Professional Documents
Culture Documents
Abstract: Biometrics technology, which uses physical or behavioral characteristics to identify users, has come to attract increased attention as a means of reliable personal authentication that helps the identity of an actual user. Among various modalities of Biometrics, Fingerprints are known to have the longest history of actual use in law enforcement applications with proven performance. This project surveys the state of the art in fingerprint identification technology. In this project, a design schema of a security authentication system combined with fingerprint identification and public key cryptography is explored, and its specific security mechanism is discussed in detail. In our schema, fingerprint is added into user's private key and served a security parameter, such that users secret key is separated into secret key parameters and fingerprint, by secret splitting mechanism, which makes the secret key to be bounded with user's information. This will increase the security of secret key ultimately. In such an authentication system, the diplex authentication technologies --- fingerprint and smart card --- are adopted, and the user fingerprint neednt to be transmitted during the authentication process, which can protect user's privacy effectively.
ISSN: 0975-5462
3054
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 example of the threat model is shown below in Figure 1, and builds on the general biometric model outlined in Mansfield and Wayman [4].
ISSN: 0975-5462
3055
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
And a delta point is the junction point where three ridge flows meet. They are usually used for fingerprint registration, fingerprint classification. Ridge orientation map local direction of the ridge-valley structure. It is com- monly utilized for classification, image enhancement, and minutia feature verification and filtering. Ridge frequency map the reciprocal of the ridge distance in the direction per-pendicular to local ridge orientation. It is formally defined in [32] and is extensively utilized for contextual filtering of fingerprint images. This representation is sensitive to the quality of the fingerprint images [36]. However, the discriminative abilities of this representation are limited due to absence of singular points.
(a) A ridge ending minutia: (x,y) are the minutia coordinates; is the minutias orientation (b) A ridge bifurcation minutia: (x,y) are the minutia coordinates;
ISSN: 0975-5462
3056
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
Block Diagrams
ISSN: 0975-5462
3057
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 identification and verification with cryptography. An ideal scheme for combining physical identity (biometric features) with logical identity (key) Biometric features are permanently associated with the user and can be used for identification. Protection of biometric data itself is a privacy issue Biometrics cannot be revoked
Biometric cryptography:
Combining Biometrics and Cryptography Use biometrics to generate cryptographic keys Successful biometric verification generates correct key
ISSN: 0975-5462
3058
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
Figure: after wavelet transformation Image is converted into LL, LH,HL & HH frequency components
3.FEATURE SELECTION
DISCRETE WAVELET TRANSFORM :
The main idea is the same as it is in the CWT. A time-scale representation of a digital signal is obtained using digital filtering techniques. Recall that the CWT is a correlation between a wavelet at different scales and the signal with the scale (or the frequency) being used as a measure of similarity. The continuous wavelet transform was computed by changing the scale of the analysis window, shifting the window in time, multiplying by the signal, and integrating over all times. In the discrete case, filters of different cutoff frequencies are used to analyze the signal at different scales. The signal is passed through a series of high pass filters to analyze the high frequencies, and it is passed through a series of low pass filters to analyze the low frequencies. ThThis procedure can mathematically be expressed asis procedure can mathematically be expressed as
:
Having said that, we now look how the DWT is actually computed: The DWT analyzes the signal at different frequency bands with different resolutions by decomposing the signal into a coarse approximation and detail information. DWT employs two sets of functions, called scaling functions and wavelet functions, which are associated with low pass and high pass filters, respectively. The decomposition of the signal into different frequency bands is simply obtained by successive high pass and low pass filtering of the time domain signal. The original signal x[n] is first passed through a half band high pass filter g[n] and a low pass filter h[n]. After the filtering, half of the samples can be eliminated according to the Nyquists rule, since the signal now has a
ISSN: 0975-5462
3059
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 highest frequency of /2 radians instead of . The signal can therefore be subsampled by 2, simply by discarding every other sample. This constitutes one level of decomposition and can mathematically be expressed as follows
ISSN: 0975-5462
3060
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
Centralizing
Cropping
Features
Weiner filter
1 A fingerprint image is a 2D image of a 3D finger 2 2D image is affected by pressure, scratches, sweat, alignment and position of finger. 3 Applying weiner filter is more suitable.
