biometrics amp security
play

Biometrics & Security Seminar Fingerprint-based Fuzzy Vault: - PowerPoint PPT Presentation

Mar 03, 2024 •328 likes •831 views

Biometrics & Security Seminar Fingerprint-based Fuzzy Vault: Implementation and Performance Based on the journal article of K. Nandakumar, A. K. Jain and S. Pankanti Presenter: Marko Pascan Seminar instructors: Laila El Aimani and Deniz

  1. Biometrics & Security Seminar Fingerprint-based Fuzzy Vault: Implementation and Performance Based on the journal article of K. Nandakumar, A. K. Jain and S. Pankanti Presenter: Marko Pascan Seminar instructors: Laila El Aimani and Deniz Sarier B-IT Bonn, 14.12.2009

  2. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  3. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  4. Cryptography Vs Biometric Cryptosystems Traditional cryptography   Widely used, high, proven security  Assumption : cryptographic keys are only known to legitimate user (keys must be kept secret)  AES, RSA, ...  Encryption: C = E KE (P) (P-plain text, KE-encryption key)  Decryption: P = D KD (C) (C-cipher text, KD-decryption key)  Need long keys, e.g. 128 bits for AES  Main challenge : maintain the secrecy of the keys  Store keys in a secure location, use alternative auth. mechanism (e.g. password based auth.) to control access to keys  Problem : passwords stolen or forgotten  Password problem:  Simple password: easy to remember, compromise security  Complex password: difficult to remember, expensive to maintain [1]

  5. Cryptography Vs Biometric Cryptosystems (contd.)  Alternative: biometric authentication  Identity established based on anatomical and behavioral traits: face, fingerprint, speech (voice), eye (iris), hand, etc  Stronger: biometric traits cannot be lost or forgotten Biometric Cryptosystems Biometrics Cryptography

  6. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  7. Motivation for Fuzzy Vault  Security and privacy of biometric systems major issue  How robust is the system against attacks?  What happens if biometric template is stolen?  Can privacy of the users be preserved when a security breach occurs?  Protect the user template (stored locally or centrally)  Need method that can compensate for intra- class variations in the biometric data (samples of biometric traits obtained over a period of time): different angles, amounts of pressure, chapped skin, etc.

  8. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  9. Background and Definitions  Fingerprint  Unique, immutable for each individual  Made of a series of ridges and furrows on the surface of the finger  Uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points  Minutiae points are local ridge characteristics that occur at either a ridge bifurcation or a ridge ending. y x Matching of two fingerprints. Illustration of Input fingerprint Fingerprint with minutiae intra-class variability [2]

  10. Background and Definitions (contd.)  Finite Field (Algebra)  Galois field -a field that contains finitely many elements  Example: Galois Field with (cardinality) 65536 elements: F = GF (2 16 )  In presented implementation of fuzzy vault arithmetic is done in GF (2 16 )  CRC (Cyclic Redundancy Check)  Hash-function used to detect accidental changes in raw data  In presented implementation of fuzzy vault 16-bit CRC code was used (CRC-16)  Unordered sets  Relative positions of set elements do not change the characteristics of the set, i.e. {2, -5, 1} conveys the same information as {-5, 1, 2}

  11. Background and Definitions (contd.)  Lagrange Interpolation  Interpolating set of data points with a interpolation polynomial in Lagrange form (Lagrange polynomial)  Formally: given a set of k +1 data points ( x 0 , y 0 ),..., (x k , y k ), where no two x j are the same, interpolation polynomial in the Lagrange form is linear combination of Lagrange basis polynomials:

  12. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  13. Fuzzy Vault  Introduced by Juels and Sudan (2002)  Cryptographic construction designed to work with (biometric) features represented as unordered sets  In brief:  Alice places a secret K in a vault and locks it with unordered set A  Bob uses an unordered set B to unlock the vault and access K Successful iff B and A overlap substantially [1]

  14. Fuzzy Vault: Example 1 Alice selects a polynomial p of variable x that encodes secret k 1 (e.g fixes coefficients of p according to k ) k = (1, -3, 1), she chooses deg (p) =2: p (x) = x 2 - 3x + 1 Alice's unordered set: A = {-1, -2, 3, 2} 2 Alice computes the polynomial projections of A: 3 {A, p (A)} = {(-1,5),(-2,11),(3,1), (2,-1)} She adds some (let's say 2) randomly generated chaff points 4 that do not lie on p: C = {(0,2), (1,0)} Final point set R = {(-1,5),(-2,11),(3,1), (2,-1), (0,2), (1,0)} 5 Bob has unordered set B = {4, 2, -2, 3}. To access secret k he 6 needs to separate 3 (deg (p) + 1) genuine points from R to reconstruct p A ∩ B = {-2, 3, 2}, which is substantial overlap 7

