# Biometrics based Cryptosystem Design

Sécurité

22 févr. 2014 (il y a 4 années et 2 mois)

95 vue(s)

Biometrics based
Cryptosystem Design

Under :

Prof. Santanu Chaudhury

Dr. Lipika Dey

By :

Abhishek Nagar

2001057

Cryptosystem

A mechanism using which one can
encode an information content to an
incomprehensible form and also recover the
original content when desired.

Biometrics

Biometrics is the science and technology
of authentication (i.e. establishing the identity
of an individual) by measuring the subject
person's physiological or behavioral features.

Motivation

Normally used cryptosystems have a number of
associated inconveniences and problems such as

could be forgotten.

User has to carry smart cards

could be lost or stolen.

Problem of non
-
repudiation

The user who generated the cryptic message can easily
deny his involvement

Biometrics is a solution to these problems

Difficulties in using Biometrics

Non
-
repeatability

Every time one obtains a biometric, its value is not
exactly the same as that obtained before.

Limited Number

Easily Accessible to public

Biometric used & Feature Extraction

Fingerprints are used as a key to our
cryptosystem

Features are extracted using a set of gabor
filters applied on all the elements of a
tessellated fingerprint.

Gabor Feature Extraction

Reference Point Location

Divide the fingerprint image, into non
-
overlapping
blocks

Compute the intensity gradients using sobel
operator

Estimate the local orientation as

Compute E, an image containing only the
sine
component of
O

(,) sin('(,))
E i j O i j

1
1
2
(.)
(,) tan
(,)
y
x
V i j
O i j
V i j

 

 
 
(,)
O i j

Initialize
’A’
, a label image

used to indicate the reference

point

Find the maximum value in
’A’

and assign its
coordinate to the reference point.

Repeat steps by using a window size of
w’
×
w’

,
where
w’<w

to get a fine estimate

The different sizes taken are 5, 10 and 15 pixels

1 2
(,) (,) (,)
R R
A i j E i j E i j
 
 
Sector
-
Wise Normalization

Tessellate fingerprint image into sectors and
normalize pixels in each sector as:

Gabor Filters

where
f
is the frequency, and are the space constants

2 2
2 2
''
1''
(,,,) exp cos(2')
2
'sin( ) cos( )
'cos( ) sin( )
x y
x y
G x y f fx
x x y
y x y
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 
x

y

2
0
0
2
0
0
( (,) )
(,)
(,)
( (,) )
i
i
i
i
i
i
V I x y M
M ifI x y M
V
N x y
V I x y M
M otherwise
V

 

fig

Each sector is filtered using gabor filters for
four different values of
θ

in {0,45,90,135}

the feature value,
V

, is the average absolute
deviation from the mean defined as

where
n
i

is the number of pixels in
S
i

and
P

is the
mean of pixel values of
F

(x, y)

Finally a feature vector is generated whose
elements have value in the range 0
-
255

1
(,)
i
i i i
n
i
V F x y P
n
  
 
 
 
 

using biometrics

Limited number & Open to public

Transform the Biometric Features into a new set of
features using a Secure Transformation

No. of bio
-
keys=No. of Transformations

Added security since transformation function is kept secret

Secure Transformation should have some desirable
qualities

Range of value of elements of feature vector should not
vary non uniformly

Secure Transformation

Transformation matrix is generated using a set of
random numbers.

Feature vector to be transformed is converted to
matrix form and convolved with the Transformation
matrix to get the Secure Features.

Fingerprint Features

in Matrix Form

Random Kernel

Secure Fingerprint

Features

Non
-
Repeatability

Usual cryptosystems fail with biometrics
since each time one obtains a biometric, its
value is not exactly the same as that obtained
before.

There is a high probability that a person is not
able to decipher the message encrypted using
biometrics

Modified Fuzzy Vault Scheme is used instead
of usual cryptosystem.

Modified Fuzzy Vault Scheme

Fuzzy Vault

A secret message ‘M’ is encrypted into a fuzzy
vault ‘V’ using another data ‘A’

‘M’ can be decrypted using a data ‘B’ sufficiently
close to ‘A’

Creation of Fuzzy Vault

The secret message ‘M’ is the Document of length
k.

Data ‘A’ is the biometric template.

‘M’ is encoded using the Reed
-
Solomon codes to
‘C’ of length n=2
t
-
1

RS codes have error correcting capacity of (n
-
k)/2 where
k is the length of ‘M’

n triplets are formed such that a randomly chosen
position(1,2or3) say Position (i) of the i
th

triplet is
the i
th
number from code ‘C’ and the other two
numbers are randomly chosen.

Call the triplet Locking Set 1

Another n triplets are formed such that

i
th

triplet contains i
th

biometric element at Position(i)

The other two elements are such that they form an
arithmetic progression with distance=FV_tolerance

Call it Locking Set 2

Unlocking the Fuzzy Vault

Using the biometric, find the Position(i)

Position(i) is the position of the element in i
th

triplet in
Locking Set 2 which is closest to i
th
biometric element

Find value at Position(i) in the Locking Set 1, this
should be the i
th

value of the Reed
-
Solomon code.

