Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
A New Biometrics based Key Exchange and Deniable Authentication Protocol

A New Biometrics based Key Exchange and Deniable Authentication Protocol

Ratings: (0)|Views: 517 |Likes:
Published by ijcsis

More info:

Published by: ijcsis on Jun 12, 2010
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





A New Biometrics based Key Exchange andDeniable Authentication Protocol
K. Saraswathi
Asst.Proffessor, Department of Computer ScienceGovt Arts CollegeUdumalpet, Tirupur, Indiadharundharsan@rediffmail.com
Dr. R. Balasubramanian
Dean Academic AffairsPPG Institute of TechnologyCoimbatore, Indiaramamurthybala2@gmail.com
Wireless Local Area Networks (WLANs) are gainingrecognition as they are fast, cost effective, supple and easy to use.The networks face a serious of issues and challenges in establishingsecurity to the users of the network. With users accessing networksremotely, transmitting data by means of the Internet and carryingaround laptops containing sensitive data, ensuring security is anincreasingly multifarious challenge. Therefore it is necessary to makesure the security of the network users. In order to provide network security many techniques and systems have been proposed earlier inliterature. Most of these traditional methods make use of password,smart cards and so on to provide security to the network users.Though these traditional methods are effective in ensuring securitythey posses some limitations too. The problem with these traditionalapproaches is that there is possibility to forget the password. Moreover, compromised password lead to a fact, that unauthorized user can have access to the accounts of the valid user. This paper  proposes an approach for network security using biometrics
and deniable authentication protocol. The human biometrics like hand geometry, face, fingerprint, retina, iris, DNA, signature and voicecan be effectively used to ensure the network security. The diverse phases included in this proposed approach are user registration, fingerprint enhancement, minutiae point extraction, mapping functionand deniable authentication protocol. Furthermore, biometricauthentication systems can be more convenient for the users since it involves no password that might be feared to be forgotten by thenetwork users or key to be lost and therefore a single biometric trait (e.g., fingerprint) can be used to access several accounts without theburden of remembering passwords.
This proposed paper alsoexplains some of the fingerprint enhancement techniques to make thebiometric template noise free. Experiments are conducted to evaluatethe performance measure of the proposed approach.
Biometrics, Cryptography, Data Security, Fingerprint,Mapping Function, Minutiae Point, Network Security, User Registration
INTRODUCTIONAccurate, automatic identification and authentication of users is an elemental problem in network environments.Shared secrets such as personal identification numbers or  passwords and key devices like smart cards are not justenough in some cases. This authentication method hastraditionally been based on passwords. The problem with thesetraditional approaches is that there is possibility to forget the password. Moreover, compromised password lead to a fact,that unauthorized user can have access to the accounts of thevalid user. The Biometric based user authentication systemsare highly secured and efficient to use and place total trust onthe authentication server where biometric verification data arestored in a central database [1]. This biometrics based user authentication system improves the network security. Some of most widely used biometric are hand geometry, face,fingerprint, retina, iris, DNA, signature and voice.Biometrics is the science of measuring and statisticallyanalyzing biological data can be used to recognize different body parts like the eyes, fingerprints, facial characteristics,voice etc. Thus, it takes security to the next level by not justconfining it to authenticating passwords, fingerprint matchingtechniques [2]. Based on the individual's biometriccharacteristics a biometric system recognizes an individual.The process of a biometric system can be described, in a beginner's manner, by a three-step process. The foremost stepin this process is collection of the biometric data which isformally known as user registration. This step uses differentsensors, to assist the user in the registration process. Thesecond step converts and describes the observed data using adigital representation called a template. This step varies between modalities and also between vendors. In the thirdstep, the newly acquired template is compared with one or more previously generated templates stored in a database. Theresult of this comparison is a “match” or a “non-match” and isused for actions such as permitting access, sounding an alarm,etc [15].Declaring a match or non-match is based on the obtainedtemplate being analogous, but not one and the same, to thestored template. A threshold determines the measure of similarity necessary to result in a match declaration. Theacceptance or rejection of biometric data is completelydependent on the match score falling above or below thethreshold. The threshold is adjustable so that the biometricsystem can be more or less stringent, depending on therequirements of any given biometric application [15]. Amongall the biometric techniques, today fingerprints are the mostwidely used biometric features for personal identification because of their high acceptability, Immutability andindividuality.This paper proposes a technique to secure the network communication using biometric characteristics obtained fromthe individuals. The biometric characteristic used in this paper is fingerprint. This proposed paper utilizes image processingtechnique to extract the biometric measurement calledminutiae from the user’s fingerprint. The user’s full finger  print image is converted and stored as encrypted binarytemplate, which is used for authentication by the server of thenetwork. The user’s biometric verification data are firsttransformed into a strong secret and is then stored in the
