Sampat Patnaik, profile picture
Uploaded bySampat Patnaik
PPTX, PDF15,881 views

Biometric security using cryptography

This document discusses biometrics and biometric encryption. It begins with an introduction to biometrics and biometric principles and standards. It then discusses different methods to securely store cryptographic keys using biometrics, including biometric encryption. The document compares userID-based keys to biometric-based keys. It also covers advantages and threats of biometric systems, as well applications of biometric systems. In conclusion, the document provides an overview of biometrics and biometric encryption.

Embed presentation

Downloaded 901 times
Presented By:
 Introduction to Cryptography & Biometric Security  Principle & Standards Of Biometrics  Methods to secure a key using Biometrics  Biometric Encryption  User Based Cryptographic Keys & their Generation  Similarities & Differences Between UserID and Biometric-based Keys  Advantages & Threats to Biometric System  Applications of Biometric Systems  Conclusion
Encryption Decryption
Cryptography is an important feature of computer security. It is dependent on the secrecy of the secret or private key. The user chooses an easily remembered pass code that is used to encrypt the cryptographic key and this key is then stored in a database. Security of the cryptographic key is weak due to practical problems of remembering pass codes. Since the pass code is not directly tied to a user, the system is unable to differentiate between the legitimate user and the attacker.
“BIOS” ► life “METRON” measurement Study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits for authentication purposes. Measurable characteristics of the individual based on their physiological features / behavioral patterns that can be used to recognize or verify their identity.
“Everyone in the world is unique, and this uniqueness can be used for identity verification.” Uniqueness : Distinction between individuals Permanence : Resistance to ageing Collectability : Ease to obtain a biometric for measurement. Performance : Accuracy, speed, robustness of the biometric system. Acceptability :Degree of approval of a technology. Circumvention : Anomalies in the authentication system.
BIOMETRICS BEHAVIORAL BEHAVIORAL PHYSICAL & PHYSICAL ATTRIBUTES ATTRIBUTES ATTRIBUTES •Signature •Fingerprints •Voice •Keystrokes •Eye retinas & irises •Facial patterns •Hand measurement •Ear shape.
Fingerprints are unique to each individual and no two fingerprints are alike. Fingerprint recognition is most widely accepted biometrics among the technology being used today. Converts the image of a fingerprint into a mathematical template of the print's minutiae points. Fingerprints contains pattern of ridges and valleys as well as minutia points. Scanners : Optical scanners, Thermal scanners, Capacitances (solid state scanner), Minutia based, Correlation based.
Creates a voiceprint based on the inflection points of your speech, emphasizing the highs and lows specific to your way of talking.
An authenticam takes the pictures of person’s iris. The image is analyzed and a 512 byte code is generated. The code is then compared with the iris imprints in the database and used to determine the individual’s authorisation level. Discriminate between individuals with identical DNA like monozygotic twins.
A camera captures the image of the face. Face Recognition Features and discrete areas are analyzed. The system analyses the characteristic rhythm Keystroke Dynamics of a person's typing. A picture of the hand is taken. Features like3D Hand Geometry shape, length, width of fingers and shape of knuckles are recorded. Signature Users signature digital graphic tablet. The verification system analyses speed, stroke order, stroke count and pressure .
First one involves remote template matching and key storage. In this method biometric image is captured and compared with a corresponding template. If the user is verified, the key is released. Drawback : The main problem here is use of an insecure storage media
Hide the cryptographic key within the enrollment template itself via a secret bit-replacement algorithm. When the user is successfully authenticated, this algorithm extracts the key bits from the appropriate locations and releases the key. Drawback: The key will be retrieved from the same location in a template each time a different user is authenticated
Using data derived directly from a biometric image is another method. In this manner biometric templates are used as a cryptographic key. Drawback: Sensitivities due to environmental and physiological factors, and compromising of the cryptographic keys stand as a big obstacle
A new and exciting technique is developed by Mytec Technologies Inc. and named as Biometric Encryption™. During the enrollment phase, the process combines the biometric image with a digital key to create a secure block of data known as BioScrypt™ and then the key is retreived using the biometric during the verification phase.
