1. Network Security through Biometrics
Abstract:
Network Security is Protection of networks and their services from unauthorized
modification, destruction, or disclosure. It provides assurance the network performs its
critical functions correctly and there are no harmful side-effects. Network Security
now takes a giant loop as biometrics, a form of authentication using unique physical traits
of the user, enhances it towards the better. Biometrics is a relatively new term used to refer
to fingerprinting, retinal scans, voice wave patterns and various other unique biological traits
used to authenticate users. In this growing world the need for unique identification is very
important and this can be ensured only by biometrics.
Introduction
A biometric is defined as a unique, measurable, biological characteristic or trait for
automatically recognizing or verifying the identity of a human being. Statistically analyzing
these biological characteristics has become known as the science of biometrics. These
days, biometric technologies are typically used to analyze human characteristics for security
purposes. Five of the most common physical biometric patterns analyzed for security
purposes are the fingerprint, hand, eye, face, and voice.
The main advantages of biometrics over a standard system are:
Biometric traits cannot be forgotten or mislaid, and can be lost only through trauma
biometric traits are relatively difficult to copy, share and distribute pace the previous point,
biometric traits require the person being authenticated to be present at the time and point of
authentication Moreover biometric systems can be used in conjunction with passwords or
tokens, thus improving the security of existing systems without replacing them.
Biometric characteristics can be divided in two main classes:
1. Physiological are related to the shape of the body. The oldest traits that have been used
for more than 100 years are fingerprints. Other examples are face
recognition, hand geometry and iris recognition.
2. Behavioral are related to the behavior of a person. The first characteristic to be used, still
widely used today, is the signature. More modern approaches are the study of keystroke
dynamics and of voice.
Biometric Systems
The main operations a system can perform are enrollment and test. During the enrollment
biometric information of an individual are stored, during the test biometric information are
detected and compared with the stored ones.
The first block (sensor) is the interface between the real world and our system; it has to
acquire all the necessary data. Most of the times it is an image acquisition system, but it can
change according to the characteristics we want to consider.
The second block performs all the necessary pre-processing: it has to remove artifacts from
the sensor, to enhance the input (e.g. removing some noise), to use some kind of
normalization, etc.
In the third block we have to extract the features we need. This step is really important: we
have to choose which features to extract and how. Moreover we have to do it with a certain
efficiency.
Biometric systems can seem complicated, but they all use the same three
steps:
1. Enrollment: The first time you use a biometric system, it records basic information about
you, like your name or an identification number. It then captures an image or recording of
your specific trait.
2. Storage:
The system analyzes your trait and translates it into a code or graph. Some systems also
record this data onto a smart card that you carry with you.
3. Comparison: The next time you use the system, it compares the trait you present to the
information on file.
Overview of the Enrollment Process for Biometric Encryption
The objective of the enrollment procedure is to link an arbitrary N-bit key to the user’s finger
prints and create the user’s Bioscrypt.
Stage E-1 (Image Processing)
The objective of this stage of enrollment is to generate an output pattern, c0(x) to be passed
to E-2, as well as to generate stored filter function, Hstored(u).
Stage E-2 (Key linking)
The link algorithm is responsible for linking the output pattern, c0(x) with an N-bit key, k0.
Through this linking process a lookup table will be created and stored in Bioscrypt for using
in key retrieval during verification. There are various methods for linking k0 with c0(x), some
of which may incorporate the use of error correcting codes.
Stage E-3 (Identification code creation)
A requirement of the Biometric Encryption algorithm is that an incorrect key should be
produced when an attacker uses the system with another user’s Bioscrypt. The method is,
using the input N-bit key, k0, as an encryption key, encrypt S bits of the data. Hash the
encrypted text using a one-way hash function to create an identification code, id0. This
identity code should be stored in the Bioscrypt. The look up table and id0 are now appended
to Hstored(u) to complete construction of the Bioscrypt, which can be stored on any
conventional storage medium.
Overview of the verification process for Biometric Encryption
This process is similar to that of the enrollment process but the pattern is checked with the
existing once in the data base. The objective of the verification procedure is the successful
retrieval of the N-bit key for a legitimate user.
Stage V-1 (Image Processing)
Combine Hstored(u), from the Bioscrypt, with a new series of input fingerprint images to
create an output pattern, c1(x).
Stage V-2 (Key Retrieval)
Extraction of a key, k1, from c1(x) using the retrieval algorithm.
Stage V-3 (Key Validation)
Validate k1 by creating a new identification code, id1, and comparing it with id0.
If id1 = id0, then k1 = k0, with high probability and the access permission can be given. If
id1 ≠ id0, then k1 ≠ k0 and verification failed message is released.
Biometric Systems use three main components:
1. A sensor that detects the characteristic being used for identification.
2. A computer that reads and stores the information.
3. Software that analyzes the characteristic translates it into a graph or code and performs
the actual comparisons.
Fingerprints
Fingerprints are the oldest biometric characteristic known to everyone and this uses the
groves on the fingers (in general thumb finger) which are unique to every person. The latest
ThinkPadT43 uses this fingerprint as the password.
Handwriting
It seems like it would be easy to get a copy of someone's signature or the required password
and learn to forget it. But biometric systems don't just look at how you shape each letter;
they analyze the act of writing. They examine the pressure you use and the speed and
rhythm with which you write.
Voiceprints
To enroll in a voiceprint system, you either say the exact words or phrases that it requires, or
you give an extended sample of your speech so that the computer can identify you no matter
which words you say.
Vein Geometry
As with irises and fingerprints, a person's veins are completely unique. Twins don't have
identical veins, and a person's veins differ between their left and right sides.
Iris Scanning
Iris scanning can seem very futuristic, but at the heart of the system is a simple CCD digital
camera. It uses both visible and near-infrared light to take a clear, high-contrast picture of a
person's iris. With near-infrared light, a person's pupil is very black, making it easy for the
computer to isolate the pupil and iris.
Countermeasures
The Future of Biometrics
Biometrics can do a lot more than just determine whether someone has access to walk
through a particular door. Experts have advised people to scan their vital documents, like
birth certificates and social security cards, and store them in biometrically-secured flash
memory in the event of a national emergency. Here are some biometric technologies you
might see in the future: New methods that use DNA, nail bed structure, teeth, ear shapes,
body odor, skin patterns and blood pulses.
Conclusion
The modern rapid advancements in networking, communication and mobility increased the
need of reliable ways to verify the unique identity of any person.
Even if we use the best encrypting algorithm, the whole security is based on the key. If it is
too short, it is simple to guess it or crack it making several attempts, but if it is too
complicated it can't be remembered and the common user will keep it written somewhere, so
it can be lost or stolen. Those weaknesses of standard validation systems can be avoided if
our own body becomes our key.
Moreover biometric systems can be used in conjunction with passwords or tokens, thus
improving the security of existing systems without replacing them.
Presented by
ANANTH Kumar.G
LAXMI Narayana.K
SWETHA.B
(Gayatri Vidya Parishad College of Engineering
2/4, Information Technology)