Professional Documents
Culture Documents
Crypto-Biometric
Verification Protocol
Guided by
Prof L
Rohan Abraham
223
R7
In a Nutshell
A protocol for blind biometric authentication
Blind - does not reveal biometric information to
the authenticating server or vice versa
Secure encrypted biometrics, template
protection
CONTENTS
Biometric Authentication
Blind Biometric Authentication Protocol using a
linear classifier
Security & Privacy Issues
Implementation using SVM
Analysis Accuracy and Biometric Verification
Future Possibilities
Biometrics
How it works
Affiliated terms
Homomorphic Encryption
An encryption scheme using which some algebraic
operation , like addition or multiplication, can be directly
done on the cipher text
Algorithm: Authentication
from client
to the server
Server computes
Algorithm analysis
The server carries out all its computation in the
encrypted domain and hence does not get any
information about x or .
Privacy is based on the servers ability to
generate random numbers. The server has
access to a random number generator(PRNG)
Encrypted information is unable to be
deciphered and the final SOP expression is
obtained which is congruent with the original
weighted product
Enrollment Phase
Algorithm: Enrollment
System Security
Biometric systems are more secure when compared to
passwords or tokens as they are difficult to reproduce.
The security is further enhanced by the fact that the
attacker needs to get access to both the users
biometric as well as the private key to be able to pose
as an enrolled user.
Security breaches can occur at the server, client or the
network.
Server Security
Case 1:
Hacker gains access to the template database.
Case 2:
Hacker is in the database server during
authentication.
Case 3:
Impostor trying blind attacks from a remote
machine.
Client Security
Case 4:
Hacker gains access to the users biometric or
private key.
Case 5:
Passive attack at the users computer.
Network security
Attacker gains access to the network
The confidentiality of the data flow over the
network can be ensured using standard
cryptographic methods like ciphers and digital
signatures.
All traffic is encrypted either using clients public
key or random numbers generated by server.
Privacy
Concern of revealing personal information:
Since original template or test sample is not
revealed to the server, only identity is
established.
Concern of being tracked: Different keys for
different applications(servers), thereby avoid
being tracked across uses.
Disadvantages
Foolproof Enrollment procedures are necessary to
ensure that the biometric is secure from any type of
attacks (e.g. a malicious enrollment server)
Success of Biometric authentication is solely
dependent on the invariance of physical features.
Therefore, if the biometric is damaged by injury
(hand geometry) or disease (cataract for iris
recognition) or presence of foreign substances (like
water or oil), then the encryption algorithm may not
give expected results.
Conclusions
Verification can be done in real-time with the help of
available hardware
Keep the interaction between the user and the server to a
minimum
Extensions to this work includes secure enrollment
protocols and encryption methods to reduce
computations
Dynamic warping based matching of variable length
feature
approach
References
N. K. Ratha, J. H. Connell, and R. M. Bolle,
Enhancing security and privacy in biometricsbased authentication systems
Maneesh Upmanyu, Anoop M. Namboodiri, K.
Srinathan and C.V. Jawahar, Blind
authentication: A secure crypto-biometric
verification protocol
IEEE-Transactions on Information Forensics
and Security (IEEE-TIFS, June 2010)