It provides a mechanism for the linking and retrieval of a digital key using a biometric. This biometric might be a 2D image such as fingerprint, palm print, face, iris or retina. The resulting digital key is then used as a cryptographic key. Note: The key is completely independent of the biometric data so that the use of the biometric is not forfeited if the key is ever compromised and can be easily modified or updated.
Cryptographic systems require a secret key or a random number which must be tied to an individual through an identifier. This identifier indeed could be a globally unique user id or biometric data. Pseudorandom numbers are generated by a PRNG (pseudo random number generator). The resulting pseudorandom number can be used directly as a key or adjusted with user-dependent data (userID or biometric data).
User dependent key generation is done in two ways: First the key generation algorithm could be modified by using the user- dependent data. Second PRNG could be modified which is accomplished using a front-end or back-end approach. In front-end manner, the definition of the key is extended to include a user-specific data component. In back-end manner, pseudorandom numbers are treated as intermediate values and processed further.
Similar to image-type biometrics, human voice is a good biometric to generate a cryptographic key. For the goal of unpredictability, i.e. applying automatic speech recognition to recognize the password spoken and then simply using the password, as a cryptographic key is way. But it is not secure.
One solution is a user utters a password to his/her device and that device would generate a key. Repeated utterance of the same password by the same user would improve the security of the key after successful matches with his/her previous recorded utterances.
Both of them are different for each user. Both of them are non-secret data. It is clear to see that userID data is non-secret. Similarly biometric data is insecure in some sense because there is no practical way to prevent the capture of user biometric data outside the biometric system.
Biometric data is obtained or derived from the user whereas userID is assigned to a user. Except the accidents biometric data can not be changed. But userID can easily be changed. Set of userIDs may be dense and it is easy to enumerate the set. Unlikely, set of biometric data is not dense and this makes it infeasible to enumerate the biometric data for each user.
Biometrics directly authenticates the person, not indirectly through a password or token. Biometrics features are difficult to steal; thereby making biometrics authentication very strong. The Biometrics feature is eminently portable, and is unlikely to be lost. Another advantage of biometrics authentication systems is user cannot share or forget his retina or fingerprint, while a password and username are easily forgotten.
Software Organizational Physical As with any IT security system, biometric-based security policy must deal with the threats from the workers of the organization who can damage any software or hardware component of the system. Attackers may also change the statistical recognition parameters of the components and decrease the recognition rates.
• Attacks on the biometric sensor/Acquisition device Example: usage of artificial or disembodied dead features like a cut-off finger in the fingerprint case. • Communication channel attacks (man-in-the-middle attacks) The first type is just eavesdropping. If the channel between the sensor and the feature extraction unit or the one between the reference database and the matching unit is attacked, the attacker will gain information about the biometric data. In the second type, purposeful use or change is done to the intercepted data for subsequent introduction back into the system
• Iris Recognition It is Relatively expensive; requires large amount of computer storage; may not be generally accepted by public. • Voice Verification Works well over the telephone but requires large amount of computer storage; people's voices can change; background noises can interfere.
PC access and internet security (Computer network security, Internet transaction, Laptop security, Application level security) Physical area security(military, government, banking, voting, prisons) Employee record check Mobile phones: network access & theft protection Mobile financial transaction: Credit cards & ATM cards.
Reliable user authentication is highly significant in this web enabled world. Consequences of an insecure authentication system can be catastrophic and may include loss of information, denial of service and loss of data integrity. Biometric Encryption™ and Bioscrypt™ are high security means of protecting the critical data of government, police departments, army and big firms. The current generation of biometric identification devices offer cost and performance advantages over manual security procedures. All these methods have shown that, using biometrics for identification or verification-based security systems and cryptosystems, is a promising technology
 www.ieeexplore.ieee.org  www.cscjournals.org  www.en.wikipedia.org  C.Soutar, D.Roberge, A.Stoianov, R.Gilroy and B.V.K.V.Kumar, “Biometric Encryption™ using image processing”  M. Peyravian, S. M. Matyas, A. Roginsky, N. Zunic, “Generating user- based Cryptographic keys and random numbers”
Biometric security using cryptography

