Student Name: Yip Wai Kuan


30 Νοε 2013 (πριν από 4 χρόνια και 7 μήνες)

83 εμφανίσεις

Student Name:
Yip Wai Kuan


Main Supervisor: Assoc Prof David Ngo Chek Ling

Second Supervisor: Dr Andrew Teoh Beng Jin


Methods for Deriving Cryptographic Bit
strings from Biometrics Hand

Conventional biometrics hand
re verification typically requires users to store the original
biometrics information in a trusted centralized or password protected smart card. The former
offers low security as the server may be compromised, while the latter requires the user to
r the password. The objective of this proposal is to present new methods for deriving
fly bit
strings for cryptographic purposes from dynamic hand
signature. The function will
observe similar characteristics with that of a cryptographic hash which

defines a zero
way transformation of the biometrics data that will not require a template of the original data
to be stored in a centralized server or smart card and will offer better security and authentication.

We consider utilizing dynam
ic handwritten signature as biometric for key transformation because
it is a physically and universally accepted method of authentication. We propose that a secure
and good cryptographic key extraction technique from dynamic handwritten signature should
ave the following requirements:

(1) No signature template storage. Most handwritten signature verification schemes require a
template of the signature to be stored for comparison later. This provides no security in the event
the template is stolen as t
he user, inconveniently, must register a new signature.

(2) Refreshable keys. Previous methods of
Vielhauer et al., Feng & Chan,
et al.
, Davida
et al.

and Chang et al
methods derive keys straight from biometrics to be used in various
ems. Again, in the event of compromised key, the user has to change his biometrics,
which is not feasible for physiological biometrics like face, iris and fingerprint. Keys that can be
replaced in the event of key compromise will be an important conside
ration for integration into
cryptographic protocols.

(3) Secrecy protection. Throughout the transformation process, no statistical information that can
be used for reconstruction of the biometric data should be revealed.

(4) Unpredictable key space.

It should not be possible for an adversary to perform a statistical
extraction of key space patterns based on intercepting multiple keys. The keys should be
sufficiently different in terms of bits from non
genuine keys, and should be uniformly distribute

(5) Secure transformation. The transformation process should follow good security design
principles as described by Shannon, to promote robustness against cryptanalysis. The
transformation from dynamic signature to cryptographic key should not be rev
ersible to thwart
attempts in recovering the biometric.

(6) Error correction. Since every capture of the hand
signatures is not exact, a tolerable
application of correction is needed to ensure that the keys are stable enough to be used as