineering challenge. Multimodal systems are usually an amalgamation of unimodal biometric systems chosen in accordance with the needs dictated by the business process(es) and the respective environment under consideration. The heterogeneity, availability of source code, and deployment needs for these systems incur significantly higher development and adaption costs. Being software engineers, we naturally strive to simplify the engineering process and minimize the required amount of effort. Therefore this work focuses on making the existing biometric systems reusable. The objective is to define a service integration framework which automates seamless configuration, and deployment of heterogeneous biometric systems, and minimizes the development effort and related costs. In this effort we replace the need for development and integration of scenario-specific compatible systems by repetitive scenario-specific configuration and deployment of multimodal biometric systems. The development of biometric systems is minimized to a one-time effort. We also present tools for configuration and deployment, which respectively configure and deploy multimodal biometric systems comprising of heterogeneous open source and/or commercial biometric systems required for fulfillment of domain specific authentication needs. In comparison to the prevalent practices, our approach reduces the effort required for developing and deploying reliable scenario-specific biometric authentication systems by 46.42%

Design a system for an approved video copyright over cloud based on biometric iris and random walk generator using watermark technique

Copyright is a tool for preventing anyone forged to copy an electronic work from another person and claim that electronic work is referred to him. Since the identity of the person is always determined by his name and biometrics, there is a concern to handle this information, to preserve the copyright. In this paper, a new idea for copyright technology is used to prove video copyright, by using blind watermarking technique, the ownership information is hidden inside video frames using linear congruential generator (LCG) for adapted the locations of vector features extracted from the name and biometric image of the owner instead of hidden the watermark in the Pseudo Noise sequences or any other feature extraction technique. When providing the watermarked vector, a statistical operation is used to increase randomization state for the amplifier factors of LCG function. LCG provides random positions where the owner's information is stored inside the video. The proposed method is not difficult to execute and can present an adaptable imperceptibility and robustness performance. The output results show the robustness of this approach based on the average PSNR of frames for the embedded in 50 frames is around 47.5 dB while the watermark remains undetectable. MSSIM values with range (0.83 to 0.99)

DeepMasterPrints: Generating MasterPrints for Dictionary Attacks via Latent Variable Evolution

Recent research has demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks based on MasterPrints. MasterPrints are real or synthetic fingerprints that can fortuitously match with a large number of fingerprints thereby undermining the security afforded by fingerprint systems. Previous work by Roy et al. generated synthetic MasterPrints at the feature-level. In this work we generate complete image-level MasterPrints known as DeepMasterPrints, whose attack accuracy is found to be much superior than that of previous methods. The proposed method, referred to as Latent Variable Evolution, is based on training a Generative Adversarial Network on a set of real fingerprint images. Stochastic search in the form of the Covariance Matrix Adaptation Evolution Strategy is then used to search for latent input variables to the generator network that can maximize the number of impostor matches as assessed by a fingerprint recognizer. Experiments convey the efficacy of the proposed method in generating DeepMasterPrints. The underlying method is likely to have broad applications in fingerprint security as well as fingerprint synthesis.Comment: 8 pages; added new verification systems and diagrams. Accepted to conference Biometrics: Theory, Applications, and Systems 201

EsPRESSo: Efficient Privacy-Preserving Evaluation of Sample Set Similarity

Electronic information is increasingly often shared among entities without complete mutual trust. To address related security and privacy issues, a few cryptographic techniques have emerged that support privacy-preserving information sharing and retrieval. One interesting open problem in this context involves two parties that need to assess the similarity of their datasets, but are reluctant to disclose their actual content. This paper presents an efficient and provably-secure construction supporting the privacy-preserving evaluation of sample set similarity, where similarity is measured as the Jaccard index. We present two protocols: the first securely computes the (Jaccard) similarity of two sets, and the second approximates it, using MinHash techniques, with lower complexities. We show that our novel protocols are attractive in many compelling applications, including document/multimedia similarity, biometric authentication, and genetic tests. In the process, we demonstrate that our constructions are appreciably more efficient than prior work.Comment: A preliminary version of this paper was published in the Proceedings of the 7th ESORICS International Workshop on Digital Privacy Management (DPM 2012). This is the full version, appearing in the Journal of Computer Securit