More Related Content

PPT
Biometric encryption
byDivya Kottikkal
 
PPTX
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
by1A255Gauravwankar
 
PPTX
Biometrics Security System
byShalika Dissanayaka
 
DOCX
Biometric Authentication Technology - Report
byNavin Kumar
 
PPTX
Biometric Technology
byRajesh Anupoju
 
PPTX
Multi modal biometric system
byAalaa Khattab
 
PPT
Multimodal Biometric Systems
byPiyush Mittal
 
PPTX
Biometric authentication ppt by navin 6 feb
byNavin Kumar
 
Biometric encryption
byDivya Kottikkal
 
SEMINAR ON BIOMETRIC TECHNOLOGY.1pptx.pptx
by1A255Gauravwankar
 
Biometrics Security System
byShalika Dissanayaka
 
Biometric Authentication Technology - Report
byNavin Kumar
 
Biometric Technology
byRajesh Anupoju
 
Multi modal biometric system
byAalaa Khattab
 
Multimodal Biometric Systems
byPiyush Mittal
 
Biometric authentication ppt by navin 6 feb
byNavin Kumar
 

What's hot

PPTX
Biometrics
byshweta-sharma99
 
PDF
Biometrics/fingerprint sensors
byJeffrey Funk
 
PPT
Bio-metrics Authentication Technique
byRekha Yadav
 
PPTX
Biometric authentication
byAbduhalim Beknazarov
 
PPTX
Biometric Technology
byAdoitya Kaila
 
PPTX
Biometrics security
byVuda Sreenivasarao
 
PPTX
Biometric technology
bySudip Sadhukhan
 
PPTX
Biometric Systems and Security
byShreyans Jain
 
PPTX
Biometric Authentication PPT
byOECLIB Odisha Electronics Control Library
 
PDF
Fingerprint Based Biometric ATM Authentication System
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
PPTX
Biometric technology
byMadugula Kumar
 
PPTX
Biometrics
byumertariq12345
 
PPTX
Biometrics Technology In the 21st Century
byStar Link Communication Pvt Ltd
 
PPT
Biometric's final ppt
byAnkita Vanage
 
PPTX
Graphical password authentication
byAsim Kumar Pathak
 
PPTX
BIOMETRIC SECURITY SYSTEM
byJignesh Prajapati
 
PDF
SEMINAR REPORT ON 3D PASSWORD
byKarishma Khan
 
PPT
Biometrics Technology PPT
byPavan Kumar MT
 
PPTX
Iot Security
byMAITREYA MISRA
 
PPT
Fingerprint Technology
byJoy Dutta
 
Biometrics
byshweta-sharma99
 
Biometrics/fingerprint sensors
byJeffrey Funk
 
Bio-metrics Authentication Technique
byRekha Yadav
 
Biometric authentication
byAbduhalim Beknazarov
 
Biometric Technology
byAdoitya Kaila
 
Biometrics security
byVuda Sreenivasarao
 
Biometric technology
bySudip Sadhukhan
 
Biometric Systems and Security
byShreyans Jain
 
Biometric Authentication PPT
byOECLIB Odisha Electronics Control Library
 
Fingerprint Based Biometric ATM Authentication System
byInternational Journal of Engineering Inventions www.ijeijournal.com
 
Biometric technology
byMadugula Kumar
 
Biometrics
byumertariq12345
 
Biometrics Technology In the 21st Century
byStar Link Communication Pvt Ltd
 
Biometric's final ppt
byAnkita Vanage
 
Graphical password authentication
byAsim Kumar Pathak
 
BIOMETRIC SECURITY SYSTEM
byJignesh Prajapati
 
SEMINAR REPORT ON 3D PASSWORD
byKarishma Khan
 
Biometrics Technology PPT
byPavan Kumar MT
 
Iot Security
byMAITREYA MISRA
 
Fingerprint Technology
byJoy Dutta
 

Similar to Biometric security using cryptography

PPTX
Biometrics
byShivani Gautam
 
PDF
Biometric encryption
byDeepák Soni
 
DOC
Biometrics poster
byShiva Krishna Chandra Shekar
 
PPT
Bio Metrics
bynayakslideshare
 
PPT
Biometric
byVinay Gupta
 
PDF
Security Issues Related to Biometrics
byYogeshIJTSRD
 
PPTX
kuchtohhainayacnayjdhcxjxnusbxjnxjsbxhsjnkxbs.pptx
byshubhamnayaksn1
 
PDF
Biometrics Research/Thesis Paper
bySumaiya Ismail
 
PPTX
Biometrics
byJeevjyot Singh Chhabda
 
PDF
Biometric and cyber security 1
byehab_madda
 
PPTX
INTRODUCTION TO BIOMETRIC.pptx
byRahulSagar79
 
DOC
13 biometrics - fool proof security
bySrikanth457
 
PPT
Ecrime Practical Biometric
byJorge Sebastiao
 
PPT
Biometrics
byAlan Leewllyn Bivera
 
PDF
Douglas2018 article an_overviewofsteganographytechn (1)
bylakshmi.ec
 
PPTX
term 2
byVinayak Wadhwa
 
PDF
Biometrics system penetration in mobile devices
bySwapnil Jagtap
 
PDF
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
byInternational Center for Biometric Research
 
