Generating biometric random cryptographic key based on unique fingerprint features

This paper uses the unique biometric features of fingerprints to generate random cryptographic keys. The main aspects of the security of the generated key include the privacy of the fingerprint and the randomness and complexity of the key generation algorithm. In the proposed method, first, the unique fingerprint features, which include Minutiae points, are extracted from the fingerprint image. Then, to increase the statistical properties and complexity of the algorithm, the Euclidean distance and the angle of all the points of Minutiae relative to each other are calculated and stored. In the next step, after normalizing to 8-bit numbers, these data are moved by permutation operations and combined. In the following, the proposed method is used to increase the level of security and the ability to be random from the non-linear operations of 8-bit S-boxes S0 and S1 used in the CLEFIA block cipher. Statistical analyzes performed on the generated keys show the acceptable random nature of the keys. Therefore, the proposed structure for generating a random key can be used in encrypting digital signals with large volumes of data such as image and sound

Generating and sharing biometrics based session keys for secure cryptographic applications

International audienceCrypto-biometric systems, which combine biometrics with cryptographic systems, are gaining more and more attention. Person verification with high degree of assurance offered by biometrics can greatly improve the security of a cryptographic system. In such systems, a stable crypto-biometric key (to be used for cryptography) is derived from biometrics and a strong link between the user identity and the cryptographic keys is established. In this paper, we first propose a simple and effective protocol to securely share such crypto-biometric keys. Moreover, we propose another protocol to generate and share session keys which are valid for only one communication session. This protocol achieves mutual authentication between the client and the server without the need of trusted third party certificates. This protocol also facilitates easy online updating of templates. The stored templates are cancelable. The protocols are evaluated for biometric verification performance on a subset of the NIST-FRGCv2 face databas

Formalização e verificação de um protocolo de autenticação multifator

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico, Programa de Pós-Graduação em Ciência da Computação, Florianópolis, 2012Nesta Dissertação de Mestrado, apresenta-se a proposta de um protocolo para autenticação de usuários, fazendo uso de biometria e smartcards. As principais características desse conjunto de protocolos são: prover um mecanismo próprio e integrado para cadastro e autenticação, assim como permitir a existência de diferentes papéis de usuários. Com a união destas duas características, almeja-se a obtenção de protocolos que possuam níveis aprimorados, não apenas de segurança, mas também de gerenciamento. Seu desenvolvimento é norteado pela adoção de uma metodologia própria ao projeto de protocolos de segurança. As seguintes etapas fazem parte desta metodologia: projeto inicial, prototipação, implantação, modelagem formal e verificação. A modelagem formal é feita em Lógica de Primeira Ordem. Os modelos lógicos criados são, posteriormente, alvo de verificação com auxílio de um provador automático de teoremas (em nosso caso, o SPASS). De modo a antecipar as ações de um atacante em potencial, seus possíveis movimentos são também alvo de formalização, resultando na criação de um modelo lógico próprio. Logo após, tem início a etapa de verificação, a qual consiste no teste de conjecturas sobre os modelos lógicos. O resultado deste teste permite a extração de fatos (certezas) sobre nosso conjunto de protocolos. Em última análise, estes fatos são a comprovação da resistência do protocolo a padrões conhecidos de ataque. Com a finalidade de propiciar uma visão geral da temática da verificação de protocolos de segurança, este trabalho também apresenta uma revisão dos métodos disponíveis, não se limitando apenas àqueles efetivamente utilizados neste estudo. Ademais, todo o material relativo às modelagens formais e respectivas provas é incluído como anexos.Abstract : In this Master Thesis, a proposal for a set of authentication protocols through the use of biometrics and smartcards is presented. The main characteristics of such protocols are: to provide their own integrated mechanism for user registration and authentication, as well as to differentiate the existent user roles. By combining these characteristics, we aim at creating protocols with, not only improved security levels, but also with flexible management. Their development is guided by the adoption of a proper methodology for the security protocols' project. The following steps make part of it: initial design, prototyping, deployment, formal modelling and verification. The formal modelling is carried out in First-Order Logic. The logic models created are subsequently targeted of verification with the assistance of an automated theorem prover (in this case, SPASS). To anticipate the actions from a potential attacker, his characteristics are also target of formalisation, resulting in his own logic model. After, we proceed with the verification which consists on testing conjectures upon the logic models. The results collected with those tests allow the extraction of facts about our set of protocols. In a last instance, such facts are the evidence of the protocol's resistance to well-known attack patterns. In order to provide a broader view of the subject of security protocol verification, this work also reviews all the available methods. Not limiting to those already used in this study. In addition, every piece of material related to the formal modelling and respective proofs is included as appendices