Secure and Privacy Enhanced Gait Authentication on Smart Phone

Smart environments established by the development of mobile technology have brought vast benefits to human being. However, authentication mechanisms on portable smart devices, particularly conventional biometric based approaches, still remain security and privacy concerns. These traditional systems are mostly based on pattern recognition and machine learning algorithms, wherein original biometric templates or extracted features are stored under unconcealed form for performing matching with a new biometric sample in the authentication phase. In this paper, we propose a novel gait based authentication using biometric cryptosystem to enhance the system security and user privacy on the smart phone. Extracted gait features are merely used to biometrically encrypt a cryptographic key which is acted as the authentication factor. Gait signals are acquired by using an inertial sensor named accelerometer in the mobile device and error correcting codes are adopted to deal with the natural variation of gait measurements. We evaluate our proposed system on a dataset consisting of gait samples of 34 volunteers. We achieved the lowest false acceptance rate (FAR) and false rejection rate (FRR) of 3.92% and 11.76%, respectively, in terms of key length of 50 bits

Feature extraction using two dimensional (2D) legendre wavelet filter for partial iris recognition

An increasing need for biometrics recognition systems has grown substantially to address the issues of recognition and identification, especially in highly dense areas such as airports, train stations, and financial transactions. Evidence of these can be seen in some airports and also the implementation of these technologies in our mobile phones. Among the most popular biometric technologies include facial, fingerprints, and iris recognition. The iris recognition is considered by many researchers to be the most accurate and reliable form of biometric recognition because iris can neither be surgically operated with a chance of losing slight nor change due to aging. However, presently most iris recognition systems available can only recognize iris image with frontal-looking and high-quality images. Angular image and partially capture image cannot be authenticated with the existing method of iris recognition. This research investigates the possibility of developing a technique for recognition partially captured iris image. The technique is designed to process the iris image at 50%, 25%, 16.5%, and 12.5% and to find a threshold for a minimum amount of iris region required to authenticate the individual. The research also developed and implemented two Dimensional (2D) Legendre wavelet filter for the iris feature extraction. The Legendre wavelet filter is to enhance the feature extraction technique. Selected iris images from CASIA, UBIRIS, and MMU database were used to test the accuracy of the introduced technique. The technique was able to produce recognition accuracy between 70 – 90% CASIA-interval with 92.25% accuracy, CASIA-distance with 86.25%, UBIRIS with 74.95%, and MMU with 94.45%

A crypto-biometric scheme based on iris-templates with fuzzy extractors

20 páginas, 4 figuras, 7 tablasOne of the most important uses of Biometrics is the identification and authentication of individuals using one or several of their physiognomical or behavioral features. Moreover, Biometrics offers a good option to assist Cryptography for confidentiality, encryption, and decryption of messages by using some biometric traits. In this paper, a crypto-biometric scheme, based on fuzzy extractors, by using iris templates, is proposed, i.e., we propose a new system in order to permit a user to retrieve a secret or a previously saved key by using her own biometric template. The properties and efficiency for selecting the most useful parameters to provide a high level of security in the scheme are thoroughly analyzed. © 2012 Elsevier Inc. All rights reserved.Authors would like to thank the anonymous reviewers for their helpful com- ments and professor R. Durán for his valuable suggestions. This work has been partially supported by Ministerio de Ciencia e Innovación (Spain) under the grant TIN2011-22668.Peer Reviewe

Securing Cloud Storage by Transparent Biometric Cryptography

With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The security issues, nevertheless, have been the intense debate within the cloud community. Significant attacks can be taken place, the most common being guessing the (poor) passwords. Given weaknesses with verification credentials, malicious attacks have happened across a variety of well-known storage services (i.e. Dropbox and Google Drive) – resulting in loss the privacy and confidentiality of files. Whilst today's use of third-party cryptographic applications can independently encrypt data, it arguably places a significant burden upon the user in terms of manually ciphering/deciphering each file and administering numerous keys in addition to the login password. The field of biometric cryptography applies biometric modalities within cryptography to produce robust bio-crypto keys without having to remember them. There are, nonetheless, still specific flaws associated with the security of the established bio-crypto key and its usability. Users currently should present their biometric modalities intrusively each time a file needs to be encrypted/decrypted – thus leading to cumbersomeness and inconvenience while throughout usage. Transparent biometrics seeks to eliminate the explicit interaction for verification and thereby remove the user inconvenience. However, the application of transparent biometric within bio-cryptography can increase the variability of the biometric sample leading to further challenges on reproducing the bio-crypto key. An innovative bio-cryptographic approach is developed to non-intrusively encrypt/decrypt data by a bio-crypto key established from transparent biometrics on the fly without storing it somewhere using a backpropagation neural network. This approach seeks to handle the shortcomings of the password login, and concurrently removes the usability issues of the third-party cryptographic applications – thus enabling a more secure and usable user-oriented level of encryption to reinforce the security controls within cloud-based storage. The challenge represents the ability of the innovative bio-cryptographic approach to generate a reproducible bio-crypto key by selective transparent biometric modalities including fingerprint, face and keystrokes which are inherently noisier than their traditional counterparts. Accordingly, sets of experiments using functional and practical datasets reflecting a transparent and unconstrained sample collection are conducted to determine the reliability of creating a non-intrusive and repeatable bio-crypto key of a 256-bit length. With numerous samples being acquired in a non-intrusive fashion, the system would be spontaneously able to capture 6 samples within minute window of time. There is a possibility then to trade-off the false rejection against the false acceptance to tackle the high error, as long as the correct key can be generated via at least one successful sample. As such, the experiments demonstrate that a correct key can be generated to the genuine user once a minute and the average FAR was 0.9%, 0.06%, and 0.06% for fingerprint, face, and keystrokes respectively. For further reinforcing the effectiveness of the key generation approach, other sets of experiments are also implemented to determine what impact the multibiometric approach would have upon the performance at the feature phase versus the matching phase. Holistically, the multibiometric key generation approach demonstrates the superiority in generating the bio-crypto key of a 256-bit in comparison with the single biometric approach. In particular, the feature-level fusion outperforms the matching-level fusion at producing the valid correct key with limited illegitimacy attempts in compromising it – 0.02% FAR rate overall. Accordingly, the thesis proposes an innovative bio-cryptosystem architecture by which cloud-independent encryption is provided to protect the users' personal data in a more reliable and usable fashion using non-intrusive multimodal biometrics.Higher Committee of Education Development in Iraq (HCED