biometrics amp security
play

Biometrics & Security Seminar Fingerprint-based Fuzzy Vault: - PowerPoint PPT Presentation

Mar 03, 2024 •328 likes •831 views

Biometrics & Security Seminar Fingerprint-based Fuzzy Vault: Implementation and Performance Based on the journal article of K. Nandakumar, A. K. Jain and S. Pankanti Presenter: Marko Pascan Seminar instructors: Laila El Aimani and Deniz

  1. Biometrics & Security Seminar Fingerprint-based Fuzzy Vault: Implementation and Performance Based on the journal article of K. Nandakumar, A. K. Jain and S. Pankanti Presenter: Marko Pascan Seminar instructors: Laila El Aimani and Deniz Sarier B-IT Bonn, 14.12.2009

  2. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  3. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  4. Cryptography Vs Biometric Cryptosystems Traditional cryptography   Widely used, high, proven security  Assumption : cryptographic keys are only known to legitimate user (keys must be kept secret)  AES, RSA, ...  Encryption: C = E KE (P) (P-plain text, KE-encryption key)  Decryption: P = D KD (C) (C-cipher text, KD-decryption key)  Need long keys, e.g. 128 bits for AES  Main challenge : maintain the secrecy of the keys  Store keys in a secure location, use alternative auth. mechanism (e.g. password based auth.) to control access to keys  Problem : passwords stolen or forgotten  Password problem:  Simple password: easy to remember, compromise security  Complex password: difficult to remember, expensive to maintain [1]

  5. Cryptography Vs Biometric Cryptosystems (contd.)  Alternative: biometric authentication  Identity established based on anatomical and behavioral traits: face, fingerprint, speech (voice), eye (iris), hand, etc  Stronger: biometric traits cannot be lost or forgotten Biometric Cryptosystems Biometrics Cryptography

  6. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  7. Motivation for Fuzzy Vault  Security and privacy of biometric systems major issue  How robust is the system against attacks?  What happens if biometric template is stolen?  Can privacy of the users be preserved when a security breach occurs?  Protect the user template (stored locally or centrally)  Need method that can compensate for intra- class variations in the biometric data (samples of biometric traits obtained over a period of time): different angles, amounts of pressure, chapped skin, etc.

  8. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  9. Background and Definitions  Fingerprint  Unique, immutable for each individual  Made of a series of ridges and furrows on the surface of the finger  Uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points  Minutiae points are local ridge characteristics that occur at either a ridge bifurcation or a ridge ending. y x Matching of two fingerprints. Illustration of Input fingerprint Fingerprint with minutiae intra-class variability [2]

  10. Background and Definitions (contd.)  Finite Field (Algebra)  Galois field -a field that contains finitely many elements  Example: Galois Field with (cardinality) 65536 elements: F = GF (2 16 )  In presented implementation of fuzzy vault arithmetic is done in GF (2 16 )  CRC (Cyclic Redundancy Check)  Hash-function used to detect accidental changes in raw data  In presented implementation of fuzzy vault 16-bit CRC code was used (CRC-16)  Unordered sets  Relative positions of set elements do not change the characteristics of the set, i.e. {2, -5, 1} conveys the same information as {-5, 1, 2}

  11. Background and Definitions (contd.)  Lagrange Interpolation  Interpolating set of data points with a interpolation polynomial in Lagrange form (Lagrange polynomial)  Formally: given a set of k +1 data points ( x 0 , y 0 ),..., (x k , y k ), where no two x j are the same, interpolation polynomial in the Lagrange form is linear combination of Lagrange basis polynomials:

  12. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  13. Fuzzy Vault  Introduced by Juels and Sudan (2002)  Cryptographic construction designed to work with (biometric) features represented as unordered sets  In brief:  Alice places a secret K in a vault and locks it with unordered set A  Bob uses an unordered set B to unlock the vault and access K Successful iff B and A overlap substantially [1]

