You are on page 1of 42

Biometric Authentication using wavelets and visual cryptography

2012

1


A SEMINAR REPORT ON



“BIOMETRIC AUTHENTICATION USING WAVELETS AND VISUAL
CRYPTOGRAPHY”


SUBMITTED BY

VINIT ANIL GAIKWAD
ROLL NO. 42067
TE COMPUTER DIV. I




SEMINAR GUIDE
Prof. Mrs.S.S.Paygude

Department of Computer Engineering
MAHARASHTRA INSTITUTE OF TECHNOLOGY
PUNE-411038
2011-2012
Biometric Authentication using wavelets and visual cryptography
2012

2


MAHARASHTRA ACADEMY OF ENGINEERING & EDUCATIONAL
RESEARCH’S
MAHARASHTRA INSTITUTE OF TECHNOLOGY
PUNE.
DEPARTEMENT OF COMPUTER ENGINEERING

M CERTIFICATE

This is to certify that VINIT ANIL GAIKWAD (42067) of
T. E. Computer Engineering – Div I successfully completed seminar in
BIOMETRIC AUTHENTICATION USING WAVELETS AND VISUAL CRYPTOGRAPHY

to my satisfaction and submitted the same during the academic year 2011-2012 towards the partial
fulfillment of degree of Bachelor of Engineering in Computer Engineering of Pune University under the
Department of Computer Engineering, Maharashtra Institute of Technology, Pune.

Prof. S.S.Paygude
(Seminar Guide and Head of Computer Engineering)

Biometric Authentication using wavelets and visual cryptography
2012

3




ACKNOWLEDGEMENT



I express my true sense of gratitude towards my seminar guide and Head of
Computer Department Prof. Mrs. S.S. Paygude, who at every discrete step in the
study of this seminar, contributed with her valuable guidance and provided with
perfect solutions for every problem that arose.
I would also like to express my appreciation and thanks to all my friends who
knowingly Or unknowingly assisted me with their valuable suggestion and comments
and I am very grateful for their assistance.







Yours sincerely,
GAIKWAD VINIT ANIL
42067
Biometric Authentication using wavelets and visual cryptography
2012

4




INDEX

Page no.
Chapter 1 : Biometrics 9
1.1: Introduction 10
1.1.1 Opportunities 11
1.1.2 Qualification of biometrics 11
1.2: Different Biometrics considered till date 11
1.2.1 Voice 11
1.2.2 Infrared Facial and Hand Vein Thermograms 12
1.2.3 Fingerprints 15
1.2.4 Face 16
1.2.5 Iris 17
1.2.6 Keystroke dynamics 18
1.2.7 DNA 18
1.2.8 Retinal Scan 19
1.3 Iris Recognition 21
1.3.1 Introduction 21
1.3.2 The Uniqueness of Iris 22
1.3.3 Locating of Iris 23
1.3.4 Application for Iris recognition 24
1.3.5 Conclusive Truth: Iris is the best way forward 24
Biometric Authentication using wavelets and visual cryptography
2012

5


Chapter 2 : Security Issues in Biometric Authentication 25
2.1:Security Issues in Biometric Authentication 25
2.2: Attacks 25
2.2.1 Spoof Attack 25
2.2.2 The reply attack 26
2.2.3 Data Simulation 26
2.3 Attacks on Digital Watermark 28


Chapter 3 : Halftone Visual Cryptography 29
3.1: Introduction 29
3.2: Mechanisms of Visual Cryptography 30
3.3: Biometric based authentication using wavelets and Visual Cryptography 31
3.3.1: Introduction 31
3.3.2: Proposed Method 31
3.3.3: A generic watermarking system 33
3.3.4: Algorithm 36
3.3.5: Bit replacement procedure 38
3.4: Experimental Results 39
3.5: Conclusion 41

Chapter 4 : Bibliography 41

Biometric Authentication using wavelets and visual cryptography
2012

6

Appendix A : Keywords and Meanings 30























Biometric Authentication using wavelets and visual cryptography
2012

7


Biometric Authentication using wavelets and visual cryptography
2012

8

CHAPTER 1
BIOMETRICS
1.1 Introduction
Biometrics deals with identification of individuals based on their biological or behavioral
characteristics. Biometrics has lately been receiving attention in popular media. it is widely
believed that biometrics will become a significant component of the identification technology as
(i) the prices of biometrics sensors continue to fall
(ii) the underlying technology becomes more mature, and
(iii) the public becomes aware of the strengths and limitations of biometrics. This chapter
provides an overview of the biometrics technology and its applications and introduces the
research issues underlying the biometrics.Associating an identity with an individual is called
personal identification. The problem of resolving the identity of a person can be categorized into
two fundamentally distinct types of problems with different inherent complexities:
(i)verification and
(ii) recognition (more popularly known as identification1)
Verification (authentication) refers to the problem of confirming or denying a person's claimed
identity (Am I who I claim I am?). Identification (Who am I?) refers to the problem of
establishing a subject's identity - either from a set of already known identities (closed
identification problem) or otherwise (open identification problem).The term positive personal
identification typically refers (in both verification as well as identification context) to
identification of a person with high certainty. Human race has come a long way since its
inception in small tribal primitive societies where every person in the community knew every
other person. In today's complex, geographically mobile, increasingly electronically inter-
connected information society, accurate identification is becoming very important and the
Problem of identifying a person is becoming ever increasingly difficult. A number of situations
require an identification of a person in our society: have I seen this applicant before? Is this
person an employee of this company? Is this individual a citizen of this country? Many situations
will even warrant identification of a person at the far end of a communication channel.
1.1.1 Opportunities
Biometric Authentication using wavelets and visual cryptography
2012

9


Accurate identification of a person could deter crime and fraud, streamline business processes,
and save critical resources. Here are a few mind boggling numbers: about $1 billion dollars in
welfare benefits in the United States are annually claimed by “double dipping” welfare recipients
with fraudulent multiple identities. MasterCard estimates the credit card fraud at $450 million
per annum which includes charges made on lost and stolen credit cards: unobtrusive positive
personal identification of the legitimate ownership of a credit card at the point of sale would
greatly reduce the credit card fraud; about 1 billion dollars worth of cellular telephone
calls are made by the cellular bandwidth thieves - many of which are made from stolen pins
and/or cellular telephones. Again, an identification of the legitimate ownership of the cellular
telephones would prevent cellular telephone thieves from stealing the bandwidth. A reliable
method of authenticating legitimate owner of an ATM card would greatly reduce ATM related
fraud worth approximately $3 billion annually. A positive method of identifying the rightful
check payee would also reduce billions of dollars misappropriated through fraudulent
encashment of checks each year. A method of positive authentication of each system login would
eliminate illegal break-ins into traditionally secure (even federal government) computers. The
United States Immigration and Naturalization service stipulates that it could each day
detect/deter about 3,000 illegal immigrants crossing the Mexican border without delaying the
legitimate people entering the United States Yet another approach to positive identification has
been to reduce the problem of identification to the problem of identifying physical characteristics
of the person. The characteristics could be either a person's physiological traits, e.g., fingerprints,
hand geometry, etc. or her behavioral characteristics, e.g., voice and signature. This method
of identification of a person based on his/her physiological/behavioral characteristics is called
biometrics. The primary advantage of such an identification method over the methods of
identification utilizing “something that you possess” or “something that you know” approach is
that a biometrics cannot be misplaced or forgotten; it represents a tangible component of
“something that you are”. While biometric techniques are not an identification panacea, they,
especially, when combined with the other methods of identification, are beginning to provide
very powerful tools for problems requiring positive identification.
1.1.2 Qualification of biometrics
Biometric Authentication using wavelets and visual cryptography
2012

10

What biological measurements qualify to be a biometric? Any human physiological or
behavioral characteristic could be a biometrics provided it has the following desirable properties
[15]: (i) universality, which means that every person should have the characteristic, (ii)
uniqueness, which indicates that no two persons should be the same in terms of the
characteristic, (iii) permanence, which means that the characteristic should be invariant with
time, and (iv) collectability, which indicates that the characteristic can be measured
quantitatively. In practice, there are some other important requirements [15,16]: (i) performance,
which refers to the achievable identification accuracy, the resource requirements to achieve an
acceptable identification accuracy, and the working or environmental factors that affect the
Identification accuracy, (ii) acceptability, which indicates to what extent people are willing to
accept the biometric system, and (iii) circumvention, which refers to how easy it is to fool the
system by fraudulent techniques.
No single biometrics is expected to effectively satisfy the needs of all identification
(authentication) applications. A number of biometrics have been proposed, researched, and
evaluated for identification (authentication) applications. Each biometrics has its strengths and
limitations.

1.2 Different Biometrics considered till date

1.2.1 Voice
Voice is a characteristic of an individual [17]. However, it is not expected to be sufficiently
unique to permit identification of an individual from a large database of identities. Moreover, a
voice signal available for authentication is typically degraded in quality by the microphone,
communication channel, and digitizer characteristics. Before extracting features, the amplitude
of the input signal may be normalized and decomposed into several band-pass frequency
channels. The features extracted from each band may be either time-domain or frequency domain
features. One of the most commonly used features is cepstral feature - which is a logarithm of the
Fourier Transform of the voice signal in each band. The matching strategy may typically employ
approaches based on hidden Markov model, vector quantization, or dynamic time warping [17].
Text dependent speaker verification authenticates the identity of a subject based on a fixed
predetermined phrase. Text-independent speaker verification is more difficult and verifies a
Biometric Authentication using wavelets and visual cryptography
2012

11

speaker identity independent of the phrase. Language independent speaker verification verifies a
speaker identity irrespective of the language of the uttered phrase and is even more challenging.
0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 0.45
−1000
2000
Figure 1.2 Voice signal representing an utterance of the word “seven”. X and Y axes
represent time and signal amplitude, respectively.
Voice capture is unobtrusive and voice print is an acceptable biometric in almost all societies.
Some applications entail authentication of identity over telephone. In such situations, voice may
be the only feasible biometric. Voice is a behavioral biometrics and is affected by a person's
health (e.g., cold), stress, emotions, etc. To extract features which remain invariant in such cases
is very difficult. Besides, some people seem to be extraordinarily skilled in mimicking others. A
reproduction of an earlier recorded voice can be used to circumvent a voice authentication
system in the remote unattended applications. One of the methods of combating this problem is
to prompt the subject (whose identity is to be authenticated) to utter a different phrase each time.
1.2.2 Infrared Facial and Hand Vein Thermograms
Biometric Authentication using wavelets and visual cryptography
2012

12

Figure
Voice capture is unobtrusive and voice print is an acceptable biometric in almost all societies.
Some applications entail authentication of identity over telephone. In such situations, voice may
be the only feasible biometric. Voice is a behavioral biometrics and is affected by a person's
health (e.g., cold), stress emotions, etc. To extract features which remain invariant in such cases
is very difficult. Besides, some people seem to be extraordinarily skilled in mimicking others. A
reproduction of an earlier recorded voice can be used to circumvent a voice authentication
system in the remote unattended applications. One of the methods of combating this problem is
to prompt the subject (whose identity is to be authenticated) to utter a different phrase each time.
Biometric Authentication using wavelets and visual cryptography
2012

13


Figure 1.3 Identification based on facial thermograms [1]. The image is obtained
by sensing the infrared radiations from the face of a person. The graylevel at each
pixel is characteristic of the magnitude of the radiation. Human body radiates heat and the
pattern of heat radiation is a characteristic of each individual body. An infrared sensor could
acquire an image indicating the heat emanating from different parts of the body. These images
are called thermograms. The method of acquisition of the thermal image unobtrusively is akin to
the capture of a regular (visible spectrum) photograph of the person. Any part of the body could
be used for identification. The absolute values of the heat radiation are dependent upon many
extraneous factors and are not completely invariant to the identity of an individual; the raw
measurements of heat radiation need to be normalized, e.g., with respect to heat radiating from a
landmark feature of the body. The technology could be used for covert
identification solutions and could distinguish between identical twins. It is also claimed to
provide enabling technology for identifying people under the influence of drugs: the radiation
patterns contain signature of each narcotic drug. A thermogram-based system may have to
address sensing challenges in uncontrolled environments, where heat emanating surfaces in the
vicinity of the body, e.g., room heaters and vehicle exhaust pipes, may drastically affect the
image acquisition phase. Infrared facial thermograms seem to be acceptable since their
acquisition is a non-contact and non-invasive sensing technique.
Biometric Authentication using wavelets and visual cryptography
2012

14

1.2.3 Fingerprints
Fingerprints are graphical flow-like ridges present on human fingers. Their formations depend on
the initial conditions of the embryonic development and they are believed to be unique to each
person (and each finger). Fingerprints are one of the most mature biometric technologies used in
forensic divisions worldwide for criminal investigations and therefore, have a stigma of
criminality associated with them. Typically, a fingerprint image is captured in one of two ways:
(i) scanning an inked impression of a finger or (ii) using a live-scan fingerprint scanner
Major representations of the finger are based on the entire image, finger ridges, or salient
features derived from the ridges (minutiae). Four basic approaches to identification based on
fingerprint are prevalent: (i) the invariant properties of the gray scale profiles of the fingerprint
image or a part thereof; (ii) global ridge patterns, also known as fingerprint classes; (iii) the ridge
patterns of the fingerprints;(iv) fingerprint minutiae – the features resulting mainly from ridge
endings and bifurcations.


