Confidentiality and Integrity of the Biometric Fingerprint Template Protection

  • Authors

    • Taqiyah Khadijah Ghazali
    • Nur Haryani Zakaria
    2018-11-26
    https://doi.org/10.14419/ijet.v7i4.29.21956
  • Biometric Fingerprint, Biometric Template Protection, Lightweight Encryption, Authenticated-Encryption Mode, Biometric Cryptosystem

  • Fingerprint is one of the most reliable biometric-based authentication methods for personal identification and providing access control to many applications. Due to its accuracy and convenience, it can never be forgotten or lost since biometric characteristics are biological parts of the users itself. However, previous studies have shown that, fingerprint template are exposed to threat in which the attackers can steal and modified the template to acquire illegal entree. Therefore, a technique to protect the biometric template is required. Biometric template protection consists of two categories, which are feature transformation and biometric cryptosystem. Thus, this paper will focus on biometric cryptosystem specialize in the key binding scheme, which is fuzzy commitment technique. In the key binding scheme, the helper data must not reveal any information concerning the biometric data, but previous studies have shown that it does certainly leak some crucial information. Hence, this paper intends to propose an enhancement to the existing fuzzy commitment technique. The enhancement will involve the key binding scheme of secret key with biometric template to generate AES-128 key algorithm, which is to provide confidentiality alongside with the Offset Codebook Mode (OCB), an authenticated encryption (AE) mode to provide integrity. The enhancement is expected to improve the technique, which will be more secure and robust while maintaining the existing performance.

  • References

    1. [1] [Sapkal S, Deshmukh RR. Biometric Template Protection with Fuzzy Vault and Fuzzy Commitment. Proceedings of the Second International Conference on Information and Communication Technology for Competitive Strategies. (2016);60:1--60:6. doi:10.1145/2905055.2905118.

      [2] Ghazali T, Zakaria N. Security , Comfort , Healthcare , and Energy Saving : A Review on Biometric Factors for Smart Home Environment. Journal of Computers. (2018);29(1):189-208. doi:10.3966/199115992018012901017.

      [3] Mehta G, Dutta MK, Karasek J, Kim PS, Union E. An Efficient and Lossless Fingerprint Encryption Algorithm Using Henon Map & Arnold Transformation. (2013);(Iccc):485-489.

      [4] Mwema J, Kimwele M, Kimani S. A Simple Review of Biometric Template Protection Schemes Used in Preventing Adversary Attacks on Biometric Fingerprint Templates. International Journal of Computer Trends and Technology. (2015);20(1):12-18. doi:10.14445/22312803/IJCTT-V20P103.

      [5] Maltoni D, Maio D, Jain AK, Prabhakar S. Handbook of Fingerprint Recognition. Annals of Physics. (2003);54(ISBN: 978-1-84882-253-5):494. doi:10.1109/MEI.2004.1342443.

      [6] Ratha NK, Connell JH, Bolle RM. Enhancing security and privacy in biometrics-based authentication systems. IBM Systems Journal. (2001);40(3):614-634. doi:10.1147/sj.403.0614.

      [7] Nandakumar K, Jain AK, Nagar A. Biometric template security. Eurasip Journal on Advances in Signal Processing.(2008). doi:10.1155/2008/579416.

      [8] El-Abed M, Lacharme P, Rosenberger C. Privacy and security assessment of biometric systems. (2015).

      [9] Nandakumar K, Jain AK. Biometric Template Protection: Bridging the performance gap between theory and practice. IEEE Signal Processing Magazine. (2015);32(5):88-100. doi:10.1109/MSP.2015.2427849.

      [10] Pagnin E, Mitrokotsa A. Privacy-preserving biometric authentication : challenges and directions Preliminaries on Biometric Authentication Systems. (2017);1-11.

      [11] Rathgeb C, Uhl A. A survey on biometric cryptosystems and cancelable biometrics. EURASIP Journal on Information Security. (2011);(1):1-25. doi:10.1186/1687-417X-2011-3.

      [12] Cavoukian A, Stoianov A. Biometric Encryption. In: Encyclopedia of Biometrics. Springer; (2015);1-14.

      [13] Velciu MA, Patrascu A, Patriciu VV. Bio-cryptographic authentication in cloud storage sharing. SACI 2014 - 9th IEEE International Symposium on Applied Computational Intelligence and Informatics, Proceedings. (2014);(May):165-170. doi:10.1109/SACI.2014.6840054.

      [14] Ratha NK, Chikkerur S, Connell JH, Bolle RM. Generating cancelable fingerprint templates. IEEE Transactions on Pattern Analysis and Machine Intelligence. (2007);29(4):561-572. doi:10.1109/TPAMI.2007.1004.

      [15] Nagar A, Nandakumar K, Jain AK. Biometric Template Transformation: A Security Analysis. Proceedings of SPIE - The International Society for Optical Engineering. (2010). doi:10.1117/12.839976.

      [16] Sadhya D, Singh SK, Chakraborty B. Review of key-binding-based biometric data protection schemes. IET Biometrics. (2016);5(4):263-275. doi:10.1049/iet-bmt.2015.0035.

      [17] Al-Saggaf AA, Haridas A. Statistical Hiding Fuzzy Commitment Scheme for Securing Biometric Templates. International Journal of Computer Network and Information Security. (2013);5(4):8-16. doi:10.5815/ijcnis.2013.04.02.

      [18] Stallings W. Network Security Essentials. 5th ed. Pearson Education, Inc.; (2014).

      [19] Breebaart J, Yang B, Buhan-Dulman I, Busch C. Biometric Template Protection: The need for open standards. Datenschutz und Datensicherheit. (2009);5:299-304. doi:10.1007/s11623-009-0089-0.

      [20] Jacobsson A, Boldt M, Carlsson B. On the Risk Exposure of Smart Home Automation Systems. In: 2014 International Conference on Future Internet of Things and Cloud. ; (2014);183-190. doi:10.1109/FiCloud.2014.37.

      [21] Manifavas C, Hatzivasilis G, Fysarakis K, Rantos K. Lightweight Cryptography for Embedded Systems - A Comparative Analysis. In: In Revised Selected Papers of the 8th International Workshop on Data Privacy Management and Autonomous Spontaneous Security. Springer-Verlag New York, Inc.; (2013);1-18. doi:10.1007/978-3-642-54568-9_21.

      [22] Bogdanov A, Knudsen LR, Leander G, et al. PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier P, Verbauwhede I, eds. Lecture Notes in Computer Science: Vol. 4727. Cryptographic Hardware and Embedded Systems - CHES 2007. Berlin, Heidelberg: Springer-Verlag; (2007);450-466.

      [23] Daemen J, Rijmen V, Leuven KU. AES Proposal : Rijndael. Complexity. (1999);1-45. http://ftp.csci.csusb.edu/ykarant/courses/w2005/csci531/papers/Rijndael.pdf.

      [24] Borghoff J, Canteaut A, Güneysu T, et al. PRINCE - A low-latency block cipher for pervasive computing applications. In: Lecture Notes in Computer Science: Vol. 7658. (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). ; (2012);208-225. doi:10.1007/978-3-642-34961-4.

      [25] Mohd BJ, Hayajneh T, Vasilakos A V. A survey on lightweight block ciphers for low-resource devices: Comparative study and open issues. Journal of Network and Computer Applications. (2015);58:73-93. doi:10.1016/j.jnca.2015.09.001.

      [26] Cid C. Designs and Challenges in Authenticated Encryption. In: International Workshop on Cybersecurity. Kyushu University; (2016). http://staff.cs.kyushu-u.ac.jp/data/event/2016/02/160107_Carlos_Cid.pdf.

      [27] Stallings W, Brown L. Computer Security Principles and Practice.; (2012).

      [28] [28] Ghazali TK, Zakaria NH. An Enhancement Of Lightweight Encryption For Security Of Biometric Fingerprint Data For Smart Home Environment. In: Proceedings of the 6th International Conference on Computing and Informatics, ICOCI 2017 25-27April, 2017 Kuala Lumpur. ; (2017);1-6.

      [29] Chakraborty D, Sarkar P. On modes of operations of a block cipher for authentication and authenticated encryption. Cryptography and Communications. (2016);8(4):455-511. doi:10.1007/s12095-015-0153-6.

      [30] Chen H. Authenticated Encryption Modes of Block Ciphers, Their Security and Implementation Properties. (2009). http://www.emsec.rub.de/media/crypto/attachments/files/2011/03/chen.pdf.

      [31] Krovetz T, Rogaway P. The software performance of authenticated-encryption modes. In: Lecture Notes in Computer Science: Vol. 6733 (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). ; (2011):306-327. doi:10.1007/978-3-642-21702-9_18.

      [32] Rogaway. OCB: Background. http://web.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm. Published (2015).

      [33] Law YW, Doumen J, Hartel P. Survey and benchmark of block ciphers for wireless sensor networks. ACM Transactions on Sensor Networks. (2006);2(1):65-93. doi:10.1145/1138127.1138130.

      [34] Mehran N, Reza Khayyambashi M. Performance Evaluation of Authentication-Encryption and Confidentiality Block Cipher Modes of Operation on Digital Image. International Journal of Computer Network and Information Security. (2017);9(9):30-37. doi:10.5815/ijcnis.2017.09.04.

  • Downloads

  • How to Cite

    Ghazali, T. K., & Zakaria, N. H. (2018). Confidentiality and Integrity of the Biometric Fingerprint Template Protection. International Journal of Engineering & Technology, 7(4.29), 128-133. https://doi.org/10.14419/ijet.v7i4.29.21956