Decode the Reed
-
Solomon code to obtain the
message.

Non
-
Repudiability

Since Fuzzy Vault is Symmetric Cryptosystem, the
encryption key is same as decryption key.

Causes a set
-
back in terms of non
-
repudiability

Solution

Encryption module has its own set of encryption and
decryption keys.

Created Fuzzy Vault is encrypted by the module whose

No possibility of creation of fuzzy vault outside Encryption
Module using the key.

Invariant Features

Invariant feature I of data d for a transformation T is
the feature such that:

Invariant features are used instead of biometrics.

Transformed biometric is sent

Actual biometric is secure

Same key serves for different cryptosystems by changing
the set of Invariants.

Key to hierarchical security

( ( )) ( )
I T d I d

Permutation used as Transformation

Values of elements are not changed

Invariant Feature is the increasing order of the
feature elements

Hierarchical Security

Message can be encoded with different security levels

Receivers with a key for security level higher than the
encryption security are able to decode.

Implemented by doing binary subdivision of the Secure
Feature and evaluating Invariant Features for each division.

Increasing order of first 2k permuted elements is same as
increasing order of join of first k permuted elements and next k
permuted elements.

Complete System Design

The complete system is implemented in
MATLAB
.

SERVER

-
RSA Field

&

Decr. Key for

Each module

MODULE1

-
Encr. Key

-
Secure Tr. For

Each user

MODULE2

-
Encr. Key

-
Secure Tr. For

Each user

MODULE3

-
Encr. Key

-
Secure Tr. For

Each user

USER1

USER2

USER1

USER1

USER2

System Initialization

Each Module is initialized with its RSA keys and
Field and is added to the Server.

Decryption key and Field are registered with server

Each user is added to a module

User’s Secure Transformation and Identity are registered
with the module.

Document Sending

Calculate Gabor Features of the fingerprint

Transform the Fingerprint Features to get Secure
Fingerprint Features

Generate and RSA cryptosystem(32 bit in our case)
randomly having

Field n

Encryption Key e

Decryption Key d

Divide the document into chunks of appropriate length(2 in
our case) such that the numeric equivalent of each chunk is
less than n for the encryption to work properly. Pad the
message if required.

Encrypt the document using e

Each digit of the number d is considered as an 8
-
bit
character to be secured in the fuzzy vault

Append random digits to d such that its length becomes
255
-
2*Permissible_Error

Find the invariant features corresponding to the desired
security level to create Modified Fuzzy Vault

Encrypt Modified Fuzzy Vault using Module Encryption Key

Send the Encrypted Modified Fuzzy Vault, the Encrypted
Document, Security Level, Module Id, User identity, the
padded values, n and the length of d

Encryption

Biometric

Features

Secure

Transformation

Secure

Features

Invariant

Extraction

Invariant

Feature

Invariant

Feature

Document

Key

Fuzzy

Vault

Modified Fuzzy Vault

Encryption Algorithm

Fuzzy

Vault

Module Encryption

Encrypted Fuzzy

Vault

Document Receiving

Find the invariant features corresponding to the Security
Level

Decrypt the Modified Fuzzy Vault using module Decryption
Key

Open the Modified Fuzzy Vault using the invariant features
to get d

Obtain the actual d taking only the first desired digits

Decrypt the Document using n and d to get the Document

Decryption

KEY

Document

key

Invariant

Extraction

Invariant

Feature

Modified Fuzzy Vault

Decryption Algorithm

Encrypted

Fuzzy Vault

Module

Encryption

Fuzzy

Vault

Results obtained using this cryptosystem

FAR and FRR for Modified Fuzzy Vault

FV_tol.

FAR

(%)

FRR

(%)

FV_tol.

FAR

(%)

FRR

(%)

2

0

5

12

2.78

0

4

0

0

14

9.72

0

6

0

0

16

11.1

0

8

0

0

18

16.7

0

10

2.78

0

20

19.4

0

Drawback in the proposed system

The implementation of the previous cryptosystem
required a special network of modules for
implementing the final step in the encryption stage,
the Module Encryption step.

The role of module encryption step was to ensure that
the message was sent using a legitimate fingerprint
extracted from a person and not using the
decryption key held with one of the receivers.

Proposal for improvement

Some other validation information can be
attached to the system instead of encryption
of the Fuzzy Vault in the module encryption
step.

The validation information should involve use
of a secret biometric feature to implement
security.

Verification of the validation information
should be asymmetric.

Stable Biometric Features

Description (not definition):

Biometric features whose value change very
infrequently among multiple prints of a finger

Deformation Invariant Features V/S Stable Features:
Since biometrics are prone to burst errors in addition
to noise and other deformations due to unavoidable
conditions so only deformation (linear and non
-
linear) invariant features won’t suffice to implement
total invariance.