1.2.4 Face
Face is one of the most acceptable biometrics because it is one of the most common method of
identification which humans use in their visual interactions. In addition, the method of acquiring
face images is non-intrusive. Two primary approaches to the identification based on face
recognition are the following:
Biometric Authentication using wavelets and visual cryptography
2012

15

(i) Transform approach [20, 21]: the universe of face image domain is represented using a set of
orthonormal basis vectors. Currently, the most popular basis vectors are eigenfaces: each
eigenface is derived from the covariance analysis of the face image population; two faces are
considered to be identical if they are sufficiently “close” in the eigenface feature space. A
number of variants of such an approach exist.
(ii) Attribute-based approach: facial attributes like nose, eyes, etc. are extracted from the face
image and the invariance of geometric properties among the face landmark features is used for
recognizing features.
Facial disguise is of concern in unattended authentication applications. It is very challenging to
develop face recognition techniques which can tolerate the effects of aging, facial expressions,
slight variations in the imaging environment and variations in the pose of face with respect to
camera (2D and 3D rotations)

1.2.5 Iris
Visual texture of the human iris is determined by the chaotic morphogenetic processes during
embryonic development and is posited to be unique for each person and each eye [24]. An iris
image is typically captured using a non-contact imaging process (Figure 1.7). The image is
obtained using an ordinary CCD camera with a resolution of 512 dpi. Capturing an iris image
involves cooperation from the user, both to register the image of iris in the central imaging area
and to ensure that the iris is at a predetermined distance from the focal plane of the camera. A
position-invariant constant length byte vector feature is derived from an annular part of the iris
image based on its texture. The identification error rate using iris technology is believed to be
extremely small and the constant length position invariant code permits an extremely fast method
of iris recognition.

Biometric Authentication using wavelets and visual cryptography
2012

16


1.2.5 Ear
It is known that the shape of the ear and the structure of the cartilegenous tissue of the pinna are
distinctive. The features of an ear are not expected to be unique to each individual. The ear
recognition approaches are based on matching vectors of distances of salient points on the pinna
from a landmark location on the ear. No commercial systems are available yet and authentication
of individual identity based on ear recognition is still a research topic.
Figure
Biometric Authentication using wavelets and visual cryptography
2012

17


1.2.6 Keystroke Dynamics
It is hypothesized that each person types on a keyboard in a characteristic way. This behavioral
biometrics is not expected to be unique to each individual but it offers sufficient discriminatory
information to permit identity authentication. Keystroke dynamics is a behavioral biometric; for
some individuals, one may expect to observe a large variations from typical typing patterns. The
keystrokes of a person using a system could be monitored unobtrusively as that person is keying
in other information. Keystroke dynamic features are based on time durations between the
keystrokes. Some variants of identity authentication use features based on inter-key delays as
well as dwell times - how long a person holds down a key. Typical matching approaches use a
neural network architecture to associate identity with the keystroke dynamics features. Some
commercial systems are already appearing in the market.

1.2.7 DNA
DNA (Deoxyribo Nucleic Acid) is the one-dimensional ultimate unique code for one's
individuality - except for the fact that identical twins have the identical DNA pattern. It is,
Biometric Authentication using wavelets and visual cryptography
2012

18

however, currently used mostly in the context of forensic applications for identification. Three
issues limit the utility of this biometrics for other applications: (i) contamination and sensitivity:
it is easy to steal a piece of DNA from an unsuspecting subject to be subsequently abused for an
ulterior purpose; (ii) automatic real-time identification issues: the present technology for genetic
matching is not geared for online unobtrusive identifications. Most of the human DNA is
identical for the entire human species and only some relatively small number of specific
locations (polymorphic loci) on DNA exhibit individual variation. These variations are
manifested either in the number of repetitions of a block of base sequence (length
polymorphism) or in the minor non-functional perturbations of the base sequence (sequence
polymorphism). The processes involved in DNA based personal identification determine whether
two DNA samples originate from the same/different individual(s) based on the distinctive
signature at one or more polymorphic loci. A major component of these processes now exist in
the form of cumbersome chemical methods (wet processes) requiring an expert's skills. There
does not seem to be any effort directed at a complete automation of all the processes.(iii) privacy
issues: information about susceptibilities of a person to certain diseases could be gained from the
DNA pattern and there is a concern that the unintended abuse of genetic code information may
result in discrimination in e.g., hiring practices.
Figure 1.10 DNA is double helix structure made of four bases: Adenine (A), Thymine
(T), Cytosine (C), and Guanine (G) [4]. The sequence of bases is unique to each
individual (with the exception of identical twins) and could be used for positive person
identification.

1.2.8 Retinal Scan
The retinal vasculature is rich in structure and is supposed to be a characteristic of each
individual and each eye. It is claimed to be the most secure biometrics since it is not easy to
change or replicate the retinal vasculature. Retinal scans, glamorized in movies and military
installations, are mostly responsible for the “high-tech-expensive” impression of the biometric
technology. The image capture requires a person to peep into an eye-piece and focus on a
specific spot in the visual field so that a predetermined part of the retinal vasculature could be
imaged. The image acquisition involves cooperation of the subject, entails contact with the
eyepiece, and requires a conscious effort on the part of the user. All these factors adversely affect
Biometric Authentication using wavelets and visual cryptography
2012

19

the public acceptability of retinal biometric. A number of retinal scan-based identity
authentication installations are in operation which boast zero false positives in all the
installations to-date. Retinal vasculature can reveal some medical conditions, Although iris
scanning appears to be more expensive than retinal scanning. These systems were operating at
an unknown high false negative rates.
e.g., hypertension, which is another factor standing in the way of public acceptance of retinal
scan based-biometrics.


Biometric Authentication using wavelets and visual cryptography
2012

20



1.3 Iris Recognition

1.3.1 Introduction
Iris recognition is not a new idea but has only been available in practical application for the last
10 to 15 years. This idea has been featured in many science fiction movies but until recently was
just a theoretical concept. Iris recognition is used for security purposes and is an almost foolproof
entry-level access security means because of its ability to readily identify false irises (Henahan,
2002, ¶ 8). It has not been widely used because of the cost, but has applications that are ever
Increasing .Iris recognition will be a viable option for any security system in the future. Iris
recognition is a biometric that depends on the uniqueness of the iris.The iris is a unique organ
that is composed of pigmented vessels and ligaments forming unique linear marks, slight ridges,
grooves, furrows, vasculature, and other similar features and marks (Daugman, 2003a).
Comparing more features of the iris increases the likelihood of uniqueness. Since more features
are being measured, it is less probable for two irises to match. Another benefit of using the iris is
its stability. The iris remains stable for a lifetime because it is not subjected to the environment,
as it is protected by the cornea and aqueous humor. The process of iris recognition is complex. It
begins by scanning a person’s iris (Henahan, 2002, ¶ 6).The individual stares into a camera for
Biometric Authentication using wavelets and visual cryptography
2012

21

at least a second allowing the camera to scan their iris. An algorithm processes the digital image
created by the camera to locate the iris. Once the iris has been located, another algorithm encodes
the iris into a phase code that is the 2048-bit binary representation of an iris (Daugman,
2003b).The phase code is then compared with a database of phase codes looking for a match. On
a 300 MHz Sun Microsystems processor more than 100,000 iris codes can be compared in a
second (Daugman, 2003a). In a matter of a few seconds an individual can have his/her eyes
scanned and matched to an iris code in a database identifying the individual.

1.3.2 The Uniqueness of the Iris
How can we be sure the iris is unique? In analyzing the iris there must be bits of an iris phase
code that are statistically independent. Statistically independent means an event’s likelihood of
occurrence is equally probable regardless of the outcome of a given event (Larsen &
Marx, 2001).The statistical independence of an iris can be determined by using the Boolean
Exclusive-Or, XOR, and AND operators on the iris phase bits of any two patterns (Daugman,
2003b). XOR is a bit comparison operator that that will return 0 when comparing like bits
and otherwise returns 1. AND is also a bit comparison operator that will return 1 only when
comparing bits that are both 1. The XOR operation shows how the two iris patterns differ, and
the AND operation eliminates the effects of background noise in the image. The combination of
the XOR operator with the AND operator to normalize the result produces a fractional Hamming
distance.
A fractional Hamming distance is used to quantify the difference between iris patterns. The
Hamming distance of two vectors is the number of components in which the vectors differ in a
particular vector space (Gallian, 2002). In this instance, the fractional Hamming distance will
always be between 0 and 1. For iris patterns, the Hamming distance should theoretically be 0.500
because a bit has an equally likely chance of being 0 or 1 (Daugman, 2003b). Dr. John Daugman,
a professor at Cambridge University, analyzed the Hamming distances by comparing over 4250
iris images. He found the distribution of Hamming distances to be a perfect binomial distribution
with a mean of 0.499 and a standard deviation of 0.0317. A binomial distribution is a model
based on a series of trials that have two possible outcomes (Larsen & Marx, 2001). The mean is
the average of all measured values, while the standard deviation is amount that the values tend to
vary from the mean. The observed maximum value was 0.664, and the observed minimum value
Biometric Authentication using wavelets and visual cryptography
2012

22

was 0.334. This means that it highly unlikely for two different irises to agree in more than two
thirds of their phase bits. By a simple calculation, the degrees-of-freedom of the distribution is
249. This demonstrates that of the 2048 bits, only a small number are mutually independent due
to corresponding radial components that exist within an iris. These findings demonstrate the
uniqueness of an iris using the Hamming distance as a measurement.
Are the irises of two people with the same genetic makeup distinguishable?
This is an important question because it would demonstrate a possible pitfall in this biometric.
This condition hinders DNA testing because identical twins, twins from the same embryo, yield
the same results in a DNA test. Any given person has a genetically identical pair of left and right
irises that can be compared (Daugman & Downing, 2001).In a similar analysis done by
Daugman , 648 iris images from 324 people were subjected to the same conditions used to render
a Hamming distance (2004).The mean and standard deviation for this analysis were 0.497 and
0.031, respectively. This study was repeated with the irises from identical twins and yielded a
similar result. These studies show that an individual has two unique irises, and a pair of twins has
four unique irises. Thus, an iris image is independent of an identical genetic makeup.


1.3.3 Locating the Iris
The iris is captured in an image by a camera. The camera needs to be able to photograph a
picture in the 700 to 900 nanometers range so that it will not be detected by the person’s iris
during imaging (Daugman , 2003b) .The camera may or may not have a wide-angle lens yielding
a higher resolution, but in either case a mirror is used to utilize feedback for the image. These
conditions must be met in order for the iris image to have the necessary 50-pixel minimum size
of the iris radius.
Once the image of the iris is obtained, the iris needs to be located within the image. There are
three variables within the image that are needed to fully locate the iris: the center coordinates, the
iris radius, and the pupil radius (Daugman, 2003b). An algorithm determines the maximum
contour integral derivatives using the three variables to define a path of contour integration for
each of the variables. The complex analysis of the algorithm finds the contour paths defining the
outer and inner circumferences of the iris.
Statistical estimation changes the circular paths of the integral derivatives to
Biometric Authentication using wavelets and visual cryptography
2012

23

Arc - shaped paths that best fit both iris boundaries.

