Securing Stored Biometric Template Using Cryptographic Algorithm

Securing Stored Biometric Template Using Cryptographic Algorithm

Manmohan Lakhera (Uttarakhand Technical University, Rishikesh, India) and Manmohan Singh Rauthan (HNB Garhwal University, Srinagar, India)
Copyright: © 2018 |Pages: 13
DOI: 10.4018/IJRSDA.2018100103

Abstract

The biometric template protection technique provides the security in many authentication applications. Authentication based on biometrics has more advantages over traditional methods such as password and token-based authentication methods. The advantage of any biometric-based authentication system over a traditional one is that the person must physically be present at that place while recognizing him. So, it is essential to secure these biometrics by combining these with cryptography. In the proposed algorithm, the AES algorithm is used for securing the stored and transmitted biometric templates using helping data. The helping data is a variable type of data which is changed at every attempt for registration. The final symmetric key AES algorithm is a combination of helping data and actual symmetric keys of the AES algorithm. The experimental analysis shows that a brute force attack takes a long time to recover the original biometric template from cipher biometric template. So, the proposed technique provides sufficient security to stored biometric templates.
Article Preview

1. Introduction

Security of stored biometric template is the main challenge in today’s digital scenario. This chapter explores how to resolve the current security issues with the stored biometric template. The main objective of the proposed technique is to secure the biometric template before storing it into the database. For the security of biometric template, the AES encryption algorithm is used with helping data which will use as a symmetric key for AES encryption algorithm. This research is mainly based on the oldest security system of stored data where the password was stored as it is in normal text format in the personal computer database and the regular text format is easily compromised. If the normal password is compromised, one can easily change and replace it with the new one. However, if the stored biometric feature is compromised, it will be lost permanently, and the user can never use this biometric feature in future for any verification process. The biometric template security is based on three types of technique- transformation, biometric cryptosystem and watermarking. The proposed scheme is based on template transformation technique.

1.1. Template Transformation

Template transformation is a process where the input biometric template is modified by the user given key which is difficult to retrieve the original biometric template from the encoded template. During authentication, the same process is applied to the biometric query. The input biometric feature is also encrypted by the same user specific key. For verification the stored and received biometric template are decrypted and then are matched with each other; if the received and stored biometric feature is matched then the requested user is authorized or if does not match, the request for verification is rejected.

2. Previous Work

Biometric template is the particular attributes of a biometric sample. It is a reference to particular attributes that have been extracted from a biometric sample. This paper is dealt with the background study of biometric template security techniques. Many research scholars have work on this technique. Jain et al., (2002, 2008) pointed that the fake biometric data replaces the stored biometric data in order to illegal access such as physical spoof, a set of fake biometric data. For gaining illegal access the stolen biometric is replayed to the matcher. The stored biometric data consist of the data of an individual in a database which is used for comparison for biometric verification system. If the biometric data is quite close to the one presented, the person is verified. Hence this system has great problem for security of the biometric data. The privacy of stored biometric data is affected by internal and external attacks.

Rudolf et al., (1998), Maltoni et al., (2009), Putte and Keuning (2000) have analyzed the problem in verification system. During verification system in large scale the stored database can be accessed by several verifiers who cannot be trusted. The database is not secured from the serious threat in a network situation. According to Matsumoto et al., (2002) the biometric data can be mistreated to construct artificial biometric in order to impersonate individual.

Hill et al., (2001) point out that the artificial biometric used for illegal verification may be constructed if some data of biometric (minutia) are available. Schneier, (1999) hold the view that the identity of an individual is stolen if his biometric data is stolen. The identity of a person is lost permanently when his biometric data is stolen. Therefore, it is very essential to maintain the security of biometric data. vide (Babler, 1991; Miller, 1973; Penrose, 1965) show the genetic information in the fingerprint which creates a serious problem. Ratha et al. (2001) finds the different types of attack on biometric system:

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 6: 4 Issues (2019): 1 Released, 3 Forthcoming
Volume 5: 4 Issues (2018)
Volume 4: 4 Issues (2017)
Volume 3: 4 Issues (2016)
Volume 2: 2 Issues (2015)
Volume 1: 2 Issues (2014)
View Complete Journal Contents Listing