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010188http://sites.google.com/site/ijcsis/ISSN 1947-5500
server’s database during registration. The proposed system isevaluated to determine the performance measures.The remainder of this paper is organized as follows. Section2 discusses some of the related work proposed earlier inassociation to biometric based network security. Section 3describes the proposed approach of providing network securityusing the biometric characteristics obtained fingerprint.Section 4 illustrates the performance measures and Section 5concludes the paper with directions to future work.II.
 A lot of research has been carried out in the field of establishing network security based on biometric featuresobtained from individual user [13] [14]. This section of the paper discusses some of the related work proposed earlier inassociation to biometric based network security.In their work [3] Rahman et al. proposed architecture for secure access of computers inside an organization from aremote location. They used biometrics features and a one-time password mechanism on top of secure socket layer (SSL) for authentication. Moreover they also provided three layers of security levels for network communication, and also amechanism for secure file accesses based on the security privileges assigned to various users was proposed. The files to be accessed from the server are categorized depending on their access privileges and encrypted using a key assigned to eachcategory. The test results of their approach evaluated the performance of their proposed approach.Chung et al. in [4] described a method for biometric basedsecret key generation for protection mechanism. The bindingof the user's identity and biometric feature data to an entity is provided by an authority through a digitally signed datastructure called a biometric certificate. Therefore, the maingoal (or contribution) of their work is to propose a simplemethod for generating biometric digital key with biometriccertificate on fuzzy fingerprint vault mechanism. Biometricdigital key from biometric data has many applications such asautomatic identification, user authentication with messageencryption, etc. Therefore, their work analyzed the relatedexisting scheme and proposed a simplified model where ageneral fuzzy fingerprint vault using biometric certificate withsecurity consideration.Dutta et al. in [5] presented a novel method for providingnetwork security using biometric and cryptography. They proposed a biometrics-based (fingerprint)Encryption/Decryption Scheme, in which unique key isgenerated using partial portion of combined sender's andreceiver's fingerprints. From this unique key a randomsequence is generated, which is used as an asymmetric key for  both Encryption and Decryption. Above unique Key is send by the sender after watermarking it in sender's fingerprintalong with Encrypted Message. The computationalrequirement and network security features are addressed.Proposed system has a advantage that for public key, it has notto search from a database and security is maintained. Network security issues are projected by Benavente et al. in[6]. The Internet is increasingly becoming a public vehicle for remote operations. Integrating biometric information in theauthentication chain explores new problems. Remote virtualidentity is starting to play in the way towards an e-Europe, andapplications for e-government integrate biometrics. Remoteidentity of subjects should be unambiguously stated. Severalfeatures drive the spread of biometric authentication innetwork applications, in order to provide end-to-end securityacross the authentication chain aliveness detection and fake-resistive methods, network protocols, security infrastructure,integration of biometrics and public key infrastructure (PKI),etc. Their paper proposed a mid-layer interoperablearchitecture furnished with a set of generic interfaces and protocol definitions. Their scheme enables a futureintroduction of new modules and applications with a minimaldevelopment effort.An intelligent fingerprint based security system wasdesigned and developed by Suriza et al. in [7]. Traditionally,user authentication is meant to provide an identificationnumber or a password that is unique and well protected toassure the overall system security. This type of securitysystem is very fragile in an area where a higher level of security system is required. Biometrics-based system offers anew and better approach to user authentication. Biometricsauthentication is an automated method whereby an individualidentity is confirmed by examining a unique physiologicaltrait or behavioral characteristic, such as fingerprint, iris, or signature, since physiological traits have stable physicalcharacteristics. The design and development of a fingerprint- based security system, comprising the scanner, interfacesystem, Boltzmann machine neural network and access controlsystem is discussed in this paper. The integration between thehardware and the software is completed by using Visual Basic6 programming