1.3.4 Applications for Iris Recognition

Iris recognition has tremendous potential for security in any field. The iris is extremely unique
and cannot be artificially impersonated by a photograph (Daugman, 2003).This enables security
to be able to restrict access to specific individuals. An iris is an internal organ making it immune
to environmental effects. Since an iris does not change over the course of a lifetime, once an iris
is encoded it does not need to be updated. The only drawback to iris recognition as a security
installment is its price, which will only decrease as it becomes more widely used. A recent
application of iris recognition has been in the transportation industry, most notably airline travel.
The security advantages given by iris recognition software have a strong potential to fix
problems in transportation (Breault, 2005). Its most widely publicized use is in airport security.
IBM and the Schiphol Group engaged in a joint venture to create a product that uses iris
recognition to allow passengers to bypass airport security (IBM,2002,¶ 5).This product is already
being used in Amsterdam. A similar product has been installed in London’s Heathrow, New
York’s JFK, and Washington’s Dulles airports (Airport, 2002, ¶ 2 & 3). These machines
expedite the process of passengers going through airport security, allowing the airports to run
more efficiently. Iris recognition is also used for immigration clearance, airline crew security
clearance, airport employee access to restricted areas, and as means of screening arriving
passengers for a list of expelled persons from a nation (Daugman, 2005). This technology is in
place in the United States, Great Britain, Germany, Canada, Japan, Italy, and the United Arab
Emirates.

1.3.5 Conclusive truth: Iris is the best way forward

Iris recognition has proven to be a very useful and versatile security measure. It is a quick and
accurate way of identifying an individual with no room for human error. Iris recognition is
widely used in the transportation industry and can have many applications in other fields where
security is necessary. Its use has been successful with little to no exception, and iris recognition
will prove to be a widely used security measure in the future.
Biometric Authentication using wavelets and visual cryptography
2012

24

CHAPTER 2
SECURITY ISSUES IN BIOMETRIC AUTHENTICATION


2.1 Security Issues in Biometric Authentication

Living in the information age, millions of people use digital devices to
communicate with each other through the Internet. Network security plays an increasingly
important role in our daily life. Many efforts have been made to develop an information system
that can accurately authenticate, properly authorize, and efficiently audit legitimate users.
Among these activities, authentication is the first and most critical link in the security chain.
Authentication is a process that verifies a user’s identity, which can be accomplished by using
one or more of the validation factors - the knowledge factor, the possession factor, or the
biometrics factor. Since biometrics is the only factor that is directly linked with the
distinguishing characteristic of an individual, it has been advocated that biometric authentication
will achieve increasing levels of assurance of identity verification. Biometric authentication
refers to any security system that uses measurable human physiological or behavioral
characteristics to verify identity. Ideally these characteristics should be measurable, unique to an
individual, invariable over time, and should not be easily duplicated. Unfortunately, recent
research has shown that it is not very difficult to “steal” a biometric trait, create its copy, and use
the fake trait to attack biometric systems. This is a serious problem when people intend to use
biometrics as a means to enhance network security because the user has to be remotely
authenticated through an open network.

2.2 Attacks

Like other information systems, biometric authentication systems are vulnerable to attack and
can be compromised at various stages. Besides being vulnerable to common attacks such as
Biometric Authentication using wavelets and visual cryptography
2012

25

replay and man-in-the-middle, biometric systems are, in particular, susceptible to spoof and
template attacks.

2.2.1 Spoof attack

Spoofing is an attack where a malicious individual pretends to be someone else. In biometrics,
spoofing is a process that defeats a biometric system by providing a forged biometric copy of
legitimate user. Although spoofing techniques vary with biometric technologies, one thing they
have in common is that they all involve presenting a fake biometric sample to the sensor.
Therefore, it is necessary to capture a biometric sample from a legitimate user. The artificially
recreated data is used to attack physiological biometric technologies, for instance, by using a
fake finger, substituting a high-resolution iris image, or presenting a facemask. Besides the
artifacts, mimicry is often used to spoof behavioral biometric technologies. The liveness
detection is only applicable if mimicry is performed through a device.

2.2.2 The replay attack

It is another major threat to biometric authentication. It is performed by sending the previously
submitted data of a legitimate user back to the authenticator. An attacker can obtain the data
either through a sniffer device or sniffer software during a successful authentication process, or
by collecting a residual print left on the sensor after a successful authentication. In the first
scenario, a recorded signal is reentered into the system by bypassing the biometric sensor. While
in the second scenario, an image is resubmitted in the same way that the legitimate user did
through the biometric sensor. To detect the reply attack, the authenticator has to ensure that the
data is captured through the sensor, and has not been injected. Sensor noise and input variation
make it impossible that there will be one hundred percent similarity between any two samples.
Therefore, this property has been used to recognize replay attacks by some products. The most
popular method is either building a timestamp or using challenge and response mechanism to
address the reply attack.
2.2.3 Data simulation

Biometric Authentication using wavelets and visual cryptography
2012

26

Since biometric features used for identification and verification are not secret and
have even been published on the Internet, an imposter can attack the biometric system through
data simulation. It is easy to understand that an imposter can simulate a legitimate user’s physical
signature or mimic his or her speech to attack behavioral biometric systems. However, it would
appear that an imposter needs a great deal of effort to generate a fingerprint pattern or create
a face image to attack a physiological biometric system. Unfortunately, it has been reported that
a commercially available thumbprint system was breached with synthesized thumb image, even
though the synthetically generated image looked very different from the enrolled image .When
generating the thumb image, the most important concept is to position and orient the minutiae to
form the overall appearance of a thumbprint. As to facial recognition, Adler proposed an
approach to reconstruct facial images so that an enrolled user in the system can be attacked with
synthesized facial images. It works in the following way. An initial image is selected, and using
the matching scores for each successive recognition, the initial image is modified. Experimental
results on three commercial face recognition systems show that his method needs only several
thousand iterations to generate an image that can be confused with the original image at a very
high confidence level. Since the matching score was used as the driver for this attack, the risk
can be mitigated by keeping the matching score inside the matcher and not releasing it to
the end user. Depending on the system configuration, a man-in-the middle attack is possible
while the data is in transit from one component to another. As shown, the attacker can
manipulate the input data stream; send a fake template as an enrolled user; inject an artificial
matching score; or even generate a forged response. Several technologies can be implemented to
reduce the threats of transmission-based attacks.
Biometric Authentication using wavelets and visual cryptography
2012

27



2.3 Attacks on Digital Watermark


A watermark attack is an attack on digital data to identify the hidden
watermark illegally. These attacks have to be treated carefully, as the success of any
watermarking scheme depends on it. According to, watermark attacks can be classified
into four main groups:
(i) Simple attacks: These types of attacks attempt to damage the embedded
watermark by modifications of the whole frame without any effort to identify
and isolate the watermark. Examples include frequency based compression,
addition of noise, cropping and correction.
(ii) Detection-disabling attacks: These attempts to break correlation and to make
detection of the watermark impossible. Geometric distortion like zooming,
shift in spatial or (in case of video) temporal direction, rotation, cropping or
pixel permutation, removal or insertion are used.
(iii) Ambiguity attacks : These attacks the detector by producing fake
watermarked data to discredit the authority of the watermark by embedding
several additional watermarks so that it is not obvious which was the first,
authoritative watermark.
Biometric Authentication using wavelets and visual cryptography
2012

28

(iv) Removal attacks: The removal attacks estimates the watermark, separate it
out and discard only the watermark. Examples are collusion attack, denoising
or exploiting conceptual cryptographic weakness of the watermark scheme
(e.g. knowledge of positions of single watermark elements).







CHAPTER 3

HALFTONE VISUAL CRYPTOGRAPHY
3.1 Introduction
Visual cryptography encodes a secret binary image (SI) into shares of
random binary patterns. If the shares are xeroxed onto transparencies, the secret image can be
visually decoded by superimposing a qualified subset of transparencies, but no secret
information can be obtained from the superposition of a forbidden subset. The binary patterns of
the shares, however, have no visual meaning and hinder the objectives of visual cryptography.
Extended visual cryptography was proposed recently to construct meaningful binary images as
shares using hypergraph colourings, but the visual quality is poor. In this paper, a novel
technique named halftone visual cryptography is proposed to achieve visual cryptography via
halftoning. Based on the blue-noise dithering principles, the proposed method utilizes the void
and cluster algorithm [2] to encode a secret binary image into halftone shares (images) carrying
significant visual information. The simulation shows that the visual quality of the obtained
halftone shares are observably better than that attained by any available visual cryptography
method known to date.

Biometric Authentication using wavelets and visual cryptography
2012

29



VISUAL CRYPTOGRAPHY (VC) is a type of secret sharing scheme introduced by Naor. In a
-out-of- scheme of VC, a secret binary image (SI) is cryptographically encoded into shares of
random binary patterns. The shares are xeroxed onto transparencies, respectively, and distributed
amongst participants, one for each participant. No participant knows the share given to another
participant. Any or more participants can visually reveal the secret image by superimposing any
transparencies together. The secret cannot be decoded by any or fewer participants, even if
infinite computational power is available to them. Being a type of secret sharing scheme, visual
cryptography can be used in a number of applications including access control. For instance, a
bank vault must be opened every day by three tellers, but for security purposes, it is desirable not
to entrust any single individual with the combination. Hence, a vault-access system that requires
any two of the three tellers may be desirable. This problem can be solved using a two-out-of-
three threshold scheme. Aside from the obvious application to access control, secret sharing
schemes are used in a number of other cryptographic protocols and applications such as
threshold cryptography, private multiparty computations, electronic cash and digital elections.
More specifically, visual threshold schemes have found immediate applications in certain types
of cryptographic protocols, including authentication and identification , and copyright protection
and watermarking

Biometric Authentication using wavelets and visual cryptography
2012

30


3.2 Mechanism of Visual Cryptography

To illustrate the principles of VC, consider the simplest two out- of-two visual
threshold scheme where each pixel of the SI is encoded into a pair of subpixels in each of the
two shares. If is white, one of the two columns tabulated under the white pixel in Fig. 1 is
selected. If is black, one of the two columns tabulated under the black pixel is selected. In each
case, the selection is performed by randomly flipping a fair coin, such that each column has 50%
probability to be chosen. Then, the first two pairs of subpixels in the selected column are
assigned to share 1 and share 2, respectively. Since, in each share, is encoded into a black–white
or white–black pair of subpixels with equal probabilities, independent of whether is black or
white, an individual share gives no clue as to the value of . In addition, as each pixel is encrypted
independently, no secret information can be gained by looking at groups of pixels in each share.
Now consider the superposition of the two shares as shown in the last row . If a pixel is white,
the superposition of the two shares always outputs one black and one white subpixel, no matter
which column of subpixel pairs is chosen during encoding. If is black, it yields two black
subpixels. There is a contrast loss in the reconstruction, however, the decoded pixel
is readily visible.