Fingerprints from same
finger

Deformation invariant
features

Stable Features

Stable Feature Extraction

Element by element quantization

Using the error correcting codes to counter
burst errors.

Element by element quantization

n(~10
-
15) sample features from prints of
same finger are taken at the registration step

Mean and variance of each feature element
is calculated over the samples

Lower and upper bounds on the variance is
set to take care of extreme situations

Clustering of the samples could also be done to
handle the burst errors as error
-
free samples
would cluster out

The possible range of feature values i.e.0
-
255 is divided into blocks of width 6
σ

such
that the mean is at the center of the block.

Any value of a particular feature element is
quantized to the center of the block in which it
lies.

The block
-
length of each division of the
range(0
-
255) for each element and the offset
of the first block from 0 is made public for
quantization.

Feature Elements

n samples

Mean (
μ
)

SD (
σ
)

For each element

0

255

μ

6
σ

Using Error
-
correcting codes for stability

A new scheme has been designed to utilize the
error correcting codes for stability

The mean vector of the sample features is taken as
the quantized feature vector.

This vector is assumed to be a RS error correcting
code of certain desired error correcting capability.

The vector is decoded to get the message

The message is again coded to get the error free
message.

Since the range of values is fixed(0
-
255) a
cyclic shift map is found from the quantized
feature vector (mean) to the error free code.

Mean (
μ
)

Decoded

message

RS decode

RS encode

Error free
code

Error free
code

Mean (
μ
)

Cyclic shift map

The cyclic shift map is made public

Extracting the stable feature

First the feature vector is quantized using the block
-
length and the offset

The quantized feature vector is transformed using
the cyclic shift map and decoded to get the stable
feature.

Feature

Vector

Quantized

Feature Vector

Shifted Vector

Quantization

Cyclic shift map

Stable Feature

RS decode

The Validation Information

The idea is to use the stable biometric as an
encryption key to an RSA cryptosystem to
encode the message digest of the document
to be sent.

The decryption key would be made public so
that anybody is able to get message digest
and the receiver can match it with that of the
document in the fuzzy vault to establish its
validity.

Issue related to Validation Information

Any key of an RSA cryptosystem generated out of
primes p and q should be coprime to the euler’s
function of pq i.e. (p
-
1)(q
-
1)

So, the stable biometric can’t be directly used as a
key.

Proposed solution: map the set of stable biometrics
to the set of possible keys.

The numeric representation of the stable biometric feature
(say
α
) is mapped to

( 1)( 1)
2
( )
p q
nextprime

 

Overall System Working

Document Sending

The sender creates the previously mentioned Modified
Fuzzy Vault using cancelable biometric to lock the
document.

Stable features are extracted from a secret biometric
template and an RSA cryptosystem is generated using it as
described before.

The decryption key is made public and encryption key is
used to encrypt the message digest of document.

The Fuzzy Vault and the Validation Information is sent
along with other necessary identification information to the

Document Receiving

The receiver opens the Fuzzy Vault using the key
corresponding to the desired security level to get the
document.

Receiver extracts the message digest from the Validation
Information using the publicly available decryption key.

He extracts the message digest from the document and
matches it with that in the Validation Information to verify
the document.

The Validation Information part has been
implemented in matlab and has been tested on data
from a single fingerprint to give accurate results with
certain values of constants used.

Currently working on…

Designing a better method for clustering at
the element
-
by
-
element quantization step.

Introducing suitable rotation invariance in the
fingerprint features.

Better core
-
point estimation in a fingerprint
for better features.

Future Work

The only thing the user need to keep on a
secure system or a smart
-
card is the
convolution kernel (Secure Transformation)
for generating the cancelable biometric. We
will try to eliminate that as well.

More exhaustive analysis of the system and
its improvement.

References

A.K. Jain, S. Prabhakar, L. Hong, and S. Pankanti, “Filterbank
-
basedFingerprint Matching”,
IEEE Trans. Image Process.
, 2000,
846

859.

U. Uludag, S. Pankanti, S. Prabhakar, and A.K Jain, “Biometric
cryptosystems: issues and challenges”,
Proceedings of the
IEEE
,

Volume 92,

Issue 6,

June 2004, pp. 948

960.

M. Savvides, B.V.K. Vijaya Kumar, and P.K. Khosla, “Cancelable
biometric filters for face recognition”,
ICPR
, 23
-
26 Aug. 2004, pp.
922
-
925 Vol.3.

A. Juels, and M. Sudan, “A Fuzzy Vault Scheme”,
Proc. IEEE
Int’l. Symp. Information Theory
, 2002, pp. 408.

C.
-
H. Lin, and Y.
-
Y. Lai, “A flexible biometrics remote user
authentication scheme”,
Computer Standards & Interfaces
,
Volume 27, no. 1, Nov. 2004, pp. 19
-
23.

Thank You