A biometric based secure session key agreement using modified elliptic curve cryptography

Protection of data and network security has been greatly researched. To enhance the security in the case of border control applications like E&Passport, conventional cryptographic concepts are integrated with biometrics. To avoid the intrusion of terrorists after the terrorists attack of 9/11, many countries begin to issue E&Passport to their citizens contains biometric data like face, fingerprint and iris. The first generation E&Passport developed as per the sand specifications of international civil aviation organization is confirmed to be lacking confidence and has numerous threats. The second generation E&Passport, was designed as per t he mechanism of extended access control also submits lots of threats especially in safety and confidentiality. In this article, security enhanced mechanism based on variation of Diffie&Hellman key agreement protocol using Elliptic Curve Cryptography (ECC) between E&Passport and the Examination Syst em (ES) is suggested. In the proposed method elliptic curve parameters A, B and G are derived from the minutiae points of the fingerprint. From these parameters public key of E& Passport and session key between E&Passport and ES is generated. The security analysis of the proposed solution confirms the security goal of the biometric based system. The proposed protocol is developed using MATLAB (R2010b) tool.

[1]  Albert B. Jeng,et al.  How to enhance the security of e-Passport , 2009, 2009 International Conference on Machine Learning and Cybernetics.

[2]  Pablo Najera,et al.  Security Mechanisms and Access Control Infrastructure for e-Passports and General Purpose e-Documents , 2009, J. Univers. Comput. Sci..

[3]  Gene Tsudik,et al.  Universally Composable RFID Identification and Authentication Protocols , 2009, TSEC.

[4]  Serge Vaudenay,et al.  E-Passport Threats , 2007, IEEE Security & Privacy.

[5]  William Stallings,et al.  Cryptography and network security , 1998 .

[6]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[7]  Kuldip Singh,et al.  Implementation of Elliptic Curve Digital Signature Algorithm , 2010 .

[8]  David A. Wagner,et al.  Security and Privacy Issues in E-passports , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[9]  Huaxiong Wang,et al.  An On-Line Secure E-Passport Protocol , 2008, ISPEC.

[10]  Hamza Ali,et al.  Multi purpose code generation using fingerprint images , 2009, Int. Arab J. Inf. Technol..

[11]  M. Meingast,et al.  Embedded RFID and Everyday Things: A Case Study of the Security and Privacy Risks of the U.S. e-Passport , 2007, 2007 IEEE International Conference on RFID.

[12]  Huaxiong Wang,et al.  Security Analysis of Australian and E.U. E-passport Implementation , 2008, J. Res. Pract. Inf. Technol..

[13]  Mohamed Abid,et al.  Secure E-Passport Protocol Using Elliptic Curve Diffie-Hellman Key Agreement Protocol , 2008, 2008 The Fourth International Conference on Information Assurance and Security.

[14]  M. S. Kumbhar,et al.  An Identity-Authentication System Using Fingerprints , 2012 .

[15]  Ayman Abdel-Hamid,et al.  Implementation of an Improved Secure System Detection for E-passport by using EPC RFID Tags , 2009 .

[16]  S. Usha,et al.  Formation of Elliptic Curve Using Finger Print for Network Security , 2011, 2011 International Conference on Process Automation, Control and Computing.