Fingerprint based multi-server authentication system

Fingerprint is the most widely used biometric authentication system for server based architecture. To prevent the intruder's attacks in a network server both offline and online finger system is the method to improve security and accuracy. In the existing password based systems were designed over a single server, where each user shares a password or some password verification data with a single authentication server. Once an authentication server is compromised, the attackers perform an offline dictionary attacks against the user passwords. The principle is distributing the password database as well as the authentication function to multiple servers, so that an attacker is force to compromise several servers to be successful in offline dictionary attacks. In this system front-end service server interact directly with user and control server behind; it can be robust for the exiting server with biometric features without any additional computation. Here we used fingerprint based authentication system and use some image processing steps to extract finger features for measurements and a new scheme for the identification of a user joining a closed network based on cryptography. The implementation of this new scheme uses elliptical curve based key generation.

[1]  Ari Juels,et al.  A New Two-Server Approach for Authentication with Short Secrets , 2003, USENIX Security Symposium.

[2]  Anil K. Jain,et al.  Fingerprint Quality Indices for Predicting Authentication Performance , 2005, AVBPA.

[3]  Boualem Boashash,et al.  Fingerprint feature extraction using block-direction on reconstructed images , 1997, TENCON '97 Brisbane - Australia. Proceedings of IEEE TENCON '97. IEEE Region 10 Annual Conference. Speech and Image Technologies for Computing and Telecommunications (Cat. No.97CH36162).

[4]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[5]  Rajeswari Mukesh,et al.  A robust finger print based two-server authentication and key exchange system , 2008, 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE '08).

[6]  Yi Chen,et al.  Pores and Ridges: High-Resolution Fingerprint Matching Using Level 3 Features , 2007 .

[7]  Robert H. Deng,et al.  A practical password-based two-server authentication and key exchange system , 2006, IEEE Transactions on Dependable and Secure Computing.

[8]  Anil K. Jain,et al.  Fingerprint Image Enhancement: Algorithm and Performance Evaluation , 1998, IEEE Trans. Pattern Anal. Mach. Intell..

[9]  Robert H. Deng,et al.  A New Architecture for User Authentication and Key Exchange Using Password for Federated Enterprises , 2005, SEC.

[10]  Dan Boneh,et al.  The Decision Diffie-Hellman Problem , 1998, ANTS.

[11]  Burton S. Kaliski,et al.  Server-assisted generation of a strong secret from a password , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).