Reliable and secure encryption key generation from fingerprints

Purpose – Biometric authentication, which requires storage of biometric templates and/or encryption keys, raises a matter of serious concern, since the compromise of templates or keys necessarily compromises the information secured by those keys. To address such concerns, efforts based on dynamic key generation directly from the biometrics have recently emerged. However, previous methods often have quite unacceptable authentication performance and/or small key spaces and therefore are not viable in practice. The purpose of this paper is to propose a novel method which can reliably generate long keys while requires storage of neither biometric templates nor encryption keys.Design/methodology/approach – This proposition is achieved by devising the use of fingerprint orientation fields for key generation. Additionally, the keys produced are not permanently linked to the orientation fields, hence, allowing them to be replaced in the event of key compromise.Findings – The evaluation demonstrates that the propo...

[1]  Ralf Steinmetz,et al.  Biometric hash based on statistical features of online signatures , 2002, Object recognition supported by user interaction for service robots.

[2]  Nalini K. Ratha,et al.  Biometric perils and patches , 2002, Pattern Recognit..

[3]  Bhagavatula Vijaya Kumar,et al.  Biometric Encryption using image processing , 1998, Electronic Imaging.

[4]  Josef Bigün,et al.  Prominent symmetry points as landmarks in fingerprint images for alignment , 2002, Object recognition supported by user interaction for service robots.

[5]  Qi Li,et al.  Cryptographic key generation from voice , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[6]  Farzin Deravi,et al.  Feasibility of generating biometric encryption keys , 2005 .

[7]  Loris Nanni,et al.  Cancellable Biometrics: Problems and Solutions for Improving Accuracy , 2010 .

[8]  Nalini K. Ratha,et al.  Enhancing security and privacy in biometrics-based authentication systems , 2001, IBM Syst. J..

[9]  W. Gareth J. Howells,et al.  Evaluating Biometric Encryption Key Generation Using Handwritten Signatures , 2008, 2008 Bio-inspired, Learning and Intelligent Systems for Security.

[10]  Sharath Pankanti,et al.  Biometrics: Personal Identification in Networked Society , 2013 .

[11]  W. Gareth J. Howells,et al.  Key Generation in a Voice Based Template Free Biometric Security System , 2009, COST 2101/2102 Conference.

[12]  Evgeny Verbitskiy,et al.  RELIABLE BIOMETRIC AUTHENTICATION WITH PRIVACY PROTECTION , 2007 .

[13]  Michael K. Reiter,et al.  Password hardening based on keystroke dynamics , 2002, International Journal of Information Security.

[14]  Yair Frankel,et al.  On enabling secure applications through off-line biometric identification , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[15]  Jiankun Hu,et al.  Enhanced gradient-based algorithm for the estimation of fingerprint orientation fields , 2007, Appl. Math. Comput..

[16]  Peng Li,et al.  Biometric and User Data, Binding of , 2009, Encyclopedia of Biometrics.

[17]  Anil K. Jain,et al.  FVC2002: Second Fingerprint Verification Competition , 2002, Object recognition supported by user interaction for service robots.

[18]  B. Miller,et al.  Vital signs of identity [biometrics] , 1994, IEEE Spectrum.

[19]  Ralf Steinmetz,et al.  Handwriting: Feature Correlation Analysis for Biometric Hashes , 2004, EURASIP J. Adv. Signal Process..

[20]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[21]  Sabih H. Gerez,et al.  Systematic Methods for the Computation of the Directional Fields and Singular Points of Fingerprints , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[22]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[23]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[24]  Mohammed Yakoob Siyal,et al.  Novel biometric digital signatures for Internet-based applications , 2001, Inf. Manag. Comput. Secur..

[25]  P. Trivellas,et al.  The Human Factor of Information Security: Unintentional Damage Perspective☆ , 2014 .

[26]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[27]  Udi Manber,et al.  A simple scheme to make passwords based on one-way functions much harder to crack , 1996, Comput. Secur..

[28]  Anil K. Jain,et al.  Biometric Systems: Technology, Design and Performance Evaluation , 2004 .

[29]  Reihaneh Safavi-Naini,et al.  Cancelable Key-Based Fingerprint Templates , 2005, ACISP.

[30]  Sharath Pankanti,et al.  Fingerprint-Based Fuzzy Vault: Implementation and Performance , 2007, IEEE Transactions on Information Forensics and Security.

[31]  Anil K. Jain,et al.  Adaptive flow orientation-based feature extraction in fingerprint images , 1995, Pattern Recognit..

[32]  Hao Feng,et al.  Private key generation from on-line handwritten signatures , 2002, Inf. Manag. Comput. Secur..

[33]  Niclas Eberhagen,et al.  Human factor and information security in higher education , 2014, J. Syst. Inf. Technol..

[34]  Naohisa Komatsu,et al.  A secure communication system using biometric identity verification (マルチメディア情報処理,映像表現,ネットワーク映像メディア,画像情報システム第3回International Workshop on Advanced Image Technology(IWAIT2001)) , 2000 .

[35]  Eryun Liu,et al.  Minutiae and modified Biocode fusion for fingerprint-based key generation , 2010, J. Netw. Comput. Appl..

[36]  Yair Frankel,et al.  On the Relation of Error Correction and Cryptography to an Off Line Biometric Based Identification S , 1999 .

[37]  Julian Fiérrez,et al.  Cancelable Templates for Sequence-Based Biometrics with Application to On-line Signature Recognition , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.