  14. Fuzzy Vault: Example 1 Alice selects a polynomial p of variable x that encodes secret k 1 (e.g fixes coefficients of p according to k ) k = (1, -3, 1), she chooses deg (p) =2: p (x) = x 2 - 3x + 1 Alice's unordered set: A = {-1, -2, 3, 2} 2 Alice computes the polynomial projections of A: 3 {A, p (A)} = {(-1,5),(-2,11),(3,1), (2,-1)} She adds some (let's say 2) randomly generated chaff points 4 that do not lie on p: C = {(0,2), (1,0)} Final point set R = {(-1,5),(-2,11),(3,1), (2,-1), (0,2), (1,0)} 5 Bob has unordered set B = {4, 2, -2, 3}. To access secret k he 6 needs to separate 3 (deg (p) + 1) genuine points from R to reconstruct p A ∩ B = {-2, 3, 2}, which is substantial overlap 7

  15. Fuzzy Vault (contd.) Security is based on infeasibility of polynomial  reconstruction problem Definition: Polynomial Reconstruction Problem 〈 i , y i 〉 } i=1..n , and Given a set of points in a finite field { x parameters n, k and w, output any polynomial p such that degree of p is less then k and p(x i )=y i for at least n-w values of index i. [3] Differently put: solve for the degree D polynomial P, given  D+1 points passing through it A genuine finger can separate at least D + 1 genuine  points from chaff points and use them to reconstruct P

  16. Fuzzy Vault: Parameters  r – number of points in the vault that lie on the polynomial p  e.g number of minutiae that can be extracted from fingerprint  s – number of chaff points -> security of the vault  n – degree of polynomial p -> tolerance to errors in biometric data

  17. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  18. Fingerprint Fuzzy Vault  Fuzzy vault operating on the fingerprint minutiae features  Minutiae represented as triplet ( u, v, Θ )  Fuzziness from the variability of biometric data  Requires pre-aligned biometric templates or alignment during decoding of fuzzy vault  Pre-aligned biometric templates non-realistic v assumption u

  19. Fingerprint Fuzzy Vault: Example [5]

  20. Contents  Cryptography Vs Biometric Cryptosystems  Biometric Cryptosystem Modes  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  21. Proposed Implementation  Uses both location of minutiae points in the image (u,v) and orientation attribute ( Θ ) -> more chaff points possible (harder to decode by attacker)  u,v – indicate the row and the column indicies in the image  Θ – orientation of the minutiae with respect to the horizontal axis (1 < Θ < 360 )  Generate several candidate secrets (Lagrange interpolation) and use CRC to detect correct polynomial  Template and query automatically aligned before decoding (helper data)  Higher computational cost – large number of interpolations

  22. Vault Encoding 1 Obtain template minutiae set M T = {m i T }, i = 1, .., N T  N T - number of minutiae in T  Estimate quality of each minutia in T -> q T = {q(m i T )}, i = 1, .., N T  Quality index in spatial domain: partition given image into a lattice of blocks  b x b. Estimates the local coherence of gradients (gray) in non- overlapping blocks [6] Extract helper data (explained later) => template helper data H T 

  23. Vault Encoding (contd.) 2 Sort minutiae based on their quality, select best-quality minutiae  Select only well-separated minutiae (unique values in field F ) – minimal  distance is greater then some threshold δ 1 (configurable) where Δ(Θ i , Θ j ) = min (|Θ i , Θ j |, 360 - |Θ i , Θ j |) , β M =0.2 (determined empirically in order to eliminate as many chaff points as possible when unlocking) Selected minutiae: SM T = {m j T }, j=1, .., r  Possible failure to capture (FTC) error if N T < r 

Recommend

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security WS 06/07 Seminar Prof. Dr.-Ing. Jana Dittmann &amp; Dr.-Ing. Claus Vielhauer with support from Tobias Scheidat

419 views • 16 slides
CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something

CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something

CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something that you know Something that you have Something that you are Uses of Biometrics: Simple: Verification Is this who he claims to be?

