Enhancing security by combining biometrics and cryptography

Popa, D.; Simion, Emil

doi:10.1109/ecai.2017.8166461

Cited by 7 publications

(3 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Security Analysismentioning

confidence: 99%

“…In the literature, a number of defenses have been proposed for the attacks mentioned in (1) to (10) [26][27][28]. In [26,27], it is proposed to combine cryptography and biometric security in order to design a stronger authentication system. The authors in [28] discussed many different defenses for biometric recognition systems, including risk-based approach, systems and security architecture, defensive measures, challenge/response, retention of data, randomizing input biometric data, liveness detection, multiple biometrics, multi-modal biometrics, multi-factor authentication, soft biometrics, signal and data integrity and identity, cryptography and digital signatures, template integrity, cancellable biometrics, hardware integrity, network hygiene, physical security, activity logging, policy, and compliance checking.…”

Section: Security Analysismentioning

confidence: 99%

See 1 more Smart Citation

Utilizing Transfer Learning and Homomorphic Encryption in a Privacy Preserving and Secure Biometric Recognition System

2018

View full text Add to dashboard Cite

Biometric verification systems have become prevalent in the modern world with the wide usage of smartphones. These systems heavily rely on storing the sensitive biometric data on the cloud. Due to the fact that biometric data like fingerprint and iris cannot be changed, storing them on the cloud creates vulnerability and can potentially have catastrophic consequences if these data are leaked. In the recent years, in order to preserve the privacy of the users, homomorphic encryption has been used to enable computation on the encrypted data and to eliminate the need for decryption. This work presents DeepZeroID: a privacy-preserving cloud-based and multiple-party biometric verification system that uses homomorphic encryption. Via transfer learning, training on sensitive biometric data is eliminated and one pre-trained deep neural network is used as feature extractor. By developing an exhaustive search algorithm, this feature extractor is applied on the tasks of biometric verification and liveness detection. By eliminating the need for training on and decrypting the sensitive biometric data, this system preserves privacy, requires zero knowledge of the sensitive data distribution, and is highly scalable. Our experimental results show that DeepZeroID can deliver 95.47% F1 score in the verification of combined iris and fingerprint feature vectors with zero true positives and with a 100% accuracy in liveness detection.

show abstract

Section: Security Analysismentioning

confidence: 99%

Section: Security Analysismentioning

confidence: 99%

Utilizing Transfer Learning and Homomorphic Encryption in a Privacy Preserving and Secure Biometric Recognition System

2018

View full text Add to dashboard Cite

show abstract

“…There has been a report of low entropy for the space of the prime numbers being generated for RSA key derivation which leads to compromise of the key [2]. To improve the randomness, an effective combination of biometrics with cryptography, i.e., biometric cryptosystem [3,4] has emerged.…”

Section: Introductionmentioning

confidence: 99%

Two-factor-based RSA key generation from fingerprint biometrics and password for secure communication

Suresh

Pal

Balasundaram

2022

Complex Intell. Syst.

View full text Add to dashboard Cite

In an asymmetric-key cryptosystem, the secure storage of private keys is a challenging task. This paper proposes a novel approach for generating the same public and private key pair on a need basis. Hence, the need for secure storage of the private key is done away with. The proposed approach for generating the key pair is based on two factors: fingerprint biometrics and password. A stable binary string is generated from the distances among pairs of minutiae points in a fingerprint using a gray code-based method. Experiments show that gray code representation significantly reduces the number of inconsistencies between the generated bit strings from two instances of the same fingerprint as against the binary code representation. Hence, the Reed–Solomon error correction code successfully corrects errors due to variations in multiple instances of the same fingerprint to induce stability in the generated string. Hash of the stable string generated from the fingerprint and the string generated from hashed password are XORed to derive a stable seed value. The proposed approach uses this seed value to generate two large prime numbers. These prime numbers are used to generate the public and private key pair using the RSA key generation method. This seed value ensures the generation of the same key pair every time. The experimental results show that the proposed approach can ensure a stable generation of the key. It is not required to store either the fingerprint template or the password. Moreover, the generated private key is also not stored. It can be regenerated on a need basis.

show abstract