PPTX
Biometric security tech
bymmubashirkhan
 
PDF
MAIN_BIOMETRIC.pdf
by20BAI017HarshVasisht
 
Biometrics
byShivani Gautam
 
Biometric encryption
byDeepák Soni
 
Biometrics poster
byShiva Krishna Chandra Shekar
 
Bio Metrics
bynayakslideshare
 
Biometric
byVinay Gupta
 
Security Issues Related to Biometrics
byYogeshIJTSRD
 
kuchtohhainayacnayjdhcxjxnusbxjnxjsbxhsjnkxbs.pptx
byshubhamnayaksn1
 
Biometrics Research/Thesis Paper
bySumaiya Ismail
 
Biometrics
byJeevjyot Singh Chhabda
 
Biometric and cyber security 1
byehab_madda
 
INTRODUCTION TO BIOMETRIC.pptx
byRahulSagar79
 
13 biometrics - fool proof security
bySrikanth457
 
Ecrime Practical Biometric
byJorge Sebastiao
 
Biometrics
byAlan Leewllyn Bivera
 
Douglas2018 article an_overviewofsteganographytechn (1)
bylakshmi.ec
 
term 2
byVinayak Wadhwa
 
Biometrics system penetration in mobile devices
bySwapnil Jagtap
 
(2007) Privacy Preserving Multi-Factor Authentication with Biometrics
byInternational Center for Biometric Research
 
Biometric security tech
bymmubashirkhan
 
MAIN_BIOMETRIC.pdf
by20BAI017HarshVasisht
 

More from Sampat Patnaik

PPTX
Pharma Patenting
bySampat Patnaik
 
PPTX
Coca Cola vs Pepsi
bySampat Patnaik
 
PPTX
Hydrogen car development process
bySampat Patnaik
 
PPTX
Collaborative Planning Forecasting & Replenishment
bySampat Patnaik
 
PPTX
The TATA Group & Ratan Tata
bySampat Patnaik
 
PPTX
Tata Nano - My Take
bySampat Patnaik
 
PPTX
Infosys - The Ethical Perspective
bySampat Patnaik
 
PPTX
Basics Of Social Media
bySampat Patnaik
 
Pharma Patenting
bySampat Patnaik
 
Coca Cola vs Pepsi
bySampat Patnaik
 
Hydrogen car development process
bySampat Patnaik
 
Collaborative Planning Forecasting & Replenishment
bySampat Patnaik
 
The TATA Group & Ratan Tata
bySampat Patnaik
 
Tata Nano - My Take
bySampat Patnaik
 
Infosys - The Ethical Perspective
bySampat Patnaik
 
Basics Of Social Media
bySampat Patnaik
 

Recently uploaded

PDF
Risk Management and Regulatory Compliance - by Ms. Oceana Wong
byagenticroom
 
PDF
Agentic AI and AI Agents 20251121.pdf - by Ms. Oceana Wong
byagenticroom
 
PPTX
Masterclass on Cybercrime, Scams & Safety Hacks.pptx
bykalkidirwhytap
 
PDF
AI Chatbots and Prompt Engineering - by Ms. Oceana Wong
byagenticroom
 
PDF
Deep Research and Analysis - by Ms. Oceana Wong
byagenticroom
 
PDF
45 ĐỀ LUYỆN THI IOE LỚP 8 THEO CHƯƠNG TRÌNH MỚI - NĂM HỌC 2024-2025 (CÓ LINK ...
byNguyen Thanh Tu Collection
 
PDF
AI and ICT for Teaching and Learning, Induction-cum-Training Programme, 5th 8...
byProf. Vinod Kumar Kanvaria
 
PDF
“Step-by-Step Fabrication of Bipolar Junction Transistors (BJTs)”
byGS Virdi
 
PDF
Digital Electronics – Registers and Their Applications
byGS Virdi
 
PDF
*Unit-II A (Elements of Communication & Communication Style Matrix)
bySayyadTarannum
 
