| Enhanced Fingerprint System with User Password Version 0 |
|
| 👤 Author: by as17744 2018-01-07 00:23:17 |
User authentication based on biometric system has several advantages over traditional systems which are only password-based. This architecture, known as fingerprint-cryptosystem has cryptography and fingerprint merged together, that securely stores the private key for cryptosystem. The private key of AES system is 128 bit long and is usually alphanumeric. Thus for a user to remember such a long password is cumbersome, hence a system called Fuzzy Vault exist which securely stores the private key. This architecture makes use of fingerprint features know as minutia points. Minutia points are evaluated on polynomial, whose coefficients are the secret key which is to be stored securely. Thus the evaluated values and the minutia points are stored securely in vault. The security of this system depends on the infeasibility of the polynomial reconstruction problem. This paper proposes a second layer of protection using password generated from user, which further does a logical xor computations. This paper thus suggests that even if biometric feature is compromised, without the user password, an attacker won’t have access to vault. Thus to get access to the private key, an attacker must have access both to fingerprint and user password, to securely retrieve the key.
In cryptography, using one or more keys, plain text can be converted to cipher text. The cipher text cannot be decrypted without knowing the correct keys for decryption. Thus cipher text is secure even if attacker has access to cipher text, because he cannot access secure information. Current cryptographic algorithms such as Data Encryption Standard (DES), Advanced Encryption Standard (AES), and RSA have high security encryption system, but they suffer from key management problem. These keys are required to be very long and random for high security. Say 128 bits for AES, makes it impossible for users to memorize the keys. So the security provided by the algorithm will be jeopardized if this secret private key is compromised.
The biometric-crypto system consisting of biometric sys-tem and a cryptographic system has emerged and they are of two modes: (i) biometric based key release, where the biometric matching is decoupled from the coupling part. If biometric matching happens; cryptographic key is released. (ii) Biometric based key generation, where the cryptography and biometrics are combined together at much deeper level. Our system focuses more on the biometric based key generation system .The biometric based key generation is implemented using fuzzy vault schema proposed by Jules and Sudan. It works as described. Alex can secure his secret private key in a vault and lock it using a set A which is unordered. Suppose if set A (-3, 1, 2) indicates same information as the set B (2, 1,-3), then it can be defined as an unordered set. Rick can unlock the vault with unordered set B, only if both set overlaps more than the minimum threshold. This threshold varies according to each system. The procedure for constructing fuzzy vault is as follows. First, to encode the secret key, k, Alex decides on the polynomial p with variable x. Each digit of the secret key is taken as the coefficient of polynomial p in order. For each unordered element polynomial projection, p (A) is computed. In the next step some random chaff points are added that do not lie on p.
Simple numerical example can be used to explain this process. Alex selects a polynomial p(x) such that ,p(x)=3x2-2x+1, where coefficients of polynomial are (3,-2,1) which forms the secret key, k. Consider A=(-1,2,1,3) produce the polynomial projects in the form of (A, p(A)) which will result into (-1,6),(2,9),(1,2),(1,22).To this chaff points are added which do not coincide with the existing (A, p(A)) points such as (0,2),(1,0).The main advantage of this system is as we increase the number of chaff points the security of the system is enhanced. The final unordered set will be R=(-1,6),(2,9), (0,2),(1,0),(1,2),(1,22).Once Rick can find at least 3 points from the set R, he can reconstruct the polynomial p. Hence decode the secret key represented by polynomial coefficients as (3,-2, 1), or else he will not be able to decode it.
The fuzzy vault scheme security depends on the infeasibility of polynomial reconstruction problem if sufficient matching points are not found (i.e. if matching (A, p (A)) are not found by Rick, access to secret key, k is not possible).But since the fuzzy vault scheme can tolerate the difference between the coordinates that encrypt and decrypt the vault, i.e. The entities used to encrypt the lock need not be completely exactly same as that of used for decrypting the lock, hence named it as fuzzy vault system.
> Computer and Education