592 views • 40 slides
P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d

P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d

P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d bi t d bi t i t i f f Id Id tit T tit T t t RISE - Awareness of Biometrics and Security Ethics y By Nicolas DELVAUX

625 views • 20 slides
GA10 People and Security Lecture 3: Biometrics Applying risk analysis Goals of this lecture

GA10 People and Security Lecture 3: Biometrics Applying risk analysis Goals of this lecture

GA10 People and Security Lecture 3: Biometrics Applying risk analysis Goals of this lecture Brief introduction to biometrics Context: ICAO,US Visit and the ID cards programme Issues with current equipment Performance

654 views • 52 slides
Biometrics &amp; Privacy Stefan Katzenbeisser Security Engineering Group Technische Universitt

Biometrics &amp; Privacy Stefan Katzenbeisser Security Engineering Group Technische Universitt

Biometrics &amp; Privacy Stefan Katzenbeisser Security Engineering Group Technische Universitt Darmstadt skatzenbeisser@acm.org http://www.seceng.informatik.tu-darmstadt.de 1 Biometrics Goal : Identification of people through

286 views • 14 slides
BIOMETRICS Security Systems 5338025 Hyungseok C. 5418102 Wooram L. 5655248 Jutamas T.

BIOMETRICS Security Systems 5338025 Hyungseok C. 5418102 Wooram L. 5655248 Jutamas T.

BIS4857 Internet Security BIOMETRICS Security Systems 5338025 Hyungseok C. 5418102 Wooram L. 5655248 Jutamas T. CONTENTS What is Biometric Security System? Evolution of Biometric Security Systems Types of Biometric Security

783 views • 29 slides
Biometrics Outline Biometrics What is a Biometric Signature? What is an Authentication

Biometrics Outline Biometrics What is a Biometric Signature? What is an Authentication

Biometrics Outline Biometrics What is a Biometric Signature? What is an Authentication System? How does a Biometric System work? Biometric Comparisons Types of Biometrics Fingerprint-Scan Iris-Scan 2 BIOMETRICS

568 views • 36 slides
Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der Meulen seminar Leuven, December 2011 1 Outline Security with noisy data - biometrics &amp; privacy - Physical Unclonable Functions (PUFs)

828 views • 39 slides
CSCE 790 Computer Systems Security Biometrics (Something You Are) Professor Qiang Zeng

CSCE 790 Computer Systems Security Biometrics (Something You Are) Professor Qiang Zeng

CSCE 790 Computer Systems Security Biometrics (Something You Are) Professor Qiang Zeng Spring 2020 Previous Class Credentials Something you know (Knowledge factors) Something you have (Possession factors) Something

506 views • 24 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g. 1234) or do

827 views • 54 slides
CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g. 1234) or do

780 views • 54 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g.

506 views • 34 slides
SSB AND BIOMETRICS: SAFEGUARDING YOUR IDENTITY AND YOUR MONEY October 2019 Social Security

SSB AND BIOMETRICS: SAFEGUARDING YOUR IDENTITY AND YOUR MONEY October 2019 Social Security

SSB AND BIOMETRICS: SAFEGUARDING YOUR IDENTITY AND YOUR MONEY October 2019 Social Security Board: Safeguarding YOU, your FAMILY, your FUTURE! What is Biometrics Anyways? Social Security Board: Safeguarding You, your Family, your Future!