  15. Fuzzy Vault (contd.) Security is based on infeasibility of polynomial  reconstruction problem Definition: Polynomial Reconstruction Problem 〈 i , y i 〉 } i=1..n , and Given a set of points in a finite field { x parameters n, k and w, output any polynomial p such that degree of p is less then k and p(x i )=y i for at least n-w values of index i. [3] Differently put: solve for the degree D polynomial P, given  D+1 points passing through it A genuine finger can separate at least D + 1 genuine  points from chaff points and use them to reconstruct P

  16. Fuzzy Vault: Parameters  r – number of points in the vault that lie on the polynomial p  e.g number of minutiae that can be extracted from fingerprint  s – number of chaff points -> security of the vault  n – degree of polynomial p -> tolerance to errors in biometric data

  17. Contents  Cryptography Vs Biometric Cryptosystems  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  18. Fingerprint Fuzzy Vault  Fuzzy vault operating on the fingerprint minutiae features  Minutiae represented as triplet ( u, v, Θ )  Fuzziness from the variability of biometric data  Requires pre-aligned biometric templates or alignment during decoding of fuzzy vault  Pre-aligned biometric templates non-realistic v assumption u

  19. Fingerprint Fuzzy Vault: Example [5]

  20. Contents  Cryptography Vs Biometric Cryptosystems  Biometric Cryptosystem Modes  Motivation for Fuzzy Vault  Background and Definitions  Fuzzy Vault  Fingerprint Fuzzy Vault  Proposed Implementation  Helper Data and Fingerprint alignment  Experimental Results  Vulnerability of Fuzzy Vault  Conclusion

  21. Proposed Implementation  Uses both location of minutiae points in the image (u,v) and orientation attribute ( Θ ) -> more chaff points possible (harder to decode by attacker)  u,v – indicate the row and the column indicies in the image  Θ – orientation of the minutiae with respect to the horizontal axis (1 < Θ < 360 )  Generate several candidate secrets (Lagrange interpolation) and use CRC to detect correct polynomial  Template and query automatically aligned before decoding (helper data)  Higher computational cost – large number of interpolations

  22. Vault Encoding 1 Obtain template minutiae set M T = {m i T }, i = 1, .., N T  N T - number of minutiae in T  Estimate quality of each minutia in T -> q T = {q(m i T )}, i = 1, .., N T  Quality index in spatial domain: partition given image into a lattice of blocks  b x b. Estimates the local coherence of gradients (gray) in non- overlapping blocks [6] Extract helper data (explained later) => template helper data H T 

  23. Vault Encoding (contd.) 2 Sort minutiae based on their quality, select best-quality minutiae  Select only well-separated minutiae (unique values in field F ) – minimal  distance is greater then some threshold δ 1 (configurable) where Δ(Θ i , Θ j ) = min (|Θ i , Θ j |, 360 - |Θ i , Θ j |) , β M =0.2 (determined empirically in order to eliminate as many chaff points as possible when unlocking) Selected minutiae: SM T = {m j T }, j=1, .., r  Possible failure to capture (FTC) error if N T < r 

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security WS 06/07 Seminar Prof. Dr.-Ing. Jana Dittmann &amp; Dr.-Ing. Claus Vielhauer with support from Tobias Scheidat

419 views • 16 slides
CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something

CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something

CSCI E-170: Computer Security, Privacy and Usability Hour #2: Biometrics Biometrics Something that you know Something that you have Something that you are Uses of Biometrics: Simple: Verification Is this who he claims to be?

