.

Wednesday, November 13, 2019

Biometric Cryptosystem :: Technology, Encryption

As stated in ISO/IEC JTC1 SC37 biometrics is defined as the automated recognition of individuals based on their behavioural; and biological characteristics. As discussed in section-------(Intro to biometrics) the main process involved in biometric recognition are Enrollment and Verification or Identification in general called as recognition. During the Enrollment process features of the captured biometric entity are converted to template, to be stored in database for further matching. At the stage of recognition , template obtained from the features of the realtime biometric entity are compared against the stored template. The result of matching process involved in recognition is either accept or reject[1]. It has been a long time belief that the biometric signals or data cannot be reconstructed from the stored templates but Cappelli et.al and Ross et.al[2][3] has proven that the belief of biometric data reconstruction from the templates is possible. In order to protect the biometric data , several standard encryption algorithms has been used. But, this attempt leaves the biometric templates exposed during every authentication attempt[4]. Even homomorphic and asymmetric encryption schmes [5][6][7] represent some exceptions. Conventional cryptosystems is based on the possession of secret keys and key management is performed using second layer authentication entity like password[8]. Decryption keys in this scheme could be obtained by using the password. To overcome the drawbacks of the existing schemes, biometric template protection schemes which are commonly called as biometric cryptosystems also referred to as Helper data-based scheme are proposed. Two major requirements of biometric information protection as per ISO/IEC FCD 24745 standard are, †¢ Irreversibility Reconstruction of original biometric template from the stored template should be made difficult whereas construction of protected biometric template from the stored template should be made easy. †¢ Unlinkability Several different versions of protected biometric templates can be generated based on the same biometric data, which is referred to as renewability whereas the protected templates should not cross-match, which is referred to as diversity. Biometric cryptosystems herein after referred to as BCS are designed to securely bind a digital key to a biometric or generate a digital key [9]. BCS paves way for the growth of biometric dependant key-release and biometric template protection [10][11]. BCS is more difficult to forge, copy, share and distribute biometric data when compared to that of passwords [1]. Conventional biometric cryptosystems perform fuzzy comparisons by applying decision thresholds. Decision thresholds are obtained based on the score distributions between genuine and imposter subjects, whereas BCS gives only stable keys as output , which are required for matching at the authentication stage.

No comments:

Post a Comment