Biometrics based Cryptosystem Design

licoricebedsSécurité

22 févr. 2014 (il y a 3 années et 3 mois)

73 vue(s)

Biometrics based
Cryptosystem Design

Under :

Prof. Santanu Chaudhury

Dr. Lipika Dey

By :

Abhishek Nagar

2001057

Cryptosystem




A mechanism using which one can
encode an information content to an
incomprehensible form and also recover the
original content when desired.


Biometrics



Biometrics is the science and technology
of authentication (i.e. establishing the identity
of an individual) by measuring the subject
person's physiological or behavioral features.

Motivation

Normally used cryptosystems have a number of
associated inconveniences and problems such as


User needs to remember passwords


could be forgotten.


User has to carry smart cards


could be lost or stolen.


Problem of non
-
repudiation


The user who generated the cryptic message can easily
deny his involvement

Biometrics is a solution to these problems


Difficulties in using Biometrics


Non
-
repeatability


Every time one obtains a biometric, its value is not
exactly the same as that obtained before.


Limited Number


Easily Accessible to public

Biometric used & Feature Extraction


Fingerprints are used as a key to our
cryptosystem


Features are extracted using a set of gabor
filters applied on all the elements of a
tessellated fingerprint.

Gabor Feature Extraction

Reference Point Location


Divide the fingerprint image, into non
-
overlapping
blocks


Compute the intensity gradients using sobel
operator


Estimate the local orientation as


Compute E, an image containing only the
sine
component of
O




(,) sin('(,))
E i j O i j

1
1
2
(.)
(,) tan
(,)
y
x
V i j
O i j
V i j

 

 
 
(,)
O i j

Initialize
’A’
, a label image


used to indicate the reference


point



Find the maximum value in
’A’

and assign its
coordinate to the reference point.


Repeat steps by using a window size of
w’
×
w’

,
where
w’<w

to get a fine estimate


The different sizes taken are 5, 10 and 15 pixels

1 2
(,) (,) (,)
R R
A i j E i j E i j
 
 
Sector
-
Wise Normalization

Tessellate fingerprint image into sectors and
normalize pixels in each sector as:



Gabor Filters





where
f
is the frequency, and are the space constants


2 2
2 2
''
1''
(,,,) exp cos(2')
2
'sin( ) cos( )
'cos( ) sin( )
x y
x y
G x y f fx
x x y
y x y
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 
x

y

2
0
0
2
0
0
( (,) )
(,)
(,)
( (,) )
i
i
i
i
i
i
V I x y M
M ifI x y M
V
N x y
V I x y M
M otherwise
V


 









fig


Each sector is filtered using gabor filters for
four different values of
θ

in {0,45,90,135}


the feature value,
V

, is the average absolute
deviation from the mean defined as




where
n
i

is the number of pixels in
S
i

and
P


is the
mean of pixel values of
F

(x, y)



Finally a feature vector is generated whose
elements have value in the range 0
-
255


1
(,)
i
i i i
n
i
V F x y P
n
  
 
 
 
 

Addressing problems associated with
using biometrics

Limited number & Open to public


Transform the Biometric Features into a new set of
features using a Secure Transformation


No. of bio
-
keys=No. of Transformations


Added security since transformation function is kept secret


Secure Transformation should have some desirable
qualities


Range of value of elements of feature vector should not
vary non uniformly


Secure Transformation


Transformation matrix is generated using a set of
random numbers.


Feature vector to be transformed is converted to
matrix form and convolved with the Transformation
matrix to get the Secure Features.

Fingerprint Features

in Matrix Form

Random Kernel

Secure Fingerprint

Features

Non
-
Repeatability


Usual cryptosystems fail with biometrics
since each time one obtains a biometric, its
value is not exactly the same as that obtained
before.


There is a high probability that a person is not
able to decipher the message encrypted using
biometrics


Modified Fuzzy Vault Scheme is used instead
of usual cryptosystem.

Modified Fuzzy Vault Scheme


Fuzzy Vault


A secret message ‘M’ is encrypted into a fuzzy
vault ‘V’ using another data ‘A’


‘M’ can be decrypted using a data ‘B’ sufficiently
close to ‘A’


Creation of Fuzzy Vault


The secret message ‘M’ is the Document of length
k.


Data ‘A’ is the biometric template.


‘M’ is encoded using the Reed
-
Solomon codes to
‘C’ of length n=2
t
-
1


RS codes have error correcting capacity of (n
-
k)/2 where
k is the length of ‘M’


n triplets are formed such that a randomly chosen
position(1,2or3) say Position (i) of the i
th

triplet is
the i
th
number from code ‘C’ and the other two
numbers are randomly chosen.


Call the triplet Locking Set 1


Another n triplets are formed such that


i
th

triplet contains i
th

biometric element at Position(i)


The other two elements are such that they form an
arithmetic progression with distance=FV_tolerance


Call it Locking Set 2


Unlocking the Fuzzy Vault


Using the biometric, find the Position(i)


Position(i) is the position of the element in i
th

triplet in
Locking Set 2 which is closest to i
th
biometric element


Find value at Position(i) in the Locking Set 1, this
should be the i
th

value of the Reed
-
Solomon code.


