A Programmable SoC-Based Accelerator for Privacy-Enhancing Technologies and Functional Encryption

A multitude of privacy-enhancing technologies (PETs) has been presented recently to solve the privacy problems of contemporary services utilizing cloud computing. Many of them are based on additively homomorphic encryption (AHE) that allows the computation of additions on encrypted data. The main technical obstacles for adaptation of PETs in practical systems are related to performance overheads compared with current privacy-violating alternatives. In this article, we present a hardware/software (HW/SW) codesign for programmable systems-on-chip (SoCs) that is designed for accelerating applications based on the Paillier encryption. Our implementation is a microcode-based multicore architecture that is suitable for accelerating various PETs using AHE with large integer modular arithmetic. We instantiate the implementation in a Xilinx Zynq-7000 programmable SoC and provide performance evaluations in real hardware. We also investigate its efficiency in a high-end Xilinx UltraScale+ programmable SoC. We evaluate the implementation with two target use cases that have relevance in PETs: privacy-preserving computation of squared Euclidean distances over encrypted data and multi-input functional encryption (FE) for inner products. Both of them represent the first hardware acceleration results for such operations, and in particular, the latter one is among the very first published implementation results of FE on any platform.Peer reviewe

A Partition Based Novel Approach in AFIS for Forensics & Security

AbstractMany automatic fingerprint identification approaches have been suggested. Amongst those various methods, the minutiae-based fingerprint demonstration and recognition is widely used. Minutiae based representation has some disadvantages in comparison to other fingerprint approached in terms of sample size. This paper describes a novel concept of partition based approach for fingerprint identification which aims to improve error rates as well as processing time in matching fingerprints. We aim to split the identity image into well separated partitions in order to simplify the identification task. Our system will use the gray-scale information of the fingerprints. The system will select the primary fingerprint, perform feature extraction & feature matching to identify the image in the database by comparing the featured values of both the fingerprints. Our implementation mainly incorporates image pre-processing, image partitioning, image binarization, feature extraction and feature matching. It finally generates a score which tells whether two fingerprints match or not

Low-Cost and Efficient Hardware Solution for Presentation Attack Detection in Fingerprint Biometrics Using Special Lighting Microscopes

Biometric recognition is already a big player in how we interact with our phones and access control systems. This is a result of its comfort of use, speed, and security. For the case of border control, it eases the task of person identification and black-list checking. Although the performance rates for verification and identification have dropped in the last decades, protection against vulnerabilities is still under heavy development. This paper will focus on the detection of presentation attacks in fingerprint biometrics, i.e., attacks that are performed at the sensor level, and from a hardware perspective. Most research on presentation attacks has been carried out on software techniques due to its lower price as, in general, hardware solutions require additional subsystems. For this paper, two low-cost handheld microscopes with special lighting conditions were used to capture real and fake fingerprints, obtaining a total of 7704 images from 17 subjects. After several analyses of wavelengths and classification, it was concluded that only one of the wavelengths is already enough to obtain a very low error rate compared with other solutions: an attack presentation classification error rate of 1.78% and a bona fide presentation classification error rate (BPCER) of 1.33%, even including non-conformant fingerprints in the database. On a specific wavelength, a BPCER of 0% was achieved (having 1926 samples). Thus, the solution can be low cost and efficient. The evaluation and reporting were done following ISO/IEC 30107-3

Dedicated hardware IP module for extracting singular points from fingerprints

In this paper a new digital dedicated hardware IP module for extracting singular points from fingerprints is presented (in particular convex cores). This module comprises four main blocks that implement an image directional extraction, a smoothing process, singular point detection and finally, a post processing to obtain the exact location of the singular point. A Verilog HDL description has been developed for this solution. The description has been synthesized and implemented in FPGAs from Xilinx

An Image Based Approach of IRIS Recognition for Person Identification using Segmentation Algorithm