Center
ISSN: 0975-5462
3061
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
then we can do "another implementation" of the same filter in terms of its inverse that may have fewer significant terms in it:
ISSN: 0975-5462
3062
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
In conventional cryptography, also called secret-key or symmetric-key encryption, one key is used both for encryption and decryption. The Data Encryption Standard (DES) is an example of a conventional cryptosystem that is widely employed by the Federal Government. Figure 1-1 is an illustration of the conventional encryption
process.
ISSN: 0975-5462
3063
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
Certification
There is, of course, a problem with the scheme above. Since the public keys are really public, anyone can send a message to you. So your enemy can pretend to be your friend and send you a message just like your friend as they both have access to the public key. Your enemy's information can completely mislead you. So how can you be certain that a message that says it is from your friend is really from your friend? Here is one way to do it, assuming that you both have the public and private keys Ea, Eb, Da, and Db as discussed in the previous section. Suppose I wish to send my friend a message that only he can read, but in such a way that he is certain that the message is from me. Here's how to do it. I will take my name, and pretend that it is an encoded message, and decode it using Da. I am the only person who can do this, since I am the only person who knows Da. Then I include that text in the real message I wish to send, and I encode the whole message using Eb, which only my friend knows how to decode. When he receives it, he will decode it using Db, and he will have a message with an additional piece of what looks to him like junk characters. The junk characters are what I got by decoding my name. So he simply encodes the junk using my public key Ea and makes certain that it is my name. Since I am the only one who knows how to make text that will encode to my name, he knows the message is from me. You can encode any text for certification, and in fact, you should probably change it with each
ISSN: 0975-5462
3064
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
With the typical modular exponentiation algorithms used to implement the RSA algorithm, public key operations take O(k2) steps, private key operations take O(k3) steps, and key generation takes O(k4) steps, where k is the number of bits in the modulus. Fast multiplication techniques, such as methods based on the Fast Fourier Transform (FFT), require asymptotically fewer steps. In practice, however, they are not as common due to their greater software complexity and the fact that they may actually be slower for typical key sizes.
Message(M)
Public Key of B
Encrypt operation
Ciphertext
Decrypt operation
Ciphertext
Message(M)
Entity A wants to send secret message(cipher text) to B Uses Public key of B and Encrypt operation to generate Ciphertext Sends Ciphertext to Entity B
Entity B wants to read the Message(M) sent by A Receives Ciphertext from A Uses its private key D and Decrypt operation to get Message(M)
Verifying operation
Message(M1)
Signature(S)
A
Private key D
ISSN: 0975-5462
3065
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 Entity A wants to prove its identity to B Signing operation to generate Signature (S) sends Message(M), Signature(S) to Entity B
Entity B wants to verify identity of A Receives Signature(S) and Message(M) from A Verifying operation to generate Message(M1) from S Compares M1 and M to verify identity of A
5 .ALGORITHM
The algorithm can be given below. 1. 2. Find P and Q, two large (e.g., 1024-bit) prime numbers. Choose E such that E is greater than 1, E is less than PQ, also E and (P-1)(Q-1) are relatively prime, which means they have no prime factors in common. E does not have to be prime, but it must be odd. (P-1)(Q-1) can't be prime because it's an even number. 3. Compute D such that (DE - 1) is evenly divisible by (P-1)(Q-1). Mathematicians write this as DE = 1 (mod (P-1)(Q-1)), and they call D the multiplicative inverse of E. This is easy to do simply find an integer X which causes D = (X(P-1)(Q-1) + 1)/E to be an integer, then use that value of D. 4. The encryption function is C = (T^E) mod PQ, where C is the cipher text (a positive integer), T is the plaintext (a positive integer), and ^ indicates exponentiation. The message being encrypted, T, must be less than the modulus, PQ. 5. The decryption function is T = (C^D) mod PQ, where C is the cipher text (a positive integer), T is the plaintext (a positive integer), and ^ indicates exponentiation. Your public key is the pair (PQ, E). Your private key is the number D (reveal it to no one). The product PQ is the modulus (often called N in the literature). E is the public exponent. D is the secret exponent. You can publish your public key freely, because there are no known easy methods of calculating D, P, or Q given only (PQ, E) (your public key). If P and Q are each 1024 bits long, the sun will burn out before the most powerful computers presently in existence can factor your modulus into P and Q.