Biometric Authentication using wavelets and visual cryptography
2012

31



3.3 Biometric based authentication using wavelets and visual cryptography

3.3.1 Introduction

The development of sophisticated hardware and software is creating a
tremendous amount of information to be transmitted via World Wide Web and wireless
networks. Most of the information being transmitted has multimedia content which are
composed of image, text, video, sound, etc. Large part of this is composed of text and
images. Modern ways of content sharing is easy and economical but introduces serious
concern on the protection issues, that is, individuals, other than the owner, may
manipulate, duplicate or access media information illegally without the owner‟s consent
and knowledge. This has forced academicians, industrials and researchers to focus on
protection of their intellectual contents. Several techniques for the content protection
have been introduced, which include steganography, cryptography and watermarking.
Out of all these watermarking is a technique that is gaining much attention. A digital
watermark is defined as invisible or inaudible data (a random pattern of bits or noise)
permanently embedded in a graphic, video, or audio file for protecting copyright or
authenticating data. The watermarking techniques are broadly categorized into robust
watermarking (copyright protection) and fragile watermarking (multimedia content
authentication). A third type of watermarking technique that is becoming popular is the
“Biometric Watermarking”. Biometric watermarking is a technique that creates a link
between a human subject and the digital media by embedding biometric information into
the digital object. A biometric is defined as “life measure” and biometric technology uses
images of human body parts, captured through cameras and scanning images.
Watermarking techniques are increasingly used in biometric security systems.
Biometric characteristics are face, voiceprint, fingerprint, etc. Out of
these, iris image is considered to be more reliable for personal authentication. They are
considered good choice because of two very important characteristics, its uniqueness
Biometric Authentication using wavelets and visual cryptography
2012

32

and permanency. It is proved statistically that iris is more accurate than even DNA
matching as the probability of two irises being identical is 1 in 10 to the power of 78.
During transmission, however, they are susceptible to accidental and intentional
attacks, which emphasize the need for a protective scheme to preserve fidelity and
prevent alterations. This paper presents a secure watermarking scheme that stores a
secret message inside an cover image. The iris image is secured by using a technique
called Visual Cryptography (VC). The main objective is to present a new visual
cryptographic system which can be used to hide biometric image and protect the
biometric image from attacks.
Visual cryptography method presents the Water marking system, explains the proposed
method. Many experiments conducted and simulation results are presented here.
Finally, conclusions are given at the end.


3.3.2 Proposed method
In 1995 Naor and Shamir have suggested for the first time to solve the
secret sharing problem by the means of new cryptographic structure called Visual
Cryptography (VC). In the proposed approach the secret is divided into two shares,
which are printed onto the two transparencies (shares) and given to the participants.
Only these two participants who possess the transparencies can reconstruct the secret
by superposition of shares. One can not recover a secret without the other one. In the
visual threshold scheme, the shares are images represented on transparencies
consisting of black and white (transparent, actually) pixels. The visual systems perform
a Boolean operation, which is easy to visualize using the (2, 2) Visual Threshold
Scheme shown in.
Later in 2001 the engineers from Taiwan in their paper have claimed that
during the encoding process shares are generated in such a way that they contain
random dots to create a chaos for preventing intruders of random guesswork. They
propose two algorithms for secret sharing and secret recovery derived from the least
significant bit substitution method. Thus generation of shares could be also done using
so called cover images. In the next section we will explain this alternative algorithm for
Biometric Authentication using wavelets and visual cryptography
2012

33

creating shares used by Tsai, Chang and Chen. Visual cryptographic has been applied
to many applications, including but not restricted to information hiding, general access
structures, visual authentication and identification. The solutions normally operate on
binary inputs. After its initial introduction, many researchers have found different
variations of VC. The improvement varies from binary image to halftone images, gray
scale and color images.

In halftone VC, the natural (continuous-tone) images are first converted into halftone
images by using the density of the net dots to simulate the original gray or color levels in
the target binary representation. The halftoning technique is used in many applications
such as facsimile (FAX), electronic scanning and copying, and laser printing etc.
Verheul and Tilborg introduced the concept of VC to color images. The disadvantage in
this was that the quality of the recovered image was poor and the sharing was
meaningless. This work motivated several others to produce more advanced schemes.
All these works used techniques where a colored image was hidden into multiple
meaningful cover images. Chang et al. in 2000 introduced a new colored secret
sharing and hiding scheme based on Visual Cryptography schemes where the
traditional stacking operation of sub pixels and rows interrelations was modified. This
work was later enhanced to avoid the usage of CIT. Youmaran improved this scheme
to improve the quality of the cover images while achieving lossless recovery and without
increasing the computational complexity of the algorithm. In 2003, Hou proposed a
Biometric Authentication using wavelets and visual cryptography
2012

34

method for color VC, where a color image is first decomposed into several individual
channels. General halftone technique is then applied to these channels to accomplish
the creation of shares. Youmaran later improved by using the scheme to hide a
colored image into multiple colored cover images without degrading the quality of the
recovered image. Most of the reviewed literature works with embedding of images
(black and white, gray scale or color) into another cover image. In the present work, VC
is used to store a secret message file inside a color image. For this purpose, a hybrid
LSB and DWT VC method is proposed and is explained in the next section

3.3.3 A generic watermarking system
The three main stages of any digital watermarking system shown in
are watermark embedding, watermark extraction and watermark detection.

During embedding process, an algorithm accepts the host and the data to be embedded
and produces a watermarked signal. The watermarked signal is then transmitted to
embedded equipment. The extraction or detection algorithm is used to extract the
hidden watermark from the transmitted image. The watermarking schemes are
generally classified into robust watermarking schemes and fragile watermarking
schemes. Both the schemes are designed for different applications. Among them,
robust watermarks are generally used for copyright protection and ownership
identification because they are designed to withstand attacks such as common image
processing operations. In contrast, fragile watermarks are mainly applied to content
authentication and integrity attestation because they are fragile to attacks, i.e., it can
detect any changes in an image as well as localizing the areas that have been changed.
Biometric Authentication using wavelets and visual cryptography
2012

35

In robust watermarking applications, the extraction algorithm should be able to correctly
produce the watermark, even if the modifications were strong. In fragile watermarking,
the extraction algorithm should fail if any change is made to the signal.
The parameter used for image watermarking algorithm.
Capacity, i.e. the amount of information that can be put into the watermark and
recovered without errors;
Robustness, i.e. the resistance of the watermark to alterations of the original content
such as compression, filtering or cropping;
Visibility, i.e. how easily the watermark can be discerned by the user. The desired
properties are high capacity, low distortion and high robustness to attacks or high
security. These factors are inter-dependent; for example, increasing the capacity will
decrease the robustness and increase the visibility. Therefore, it is essential to consider
all three factors for a fair evaluation or comparison of watermarking algorithms.
3.3.4 Algorithm
The proposed work performs a color visual cryptographic scheme on
biometric image. Since the biometric image needs to be very near to the original image,
a meaningful VC method was not adopted. The process is explained below. The original
cover image is first converted into four regions using 1-D Haar Digital wavelet
transformation (DWT). The 1-D transformation of the image decomposes the image into
four subbands, namely, HH, HL, LH and LL. Details regarding each subband is treated
as a share. The secret message is stored in all the wavelet subbands and a modified
LSB technique is used to embed the secret message. The modified LSB is shown in
figure and the procedure is explained below. The best known steganographic method
that works in the spatial domain is the LSB (Least Significant Bit), which replaces the
least significant bits of pixels selected to hide the information. SLSB (Selected Least
Significant Bit) improves the performance of the method LSB hiding information by
selecting only one of the three colors at each pixel of the cover image to hide the
message. To select the color it uses a Sample Pairs analysis and applies a LSB Match .
In the present work, it is stored inside the four wavelet sub bands. The algorithm
chooses green color pixels and uses the three LSB of the pixel to store the secret
message.
Biometric Authentication using wavelets and visual cryptography
2012

36


The embedding is done in three steps. The first step performs an analysis of iris image
to find a suitable representation that is small and easy to reconstruct. At the same time,
the secret message is converted into a bit stream. The iris representation is embedded
using a bit replacement procedure into Share1 (HH) , Share2 (HL), Share3 (LH) and
Share4 (LL) sub bands. The final step performs a JPEG 2000 compression to combine
the watermark and the image. The extraction performs a reverse process, the received
image is decompressed and an inverse DWT (IDWT) is performed to receive the four
shares. The green planes from each share are considered and the secret bits are
retrieved from the last two bits of each green pixel.

Before retrieving the color information, the iris image is analyzed to
extract its features. The iris image analysis is as follows: After acquiring an eye image
Biometric Authentication using wavelets and visual cryptography
2012

37

through digital camera, the boundary between the pupil and the iris is detected after
position of the eye in the given image is localized. After the center and the radius of the
pupil are extracted, the right and the left radius of the iris are searched based on these
data. By using the iris center and the radius the polar coordinate system is set, from
which the feature of the iris is extracted. This is termed as „iris code‟. The wavelet
transform breaks an image down into four subbands or images. The results consist of
one image that has been high pass in the horizontal and vertical directions, one that has
been low passed in the vertical and high passed in the horizontal, and one that has
been low pass filtered in both directions. The results of Haar transform in four types of
coefficients:
(i)Coefficients that result from a convolution with g in both directions (HH) represent
diagonal features of the image.
(ii)Coefficients that result from a convolution with g on the columns after a convolution
with h on the rows (HL) correspond to horizontal structures.
(iii) Coefficients from high pass filtering on the rows, followed by low pass filtering of
the columns (LH) reflect vertical information.
(iv)The coefficients from low pass filtering in both directions are further processed in the
next step(LL).


For the 450x60 iris image in polar coordinates, wavelet transform was applied 4 times in
order to get the 28x3 subimages (i.e. 84 features). By combining these 84 features in
the HH sub-image of the highpass filter of the fourth transform (HH4) and each average
value for the three remaining high-pass filters areas (HH1,HH2,HH3), the dimension of
the resulting feature vector is 87. Each value of 87 dimensions has a real value between
-1.0 and 1.0. By quantizing each real value into binary form by convert the positive
value into 1 and the negative value into 0. Thus an iris can be represented with just
87 bit.

3.3.5 Bit Replacement Procedure
Biometric Authentication using wavelets and visual cryptography
2012

38

A color image is made of three planes, namely, red,green and blue. In HVS,
blue planes appear dark, red plane appear over bright and therefore green planes are
chosen for embedding. The same approach was also used by [4]. In the
present work, each cover pixel is divided into two bits strings: Most Significant Bits
(MSN) and Least Significant Bits (LSB) as shown in the Figure 4. The SLSB are directly
replaced by the secret data.


3.4 Experimental results
The proposed model was tested with three cover images namely,
Lena, Baboon and Pepper, one iris image and one secret image. The cover and
biometric image used along with secret message is shown in Figure 5.

It evaluates the algorithm based on the verification accuracy and quality of dewater
marked images of the models. The models were tested using 10 attacks, namely, JPEG
Biometric Authentication using wavelets and visual cryptography
2012

39

with Quality Factor 50%, JPEG 2000 with Quality Factor 50%, Gaussian Noise (3 x 3),
Median Filter (3 x 3), Blurring (3 x 3), Gamma (0.5), Cropping (10 pixels), Resize (90%),
Rotation (10o) and Affine Transform. The system is also evaluated when no attacks was
performed. The results are projected in terms of PSNR of the cover image before and
after watermarking obtained and is presented in Figure 6. The extracted iris recognition
was tested for authentication with an iris database created by. The database has 3 x
128 iris images (3 x 64 left and 3 x 64 right). The images are 24 bit RGB images of 576
x 768 pixels in PNG file format. The recognition process was


tested using a open source iris recognition system provided by Masek . Table 1 shows
the verification results when the models were subjected to various attacks.
Biometric Authentication using wavelets and visual cryptography
2012

40


It can be seen from the table, that when no attacks the system was able to produce the
highest accuracy (99%). The performance of the slightly degrades with the affine
transformation but will all the other attacks the accuracy is high ranging between
81.55% and 98.84%. From the results obtained it can be concluded that the protection
of iris image is highly successful while using the proposed method. The model produces
high recognition results with high quality image after dewater marking. The results prove
that the proposed system is good for biometric image. The system has the advantage
that the dewatermarked image as well the biometric image both have high quality and
are resistant to various attacks.
3.5 Conclusion
Digital watermarking is an area which is used for copyright protection of intellectual
property and authentication. In the present work, a visual cryptographic way to store a
biometric image inside a color image is proposed. The originality of the scheme is to
use a wavelet 1D decomposition and use the subbands as share images, where
enhanced LSB technique is used to embed the iris data. During experimentation it was
found that the size of the biometric should be less 40% of the cover image. And
moreover, the system was resistant to several attacks but the performance slightly
decreased with the affine transformation. Future research will take these into
consideration.


Biometric Authentication using wavelets and visual cryptography
2012

41

CHAPTER 4
BIBLOGRAPHY
(i). Introduction to biometrics
Anil Jain
Michigan State University
East Lansing, MI
jain@cse.msu.edu

(ii). Iris Recognition: A General Overview
Jesse Horst
Undergraduate Student, Mathematics, Statistics, and Computer Science

(iii) Biometric based authentication using
wavelets and visual cryptography
Mrs.D.Mathivadhani1, Dr.C.Meena2
Research Scholar, Centre Manager, Department of Computer Science, Department of
Computer centre, Avinashilingam University For
Women, Coimbatore-641 043,Tamil Nadu
1 mathi_kirupha@yahoo.co.in
3 meena_cc@avinuty.ac.in

(iv) A Watermarking-based Visual Cryptography Scheme with Meaningful Shares
HAN Yan-yan
department of scientific research management
Beijing electronic science & technology institute
Beijing, China
hyy@besti.edu.cn
CHENG Xiao-ni
school of telecommunications engineering
Xidian university
Biometric Authentication using wavelets and visual cryptography
2012

42

Xi‟an China
0909420549@mail.besti.edu.cn
HE Wen-cai
communication engineering department
Beijing electronic science & technology institute
Beijing, China
hwc@ besti.edu.cn
(v)Fundamentals of image processing by Anil k Jain
(vi)Digital Image processing by Gonzalez and Richard E. Woods

Biometric Authentication using wavelets and visual cryptography

2012

MAHARASHTRA ACADEMY OF ENGINEERING & EDUCATIONAL RESEARCH’S

MAHARASHTRA INSTITUTE OF TECHNOLOGY PUNE.
DEPARTEMENT OF COMPUTER ENGINEERING

M

CERTIFICATE
This is to certify that VINIT ANIL GAIKWAD (42067) of

T. E. Computer Engineering – Div I successfully completed seminar in BIOMETRIC AUTHENTICATION USING WAVELETS AND VISUAL CRYPTOGRAPHY
to my satisfaction and submitted the same during the academic year 2011-2012 towards the partial fulfillment of degree of Bachelor of Engineering in Computer Engineering of Pune University under the Department of Computer Engineering, Maharashtra Institute of Technology, Pune.

Prof. S.S.Paygude
(Seminar Guide and Head of Computer Engineering)

2

Biometric Authentication using wavelets and visual cryptography

2012

ACKNOWLEDGEMENT

I express my true sense of gratitude towards my seminar guide and Head of Computer Department Prof. Mrs. S.S. Paygude, who at every discrete step in the study of this seminar, contributed with her valuable guidance and provided with perfect solutions for every problem that arose. I would also like to express my appreciation and thanks to all my friends who knowingly Or unknowingly assisted me with their valuable suggestion and comments and I am very grateful for their assistance.

Yours sincerely, GAIKWAD VINIT ANIL 42067

3

Biometric Authentication using wavelets and visual cryptography

2012

INDEX
Page no. Chapter 1 : Biometrics
1.1: Introduction 1.1.1 Opportunities 1.1.2 Qualification of biometrics 1.2: Different Biometrics considered till date 1.2.1 Voice 1.2.2 Infrared Facial and Hand Vein Thermograms 1.2.3 Fingerprints 1.2.4 Face 1.2.5 Iris 1.2.6 Keystroke dynamics 1.2.7 DNA 1.2.8 Retinal Scan 1.3 Iris Recognition 1.3.1 Introduction 1.3.2 The Uniqueness of Iris 1.3.3 Locating of Iris 1.3.4 Application for Iris recognition 1.3.5 Conclusive Truth: Iris is the best way forward 4 9 10 11 11 11 11 12 15 16 17 18 18 19 21 21 22 23 24 24

2.3: Biometric based authentication using wavelets and Visual Cryptography 31 3.3.2.1 Spoof Attack 2.2.1:Security Issues in Biometric Authentication 2.1: Introduction 3.3: A generic watermarking system 3.Biometric Authentication using wavelets and visual cryptography 2012 Chapter 2 : Security Issues in Biometric Authentication 2.4: Experimental Results 3.5: Bit replacement procedure 3.3.2: Mechanisms of Visual Cryptography 29 29 30 3.1: Introduction 3.3.3.4: Algorithm 3.3 Attacks on Digital Watermark 25 25 25 25 26 26 28 Chapter 3 : Halftone Visual Cryptography 3.2: Attacks 2.3 Data Simulation 2.3.2: Proposed Method 3.2 The reply attack 2.5: Conclusion 31 31 33 36 38 39 41 Chapter 4 : Bibliography 41 5 .

Biometric Authentication using wavelets and visual cryptography 2012 Appendix A : Keywords and Meanings 30 6 .

Biometric Authentication using wavelets and visual cryptography 2012 7 .

1 Introduction Biometrics deals with identification of individuals based on their biological or behavioral characteristics. The problem of resolving the identity of a person can be categorized into two fundamentally distinct types of problems with different inherent complexities: (i)verification and (ii) recognition (more popularly known as identification1) Verification (authentication) refers to the problem of confirming or denying a person's claimed identity (Am I who I claim I am?). 1.Associating an identity with an individual is called personal identification. In today's complex. Biometrics has lately been receiving attention in popular media.1 Opportunities 8 . Human race has come a long way since its inception in small tribal primitive societies where every person in the community knew every other person. A number of situations require an identification of a person in our society: have I seen this applicant before? Is this person an employee of this company? Is this individual a citizen of this country? Many situations will even warrant identification of a person at the far end of a communication channel. and (iii) the public becomes aware of the strengths and limitations of biometrics.Biometric Authentication using wavelets and visual cryptography 2012 CHAPTER 1 BIOMETRICS 1. increasingly electronically interconnected information society.either from a set of already known identities (closed identification problem) or otherwise (open identification problem). This chapter provides an overview of the biometrics technology and its applications and introduces the research issues underlying the biometrics. geographically mobile.1. accurate identification is becoming very important and the Problem of identifying a person is becoming ever increasingly difficult. it is widely believed that biometrics will become a significant component of the identification technology as (i) the prices of biometrics sensors continue to fall (ii) the underlying technology becomes more mature. Identification (Who am I?) refers to the problem of establishing a subject's identity .The term positive personal identification typically refers (in both verification as well as identification context) to identification of a person with high certainty.

This method of identification of a person based on his/her physiological/behavioral characteristics is called biometrics. streamline business processes. A positive method of identifying the rightful check payee would also reduce billions of dollars misappropriated through fraudulent encashment of checks each year. hand geometry. e. The United States Immigration and Naturalization service stipulates that it could each day detect/deter about 3.000 illegal immigrants crossing the Mexican border without delaying the legitimate people entering the United States Yet another approach to positive identification has been to reduce the problem of identification to the problem of identifying physical characteristics of the person.g. voice and signature. The primary advantage of such an identification method over the methods of identification utilizing “something that you possess” or “something that you know” approach is that a biometrics cannot be misplaced or forgotten. Again. etc. 1. While biometric techniques are not an identification panacea..1. e. are beginning to provide very powerful tools for problems requiring positive identification. fingerprints. A reliable method of authenticating legitimate owner of an ATM card would greatly reduce ATM related fraud worth approximately $3 billion annually. it represents a tangible component of “something that you are”. MasterCard estimates the credit card fraud at $450 million per annum which includes charges made on lost and stolen credit cards: unobtrusive positive personal identification of the legitimate ownership of a credit card at the point of sale would greatly reduce the credit card fraud. Here are a few mind boggling numbers: about $1 billion dollars in welfare benefits in the United States are annually claimed by “double dipping” welfare recipients with fraudulent multiple identities. A method of positive authentication of each system login would eliminate illegal break-ins into traditionally secure (even federal government) computers.many of which are made from stolen pins and/or cellular telephones.. an identification of the legitimate ownership of the cellular telephones would prevent cellular telephone thieves from stealing the bandwidth. especially. and save critical resources. when combined with the other methods of identification.g. about 1 billion dollars worth of cellular telephone calls are made by the cellular bandwidth thieves . or her behavioral characteristics.2 Qualification of biometrics 9 . they. The characteristics could be either a person's physiological traits.Biometric Authentication using wavelets and visual cryptography 2012 Accurate identification of a person could deter crime and fraud.

which is a logarithm of the Fourier Transform of the voice signal in each band. it is not expected to be sufficiently unique to permit identification of an individual from a large database of identities. In practice. (ii) acceptability. which indicates that the characteristic can be measured quantitatively. researched. the resource requirements to achieve an acceptable identification accuracy. which refers to the achievable identification accuracy. or dynamic time warping [17]. communication channel. and digitizer characteristics. there are some other important requirements [15. vector quantization. and evaluated for identification (authentication) applications.Biometric Authentication using wavelets and visual cryptography 2012 What biological measurements qualify to be a biometric? Any human physiological or behavioral characteristic could be a biometrics provided it has the following desirable properties [15]: (i) universality. (iii) permanence. The features extracted from each band may be either time-domain or frequency domain features. the amplitude of the input signal may be normalized and decomposed into several band-pass frequency channels. which indicates to what extent people are willing to accept the biometric system. which refers to how easy it is to fool the system by fraudulent techniques. No single biometrics is expected to effectively satisfy the needs of all identification (authentication) applications.16]: (i) performance. Each biometrics has its strengths and limitations. a voice signal available for authentication is typically degraded in quality by the microphone. 1. However. and (iii) circumvention. which means that every person should have the characteristic. Text-independent speaker verification is more difficult and verifies a 10 . and (iv) collectability. (ii) uniqueness. A number of biometrics have been proposed. Moreover.2 Different Biometrics considered till date  Voice Voice is a characteristic of an individual [17]. and the working or environmental factors that affect the Identification accuracy. which means that the characteristic should be invariant with time. which indicates that no two persons should be the same in terms of the characteristic. Text dependent speaker verification authenticates the identity of a subject based on a fixed predetermined phrase. The matching strategy may typically employ approaches based on hidden Markov model. One of the most commonly used features is cepstral feature . Before extracting features.

In such situations.1 0. etc.Biometric Authentication using wavelets and visual cryptography 2012 speaker identity independent of the phrase. Besides.2 Voice signal representing an utterance of the word “seven”. Language independent speaker verification verifies a speaker identity irrespective of the language of the uttered phrase and is even more challenging. A reproduction of an earlier recorded voice can be used to circumvent a voice authentication system in the remote unattended applications. stress. emotions.g.25 0.45 −1000 2000 Figure 1. respectively. cold)..35 0.15 0. some people seem to be extraordinarily skilled in mimicking others. Infrared Facial and Hand Vein Thermograms 11 . X and Y axes represent time and signal amplitude.05 0. Voice capture is unobtrusive and voice print is an acceptable biometric in almost all societies. One of the methods of combating this problem is to prompt the subject (whose identity is to be authenticated) to utter a different phrase each time.2 0.4 0. Voice is a behavioral biometrics and is affected by a person's health (e. voice may be the only feasible biometric. To extract features which remain invariant in such cases is very difficult. Some applications entail authentication of identity over telephone. 0 0.3 0.

stress emotions. To extract features which remain invariant in such cases is very difficult. One of the methods of combating this problem is to prompt the subject (whose identity is to be authenticated) to utter a different phrase each time.g. Besides. In such situations. 12 . voice may be the only feasible biometric. etc.. some people seem to be extraordinarily skilled in mimicking others. A reproduction of an earlier recorded voice can be used to circumvent a voice authentication system in the remote unattended applications. cold). Some applications entail authentication of identity over telephone.Biometric Authentication using wavelets and visual cryptography 2012 Figure Voice capture is unobtrusive and voice print is an acceptable biometric in almost all societies. Voice is a behavioral biometrics and is affected by a person's health (e.

It is also claimed to provide enabling technology for identifying people under the influence of drugs: the radiation patterns contain signature of each narcotic drug..g. with respect to heat radiating from a landmark feature of the body. The image is obtained by sensing the infrared radiations from the face of a person. 13 . The absolute values of the heat radiation are dependent upon many extraneous factors and are not completely invariant to the identity of an individual.Biometric Authentication using wavelets and visual cryptography 2012 Figure 1. An infrared sensor could acquire an image indicating the heat emanating from different parts of the body. may drastically affect the image acquisition phase. e. Infrared facial thermograms seem to be acceptable since their acquisition is a non-contact and non-invasive sensing technique. Human body radiates heat and the pattern of heat radiation is a characteristic of each individual body. room heaters and vehicle exhaust pipes. The graylevel at each pixel is characteristic of the magnitude of the radiation.3 Identification based on facial thermograms [1]. Any part of the body could be used for identification. the raw measurements of heat radiation need to be normalized. The method of acquisition of the thermal image unobtrusively is akin to the capture of a regular (visible spectrum) photograph of the person. These images are called thermograms. e. A thermogram-based system may have to address sensing challenges in uncontrolled environments. where heat emanating surfaces in the vicinity of the body.g.. The technology could be used for covert identification solutions and could distinguish between identical twins.

 Face Face is one of the most acceptable biometrics because it is one of the most common method of identification which humans use in their visual interactions. Typically. have a stigma of criminality associated with them. Their formations depend on the initial conditions of the embryonic development and they are believed to be unique to each person (and each finger). In addition. Four basic approaches to identification based on fingerprint are prevalent: (i) the invariant properties of the gray scale profiles of the fingerprint image or a part thereof. or salient features derived from the ridges (minutiae). (ii) global ridge patterns.(iv) fingerprint minutiae – the features resulting mainly from ridge endings and bifurcations. finger ridges. Fingerprints are one of the most mature biometric technologies used in forensic divisions worldwide for criminal investigations and therefore. (iii) the ridge patterns of the fingerprints. Two primary approaches to the identification based on face recognition are the following: 14 . also known as fingerprint classes.Biometric Authentication using wavelets and visual cryptography 2012 Fingerprints Fingerprints are graphical flow-like ridges present on human fingers. the method of acquiring face images is non-intrusive. a fingerprint image is captured in one of two ways: (i) scanning an inked impression of a finger or (ii) using a live-scan fingerprint scanner Major representations of the finger are based on the entire image.

Capturing an iris image involves cooperation from the user. The image is obtained using an ordinary CCD camera with a resolution of 512 dpi. etc. facial expressions. the most popular basis vectors are eigenfaces: each eigenface is derived from the covariance analysis of the face image population. The identification error rate using iris technology is believed to be extremely small and the constant length position invariant code permits an extremely fast method of iris recognition. both to register the image of iris in the central imaging area and to ensure that the iris is at a predetermined distance from the focal plane of the camera. 21]: the universe of face image domain is represented using a set of orthonormal basis vectors.Biometric Authentication using wavelets and visual cryptography 2012 (i) Transform approach [20. (ii) Attribute-based approach: facial attributes like nose. eyes. Facial disguise is of concern in unattended authentication applications. are extracted from the face image and the invariance of geometric properties among the face landmark features is used for recognizing features. It is very challenging to develop face recognition techniques which can tolerate the effects of aging. two faces are considered to be identical if they are sufficiently “close” in the eigenface feature space. A position-invariant constant length byte vector feature is derived from an annular part of the iris image based on its texture.7). slight variations in the imaging environment and variations in the pose of face with respect to camera (2D and 3D rotations)  Iris Visual texture of the human iris is determined by the chaotic morphogenetic processes during embryonic development and is posited to be unique for each person and each eye [24]. An iris image is typically captured using a non-contact imaging process (Figure 1. 15 . Currently. A number of variants of such an approach exist.

The ear recognition approaches are based on matching vectors of distances of salient points on the pinna from a landmark location on the ear. No commercial systems are available yet and authentication of individual identity based on ear recognition is still a research topic. Figure 16 .Biometric Authentication using wavelets and visual cryptography 2012 Ear It is known that the shape of the ear and the structure of the cartilegenous tissue of the pinna are distinctive. The features of an ear are not expected to be unique to each individual.

 DNA DNA (Deoxyribo Nucleic Acid) is the one-dimensional ultimate unique code for one's individuality . 17 . for some individuals.Biometric Authentication using wavelets and visual cryptography 2012 Keystroke Dynamics It is hypothesized that each person types on a keyboard in a characteristic way. Typical matching approaches use a neural network architecture to associate identity with the keystroke dynamics features. Keystroke dynamic features are based on time durations between the keystrokes.how long a person holds down a key. The keystrokes of a person using a system could be monitored unobtrusively as that person is keying in other information. Keystroke dynamics is a behavioral biometric. Some commercial systems are already appearing in the market. one may expect to observe a large variations from typical typing patterns.except for the fact that identical twins have the identical DNA pattern. This behavioral biometrics is not expected to be unique to each individual but it offers sufficient discriminatory information to permit identity authentication. Some variants of identity authentication use features based on inter-key delays as well as dwell times . It is.

(iii) privacy issues: information about susceptibilities of a person to certain diseases could be gained from the DNA pattern and there is a concern that the unintended abuse of genetic code information may result in discrimination in e. The sequence of bases is unique to each individual (with the exception of identical twins) and could be used for positive person identification. Most of the human DNA is identical for the entire human species and only some relatively small number of specific locations (polymorphic loci) on DNA exhibit individual variation. There does not seem to be any effort directed at a complete automation of all the processes. The image acquisition involves cooperation of the subject. Three issues limit the utility of this biometrics for other applications: (i) contamination and sensitivity: it is easy to steal a piece of DNA from an unsuspecting subject to be subsequently abused for an ulterior purpose. The processes involved in DNA based personal identification determine whether two DNA samples originate from the same/different individual(s) based on the distinctive signature at one or more polymorphic loci. It is claimed to be the most secure biometrics since it is not easy to change or replicate the retinal vasculature. currently used mostly in the context of forensic applications for identification. hiring practices. Cytosine (C). All these factors adversely affect 18 . (ii) automatic real-time identification issues: the present technology for genetic matching is not geared for online unobtrusive identifications.g. and Guanine (G) [4]. and requires a conscious effort on the part of the user. entails contact with the eyepiece. Figure 1.  Retinal Scan The retinal vasculature is rich in structure and is supposed to be a characteristic of each individual and each eye.. glamorized in movies and military installations.Biometric Authentication using wavelets and visual cryptography 2012 however. These variations are manifested either in the number of repetitions of a block of base sequence (length polymorphism) or in the minor non-functional perturbations of the base sequence (sequence polymorphism). Thymine (T). are mostly responsible for the “high-tech-expensive” impression of the biometric technology.10 DNA is double helix structure made of four bases: Adenine (A). Retinal scans. The image capture requires a person to peep into an eye-piece and focus on a specific spot in the visual field so that a predetermined part of the retinal vasculature could be imaged. A major component of these processes now exist in the form of cumbersome chemical methods (wet processes) requiring an expert's skills.

hypertension. A number of retinal scan-based identity authentication installations are in operation which boast zero false positives in all the installations to-date.g. These systems were operating at an unknown high false negative rates. which is another factor standing in the way of public acceptance of retinal scan based-biometrics. e.Biometric Authentication using wavelets and visual cryptography 2012 the public acceptability of retinal biometric.. Retinal vasculature can reveal some medical conditions. Although iris scanning appears to be more expensive than retinal scanning. 19 .

Since more features are being measured. The iris remains stable for a lifetime because it is not subjected to the environment. 2003a). Another benefit of using the iris is its stability.The individual stares into a camera for 20 .1 Introduction Iris recognition is not a new idea but has only been available in practical application for the last 10 to 15 years.3 Iris Recognition 1. Comparing more features of the iris increases the likelihood of uniqueness.Biometric Authentication using wavelets and visual cryptography 2012 1. furrows.3. but has applications that are ever Increasing . vasculature. 2002.The iris is a unique organ that is composed of pigmented vessels and ligaments forming unique linear marks. The process of iris recognition is complex. as it is protected by the cornea and aqueous humor. and other similar features and marks (Daugman. This idea has been featured in many science fiction movies but until recently was just a theoretical concept. slight ridges.Iris recognition will be a viable option for any security system in the future. Iris recognition is used for security purposes and is an almost foolproof entry-level access security means because of its ability to readily identify false irises (Henahan. it is less probable for two irises to match. Iris recognition is a biometric that depends on the uniqueness of the iris. 2002. grooves. It has not been widely used because of the cost. It begins by scanning a person’s iris (Henahan. ¶ 8). ¶ 6).

Biometric Authentication using wavelets and visual cryptography 2012 at least a second allowing the camera to scan their iris. the Hamming distance should theoretically be 0.664. XOR. A fractional Hamming distance is used to quantify the difference between iris patterns. The observed maximum value was 0. and the observed minimum value 21 . and the AND operation eliminates the effects of background noise in the image. AND is also a bit comparison operator that will return 1 only when comparing bits that are both 1. In a matter of a few seconds an individual can have his/her eyes scanned and matched to an iris code in a database identifying the individual.000 iris codes can be compared in a second (Daugman. The Hamming distance of two vectors is the number of components in which the vectors differ in a particular vector space (Gallian. and AND operators on the iris phase bits of any two patterns (Daugman.499 and a standard deviation of 0. The mean is the average of all measured values. the fractional Hamming distance will always be between 0 and 1. Statistically independent means an event’s likelihood of occurrence is equally probable regardless of the outcome of a given event (Larsen & Marx. The XOR operation shows how the two iris patterns differ. while the standard deviation is amount that the values tend to vary from the mean. On a 300 MHz Sun Microsystems processor more than 100. He found the distribution of Hamming distances to be a perfect binomial distribution with a mean of 0. XOR is a bit comparison operator that that will return 0 when comparing like bits and otherwise returns 1.2 The Uniqueness of the Iris How can we be sure the iris is unique? In analyzing the iris there must be bits of an iris phase code that are statistically independent.3. 1. analyzed the Hamming distances by comparing over 4250 iris images. 2002). In this instance.500 because a bit has an equally likely chance of being 0 or 1 (Daugman. another algorithm encodes the iris into a phase code that is the 2048-bit binary representation of an iris (Daugman. John Daugman. For iris patterns. 2003b). 2001). 2003b). 2001). A binomial distribution is a model based on a series of trials that have two possible outcomes (Larsen & Marx. The combination of the XOR operator with the AND operator to normalize the result produces a fractional Hamming distance. An algorithm processes the digital image created by the camera to locate the iris.0317.The phase code is then compared with a database of phase codes looking for a match. 2003b). 2003a). Dr.The statistical independence of an iris can be determined by using the Boolean Exclusive-Or. Once the iris has been located. a professor at Cambridge University.

648 iris images from 324 people were subjected to the same conditions used to render a Hamming distance (2004). The camera needs to be able to photograph a picture in the 700 to 900 nanometers range so that it will not be detected by the person’s iris during imaging (Daugman . twins from the same embryo. the degrees-of-freedom of the distribution is 249. the iris radius. These conditions must be met in order for the iris image to have the necessary 50-pixel minimum size of the iris radius. Statistical estimation changes the circular paths of the integral derivatives to 22 . An algorithm determines the maximum contour integral derivatives using the three variables to define a path of contour integration for each of the variables. These studies show that an individual has two unique irises.The mean and standard deviation for this analysis were 0. and a pair of twins has four unique irises.3. an iris image is independent of an identical genetic makeup. By a simple calculation.497 and 0. Thus.Biometric Authentication using wavelets and visual cryptography 2012 was 0. the iris needs to be located within the image. This means that it highly unlikely for two different irises to agree in more than two thirds of their phase bits. Once the image of the iris is obtained.In a similar analysis done by Daugman . 2003b) . 1. but in either case a mirror is used to utilize feedback for the image. respectively. These findings demonstrate the uniqueness of an iris using the Hamming distance as a measurement. 2001). The complex analysis of the algorithm finds the contour paths defining the outer and inner circumferences of the iris. only a small number are mutually independent due to corresponding radial components that exist within an iris.3 Locating the Iris The iris is captured in an image by a camera. There are three variables within the image that are needed to fully locate the iris: the center coordinates.334.The camera may or may not have a wide-angle lens yielding a higher resolution.031. Any given person has a genetically identical pair of left and right irises that can be compared (Daugman & Downing. Are the irises of two people with the same genetic makeup distinguishable? This is an important question because it would demonstrate a possible pitfall in this biometric. This demonstrates that of the 2048 bits. yield the same results in a DNA test. 2003b). and the pupil radius (Daugman. This study was repeated with the irises from identical twins and yielded a similar result. This condition hinders DNA testing because identical twins.

which will only decrease as it becomes more widely used.shaped paths that best fit both iris boundaries. 1. A similar product has been installed in London’s Heathrow.5 Conclusive truth: Iris is the best way forward Iris recognition has proven to be a very useful and versatile security measure. 2005). Its use has been successful with little to no exception. most notably airline travel. ¶ 2 & 3). Great Britain. 1. Iris recognition is widely used in the transportation industry and can have many applications in other fields where security is necessary.This product is already being used in Amsterdam. Germany. airport employee access to restricted areas. Its most widely publicized use is in airport security. 2002. An iris is an internal organ making it immune to environmental effects. 2005). The security advantages given by iris recognition software have a strong potential to fix problems in transportation (Breault. Japan. Since an iris does not change over the course of a lifetime. and the United Arab Emirates.¶ 5).3. and iris recognition will prove to be a widely used security measure in the future.Biometric Authentication using wavelets and visual cryptography 2012 Arc .4 Applications for Iris Recognition Iris recognition has tremendous potential for security in any field. 23 .3. These machines expedite the process of passengers going through airport security. IBM and the Schiphol Group engaged in a joint venture to create a product that uses iris recognition to allow passengers to bypass airport security (IBM. Canada. This technology is in place in the United States.2002. and Washington’s Dulles airports (Airport. A recent application of iris recognition has been in the transportation industry. It is a quick and accurate way of identifying an individual with no room for human error.This enables security to be able to restrict access to specific individuals. The only drawback to iris recognition as a security installment is its price. once an iris is encoded it does not need to be updated. New York’s JFK. airline crew security clearance. The iris is extremely unique and cannot be artificially impersonated by a photograph (Daugman. Italy. 2003). Iris recognition is also used for immigration clearance. and as means of screening arriving passengers for a list of expelled persons from a nation (Daugman. allowing the airports to run more efficiently.

Among these activities.1 Security Issues in Biometric Authentication Living in the information age. unique to an individual. Besides being vulnerable to common attacks such as 24 . and use the fake trait to attack biometric systems. 2. millions of people use digital devices to communicate with each other through the Internet. Many efforts have been made to develop an information system that can accurately authenticate. invariable over time.the knowledge factor. Since biometrics is the only factor that is directly linked with the distinguishing characteristic of an individual. Unfortunately. properly authorize. recent research has shown that it is not very difficult to “steal” a biometric trait. This is a serious problem when people intend to use biometrics as a means to enhance network security because the user has to be remotely authenticated through an open network. and efficiently audit legitimate users. Network security plays an increasingly important role in our daily life.Biometric Authentication using wavelets and visual cryptography 2012 CHAPTER 2 SECURITY ISSUES IN BIOMETRIC AUTHENTICATION 2. create its copy. or the biometrics factor.2 Attacks Like other information systems. and should not be easily duplicated. authentication is the first and most critical link in the security chain. the possession factor. Authentication is a process that verifies a user’s identity. it has been advocated that biometric authentication will achieve increasing levels of assurance of identity verification. Ideally these characteristics should be measurable. Biometric authentication refers to any security system that uses measurable human physiological or behavioral characteristics to verify identity. which can be accomplished by using one or more of the validation factors . biometric authentication systems are vulnerable to attack and can be compromised at various stages.

the authenticator has to ensure that the data is captured through the sensor. 2. susceptible to spoof and template attacks. The artificially recreated data is used to attack physiological biometric technologies. To detect the reply attack. In the first scenario. for instance. Therefore.2.1 Spoof attack Spoofing is an attack where a malicious individual pretends to be someone else. a recorded signal is reentered into the system by bypassing the biometric sensor. or presenting a facemask. this property has been used to recognize replay attacks by some products.2. and has not been injected. 2. Therefore.3 Data simulation 25 . biometric systems are.2 The replay attack It is another major threat to biometric authentication. Besides the artifacts. Sensor noise and input variation make it impossible that there will be one hundred percent similarity between any two samples. spoofing is a process that defeats a biometric system by providing a forged biometric copy of legitimate user. In biometrics. an image is resubmitted in the same way that the legitimate user did through the biometric sensor. 2. It is performed by sending the previously submitted data of a legitimate user back to the authenticator. While in the second scenario. one thing they have in common is that they all involve presenting a fake biometric sample to the sensor. Although spoofing techniques vary with biometric technologies. mimicry is often used to spoof behavioral biometric technologies.Biometric Authentication using wavelets and visual cryptography 2012 replay and man-in-the-middle. it is necessary to capture a biometric sample from a legitimate user. in particular. substituting a high-resolution iris image.2. The most popular method is either building a timestamp or using challenge and response mechanism to address the reply attack. by using a fake finger. The liveness detection is only applicable if mimicry is performed through a device. An attacker can obtain the data either through a sniffer device or sniffer software during a successful authentication process. or by collecting a residual print left on the sensor after a successful authentication.

Experimental results on three commercial face recognition systems show that his method needs only several thousand iterations to generate an image that can be confused with the original image at a very high confidence level. it has been reported that a commercially available thumbprint system was breached with synthesized thumb image. the attacker can manipulate the input data stream.When generating the thumb image. It works in the following way. Several technologies can be implemented to reduce the threats of transmission-based attacks. and using the matching scores for each successive recognition. As to facial recognition. Unfortunately. the most important concept is to position and orient the minutiae to form the overall appearance of a thumbprint. inject an artificial matching score. send a fake template as an enrolled user.Biometric Authentication using wavelets and visual cryptography 2012 Since biometric features used for identification and verification are not secret and have even been published on the Internet. However. an imposter can attack the biometric system through data simulation. As shown. It is easy to understand that an imposter can simulate a legitimate user’s physical signature or mimic his or her speech to attack behavioral biometric systems. even though the synthetically generated image looked very different from the enrolled image . it would appear that an imposter needs a great deal of effort to generate a fingerprint pattern or create a face image to attack a physiological biometric system. An initial image is selected. or even generate a forged response. Depending on the system configuration. Adler proposed an approach to reconstruct facial images so that an enrolled user in the system can be attacked with synthesized facial images. 26 . the initial image is modified. a man-in-the middle attack is possible while the data is in transit from one component to another. the risk can be mitigated by keeping the matching score inside the matcher and not releasing it to the end user. Since the matching score was used as the driver for this attack.

3 Attacks on Digital Watermark A watermark attack is an attack on digital data to identify the hidden watermark illegally. authoritative watermark. shift in spatial or (in case of video) temporal direction. cropping or pixel permutation. Geometric distortion like zooming. These attacks have to be treated carefully. cropping and correction. as the success of any watermarking scheme depends on it. addition of noise. (ii) Detection-disabling attacks: These attempts to break correlation and to make detection of the watermark impossible. removal or insertion are used. Examples include frequency based compression. According to. (iii) Ambiguity attacks : These attacks the detector by producing fake watermarked data to discredit the authority of the watermark by embedding several additional watermarks so that it is not obvious which was the first. watermark attacks can be classified into four main groups: (i) Simple attacks: These types of attacks attempt to damage the embedded watermark by modifications of the whole frame without any effort to identify and isolate the watermark. 27 .Biometric Authentication using wavelets and visual cryptography 2012 2. rotation.

have no visual meaning and hinder the objectives of visual cryptography. but the visual quality is poor. knowledge of positions of single watermark elements). but no secret information can be obtained from the superposition of a forbidden subset. separate it out and discard only the watermark. Based on the blue-noise dithering principles.Biometric Authentication using wavelets and visual cryptography 2012 (iv) Removal attacks: The removal attacks estimates the watermark. CHAPTER 3 HALFTONE VISUAL CRYPTOGRAPHY 3. the proposed method utilizes the void and cluster algorithm [2] to encode a secret binary image into halftone shares (images) carrying significant visual information. The simulation shows that the visual quality of the obtained halftone shares are observably better than that attained by any available visual cryptography method known to date. denoising or exploiting conceptual cryptographic weakness of the watermark scheme (e. a novel technique named halftone visual cryptography is proposed to achieve visual cryptography via halftoning. 28 . In this paper. however. The binary patterns of the shares.1 Introduction Visual cryptography encodes a secret binary image (SI) into shares of random binary patterns. Examples are collusion attack. If the shares are xeroxed onto transparencies.g. the secret image can be visually decoded by superimposing a qualified subset of transparencies. Extended visual cryptography was proposed recently to construct meaningful binary images as shares using hypergraph colourings.

it is desirable not to entrust any single individual with the combination. and copyright protection and watermarking 29 . More specifically. a vault-access system that requires any two of the three tellers may be desirable. and distributed amongst participants.Biometric Authentication using wavelets and visual cryptography 2012 VISUAL CRYPTOGRAPHY (VC) is a type of secret sharing scheme introduced by Naor. In a -out-of. private multiparty computations. one for each participant. The shares are xeroxed onto transparencies. respectively. a secret binary image (SI) is cryptographically encoded into shares of random binary patterns. even if infinite computational power is available to them. but for security purposes. Any or more participants can visually reveal the secret image by superimposing any transparencies together.scheme of VC. visual threshold schemes have found immediate applications in certain types of cryptographic protocols. This problem can be solved using a two-out-ofthree threshold scheme. secret sharing schemes are used in a number of other cryptographic protocols and applications such as threshold cryptography. No participant knows the share given to another participant. The secret cannot be decoded by any or fewer participants. Being a type of secret sharing scheme. Hence. Aside from the obvious application to access control. a bank vault must be opened every day by three tellers. For instance. including authentication and identification . visual cryptography can be used in a number of applications including access control. electronic cash and digital elections.

In addition. Then. respectively.of-two visual threshold scheme where each pixel of the SI is encoded into a pair of subpixels in each of the two shares. no matter which column of subpixel pairs is chosen during encoding. in each share. consider the simplest two out. independent of whether is black or white. In each case. no secret information can be gained by looking at groups of pixels in each share. There is a contrast loss in the reconstruction.Biometric Authentication using wavelets and visual cryptography 2012 3. is encoded into a black–white or white–black pair of subpixels with equal probabilities. the first two pairs of subpixels in the selected column are assigned to share 1 and share 2.2 Mechanism of Visual Cryptography To illustrate the principles of VC. an individual share gives no clue as to the value of . it yields two black subpixels. If is black. however. the decoded pixel is readily visible. one of the two columns tabulated under the white pixel in Fig. as each pixel is encrypted independently. such that each column has 50% probability to be chosen. 1 is selected. 30 . If is white. the superposition of the two shares always outputs one black and one white subpixel. Since. the selection is performed by randomly flipping a fair coin. If a pixel is white. If is black. one of the two columns tabulated under the black pixel is selected. Now consider the superposition of the two shares as shown in the last row .

Watermarking techniques are increasingly used in biometric security systems.Biometric Authentication using wavelets and visual cryptography 2012 3. Biometric watermarking is a technique that creates a link between a human subject and the digital media by embedding biometric information into the digital object. its uniqueness 31 . individuals. iris image is considered to be more reliable for personal authentication. etc. Out of these. voiceprint. Biometric characteristics are face. sound. may manipulate.3 Biometric based authentication using wavelets and visual cryptography 3. other than the owner. They are considered good choice because of two very important characteristics. cryptography and watermarking. video. that is. which include steganography. A biometric is defined as “life measure” and biometric technology uses images of human body parts. A digital watermark is defined as invisible or inaudible data (a random pattern of bits or noise) permanently embedded in a graphic.1 Introduction The development of sophisticated hardware and software is creating a tremendous amount of information to be transmitted via World Wide Web and wireless networks. fingerprint. A third type of watermarking technique that is becoming popular is the “Biometric Watermarking”. Several techniques for the content protection have been introduced.3. duplicate or access media information illegally without the owner‟s consent and knowledge. etc. text. or audio file for protecting copyright or authenticating data. Out of all these watermarking is a technique that is gaining much attention. Large part of this is composed of text and images. captured through cameras and scanning images. The watermarking techniques are broadly categorized into robust watermarking (copyright protection) and fragile watermarking (multimedia content authentication). video. This has forced academicians. Most of the information being transmitted has multimedia content which are composed of image. Modern ways of content sharing is easy and economical but introduces serious concern on the protection issues. industrials and researchers to focus on protection of their intellectual contents.

In the next section we will explain this alternative algorithm for 32 . conclusions are given at the end. 2) Visual Threshold Scheme shown in. The main objective is to present a new visual cryptographic system which can be used to hide biometric image and protect the biometric image from attacks. It is proved statistically that iris is more accurate than even DNA matching as the probability of two irises being identical is 1 in 10 to the power of 78. the shares are images represented on transparencies consisting of black and white (transparent. actually) pixels. which are printed onto the two transparencies (shares) and given to the participants. The visual systems perform a Boolean operation. which emphasize the need for a protective scheme to preserve fidelity and prevent alterations. 3. which is easy to visualize using the (2. One can not recover a secret without the other one. The iris image is secured by using a technique called Visual Cryptography (VC). Finally.Biometric Authentication using wavelets and visual cryptography 2012 and permanency. They propose two algorithms for secret sharing and secret recovery derived from the least significant bit substitution method. Later in 2001 the engineers from Taiwan in their paper have claimed that during the encoding process shares are generated in such a way that they contain random dots to create a chaos for preventing intruders of random guesswork. Visual cryptography method presents the Water marking system.3. they are susceptible to accidental and intentional attacks. however.2 Proposed method In 1995 Naor and Shamir have suggested for the first time to solve the secret sharing problem by the means of new cryptographic structure called Visual Cryptography (VC). During transmission. In the visual threshold scheme. Thus generation of shares could be also done using so called cover images. explains the proposed method. This paper presents a secure watermarking scheme that stores a secret message inside an cover image. In the proposed approach the secret is divided into two shares. Only these two participants who possess the transparencies can reconstruct the secret by superposition of shares. Many experiments conducted and simulation results are presented here.

All these works used techniques where a colored image was hidden into multiple meaningful cover images. Chang et al. including but not restricted to information hiding. In 2003. In halftone VC. in 2000 introduced a new colored secret sharing and hiding scheme based on Visual Cryptography schemes where the traditional stacking operation of sub pixels and rows interrelations was modified. Youmaran improved this scheme to improve the quality of the cover images while achieving lossless recovery and without increasing the computational complexity of the algorithm. The disadvantage in this was that the quality of the recovered image was poor and the sharing was meaningless. visual authentication and identification.Biometric Authentication using wavelets and visual cryptography 2012 creating shares used by Tsai. The halftoning technique is used in many applications such as facsimile (FAX). After its initial introduction. gray scale and color images. The improvement varies from binary image to halftone images. The solutions normally operate on binary inputs. Chang and Chen. Verheul and Tilborg introduced the concept of VC to color images. Visual cryptographic has been applied to many applications. many researchers have found different variations of VC. the natural (continuous-tone) images are first converted into halftone images by using the density of the net dots to simulate the original gray or color levels in the target binary representation. This work motivated several others to produce more advanced schemes. electronic scanning and copying. and laser printing etc. Hou proposed a 33 . general access structures. This work was later enhanced to avoid the usage of CIT.

. The watermarking schemes are generally classified into robust watermarking schemes and fragile watermarking schemes.e. watermark extraction and watermark detection. an algorithm accepts the host and the data to be embedded and produces a watermarked signal. Most of the reviewed literature works with embedding of images (black and white. For this purpose. fragile watermarks are mainly applied to content authentication and integrity attestation because they are fragile to attacks. it can detect any changes in an image as well as localizing the areas that have been changed. The watermarked signal is then transmitted to embedded equipment. General halftone technique is then applied to these channels to accomplish the creation of shares. 34 .3. Among them. Youmaran later improved by using the scheme to hide a colored image into multiple colored cover images without degrading the quality of the recovered image.Biometric Authentication using wavelets and visual cryptography 2012 method for color VC. During embedding process. Both the schemes are designed for different applications. i. a hybrid LSB and DWT VC method is proposed and is explained in the next section 3. robust watermarks are generally used for copyright protection and ownership identification because they are designed to withstand attacks such as common image processing operations. VC is used to store a secret message file inside a color image. The extraction or detection algorithm is used to extract the hidden watermark from the transmitted image. In the present work.3 A generic watermarking system The three main stages of any digital watermarking system shown in are watermark embedding. In contrast. where a color image is first decomposed into several individual channels. gray scale or color) into another cover image.

a meaningful VC method was not adopted. In the present work. 3.Biometric Authentication using wavelets and visual cryptography 2012 In robust watermarking applications. even if the modifications were strong. i. namely. LH and LL. Details regarding each subband is treated as a share. The secret message is stored in all the wavelet subbands and a modified LSB technique is used to embed the secret message. The best known steganographic method that works in the spatial domain is the LSB (Least Significant Bit). i.3. The parameter used for image watermarking algorithm. increasing the capacity will decrease the robustness and increase the visibility. Since the biometric image needs to be very near to the original image. SLSB (Selected Least Significant Bit) improves the performance of the method LSB hiding information by selecting only one of the three colors at each pixel of the cover image to hide the message. filtering or cropping.e. These factors are inter-dependent. To select the color it uses a Sample Pairs analysis and applies a LSB Match . In fragile watermarking. how easily the watermark can be discerned by the user. i. The algorithm chooses green color pixels and uses the three LSB of the pixel to store the secret message. HH.4 Algorithm The proposed work performs a color visual cryptographic scheme on biometric image. the extraction algorithm should fail if any change is made to the signal. for example. The 1-D transformation of the image decomposes the image into four subbands. it is stored inside the four wavelet sub bands. it is essential to consider all three factors for a fair evaluation or comparison of watermarking algorithms. The modified LSB is shown in figure and the procedure is explained below.e. HL. The process is explained below. the extraction algorithm should be able to correctly produce the watermark. which replaces the least significant bits of pixels selected to hide the information. the resistance of the watermark to alterations of the original content such as compression. 35 . Robustness. The desired properties are high capacity. Visibility.e. low distortion and high robustness to attacks or high security. The original cover image is first converted into four regions using 1-D Haar Digital wavelet transformation (DWT). the amount of information that can be put into the watermark and recovered without errors. Capacity. Therefore.

The green planes from each share are considered and the secret bits are retrieved from the last two bits of each green pixel.Biometric Authentication using wavelets and visual cryptography 2012 The embedding is done in three steps. At the same time. The iris image analysis is as follows: After acquiring an eye image 36 . the secret message is converted into a bit stream. Before retrieving the color information. The final step performs a JPEG 2000 compression to combine the watermark and the image. the received image is decompressed and an inverse DWT (IDWT) is performed to receive the four shares. Share3 (LH) and Share4 (LL) sub bands. Share2 (HL). The iris representation is embedded using a bit replacement procedure into Share1 (HH) . the iris image is analyzed to extract its features. The first step performs an analysis of iris image to find a suitable representation that is small and easy to reconstruct. The extraction performs a reverse process.

wavelet transform was applied 4 times in order to get the 28x3 subimages (i. 84 features). the boundary between the pupil and the iris is detected after position of the eye in the given image is localized.HH2. from which the feature of the iris is extracted. For the 450x60 iris image in polar coordinates. This is termed as „iris code‟.0 and 1. The results of Haar transform in four types of coefficients: (i)Coefficients that result from a convolution with g in both directions (HH) represent diagonal features of the image. By quantizing each real value into binary form by convert the positive value into 1 and the negative value into 0. (iii) Coefficients from high pass filtering on the rows.e. The results consist of one image that has been high pass in the horizontal and vertical directions.3. the dimension of the resulting feature vector is 87. 3. followed by low pass filtering of the columns (LH) reflect vertical information. the right and the left radius of the iris are searched based on these data. (ii)Coefficients that result from a convolution with g on the columns after a convolution with h on the rows (HL) correspond to horizontal structures. The wavelet transform breaks an image down into four subbands or images. By using the iris center and the radius the polar coordinate system is set. By combining these 84 features in the HH sub-image of the highpass filter of the fourth transform (HH4) and each average value for the three remaining high-pass filters areas (HH1. and one that has been low pass filtered in both directions. one that has been low passed in the vertical and high passed in the horizontal.HH3).0.Biometric Authentication using wavelets and visual cryptography 2012 through digital camera. (iv)The coefficients from low pass filtering in both directions are further processed in the next step(LL). After the center and the radius of the pupil are extracted. Thus an iris can be represented with just 87 bit. Each value of 87 dimensions has a real value between -1.5 Bit Replacement Procedure 37 .

The same approach was also used by [4].4 Experimental results The proposed model was tested with three cover images namely. It evaluates the algorithm based on the verification accuracy and quality of dewater marked images of the models. In HVS. namely. JPEG 38 . 3. red. In the present work. red plane appear over bright and therefore green planes are chosen for embedding.Biometric Authentication using wavelets and visual cryptography 2012 A color image is made of three planes.green and blue. The cover and biometric image used along with secret message is shown in Figure 5. one iris image and one secret image. each cover pixel is divided into two bits strings: Most Significant Bits (MSN) and Least Significant Bits (LSB) as shown in the Figure 4. namely. The SLSB are directly replaced by the secret data. Lena. Baboon and Pepper. The models were tested using 10 attacks. blue planes appear dark.

Blurring (3 x 3). The recognition process was tested using a open source iris recognition system provided by Masek .Biometric Authentication using wavelets and visual cryptography 2012 with Quality Factor 50%. 39 .5). Gaussian Noise (3 x 3). The images are 24 bit RGB images of 576 x 768 pixels in PNG file format. Rotation (10o) and Affine Transform. Median Filter (3 x 3). The system is also evaluated when no attacks was performed. The results are projected in terms of PSNR of the cover image before and after watermarking obtained and is presented in Figure 6. Gamma (0. The database has 3 x 128 iris images (3 x 64 left and 3 x 64 right). Table 1 shows the verification results when the models were subjected to various attacks. JPEG 2000 with Quality Factor 50%. Resize (90%). The extracted iris recognition was tested for authentication with an iris database created by. Cropping (10 pixels).

that when no attacks the system was able to produce the highest accuracy (99%). the system was resistant to several attacks but the performance slightly decreased with the affine transformation.Biometric Authentication using wavelets and visual cryptography 2012 It can be seen from the table.55% and 98. Future research will take these into consideration. 3. And moreover. The model produces high recognition results with high quality image after dewater marking. The performance of the slightly degrades with the affine transformation but will all the other attacks the accuracy is high ranging between 81. From the results obtained it can be concluded that the protection of iris image is highly successful while using the proposed method. The originality of the scheme is to use a wavelet 1D decomposition and use the subbands as share images. The system has the advantage that the dewatermarked image as well the biometric image both have high quality and are resistant to various attacks.84%.5 Conclusion Digital watermarking is an area which is used for copyright protection of intellectual property and authentication. where enhanced LSB technique is used to embed the iris data. In the present work. During experimentation it was found that the size of the biometric should be less 40% of the cover image. 40 . The results prove that the proposed system is good for biometric image. a visual cryptographic way to store a biometric image inside a color image is proposed.

cn CHENG Xiao-ni school of telecommunications engineering Xidian university 41 . Coimbatore-641 043.in 3 meena_cc@avinuty.msu.Meena2 Research Scholar.edu. Department of Computer centre. Introduction to biometrics Anil Jain Michigan State University East Lansing. China hyy@besti.in (iv) A Watermarking-based Visual Cryptography Scheme with Meaningful Shares HAN Yan-yan department of scientific research management Beijing electronic science & technology institute Beijing. MI jain@cse.co. Mathematics.Mathivadhani1.D. and Computer Science (iii) Biometric based authentication using wavelets and visual cryptography Mrs. Centre Manager. Dr.Biometric Authentication using wavelets and visual cryptography 2012 CHAPTER 4 BIBLOGRAPHY (i). Department of Computer Science. Avinashilingam University For Women. Iris Recognition: A General Overview Jesse Horst Undergraduate Student. Statistics.ac.edu (ii).Tamil Nadu 1 mathi_kirupha@yahoo.C.

cn (v)Fundamentals of image processing by Anil k Jain (vi)Digital Image processing by Gonzalez and Richard E.edu.Biometric Authentication using wavelets and visual cryptography 2012 Xi‟an China 0909420549@mail.edu. Woods 42 .besti. China hwc@ besti.cn HE Wen-cai communication engineering department Beijing electronic science & technology institute Beijing.