A biometric system gives automatic identification of an individual based on a unique feature or characteristic possessed by the individual. Iris recognition system is regarded as the most reliable and accurate biometric identification system available. Also, Iris recognition is considered to be the most reliable and accurate biometric identification system present. Iris recognition system captures an image of an individual’s eye, the iris in the image is then meant for the segmentation and normalization for extracting its features. The performance of iris recognition systems mainly depends on the segmentation. Segmentation is used for the localization of the correct iris region in the particular region of an eye and it should be done accurately and correctly to remove the eyelids, eyelashes, reection and pupil noises present in iris region. Iris images are selected from the Database, then the iris and pupil boundary is detected from rest of the eye image,by removing the noises. The segmented iris region was normalized to compress the dimensional inconsistencies between two iris regions by using Then the features of the iris were encoded by convolving the normalized iris. The Hamming distance was chosen as a matching metric parameter, which gave the measure of how many bits disagreed between the templates of the iris

Network Interface Design for Network-on-Chip

In the culture of globalized integrated circuit (IC, a.k.a chip) production, the use of Intellectual Property (IP) cores, computer aided design tools (CAD) and testing services from un-trusted vendors are prevalent to reduce the time to market. Unfortunately, the globalized business model potentially creates opportunities for hardware tampering and modification from adversary, and this tampering is known as hardware Trojan (HT). Network-on-chip (NoC) has emerged as an efficient on-chip communication infrastructure. In this work, the security aspects of NoC network interface (NI), one of the most critical components in NoC will be investigated and presented. Particularly, the NI design, hardware attack models and countermeasures for NI in a NoC system are explored. An OCP compatible NI is implemented in an IBM0.18ìm CMOS technology. The synthesis results are presented and compared with existing literature. Second, comprehensive hardware attack models targeted for NI are presented from system level to circuit level. The impact of hardware Trojans on NoC functionality and performance are evaluated. Finally, a countermeasure method is proposed to address the hardware attacks in NIs

Utilizing ECG Waveform Features as New Biometric Authentication Method

In this study, we are proposing a practical way for human identification based on a new biometric method. The new method is built on the use of the electrocardiogram (ECG) signal waveform features, which are produced from the process of acquiring electrical activities of the heart by using electrodes placed on the body. This process is launched over a period of time by using a recording device to read and store the ECG signal. On the contrary of other biometrics method like voice, fingerprint and iris scan, ECG signal cannot be copied or manipulated. The first operation for our system is to record a portion of 30 seconds out of whole ECG signal of a certain user in order to register it as user template in the system. Then the system will take 7 to 9 seconds in authenticating the template using template matching techniques. 44 subjects‟ raw ECG data were downloaded from Physionet website repository. We used a template matching technique for the authentication process and Linear SVM algorithm for the classification task. The accuracy rate was 97.2% for the authentication process and 98.6% for the classification task; with false acceptance rate 1.21%

A Pervasive Computational Intelligence based Cognitive Security Co-design Framework for Hype-connected Embedded Industrial IoT

The amplified connectivity of routine IoT entities can expose various security trajectories for cybercriminals to execute malevolent attacks. These dangers are even amplified by the source limitations and heterogeneity of low-budget IoT/IIoT nodes, which create existing multitude-centered and fixed perimeter-oriented security tools inappropriate for vibrant IoT settings. The offered emulation assessment exemplifies the remunerations of implementing context aware co-design oriented cognitive security method in assimilated IIoT settings and delivers exciting understandings in the strategy execution to drive forthcoming study. The innovative features of our system is in its capability to get by with irregular system connectivity as well as node limitations in terms of scares computational ability, limited buffer (at edge node), and finite energy. Based on real-time analytical data, projected scheme select the paramount probable end-to-end security system possibility that ties with an agreed set of node constraints. The paper achieves its goals by recognizing some gaps in the security explicit to node subclass that is vital to our system’s operations

Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions