A secure Crypto-biometric verification protocol
Download as PPT, PDF6 likes2,660 views
This document describes blind authentication, a secure crypto-biometric verification protocol. It discusses privacy concerns with traditional biometric systems and introduces blind authentication as a way to conduct biometric verification without revealing biometric samples or classifier details. The key features of blind authentication are described, including how enrollment and authentication work based on homomorphic encryption. Experimental results demonstrate the efficiency and accuracy of the proposed approach.
A secure Crypto-biometric verification protocol
- 1. BLIND AUTHENTICATION: A SECURE CRYPTO-BIOMETRIC VERIFICATION PROTOCOL Nishmitha.B
- 2. CONTENTS 1. Biometrics 2. Biometric Authentication System 3. Comparison of Biometric systems 4. Privacy concerns in Biometric systems 5. What is Blind Authentication? 6. Previous work 7. Features of Blind Authentication 8. Enrollment 9. Authentication 10. Security, Privacy and Trust 11. Extensions to Kernels and Neural networks 12. Blind Secure Product Protocol 13. Implementation and analysis 14. Advantages 15. Conclusion
- 3. BIOMETRICS A biometric is a physiological or behavioral characteristic of a human being that can distinguish one person from another and that theoretically can be used for identification or verification of identity.
- 4. AUTHENTICATION WHAT YOU KNOW? WHAT YOU HAVE? WHAT YOU ARE?
- 6. COMPARISON OF BIOMETRIC SYSTEMS PHYSIOLOGICAL BIOMETRICS 1. Fingerprint recognition a) No two persons share the same fingerprints b) Can go for thermal sensing, optical sensing, capacitance sensing, ultrasound sensing etc. c) Wet, dry, or dirty skin may create problems 2. Face Recognition a) One of the most acceptable biometrics b) Not accurate and dependable
- 7. 3. Hand Geometry a) Include length and width of fingers, different aspect ratios of palm and fingers, thickness and width of the palm etc. b) Existing hand geometry systems mostly use images of the hand 4. Iris Recognition a) Reliable and accurate b) Believed to be unique in every individual c) Not work for people who are missing both eyes or who have serious eye illnesses that affect the iris.
- 8. BEHAVIORAL BIOMETRICS 1. Signature a) High degree of acceptance b) Signatures lack permanence c) Static signature verification systems & Dynamic signature verification systems 2. Voice a) Depend on numerous characteristics of a human voice to identify the speaker b) Does not require expensive input devices c) Issues- may skillfully imitate others' voices, record and replay attacks
- 9. Primary Concerns in a Biometric System Template Protection User's privacy Trust between user and server Network security
- 10. What is Blind Authentication? A blind authentication protocol that does not reveal any: information about the biometric samples to the authenticating server. information regarding the classifier, employed by the server, to the user or client
- 11. PREVIOUS WORK Categorization of template protection schemes by Jain
- 12. SALTING Design a classifier in the encrypted feature space Specific to a biometric trait Security using a transformation function seeded by a user specific key Do not offer well defined security NON-INVERTIBLE TRANSFORM Apply non-invertible function on the biometric template Key must be available at the time of transformation Eg. Robust hashing, Cancelable templates KEY BINDING AND KEY GENERATION Integrate the advantages of biometrics and cryptography Using the biometric as a protection for the secret key or to generate secret key
- 13. FEATURES OF BLIND AUTHENTICATION Strong encryption Non-repudiable authentication Protection against replay and client-side attacks Revocability
- 14. ENROLLMENT Enrollment based on a trusted third party(TTP): At the time of registering with a website, the encrypted version of the user’s biometric template is made available to the website. The one-time classifier training is done on the plain biometrics, and hence requires a trusted server to handle training.
- 15. AUTHENTICATION Blind Authentication Process: Linear kernel computation for encrypted feature vectors. At no point, the identity vectors x, w or the intermediate results xi · wi is revealed to anyone.
- 16. SECURITY PRIVACY AND TRUST SYSTEM SECURITY Server Security Client Security Network Security PRIVACY Concern of revealing personal information
- 17. Server security Hacker gains access to the template database Hacker is in the database server during the authentication Impostor trying blind attacks from a remote machine Client security Hacker gains access to the user’s biometric or private key Passive attack at the user’s computer Network Security Attacker gains access to the network
- 18. PRIVACY Concern of revealing personal information-Template is never revealed to the server Concern of being tracked-Use different keys for different applications
- 19. EXTENSIONS TO KERNELS AND NEURAL NETWORKS Kernel based classifier uses a discriminating function like Similarly, in Neural Network the basic units are, for example perceptron and sigmoid Model above functions as arithmetic circuits consisting of add and multiplication gates over a finite domain. Consider two encryptions E+ and E*
- 20. BLIND SECURE PRODUCT PROTOCOL Receive from client Server computes kn+k random numbers such that Server computes and send it to the client.Client decrypts it. Client computes to the server Server computes Send
- 21. IMPLEMENTATION AND ANALYSIS Experiments designed to evaluate the efficiency and accuracy of proposed approach. For evaluation, an SVM based verifier based on client- server architecture was implemented. Verification time for various key sizes and feature vector lengths Variation of accuracy w.r.t. The precisionof representation
- 22. ROC CURVES FOR VERIFICATION
- 23. ADVANTAGES OF BLIND AUTHENTICATION Fast and Provably Secure authentication without trading off accuracy. Supports generic classifiers such as Neural Network and SVMs. Useful with wide variety of fixed-length biometric- traits. Ideal for applications such as biometric ATMs, login from public terminals.
- 24. CONCLUSION Verification can be done in real-time with the help of available hardware Keep the interaction between the user and the server to a minimum Extensions to this work includes secure enrollment protocols and encryption methods to reduce computations Dynamic warping based matching of variable length feature vectors can further enhance the utility of the approach
- 25. REFERENCES N. K. Ratha, J. H. Connell, and R. M. Bolle, “Enhancing security and privacy in biometrics-based authentication systems” Maneesh Upmanyu, Anoop M. Namboodiri, K. Srinathan and C.V. Jawahar,“Blind authentication: A secure crypto-biometric verification protocol”