PPTX
Time Series Analysis - Meaning, Definition, Components and Application
bySundar B N
 
PDF
UGC NET Paper 1 Syllabus | 10 Units Complete Guide for NTA JRF
byNIKHIL K N
 
PPTX
Photography Pillar 1 The Subject PowerPoint
bymjb77ny
 
PPTX
Prelims - History and Geography Quiz - Around the World in 80 Questions - IITK
byAditya Padhi
 
PPTX
Time Series Analysis - Least Square Method Fitting a Linear Trend Equation
bySundar B N
 
PPTX
Physical education notes class ncert 12th
byjatinrg2009
 
PPTX
DEPED MEMORANDUM 089, 2025 PMES guidelines pptx
byRoseBubuli
 
PDF
Cattolica University - Lab Generative and Agentic AI - Mario Bencivinni
byMario Bencivinni
 
PPTX
The hidden treasures Grade 5 Story with Motive Questions.pptx
byGildaPetillaDelaCruz
 
PPTX
ATTENTION - PART 1.pptx cognitive processes -For B.Sc I Sem By Mrs.Shilpa Hot...
bySHILPA HOTAKAR
 
Risk Management and Regulatory Compliance - by Ms. Oceana Wong
byagenticroom
 
Agentic AI and AI Agents 20251121.pdf - by Ms. Oceana Wong
byagenticroom
 
Masterclass on Cybercrime, Scams & Safety Hacks.pptx
bykalkidirwhytap
 
AI Chatbots and Prompt Engineering - by Ms. Oceana Wong
byagenticroom
 
Deep Research and Analysis - by Ms. Oceana Wong
byagenticroom
 
45 ĐỀ LUYỆN THI IOE LỚP 8 THEO CHƯƠNG TRÌNH MỚI - NĂM HỌC 2024-2025 (CÓ LINK ...
byNguyen Thanh Tu Collection
 
AI and ICT for Teaching and Learning, Induction-cum-Training Programme, 5th 8...
byProf. Vinod Kumar Kanvaria
 
“Step-by-Step Fabrication of Bipolar Junction Transistors (BJTs)”
byGS Virdi
 
Digital Electronics – Registers and Their Applications
byGS Virdi
 
*Unit-II A (Elements of Communication & Communication Style Matrix)
bySayyadTarannum
 
Time Series Analysis - Meaning, Definition, Components and Application
bySundar B N
 
UGC NET Paper 1 Syllabus | 10 Units Complete Guide for NTA JRF
byNIKHIL K N
 
Photography Pillar 1 The Subject PowerPoint
bymjb77ny
 
Prelims - History and Geography Quiz - Around the World in 80 Questions - IITK
byAditya Padhi
 
Time Series Analysis - Least Square Method Fitting a Linear Trend Equation
bySundar B N
 
Physical education notes class ncert 12th
byjatinrg2009
 
DEPED MEMORANDUM 089, 2025 PMES guidelines pptx
byRoseBubuli
 
Cattolica University - Lab Generative and Agentic AI - Mario Bencivinni
byMario Bencivinni
 
The hidden treasures Grade 5 Story with Motive Questions.pptx
byGildaPetillaDelaCruz
 
ATTENTION - PART 1.pptx cognitive processes -For B.Sc I Sem By Mrs.Shilpa Hot...
bySHILPA HOTAKAR
 
In this document
Powered by AI

Overview of Cryptography and Biometrics, their principles, methods, key generation, and systemic advantages & threats.

Fundamentals of encryption and decryption; challenges with key security due to weak user pass codes.

Definition of biometrics focusing on uniqueness, permanence, collectability, and performance metrics for authentication.

Categorization of biometric attributes into physical (e.g., fingerprints, facial features) and behavioral (e.g., signature, keystrokes).

Details on fingerprint recognition technology and voiceprint creation for user authentication.

Explanation of biometric technologies involving iris recognition and face analysis for securing identities.

Biometric key management approaches including remote matching and key containment plus their drawbacks.

Innovative Biometric Encryption™ from Mytec Technologies that combines biometrics with digital key retrieval.

Dependent key generation methods utilizing user identifiers or biometric data for secure cryptographic keys.

Using spoken passwords combined with matching techniques to enhance cryptographic key security while improving accuracy.