592 views • 40 slides
P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d

P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d

P Protected biometrics for Identity Trust Protected biometrics for Identity Trust P t t t d bi t d bi t i t i f f Id Id tit T tit T t t RISE - Awareness of Biometrics and Security Ethics y By Nicolas DELVAUX

625 views • 20 slides
GA10 People and Security Lecture 3: Biometrics Applying risk analysis Goals of this lecture

GA10 People and Security Lecture 3: Biometrics Applying risk analysis Goals of this lecture

GA10 People and Security Lecture 3: Biometrics Applying risk analysis Goals of this lecture Brief introduction to biometrics Context: ICAO,US Visit and the ID cards programme Issues with current equipment Performance

654 views • 52 slides
Biometrics &amp; Privacy Stefan Katzenbeisser Security Engineering Group Technische Universitt

Biometrics &amp; Privacy Stefan Katzenbeisser Security Engineering Group Technische Universitt

Biometrics &amp; Privacy Stefan Katzenbeisser Security Engineering Group Technische Universitt Darmstadt skatzenbeisser@acm.org http://www.seceng.informatik.tu-darmstadt.de 1 Biometrics Goal : Identification of people through

286 views • 14 slides
BIOMETRICS Security Systems 5338025 Hyungseok C. 5418102 Wooram L. 5655248 Jutamas T.

BIOMETRICS Security Systems 5338025 Hyungseok C. 5418102 Wooram L. 5655248 Jutamas T.

BIS4857 Internet Security BIOMETRICS Security Systems 5338025 Hyungseok C. 5418102 Wooram L. 5655248 Jutamas T. CONTENTS What is Biometric Security System? Evolution of Biometric Security Systems Types of Biometric Security

783 views • 29 slides
Biometrics Outline Biometrics What is a Biometric Signature? What is an Authentication

Biometrics Outline Biometrics What is a Biometric Signature? What is an Authentication

Biometrics Outline Biometrics What is a Biometric Signature? What is an Authentication System? How does a Biometric System work? Biometric Comparisons Types of Biometrics Fingerprint-Scan Iris-Scan 2 BIOMETRICS

568 views • 36 slides
Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der

Helper data schemes for privacy-preserving biometrics Boris kori TU Eindhoven van der Meulen seminar Leuven, December 2011 1 Outline Security with noisy data - biometrics &amp; privacy - Physical Unclonable Functions (PUFs)

828 views • 39 slides
CSCE 790 Computer Systems Security Biometrics (Something You Are) Professor Qiang Zeng

CSCE 790 Computer Systems Security Biometrics (Something You Are) Professor Qiang Zeng

CSCE 790 Computer Systems Security Biometrics (Something You Are) Professor Qiang Zeng Spring 2020 Previous Class Credentials Something you know (Knowledge factors) Something you have (Possession factors) Something

506 views • 24 slides
CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 9b: Mobile Security and Mobile Measurements Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g. 1234) or do

827 views • 54 slides
CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements

CS 528 Mobile and Ubiquitous Computing Lecture 10b: Mobile Security and Mobile Measurements Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g. 1234) or do

780 views • 54 slides
CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software

CS 528 Mobile and Ubiquitous Computing Lecture 11b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords (e.g.

506 views • 34 slides
SSB AND BIOMETRICS: SAFEGUARDING YOUR IDENTITY AND YOUR MONEY October 2019 Social Security

SSB AND BIOMETRICS: SAFEGUARDING YOUR IDENTITY AND YOUR MONEY October 2019 Social Security

SSB AND BIOMETRICS: SAFEGUARDING YOUR IDENTITY AND YOUR MONEY October 2019 Social Security Board: Safeguarding YOU, your FAMILY, your FUTURE! What is Biometrics Anyways? Social Security Board: Safeguarding You, your Family, your Future!

813 views • 31 slides
Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software

Mobile and Ubiquitous Computing on Smartphones Lecture 10b: Mobile Security and Mobile Software Vulnerabilities Emmanuel Agu Authentication using Biometrics Biometrics Passwords tough to remember, manage Many users have simple passwords

520 views • 38 slides
Mobile Biometrics: Trends and Issues Jan. 11. 2017 Jaihie Kim Yonsei University Outlines 1

Mobile Biometrics: Trends and Issues Jan. 11. 2017 Jaihie Kim Yonsei University Outlines 1

Mobile Biometrics: Trends and Issues Jan. 11. 2017 Jaihie Kim Yonsei University Outlines 1 Biometrics Intro Mobile Biometrics: for you 2 3 Mobile Biometrics: for me Issues in Mobile Biometrics 4 Concluding Remarks 5 1. Why

849 views • 74 slides
Usable Biometrics Joshua Debner What kind of Biometrics? Physiological - Body Parts