Decode the Reed
-
Solomon code to obtain the
message.

Non
-
Repudiability


Since Fuzzy Vault is Symmetric Cryptosystem, the
encryption key is same as decryption key.


Causes a set
-
back in terms of non
-
repudiability


Solution


Encryption module has its own set of encryption and
decryption keys.


Created Fuzzy Vault is encrypted by the module whose
decryption key is made public.


No possibility of creation of fuzzy vault outside Encryption
Module using the key.

Invariant Features


Invariant feature I of data d for a transformation T is
the feature such that:



Invariant features are used instead of biometrics.


Transformed biometric is sent


Actual biometric is secure


Same key serves for different cryptosystems by changing
the set of Invariants.


Key to hierarchical security

( ( )) ( )
I T d I d


Permutation used as Transformation


Values of elements are not changed


Invariant Feature is the increasing order of the
feature elements


Hierarchical Security


Message can be encoded with different security levels


Receivers with a key for security level higher than the
encryption security are able to decode.


Implemented by doing binary subdivision of the Secure
Feature and evaluating Invariant Features for each division.


Increasing order of first 2k permuted elements is same as
increasing order of join of first k permuted elements and next k
permuted elements.

Complete System Design

The complete system is implemented in
MATLAB
.


SERVER


-
RSA Field

&

Decr. Key for

Each module

MODULE1


-
Encr. Key

-
Secure Tr. For

Each user

MODULE2


-
Encr. Key

-
Secure Tr. For

Each user


MODULE3


-
Encr. Key

-
Secure Tr. For

Each user


USER1

USER2

USER1

USER1

USER2

System Initialization


Each Module is initialized with its RSA keys and
Field and is added to the Server.


Decryption key and Field are registered with server


Each user is added to a module


User’s Secure Transformation and Identity are registered
with the module.

Document Sending


Calculate Gabor Features of the fingerprint


Transform the Fingerprint Features to get Secure
Fingerprint Features


Generate and RSA cryptosystem(32 bit in our case)
randomly having


Field n


Encryption Key e


Decryption Key d


Divide the document into chunks of appropriate length(2 in
our case) such that the numeric equivalent of each chunk is
less than n for the encryption to work properly. Pad the
message if required.


Encrypt the document using e


Each digit of the number d is considered as an 8
-
bit
character to be secured in the fuzzy vault


Append random digits to d such that its length becomes
255
-
2*Permissible_Error


Find the invariant features corresponding to the desired
security level to create Modified Fuzzy Vault


Encrypt Modified Fuzzy Vault using Module Encryption Key


Send the Encrypted Modified Fuzzy Vault, the Encrypted
Document, Security Level, Module Id, User identity, the
padded values, n and the length of d


Encryption

Biometric

Features

Secure

Transformation

Secure

Features

Invariant

Extraction

Invariant


Feature

Invariant


Feature

Document

Key

Fuzzy

Vault

Modified Fuzzy Vault

Encryption Algorithm

Fuzzy

Vault

Module Encryption

Encrypted Fuzzy

Vault

Document Receiving


Find the invariant features corresponding to the Security
Level


Decrypt the Modified Fuzzy Vault using module Decryption
Key


Open the Modified Fuzzy Vault using the invariant features
to get d


Obtain the actual d taking only the first desired digits


Decrypt the Document using n and d to get the Document

Decryption

KEY

Document

key

Invariant

Extraction

Invariant


Feature

Modified Fuzzy Vault

Decryption Algorithm

Encrypted

Fuzzy Vault

Module

Encryption

Fuzzy

Vault

Results obtained using this cryptosystem

FAR and FRR for Modified Fuzzy Vault

FV_tol.

FAR

(%)

FRR

(%)

FV_tol.

FAR

(%)

FRR

(%)

2

0

5

12

2.78

0

4

0

0

14

9.72

0

6

0

0

16

11.1

0

8

0

0

18

16.7

0

10

2.78

0

20

19.4

0

Drawback in the proposed system

The implementation of the previous cryptosystem
required a special network of modules for
implementing the final step in the encryption stage,
the Module Encryption step.


The role of module encryption step was to ensure that
the message was sent using a legitimate fingerprint
extracted from a person and not using the
decryption key held with one of the receivers.

Proposal for improvement


Some other validation information can be
attached to the system instead of encryption
of the Fuzzy Vault in the module encryption
step.


The validation information should involve use
of a secret biometric feature to implement
security.


Verification of the validation information
should be asymmetric.

Stable Biometric Features

Description (not definition):


Biometric features whose value change very
infrequently among multiple prints of a finger


Deformation Invariant Features V/S Stable Features:
Since biometrics are prone to burst errors in addition
to noise and other deformations due to unavoidable
conditions so only deformation (linear and non
-
linear) invariant features won’t suffice to implement
total invariance.