Comparison of userID and biometric data highlighting differences in security, changeability, and enumeration.

Advantages of biometrics over traditional methods: strong authentication, ease of use, and resistance to loss.

Discussion on potential threats to biometric systems including attacks on sensors, the communication channel, and limitations of various methods.Key applications of biometrics in various fields, emphasizing their importance and performance advantages in security.

List of sources and references utilized in the presentation for further reading on biometric solutions.

Biometric security using cryptography

  • 1.
  • 2.
     Introduction toCryptography & Biometric Security  Principle & Standards Of Biometrics  Methods to secure a key using Biometrics  Biometric Encryption  User Based Cryptographic Keys & their Generation  Similarities & Differences Between UserID and Biometric-based Keys  Advantages & Threats to Biometric System  Applications of Biometric Systems  Conclusion
  • 3.
    Encryption Decryption
  • 4.
    Cryptography is animportant feature of computer security. It is dependent on the secrecy of the secret or private key. The user chooses an easily remembered pass code that is used to encrypt the cryptographic key and this key is then stored in a database. Security of the cryptographic key is weak due to practical problems of remembering pass codes. Since the pass code is not directly tied to a user, the system is unable to differentiate between the legitimate user and the attacker.
  • 5.
    “BIOS” ► life “METRON” measurement Study of automated methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits for authentication purposes. Measurable characteristics of the individual based on their physiological features / behavioral patterns that can be used to recognize or verify their identity.
  • 6.
    “Everyone in theworld is unique, and this uniqueness can be used for identity verification.” Uniqueness : Distinction between individuals Permanence : Resistance to ageing Collectability : Ease to obtain a biometric for measurement. Performance : Accuracy, speed, robustness of the biometric system. Acceptability :Degree of approval of a technology. Circumvention : Anomalies in the authentication system.
  • 7.
    BIOMETRICS BEHAVIORAL BEHAVIORAL PHYSICAL & PHYSICAL ATTRIBUTES ATTRIBUTES ATTRIBUTES •Signature •Fingerprints •Voice •Keystrokes •Eye retinas & irises •Facial patterns •Hand measurement •Ear shape.
  • 9.
    Fingerprints are uniqueto each individual and no two fingerprints are alike. Fingerprint recognition is most widely accepted biometrics among the technology being used today. Converts the image of a fingerprint into a mathematical template of the print's minutiae points. Fingerprints contains pattern of ridges and valleys as well as minutia points. Scanners : Optical scanners, Thermal scanners, Capacitances (solid state scanner), Minutia based, Correlation based.
  • 10.
    Creates a voiceprintbased on the inflection points of your speech, emphasizing the highs and lows specific to your way of talking.
  • 11.
    An authenticam takesthe pictures of person’s iris. The image is analyzed and a 512 byte code is generated. The code is then compared with the iris imprints in the database and used to determine the individual’s authorisation level. Discriminate between individuals with identical DNA like monozygotic twins.
  • 12.
    A camera capturesthe image of the face. Face Recognition Features and discrete areas are analyzed. The system analyses the characteristic rhythm Keystroke Dynamics of a person's typing. A picture of the hand is taken. Features like3D Hand Geometry shape, length, width of fingers and shape of knuckles are recorded. Signature Users signature digital graphic tablet. The verification system analyses speed, stroke order, stroke count and pressure .
  • 13.
    First one involvesremote template matching and key storage. In this method biometric image is captured and compared with a corresponding template. If the user is verified, the key is released. Drawback : The main problem here is use of an insecure storage media
  • 14.
    Hide the cryptographickey within the enrollment template itself via a secret bit-replacement algorithm. When the user is successfully authenticated, this algorithm extracts the key bits from the appropriate locations and releases the key. Drawback: The key will be retrieved from the same location in a template each time a different user is authenticated
  • 15.
    Using data deriveddirectly from a biometric image is another method. In this manner biometric templates are used as a cryptographic key. Drawback: Sensitivities due to environmental and physiological factors, and compromising of the cryptographic keys stand as a big obstacle
  • 16.
    A new andexciting technique is developed by Mytec Technologies Inc. and named as Biometric Encryption™. During the enrollment phase, the process combines the biometric image with a digital key to create a secure block of data known as BioScrypt™ and then the key is retreived using the biometric during the verification phase.
  • 17.