Usable Biometrics Joshua Debner What kind of Biometrics? Physiological - Body Parts

Usable Biometrics Joshua Debner What kind of Biometrics? Physiological - Body Parts Specifically What Kind? Technologies dealing with your face... Facial Recognition Iris Recognition Retinal Scan Biometric Requirements FAR / FMR FRR /

415 views • 18 slides
Port of a fixed point MPEG2-AAC encoder on a ARM platform Romain Pagniez University College

Port of a fixed point MPEG2-AAC encoder on a ARM platform Romain Pagniez University College

Port of a fixed point MPEG2-AAC encoder on a ARM platform Romain Pagniez University College Dublin Information Hiding Laboratory Department of Computer Science Belfield, Dublin 4 Ireland http://ihl.ucd.ie/ UCD, August 2004 Overview

574 views • 23 slides
Causal Reasoning in SDNs (NetKAT) Georgiana Caltais, University of Konstanz Shonan Seminar

Causal Reasoning in SDNs (NetKAT) Georgiana Caltais, University of Konstanz Shonan Seminar

Causal Reasoning in SDNs (NetKAT) Georgiana Caltais, University of Konstanz Shonan Seminar -Causal Reasoning in Systems 24-27 June, 2019 1 Outline 1. NetKAT - the Language 2. Reasoning &amp; Verification 3. Towards a Framework for

600 views • 31 slides
OpenCL-Based Erasure Coding on Heterogeneous Architectures Guoyang Chen, Huiyang Zhou, Xipeng

OpenCL-Based Erasure Coding on Heterogeneous Architectures Guoyang Chen, Huiyang Zhou, Xipeng

OpenCL-Based Erasure Coding on Heterogeneous Architectures Guoyang Chen, Huiyang Zhou, Xipeng Shen, (North Carolina State University) Josh Gahm, Narayan Venkat, Skip Booth, John Marshall (Cisco Systems, Inc) Email: gchen11@ncsu.edu 1

268 views • 26 slides
Sign Languages Mary Edward 1 and Pamela Perniss 2 1 University of Brighton (UK) 2 University of

Sign Languages Mary Edward 1 and Pamela Perniss 2 1 University of Brighton (UK) 2 University of

Encoding spatial information in two sign languages: A Comparison of Ghanaian (GSL) and Adamorobe (AdaSL) Sign Languages Mary Edward 1 and Pamela Perniss 2 1 University of Brighton (UK) 2 University of Cologne (Germany) 1 Vis isual Spatial

479 views • 24 slides
ARCNET Tutorial What is ARCNET? Attached Resource Computer NETwork Token-Passing Local

ARCNET Tutorial What is ARCNET? Attached Resource Computer NETwork Token-Passing Local

ARCNET Tutorial What is ARCNET? Attached Resource Computer NETwork Token-Passing Local Area Network (LAN) Originally 2.5 Mbps data rate 255 Nodes or Stations Variable Packet Length Bus or Distributed Star Wiring Unicast

818 views • 40 slides
P1722 Presentation Time Craig Gunther (cgunther@harman.com) October, 2007 18 October 2007 1

P1722 Presentation Time Craig Gunther (cgunther@harman.com) October, 2007 18 October 2007 1

P1722 Presentation Time Craig Gunther (cgunther@harman.com) October, 2007 18 October 2007 1 P1722 Presentation Time Topics Recommendations Existing PT Definition Proposed PT Definition 61883-6 Audio Format (example)

268 views • 26 slides
Unicode Character Code A character is the smallest possible component of a tex t (e.g., A,

Unicode Character Code A character is the smallest possible component of a tex t (e.g., A,

Unicode Character Code A character is the smallest possible component of a tex t (e.g., A, B, and ) that has semantic value. Even the extended (8 bit) version of ASCII is not enough for international use. The Unicode

315 views • 14 slides
Reducing the Cost of Probabilistic Knowledge Compilation Giso H. Dal, Steffen Michels and Peter

Reducing the Cost of Probabilistic Knowledge Compilation Giso H. Dal, Steffen Michels and Peter

Reducing the Cost of Probabilistic Knowledge Compilation Giso H. Dal, Steffen Michels and Peter J.F. Lucas Radboud University, Nijmegen (The Netherlands) Outline The Problem 1 Exact Inference by Weighted Model Counting 2 Bayesian Networks

440 views • 30 slides

More recommend