ISSN: 0975-5462
3066
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 4. Find a d such that d==dp mod p-1 and d==dq mod q-1. 5. Compute e=d-1 (mod Phi ).
The public key is <N, e> and the private key is <p, q, dp, dq>. Since gcd (dp, p-1)=1 and d==dp mod p-1, we have gcd (d, p-1)=1. Similarly, gcd (d, q-1)=1. Hence gcd (d, phi (N))=1 and by step 5, e can be computed. To apply the Chinese Remainder Theorem in step 4, the respective moduli have to be relatively prime in pairs for a solution to necessarily exist. We observe that p-1 and q-1 are even and that we cannot directly apply the Chinese Remainder Theorem. However, gcd ((p- 1)/2, (q-1)/2)=1. Since gcd (dp, p-1)=1 and gcd (dq, q-1)=1, essentially dp, dq are odd integers and dp-1, dq-1 are even integers. We have gcd (d, p-1)=1, which implies that d is odd and d-1 is even. To find a solution to d==dp mod p-1, d==dq mod q-1. We find a solution to
d-1==dp 1 mod p-1, d-1==dq 1 mod q-1. By applying the cancellation law and taking the common factor 2 out, we have x=d== (d-1)/2==(dp 1)/2 mod( p-1)/2, x=d==(d-1)/2==(dq 1)/2 mod( q-1)/2. Using Chinese Remainder Theorem we find d such that d = (2*d) +1.
Theorem If C is not divisible by p and dp==d mod p-1, then Cdp==Cd (mod p). For decryption we find
1. Mp=Cdp(mod p)= Cd(mod p) and Mq=Cdq(mod q)= Cd(mod q). 2. Then using Chinese Remainder Theorem, we find a solution for M=Mp(mod p)= Cd(mod p), M=Mq=Cdq(mod q)= Cd(mod q).
We now illustrate the scheme using an over simplified example. Choose p = 7, q = 11, gcd (p-1, q-1) = 2, N = p*q = 7*11 = 77, phi (N) = (p-1)*(q-1) = 6*10 = 60. Let dp = 5, gcd (dp , p-1) = gcd (5,6) = 1. dq = 3, gcd (dq , q-1) = gcd (3,10) = 1.
ISSN: 0975-5462
3067
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 We are to find d such that d==5 mod 6, d==3 mod 10. We cannot apply the Chinese Remainder theorem since gcd (6,10) . 1, hence we convert the system of congruences in such a manner that the cancellation law can be applied Therefore, we have d-1==5-1 mod 6, d-1==3-1 mod 10. On applying the cancellation law, (d-1)/2==(5-1)/2 mod (6/2), (d-1)/2==(3-1)/2 mod (10/2). x = d= (d-1)/2== 2 mod 3, x = d= (d-1)/2== 1 mod 5. Solving using Chinese Remainder Theorem, M = 3*5 = 15, M1 =15/3 = 5, M2 = 15/5=3.
5*N1==1 mod 3, N1=2, 3*N2==1 mod 5, N2=2. We have, d = x = 2*5*2 + 1*3*2 = 26(mod 15) = 11. Therefore d = 11 and d = (2*d)+1 = (2*11) +1 = 23, d = 23.
C=547 mod 77 = 3.
M = Mp mod p = cd mod p, M = Mq mod q = cd mod q. Mp = 35 mod 7 = 243 mod 7 = 5, Mq = 33 mod 11= 27 mod 11 = 5.