language. The results obtained both for thesimulation studies and testing of the integrated system withreal-life physical system have demonstrated the practicality of such system as well as its potential applications in manyfields.Ronald in [8] put forth an alternative approach for passwordin network security using biometrics. Passwords are the primary means of authenticating network users. However,network administrators are becoming concerned about thelimited security provided by password authentication. Manyadministrators are now concluding that their password-basedsecurity systems are not all that secure. User passwords areroutinely stolen, forgotten, shared, or intercepted by hackers.Another serious problem is that computer users have becometoo trusting. They routinely use the same password to enter  both secure and insecure Web sites as well as their networks atwork. In response to the proven lack of security provided by password authentication, network administrators are replacingnetwork passwords with smartcards, biometric authentication,or a combination of the three. Smart cards are credit card-sizedevices that generate random numbers about every minute, insync with counterparts on each entry point in the network.Smart cards work well as long as the card isn't stolen. A better 
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010189http://sites.google.com/site/ijcsis/ISSN 1947-5500
choice to ensure network security is the use of biometrics.Their paper investigated the different biometric techniquesavailable to determine a person's identity. Also described,were the criteria for selecting a biometric security solution. Inconclusion, efforts to establish biometric industry standards(including standard application program interfaces (APIs))were discussed.III.
 Biometric cryptosystems [9] join together cryptography and biometrics to promote from the strengths of both fields. Insuch systems, while cryptography provides high andadjustable security levels, biometrics brings in non-repudiationand eliminates the must to remember passwords or to carrytokens etc. In biometric cryptosystems, a cryptographic key isgenerated from the biometric template of a user stored in thedatabase in such a way that the key cannot be revealed withouta successful biometric authentication.The overall architecture of the biometric system to improvenetwork security is shown in figure 1. The Server maintains adatabase where the encrypted minutia template of the user’sfinger print is stored. In this setting, users communicate withthe server for the principle of user authentication, by renderingusers fingerprint, which is transformed into a long secretdetained by the server in its database [1].Figure 1.Biometric SystemFigure 2 shows a common idea of obtaining the minutiae points from biometric feature obtained from the user. The keyvector is formed based on minutiae points (ridge ending andridge bifurcation) are encountered in the given finger printimage [10]. Figure 2 shows various steps involved in the proposed system for network security using biometrics.Figure 2 Steps involved in Extracting Feature Point
User Registration
This step is popularly known as Enrolment phase. In all thesecurity system to enroll as a legitimate user in a service, auser must previously register with the service provider byascertaining his/her identity with the provider. Therefore ascanner is used to scan the fingerprint of the user to revealhis/her identity for the first time. The finger print image thusobtained undergoes a series of enhancement steps. This isdescribed in the following section of this proposed paper.
Fingerprint Enhancement 
This is very important step in designing a security systemfor network security using biometrics. This step comprise of the subsequent processing on the obtained fingerprint image.As we all know a fingerprint is made of a series of ridges andfurrows on the surface of the finger. This determines theuniqueness of the individuals fingerprint. No two fingerprintscan have the same pattern of ridges and furrows. Minutiae points are local ridge characteristics that happen at either aridge bifurcation or a ridge ending. The ridges hold theinformation of characteristic features obligatory for minutiaeextraction therefore the quality of the ridge structures in afingerprint image turns out to be an important characteristic.The obtained image is then subjected to image enhancementtechniques to reduce the noise [11]. The following are thewidely used image improvement techniques, normalization,orientation estimation, local frequency estimation, Gabor filtering, and thinning.
The process of standardizing the intensity values in animage by adjusting the range of gray-level values so that it lieswithin a desired range of values is termed as “normalization”.Moreover the ridge structures in the fingerprint are notaffected as a result of this process. It is carried out tostandardize the dynamic levels of variation in gray-levelvalues that facilitates the processing of subsequent imageFingerprint ImagePreprocessingMinutiae FeatureExtractionMapping Function NormalizationOrientationEstimationFrequencyEstimationFilterinThinnin
(IJCSIS) International Journal of Computer Science and Information Security,Vol. 8, No. 2, May 2010190http://sites.google.com/site/ijcsis/ISSN 1947-5500

Activity (17)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
Ravi Kiran liked this
Nikita Jain liked this
Kumar Mani liked this
Sudha Manjunath liked this
Sudha Manjunath liked this
sunilvkg liked this
sunilvkg liked this
sunilvkg liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->