A fingerprint based crypto-biometric system for secure communication

To ensure the secure transmission of data, cryptography is treated as the most effective solution. Cryptographic key is an important entity in this procedure. In general, randomly generated cryptographic key (of 256 bits) is difficult to remember. However, such a key needs to be stored in a protected place or transported through a shared communication line which, in fact, poses another threat to security. As an alternative, researchers advocate the generation of cryptographic key using the biometric traits of both sender and receiver during the sessions of communication, thus avoiding key storing and at the same time without compromising the strength in security. Nevertheless, the biometric-based cryptographic key generation possesses few concerns such as privacy of biometrics, sharing of biometric data between both communicating users (i.e., sender and receiver), and generating revocable key from irrevocable biometric. This work addresses the above-mentioned concerns. In this work, a framework for secure communication between two users using fingerprint based crypto-biometric system has been proposed. For this, Diffie-Hellman (DH) algorithm is used to generate public keys from private keys of both sender and receiver which are shared and further used to produce a symmetric cryptographic key at both ends. In this approach, revocable key for symmetric cryptography is generated from irrevocable fingerprint. The biometric data is neither stored nor shared which ensures the security of biometric data, and perfect forward secrecy is achieved using session keys. This work also ensures the long-term security of messages communicated between two users. Based on the experimental evaluation over four datasets of FVC2002 and NIST special database, the proposed framework is privacy-preserving and could be utilized onto real access control systems.Comment: 29 single column pages, 8 figure

Encryption by Heart (EbH)-Using ECG for time-invariant symmetric key generation

Wearable devices are a part of Internet-of-Things (IoT) that may offer valuable data of their porting user. This paper explores the use of ElectroCardioGram (ECG) records to encrypt user data. Previous attempts have shown that ECG can be taken as a basis for key generation. However, these approaches do not consider time-invariant keys. This feature enables using these so-created keys for symmetrically encrypting data (e.g. smartphone pictures), enabling their decryption using the key derived from the current ECG readings. This paper addresses this challenge by proposing EbH, a mechanism for persistent key generation based on ECG. EbH produces seeds from which encryption keys are generated. Experimental results over 24 h for 199 users show that EbH, under certain settings, can produce permanent seeds (thus time-invariant keys) computed on-the-fly and different for each user up to 95.97% of users produce unique keys. In addition, EbH can be tuned to produce seeds of different length (up to 300 bits) and with variable min-entropy (up to 93.51). All this supports the workability of EbH in a real setting. (C) 2017 Elsevier B.V. All rights reserved.Funding: This work was supported by the MINECO grants TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and TIN2016-79095-C2-2-R (SMOG-DEV); by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks), which is co-funded by European Funds (FEDER); and by the Programa de Ayudas para la Movilidad of Carlos III University of Madrid, Spain (J. M. de Fuentes and L. Gonzalez-Manzano grants). Data used for this research was provided by the Telemetric and ECG Warehouse (THEW) of University of Rochester, NY

Biometric Based Cryptographic Key Generation From Faces

Existing asymmetric encryption algorithms require the storage of the secret private key. Stored keys are often protected by poorly selected user passwords that can either be guessed or obtained through brute force attacks. This is a weak link in the overall encryption system and can potentially compromise the integrity of sensitive data. Combining biometrics with cryptography is seen as a possible solution but any biometric cryptosystem must be able to overcome small variations present between different acquisitions of the same biometric in order to produce consistent keys. This paper discusses a new method which uses an entropy based feature extraction process coupled with Reed-Solomon error correcting codes that can generate deterministic bit-sequences from the output of an iterative one-way transform. The technique is evaluated using 3D face data and is shown to reliably produce keys of suitable length for 128-bit Advanced Encryption Standard (AES)

Investigation of Multimodal Template-Free Biometric Techniques and Associated Exception Handling

The Biometric systems are commonly used as a fundamental tool by both government and private sector organizations to allow restricted access to sensitive areas, to identify the criminals by the police and to authenticate the identification of individuals requesting to access to certain personal and confidential services. The applications of these identification tools have created issues of security and privacy relating to personal, commercial and government identities. Over the last decade, reports of increasing insecurity to the personal data of users in the public and commercial domain applications has prompted the development of more robust and sound measures to protect the personal data of users from being stolen and spoofing. The present study aimed to introduce the scheme for integrating direct and indirect biometric key generation schemes with the application of Shamir‘s secret sharing algorithm in order to address the two disadvantages: revocability of the biometric key and the exception handling of biometric modality. This study used two different approaches for key generation using Shamir‘s secret sharing scheme: template based approach for indirect key generation and template-free. The findings of this study demonstrated that the encryption key generated by the proposed system was not required to be stored in the database which prevented the attack on the privacy of the data of the individuals from the hackers. Interestingly, the proposed system was also able to generate multiple encryption keys with varying lengths. Furthermore, the results of this study also offered the flexibility of providing the multiple keys for different applications for each user. The results from this study, consequently, showed the considerable potential and prospect of the proposed scheme to generate encryption keys directly and indirectly from the biometric samples, which could enhance its success in biometric security field