ISSN: 0975-5462
3068
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
M = 7*11 = 77, M1 = 77/7 = 11, M2 = 77/11 = 7. 11*N1==1 mod 7, N1=2, 7*N2==1 mod 11, N2=8. x = 5*11*2 + 5*7*8 = 390 mod 77 =5. Thus x = M = 5, as desired. In this specific example (Mp and Mq)=5 is a common solution and it is not necessary to further apply the Chinese Remainder Theorem.
where D1=D mod (p-1) and D2=D mod(q-1). Applying CRT we can compute the results S as S = (S1c1q+S2c2p) mod N Where c1=q-1 mod p c2=p-1 mod q. 2
The size of p and q about half of N. Thus the size of the exponents is reduced to half of the original size in 2prime RSA. In multi prime CRT and RSA we have S=MD mod (pqr)
We can obtain S1=MD1 mod p S2=MD2 mod q S3=MD3 mod r. Where, D1=Dmod(p-1) D2=Dmod(q-1) D3=Dmod(r-1)
ISSN: 0975-5462
3069
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
We can apply the CRT to retrive S as S=(S1c1qr+ S2c2pr+ S3c3pq) Where C1=(rq)-1 mod p C2=(pr)-1 mod q C3=(pq)-1 mod r
Hence the size of the exponents is further reduced to one third the original. Based on above analysis, 1024-bit 2prime and multi-prime RSA can be done with 512-bit and 341-bit exponents and modulus respectively.
GUI
ISSN: 0975-5462
3070
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
ISSN: 0975-5462
3071
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
ISSN: 0975-5462
3072
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
ISSN: 0975-5462
3073
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
ISSN: 0975-5462
3074
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
8 APPLICATIONS
Markets for fingerprint technology include entrance control and door-lock applications, fingerprint identification mouses, fingerprint mobile phones, and many others. The fingerprint markets are classified as
follows:
ISSN: 0975-5462
3075
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077
SYSTEM SECURITY:
ISSN: 0975-5462
3076
G.Prasanna Lakshmi / International Journal of Engineering Science and Technology Vol. 2(7), 2010, 3054-3077 The problem faced by the single biometric system is solved by combining the system with cryptography which is yielding many advantages & applications in real time.
References
[1] R. Cappelli, Synthetic Fingerprint Generation, Handbook of Fingerprint Recognition, D. Maltoni, D. Maio, A.K. Jain, and S. Prabhakar, eds. New York: Springer, 2003. [2] R. Cappelli, A. Erol, D. Maio, and D. Maltoni, Synthetic Fingerprint-Image Generation, Proc. 15th Int'l Conf. Pattern Recognition, pp. 475-478, Sept. 2000. [3] R. Cappelli, D. Maio, and D. Maltoni, Modelling Plastic Distortion in Fingerprint Images, Proc. Second Int'l Conf. Advances in Pattern Recognition, pp. 369-376, Mar. 2001. [4] R. Cappelli, D. Maio, and D. Maltoni, Synthetic Fingerprint-Database Generation, Proc. 16th Int'l Conf. Pattern Recognition, vol. 3, pp. 744-747, Aug. 2002. [5] Y. Dit-Yan et al., SVC2004: First International Signature Verification Competition, Proc. Int'l Conf. Biometric Authentication, pp. 1622, July 2004. [6] G. Doddington et al., Sheep, Goats, Lambs and Wolves: A Statistical Analysis of Speaker Performance, Proc. Int'l Conf. Language and Speech Processing, pp. 1351-1354, Nov. 1998. [7] S. Pankanti, N.K. Ratha, and R.M. Bolle, Structure in Errors: A Case Study in Fingerprint Verification, Proc. 16th Int'l Conf. Pattern Recognition, 2002. [8] P.J. Phillips, A. Martin, C.L. Wilson, and M. Przybocky, An Introduction to Evaluating Biometric Systems, Computer, vol. 33, no. 2, Feb. 2000. [9] P.J. Phillips, H. Moon, S.A. Rizvi, and P.J. Rauss, The FERET Evaluation Methodology for Face-Recognition Algorithms, IEEE Trans. Pattern Analysis and Machine Intelligence, vol. 22, no. 10, pp. 1090-1104, Oct. 2000.
ISSN: 0975-5462
3077