Fingerprints from same
finger

Deformation invariant
features

Stable Features

Stable Feature Extraction


Element by element quantization


Using the error correcting codes to counter
burst errors.

Element by element quantization


n(~10
-
15) sample features from prints of
same finger are taken at the registration step


Mean and variance of each feature element
is calculated over the samples


Lower and upper bounds on the variance is
set to take care of extreme situations


Clustering of the samples could also be done to
handle the burst errors as error
-
free samples
would cluster out


The possible range of feature values i.e.0
-
255 is divided into blocks of width 6
σ

such
that the mean is at the center of the block.


Any value of a particular feature element is
quantized to the center of the block in which it
lies.


The block
-
length of each division of the
range(0
-
255) for each element and the offset
of the first block from 0 is made public for
quantization.


Feature Elements

n samples

Mean (
μ
)

SD (
σ
)

For each element

0

255

μ

6
σ

Using Error
-
correcting codes for stability


A new scheme has been designed to utilize the
error correcting codes for stability


The mean vector of the sample features is taken as
the quantized feature vector.


This vector is assumed to be a RS error correcting
code of certain desired error correcting capability.


The vector is decoded to get the message


The message is again coded to get the error free
message.


Since the range of values is fixed(0
-
255) a
cyclic shift map is found from the quantized
feature vector (mean) to the error free code.

Mean (
μ
)

Decoded

message

RS decode

RS encode

Error free
code

Error free
code

Mean (
μ
)

Cyclic shift map


The cyclic shift map is made public

Extracting the stable feature


First the feature vector is quantized using the block
-
length and the offset


The quantized feature vector is transformed using
the cyclic shift map and decoded to get the stable
feature.

Feature

Vector

Quantized

Feature Vector

Shifted Vector

Quantization

Cyclic shift map

Stable Feature

RS decode

The Validation Information


The idea is to use the stable biometric as an
encryption key to an RSA cryptosystem to
encode the message digest of the document
to be sent.


The decryption key would be made public so
that anybody is able to get message digest
and the receiver can match it with that of the
document in the fuzzy vault to establish its
validity.

Issue related to Validation Information


Any key of an RSA cryptosystem generated out of
primes p and q should be coprime to the euler’s
function of pq i.e. (p
-
1)(q
-
1)


So, the stable biometric can’t be directly used as a
key.


Proposed solution: map the set of stable biometrics
to the set of possible keys.


The numeric representation of the stable biometric feature
(say
α
) is mapped to

( 1)( 1)
2
( )
p q
nextprime

 

Overall System Working


Document Sending


The sender creates the previously mentioned Modified
Fuzzy Vault using cancelable biometric to lock the
document.


Stable features are extracted from a secret biometric
template and an RSA cryptosystem is generated using it as
described before.


The decryption key is made public and encryption key is
used to encrypt the message digest of document.


The Fuzzy Vault and the Validation Information is sent
along with other necessary identification information to the
receiver.


Document Receiving


The receiver opens the Fuzzy Vault using the key
corresponding to the desired security level to get the
document.


Receiver extracts the message digest from the Validation
Information using the publicly available decryption key.


He extracts the message digest from the document and
matches it with that in the Validation Information to verify
the document.


The Validation Information part has been
implemented in matlab and has been tested on data
from a single fingerprint to give accurate results with
certain values of constants used.

Currently working on…


Designing a better method for clustering at
the element
-
by
-
element quantization step.


Introducing suitable rotation invariance in the
fingerprint features.


Better core
-
point estimation in a fingerprint
for better features.

Future Work


The only thing the user need to keep on a
secure system or a smart
-
card is the
convolution kernel (Secure Transformation)
for generating the cancelable biometric. We
will try to eliminate that as well.


More exhaustive analysis of the system and
its improvement.


References


A.K. Jain, S. Prabhakar, L. Hong, and S. Pankanti, “Filterbank
-
basedFingerprint Matching”,
IEEE Trans. Image Process.
, 2000,
846

859.


U. Uludag, S. Pankanti, S. Prabhakar, and A.K Jain, “Biometric
cryptosystems: issues and challenges”,
Proceedings of the
IEEE
,

Volume 92,

Issue 6,

June 2004, pp. 948


960.


M. Savvides, B.V.K. Vijaya Kumar, and P.K. Khosla, “Cancelable
biometric filters for face recognition”,
ICPR
, 23
-
26 Aug. 2004, pp.
922
-
925 Vol.3.


A. Juels, and M. Sudan, “A Fuzzy Vault Scheme”,
Proc. IEEE
Int’l. Symp. Information Theory
, 2002, pp. 408.


C.
-
H. Lin, and Y.
-
Y. Lai, “A flexible biometrics remote user
authentication scheme”,
Computer Standards & Interfaces
,
Volume 27, no. 1, Nov. 2004, pp. 19
-
23.

Thank You