Metodi innovativi di Information Fusion per la crittografia

2011 - 2012Nel presente lavoro viene mostrato un sistema per realizzare un codice crittografico, che sia utilizzabile per garantire un alto livello di segretezza usando tecniche di Information Fusion (IF). Nel dettaglio, si è deciso di fondere due codici; uno generato tramite un algoritmo di crittografia a chiave pubblica e uno creato mediante l’utilizzo di formule matematiche innovative basate sui frattali. La tecnica di Information Fusion utilizzata è stata presentata in precedenza con un differente utilizzo ed opportune modifiche. Infatti, nel precedente lavoro, veniva creato un codice di accesso identificativo, mentre, in questo, viene generata una chiave crittografica fortemente casuale da utilizzare in ambito di cifratura. La scelta di utilizzare i frattali per generare una sequenza numerica da fondere con codici utilizzati nella cifratura a chiave pubblica è vincolata alla caratteristica randomica di tali strutture. Questo porta all’idea di utilizzare queste caratteristiche per applicazioni crittografiche quali One-Time-Pad. La tecnica di fusione modificata è denominato F&NIF (Fractal & Numerical Information Fusion). [a cura dell'autore]In this paper we want to show a system to realize a cryptography code. This system must ensure a high level of security using Information Fusion (IF) technique. In particular, we have decided to merge two codes generated by an algorithm of Public-key Cryptography and by fractals relations respectively. This IF method has been presented with a different use. In fact, in the previous paper, was created an identification access key but now we want to generate a very random Cryptography key to be used for encryption. The choice of using fractals to generate numbers to be fused with codes of Public-Key Cryptography, is due to the randomness of these structures. The idea is to use these features for cryptographic applications such as One-Time-Pad. The modified fusion technique is called F&NIF (Fractal & Numerical Information Fusion). [edited by author]XI n.s

Handbook of Vascular Biometrics

This open access handbook provides the first comprehensive overview of biometrics exploiting the shape of human blood vessels for biometric recognition, i.e. vascular biometrics, including finger vein recognition, hand/palm vein recognition, retina recognition, and sclera recognition. After an introductory chapter summarizing the state of the art in and availability of commercial systems and open datasets/open source software, individual chapters focus on specific aspects of one of the biometric modalities, including questions of usability, security, and privacy. The book features contributions from both academia and major industrial manufacturers

Privacy protecting biometric authentication systems

As biometrics gains popularity and proliferates into the daily life, there is an increased concern over the loss of privacy and potential misuse of biometric data held in central repositories. The major concerns are about i) the use of biometrics to track people, ii) non-revocability of biometrics (eg. if a fingerprint is compromised it can not be canceled or reissued), and iii) disclosure of sensitive information such as race, gender and health problems which may be revealed by biometric traits. The straightforward suggestion of keeping the biometric data in a user owned token (eg. smart cards) does not completely solve the problem, since malicious users can claim that their token is broken to avoid biometric verification altogether. Put together, these concerns brought the need for privacy preserving biometric authentication methods in the recent years. In this dissertation, we survey existing privacy preserving biometric systems and implement and analyze fuzzy vault in particular; we propose a new privacy preserving approach; and we study the discriminative capability of online signatures as it relates to the success of using online signatures in the available privacy preserving biometric verification systems. Our privacy preserving authentication scheme combines multiple biometric traits to obtain a multi-biometric template that hides the constituent biometrics and allows the possibility of creating non-unique identifiers for a person, such that linking separate template databases is impossible. We provide two separate realizations of the framework: one uses two separate fingerprints of the same individual to obtain a combined biometric template, while the other one combines a fingerprint with a vocal pass-phrase. We show that both realizations of the framework are successful in verifying a person's identity given both biometric traits, while preserving privacy (i.e. biometric data is protected and the combined identifier can not be used to track people). The Fuzzy Vault emerged as a promising construct which can be used in protecting biometric templates. It combines biometrics and cryptography in order to get the benefits of both fields; while biometrics provides non-repudiation and convenience, cryptography guarantees privacy and adjustable levels of security. On the other hand, the fuzzy vault is a general construct for unordered data, and as such, it is not straightforward how it can be used with different biometric traits. In the scope of this thesis, we demonstrate realizations of the fuzzy vault using fingerprints and online signatures such that authentication can be done while biometric templates are protected. We then demonstrate how to use the fuzzy vault for secret sharing, using biometrics. Secret sharing schemes are cryptographic constructs where a secret is split into shares and distributed amongst the participants in such a way that it is constructed/revealed only when a necessary number of share holders come together (e.g. in joint bank accounts). The revealed secret can then be used for encryption or authentication. Finally, we implemented how correlation attacks can be used to unlock the vault; showing that further measures are needed to protect the fuzzy vault against such attacks. The discriminative capability of a biometric modality is based on its uniqueness/entropy and is an important factor in choosing a biometric for a large-scale deployment or a cryptographic application. We present an individuality model for online signatures in order to substantiate their applicability in biometric authentication. In order to build our model, we adopt the Fourier domain representation of the signature and propose a matching algorithm. The signature individuality is measured as the probability of a coincidental match between two arbitrary signatures, where model parameters are estimated using a large signature database. Based on this preliminary model and estimated parameters, we conclude that an average online signature provides a high level of security for authentication purposes. Finally, we provide a public online signature database along with associated testing protocols that can be used for testing signature verification system

A multi-modal method based on the competitors of FVC2004 and on Palm data combined with tokenised random numbers.

In this work, we propose a multi-modal method that combines the scores of selected fingerprint matchers with the score obtained by a palm authenticator where the palm features are combined with pseudo-random numbers. We use a random subspace of AdaBoost.M1 to combine the scores of the best fingerprint matchers automatically selected among the competitors of FVC2004, and we study the performance when a different number of competitors are involved in the fusion. Moreover a deep study is carried out to design a hybrid system based on the combination of palm image features and a personal key. In conclusion, the aim of this work is to design a multi-modal biometric system and to analyze the benefits and the limits of fusion approaches in order to boost the performance of hybrid system in the worst testing hypothesis when an ''impostor'' steal the personal key of the user A before he tries to authenticate as A. The experimental results reported in this paper confirm that using a multi-modal ensemble of matchers it is possible to overcome some of the limitations of each single matcher leading to a considerable performance improvement