    It provides amechanism for the linking and retrieval of a digital key using a biometric. This biometric might be a 2D image such as fingerprint, palm print, face, iris or retina. The resulting digital key is then used as a cryptographic key. Note: The key is completely independent of the biometric data so that the use of the biometric is not forfeited if the key is ever compromised and can be easily modified or updated.
  • 18.
    Cryptographic systems requirea secret key or a random number which must be tied to an individual through an identifier. This identifier indeed could be a globally unique user id or biometric data. Pseudorandom numbers are generated by a PRNG (pseudo random number generator). The resulting pseudorandom number can be used directly as a key or adjusted with user-dependent data (userID or biometric data).
  • 19.
    User dependent keygeneration is done in two ways: First the key generation algorithm could be modified by using the user- dependent data. Second PRNG could be modified which is accomplished using a front-end or back-end approach. In front-end manner, the definition of the key is extended to include a user-specific data component. In back-end manner, pseudorandom numbers are treated as intermediate values and processed further.
  • 20.
    Similar to image-typebiometrics, human voice is a good biometric to generate a cryptographic key. For the goal of unpredictability, i.e. applying automatic speech recognition to recognize the password spoken and then simply using the password, as a cryptographic key is way. But it is not secure.
  • 21.
    One solution isa user utters a password to his/her device and that device would generate a key. Repeated utterance of the same password by the same user would improve the security of the key after successful matches with his/her previous recorded utterances.
  • 22.
    Both of themare different for each user. Both of them are non-secret data. It is clear to see that userID data is non-secret. Similarly biometric data is insecure in some sense because there is no practical way to prevent the capture of user biometric data outside the biometric system.
  • 23.
    Biometric data isobtained or derived from the user whereas userID is assigned to a user. Except the accidents biometric data can not be changed. But userID can easily be changed. Set of userIDs may be dense and it is easy to enumerate the set. Unlikely, set of biometric data is not dense and this makes it infeasible to enumerate the biometric data for each user.
  • 24.
    Biometrics directly authenticatesthe person, not indirectly through a password or token. Biometrics features are difficult to steal; thereby making biometrics authentication very strong. The Biometrics feature is eminently portable, and is unlikely to be lost. Another advantage of biometrics authentication systems is user cannot share or forget his retina or fingerprint, while a password and username are easily forgotten.
  • 25.
    Software Organizational Physical As with any IT security system, biometric-based security policy must deal with the threats from the workers of the organization who can damage any software or hardware component of the system. Attackers may also change the statistical recognition parameters of the components and decrease the recognition rates.
  • 26.
    Attacks on the biometric sensor/Acquisition device Example: usage of artificial or disembodied dead features like a cut-off finger in the fingerprint case. • Communication channel attacks (man-in-the-middle attacks) The first type is just eavesdropping. If the channel between the sensor and the feature extraction unit or the one between the reference database and the matching unit is attacked, the attacker will gain information about the biometric data. In the second type, purposeful use or change is done to the intercepted data for subsequent introduction back into the system
  • 27.
    Iris Recognition It is Relatively expensive; requires large amount of computer storage; may not be generally accepted by public. • Voice Verification Works well over the telephone but requires large amount of computer storage; people's voices can change; background noises can interfere.
  • 28.
    PC access andinternet security (Computer network security, Internet transaction, Laptop security, Application level security) Physical area security(military, government, banking, voting, prisons) Employee record check Mobile phones: network access & theft protection Mobile financial transaction: Credit cards & ATM cards.
  • 29.
    Reliable user authenticationis highly significant in this web enabled world. Consequences of an insecure authentication system can be catastrophic and may include loss of information, denial of service and loss of data integrity. Biometric Encryption™ and Bioscrypt™ are high security means of protecting the critical data of government, police departments, army and big firms. The current generation of biometric identification devices offer cost and performance advantages over manual security procedures. All these methods have shown that, using biometrics for identification or verification-based security systems and cryptosystems, is a promising technology
  • 30.
     www.ieeexplore.ieee.org  www.cscjournals.org www.en.wikipedia.org  C.Soutar, D.Roberge, A.Stoianov, R.Gilroy and B.V.K.V.Kumar, “Biometric Encryption™ using image processing”  M. Peyravian, S. M. Matyas, A. Roginsky, N. Zunic, “Generating user- based Cryptographic keys and random numbers”