Multibiometric Cryptosystems Based on Feature-Level Fusion

parchedmoosupElectronics - Devices

Nov 29, 2013 (3 years and 8 months ago)



Multibiometric Cryptosystems Based on

Level Fusion


A biometric system is essentially a pattern recognition system that
operates by acquiring biometric data from an individual, extracting a feature
set from the acquired data, and
comparing this feature set against the
template set in the database. Depending on the application context, a
biometric system may operate either in verification mode or identification

multibiometric systems require

storage of multiple biometric templ
(e.g., fingerprint, iris, and

face) for each user, which results in increased risk to
user privacy

and system security.

In the verification mode, the system validates a person’s identity by
comparing the captured

data with her own biometri
c template(s)
stored in the system database. In such a system, an individual who desires to
be recognized claims an identity, usually via a personal identification number
(PIN), a user name, or RFID NO,

Identity verification is typically used for

, where the aim is to prevent

multiple people f
rom using the same


In the identification mode, the system recognizes an individual by
searching the templates of all the users in the database for a match. Therefore,
the system conducts

a one
many comparison to establish an individual’s
identity (or fails if the subject is not enrolled in the system database)

the subject having to claim an identity

After matching the image, server will range a percentage value. If that
ntage value is above 100 means it will allow transaction directly

and below 100 means server will generate token number and send to the



The main objective of my project is to provide secure banking for the
client, by taking fingerprints as authorized identity at ATM banks.



Biometric authentication systems are gaining wise
spread popularity
in recent years due to the advances in m
atching algorithm that make the
system both secure and cost
effective. They are ideally suited for both high
security and remote authentication application due to user convenience. Most
biometric system assume that the template in the system is secure due



human supervision(e.g. criminal database search) or physical protection(e.g.
mobile locks and door locks).However, a variety of applications of
authentication need to work over partially secure or insecure networks such as
ATM networks or the internet.

Authentication over insecure public networks or with un
servers raises more concerns in privacy and security. The primary concern is
related to the security of the plain biometric templates, which cannot be
replaced, once they compromised. Wides
pread use of biometric authentication
also raises concerns of tracking a person, as every activity that requires
authentication can be uniquely assigned to an individual.


3.1.1. Problem Definition

The problem is to design biometric fe
atures for authentication. The
finger print verification is to be performed by using Fuzzy concept and the
secret token number is generated by SHA
256(secure hash algorithm)

3.1.2. Existing System

Remote authentication is the most commonly used method to
determine the identity of a remote client. In general, there are three
authentication factors:


1. Something the client knows: password.

2. Something the client has: smart card.

3. Something the cl
ient is: biometric characteristics

(e.g., fingerprint, voiceprint, and iris scan).

Most early authentication mechanisms are solely based on password.
While such protocols are relatively easy to implement, passwords have many


of the trade
off between matching accuracy
and security in the

proposed multibiometric cryptosystems based on two

databases (one real and one virtual multimodal database), each

containing the three most popular biometric modalities, nam

iris, and face.
By exploiting these vulnerabilities, simple dictionary attacks can
crack passwords in a short time Due to these concerns, hardware
authentication tokens are introduced to strengthen the security in user
authentication, and
based password authentication has become
one of the most common authentication mechanisms. While it provides
stronger security guarantees than password authentication, it could also fail if
both authentication factors are compromised.

Another a
uthentication mechanism is biometric authentication,
where users are identified by their measurable human characteristics, such as
fingerprint, voiceprint, and iris scan. Biometric characteristics are believed to
be a reliable authentication factor since t
hey provide a potential source of high


entropy information and cannot be easily lost or forgotten. Some biometric
characteristics (e.g., fingerprint) can be easily obtained without the awareness
of the owner. This motivates the three
factor authentication,

incorporates the advantages of the authentication based on password, smart
card, and biometrics.

3.1.3. Proposed System

In Our Proposed System of Implementation, We consider Three
Factor Authentication using the following,


PIN Number

rics (Finger Print).

Every User is provided with RFID Card for the initial Authentication
Scheme, then the user will be giving the PIN number is provided during the
Registration Period itself.

Then the user is permitted to give his / her Finger Print to
the main
server. If the Finger Print is exactly matched, the user is allowed for the
transactions. If the Finger Print is doubtful and not exactly matched with the
registered Finger Print image then Server sends One Time Password as SMS
Alert to the User’s

Mobile Number. This One Time Password which is generated


as SMS is given by the User to the main server for authentication. In the normal
three factor Authentication Scheme, we use following Authentication

User PIN number along with Keypad ID


Finger Print Image

In the case of Fuzzy Concept, where the Finger Print is not matched
but matched to the maximum extent, and the server has suspicion, then the
following procedure is followed,

User PIN number along with Keypad ID

RFID reader

Finger Print Image

One Time Password (OTP) Generation to the user’s Mobile Number

OTP given by the user to the server.

All those are used together for authentication. For Finger print Fuzzy
Logic is applied for Exact Mapping and Proper Authentication.