A Review on Noisy Password, Voiceprint Biometric and One-Time-Password

AbstractIn this paper, we review the Noisy password, Voiceprint biometric and One-Time-Password. The most common method used for authentication is static passwords. The traditional passwords are vulnerable to dictionary attacks, shoulder surfing and eves dropping. The noisy passwords can be used as an alternative to the static password. The noisy password attempts to mitigate above mentioned problems. The biometric technique like fingerprints, palm-vein scan, etc. can be used for personal recognition. But as compared to other biometric, Voiceprint requires less implementation cost. E-commerce application uses One-Time-Password to perform E-transaction. Hence it becomes necessary to provide security while transmitting the OTP

Secure E- Commerce Transaction using Noisy Password with Voiceprint and OTP

E-Commerce application is used for trading products by using communication technology. To protect customer's privacy and against fraud, special attention must be given to the issues related to security of e-commerce transactions. Web application uses traditional passwords which are vulnerable to replay attack. To overcome this problem OTP mechanism is used. Biometric technique measures unique individual features of user for personal recognition. In this paper, we have implemented a new password technique, i.e. Noisy Password to protect against attacks like shoulder surfing, key loggers, etc. The proposed idea is to use biometric with cryptography to enhance security of OTP

Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data

We provide formal definitions and efficient secure techniques for - turning noisy information into keys usable for any cryptographic application, and, in particular, - reliably and securely authenticating biometric data. Our techniques apply not just to biometric information, but to any keying material that, unlike traditional cryptographic keys, is (1) not reproducible precisely and (2) not distributed uniformly. We propose two primitives: a "fuzzy extractor" reliably extracts nearly uniform randomness R from its input; the extraction is error-tolerant in the sense that R will be the same even if the input changes, as long as it remains reasonably close to the original. Thus, R can be used as a key in a cryptographic application. A "secure sketch" produces public information about its input w that does not reveal w, and yet allows exact recovery of w given another value that is close to w. Thus, it can be used to reliably reproduce error-prone biometric inputs without incurring the security risk inherent in storing them. We define the primitives to be both formally secure and versatile, generalizing much prior work. In addition, we provide nearly optimal constructions of both primitives for various measures of ``closeness'' of input data, such as Hamming distance, edit distance, and set difference.Comment: 47 pp., 3 figures. Prelim. version in Eurocrypt 2004, Springer LNCS 3027, pp. 523-540. Differences from version 3: minor edits for grammar, clarity, and typo

A method of enciphering quantum states

In this paper, we propose a method of enciphering quantum states of two-state systems (qubits) for sending them in secrecy without entangled qubits shared by two legitimate users (Alice and Bob). This method has the following two properties. First, even if an eavesdropper (Eve) steals qubits, she can extract information from them with certain probability at most. Second, Alice and Bob can confirm that the qubits are transmitted between them correctly by measuring a signature. If Eve measures m qubits one by one from n enciphered qubits and sends alternative ones (the Intercept/Resend attack), a probability that Alice and Bob do not notice Eve's action is equal to (3/4)^m or less. Passwords for decryption and the signature are given by classical binary strings and they are disclosed through a public channel. Enciphering classical information by this method is equivalent to the one-time pad method with distributing a classical key (random binary string) by the BB84 protocol. If Eve takes away qubits, Alice and Bob lose the original quantum information. If we apply our method to a state in iteration, Eve's success probability decreases exponentially. We cannot examine security against the case that Eve makes an attack with using entanglement. This remains to be solved in the future.Comment: 21 pages, Latex2e, 10 epsf figures. v2: 22 pages, added two references, several clarifying sentences are added in Sec. 5, typos corrected, a new proof is provided in Appendix A and it is shorter than the old one. v3: 23 pages, one section is adde