813 views • 31 slides
Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords

520 views • 38 slides
Mobile Biometrics: Trends and Issues Jan. 11. 2017 Jaihie Kim Yonsei University Outlines 1

Mobile Biometrics: Trends and Issues Jan. 11. 2017 Jaihie Kim Yonsei University Outlines 1

Mobile Biometrics: Trends and Issues Jan. 11. 2017 Jaihie Kim Yonsei University Outlines 1 Biometrics Intro Mobile Biometrics: for you 2 3 Mobile Biometrics: for me Issues in Mobile Biometrics 4 Concluding Remarks 5 1. Why

849 views • 74 slides
Usable Biometrics Joshua Debner What kind of Biometrics? Physiological - Body Parts

Usable Biometrics Joshua Debner What kind of Biometrics? Physiological - Body Parts

Usable Biometrics Joshua Debner What kind of Biometrics? Physiological - Body Parts Specifically What Kind? Technologies dealing with your face... Facial Recognition Iris Recognition Retinal Scan Biometric Requirements FAR / FMR FRR /

415 views • 18 slides
Outline Privacy Protection for Biometrics Personal Background Threats of biometrics template

Outline Privacy Protection for Biometrics Personal Background Threats of biometrics template

Outline Privacy Protection for Biometrics Personal Background Threats of biometrics template leakage Authentication Systems Methods of template protection Implementation of template protection Kazuhiko Sumi Problems to be solved Graduate

362 views • 9 slides
Authentication: Beyond Passwords Prof. Tom Austin San Jos State University Biometrics

Authentication: Beyond Passwords Prof. Tom Austin San Jos State University Biometrics

CS 166: Information Security Authentication: Beyond Passwords Prof. Tom Austin San Jos State University Biometrics Something You Are Biometric You are your key Schneier Examples Fingerprint Are Handwritten

800 views • 32 slides
BHF Conference 1 | MORPHO RESTRICTED QUESTION Why is Biometrics use so crucial to the

BHF Conference 1 | MORPHO RESTRICTED QUESTION Why is Biometrics use so crucial to the

Biometrics in HEALTHCARE CAPE TOWN, 18 July 2017 Positively Identifying Patient and Managing Membership Efficiently BHF Conference 1 | MORPHO RESTRICTED QUESTION Why is Biometrics use so crucial to the Healthcare sector? ANSWER Lets

583 views • 21 slides
Soft Biometrics and Continuous Authentication DR. TERENCE SIM SCHOOL OF COMPUTING NATIONAL

Soft Biometrics and Continuous Authentication DR. TERENCE SIM SCHOOL OF COMPUTING NATIONAL

Soft Biometrics and Continuous Authentication DR. TERENCE SIM SCHOOL OF COMPUTING NATIONAL UNIVERSITY OF SINGAPORE Brief Bio Associate Professor &amp; Vice Dean Research: face recognition, biometrics, computational photography PhD

1.01k views • 73 slides
Recognize people by the way they type Typing Biometrics Authentication Cybercrime &amp; identity

Recognize people by the way they type Typing Biometrics Authentication Cybercrime &amp; identity

Typing Biometrics Authentication Recognize people by the way they type Typing Biometrics Authentication Cybercrime &amp; identity theft 17 million victims $30 billion / year Typing Biometrics Authentication The way you type is unique Typing

143 views • 10 slides
from Biometrics Benjamin Fuller, Boston University/MIT Lincoln Laboratory Privacy Enhancing

from Biometrics Benjamin Fuller, Boston University/MIT Lincoln Laboratory Privacy Enhancing

Strong Key Derivation from Biometrics Benjamin Fuller, Boston University/MIT Lincoln Laboratory Privacy Enhancing Technologies for Biometrics, Haifa January 15, 2015 Based on three works: Computational Fuzzy Extractors [FullerMengReyzin13]

1.44k views • 55 slides
Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My

Privacy-preserving Biometrics in practice: diffjcult to sell Carmela Troncoso (Gradiant) My experience with biometrics and privacy Academic background on privacy Gradiants goal: transfer of knowledge to industry We bring state of

193 views • 6 slides
Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB

Cryptech The Open Hardware Security Module Platform Joachim Strmbergson ::1 Assured AB https://github.com/secworks IT security Embedded systems ASIC, FPGA Biometrics Open Crypto Hardware CPU design Assembly hacking Hardware Security

896 views • 50 slides

More recommend