biometric key generation using pseudo-signatures · 2008-07-22 · biometric key generation using...

6
Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose Department of Computer Science, Johns Hopkins University [email protected] Department of Computer Science & Engineering, Lehigh University [email protected] Department of Computer Science & Engineering, Lehigh University [email protected] Department of Computer Science, Johns Hopkins University [email protected] Abstract Recent work has shown that biometric key genera- tion using handwriting as input are susceptible to attacks based on generative models and population statistics. In this paper, we propose an approachfor overcoming these vulnerabilities through the use of idiosyncratic “pseudo- signatures.” We summarize the past work that led us to this notion, and describe a novel graphical user interface we have developed to test our theory by making it easier for users to create good graphical passwords. A discus- sion of preliminary results from ongoing experiments con- cludes the paper. Keywords: biometrics, cryptographic key generation, online handwriting, hand-drawn sketches 1. Introduction Handwritten signatures have received widespread ac- ceptance for legal purposes and are a familiar mechanism for establishing one’s identity. This, combined with the growing proliferation of pen input devices (e.g., tablet computers and personal digital assistants), along with well-publicized incidents involving the theft of sensitive data, has resulted in a significant degree of interest in handwriting as a biometric [4]. It is useful to note that there are two fundamentally different ways of using handwriting for security purposes. Authentication, sometimes referred as verification, is the problem of using a biometric sample as proof of claimed identity. Generally, this is accomplished by storing a rep- resentation of the user’s biometric, along with the user’s ID, in a protected database. When a user wishes to au- thenticate, she provides her ID and a biometric sample to a trusted, tamper-proof interface (a reference monitor) that controls access to the system. The reference monitor searches the database and retrieves the sample that should correspond to the identifier. If this sample matches the one provided by the user sufficiently closely, then the ref- erence monitor authenticates the user. The other approach to using handwriting is as a basis for cryptographic key generation. Here the user provides a sample of her biometric to a system that by itself is not assumed to be secure. Rather, feature extraction and map- ping to the key space are constructed in a way to preserve as much entropy as possible in the input without reveal- ing anything useful about the biometric to an attacker who may capture and reverse-engineer the host system. There are some important differences between the two uses of handwriting in a biometric setting. An authen- tication system can protect itself from a sustained attack by limiting each user a small number of attempts to login successfully before shutting her out for a period of time. Schemes that use handwriting for biometric key genera- tion do not have this option since it is assumed that a po- tential adversary can obtain complete control over the sys- tem and recover the key at her leisure, without any time constraints. From a security perspective, this means that to be rigorous an evaluation must test not only the abil- ity of talented human forgers to defeat the system, it must also consider whether algorithmic techniques place it at risk. Our earlier research on handwriting biometrics ad- dresses precisely this question, showing that attacks based on generative models for handwriting or that exploit gen- eral population statistics can be a serious threat [1, 2, 3]. In this paper, we propose an approach for overcom- ing the vulnerabilities we previously identified through the use of idiosyncratic “pseudo-signatures.” We summarize the past work that led us to this notion as a possible so- lution, and describe a novel graphical user interface we have developed to test this theory; our tool is designed to help make it easier for users to create good graphical hand-drawn passwords. We conclude with preliminary re- sults from experiments now in progress and a discussion of ongoing research.

Upload: others

Post on 13-Aug-2020

3 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Biometric Key Generation Using Pseudo-Signatures · 2008-07-22 · Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose ... based

Biometric Key Generation Using Pseudo-Signatures

Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose

Department ofComputer Science,

Johns HopkinsUniversity

[email protected]

Department ofComputer Science

& Engineering,Lehigh [email protected]

Department ofComputer Science

& Engineering,Lehigh [email protected]

Department ofComputer Science,

Johns HopkinsUniversity

[email protected]

Abstract

Recent work has shown that biometric key genera-tion using handwriting as input are susceptible to attacksbased on generative models and population statistics. Inthis paper, we propose an approach for overcoming thesevulnerabilities through the use of idiosyncratic “pseudo-signatures.” We summarize the past work that led us tothis notion, and describe a novel graphical user interfacewe have developed to test our theory by making it easierfor users to create good graphical passwords. A discus-sion of preliminary results from ongoing experiments con-cludes the paper.

Keywords: biometrics, cryptographic key generation,online handwriting, hand-drawn sketches

1. Introduction

Handwritten signatures have received widespread ac-ceptance for legal purposes and are a familiar mechanismfor establishing one’s identity. This, combined with thegrowing proliferation of pen input devices (e.g., tabletcomputers and personal digital assistants), along withwell-publicized incidents involving the theft of sensitivedata, has resulted in a significant degree of interest inhandwriting as a biometric [4].

It is useful to note that there are two fundamentallydifferent ways of using handwriting for security purposes.Authentication, sometimes referred as verification, is theproblem of using a biometric sample as proof of claimedidentity. Generally, this is accomplished by storing a rep-resentation of the user’s biometric, along with the user’sID, in a protected database. When a user wishes to au-thenticate, she provides her ID and a biometric sampleto a trusted, tamper-proof interface (a reference monitor)that controls access to the system. The reference monitorsearches the database and retrieves the sample that shouldcorrespond to the identifier. If this sample matches the

one provided by the user sufficiently closely, then the ref-erence monitor authenticates the user.

The other approach to using handwriting is as a basisfor cryptographic key generation. Here the user providesa sample of her biometric to a system that by itself is notassumed to be secure. Rather, feature extraction and map-ping to the key space are constructed in a way to preserveas much entropy as possible in the input without reveal-ing anything useful about the biometric to an attacker whomay capture and reverse-engineer the host system.

There are some important differences between the twouses of handwriting in a biometric setting. An authen-tication system can protect itself from a sustained attackby limiting each user a small number of attempts to loginsuccessfully before shutting her out for a period of time.Schemes that use handwriting for biometric key genera-tion do not have this option since it is assumed that a po-tential adversary can obtain complete control over the sys-tem and recover the key at her leisure, without any timeconstraints. From a security perspective, this means thatto be rigorous an evaluation must test not only the abil-ity of talented human forgers to defeat the system, it mustalso consider whether algorithmic techniques place it atrisk. Our earlier research on handwriting biometrics ad-dresses precisely this question, showing that attacks basedon generative models for handwriting or that exploit gen-eral population statistics can be a serious threat [1, 2, 3].

In this paper, we propose an approach for overcom-ing the vulnerabilities we previously identified through theuse of idiosyncratic “pseudo-signatures.” We summarizethe past work that led us to this notion as a possible so-lution, and describe a novel graphical user interface wehave developed to test this theory; our tool is designedto help make it easier for users to create good graphicalhand-drawn passwords. We conclude with preliminary re-sults from experiments now in progress and a discussionof ongoing research.

Page 2: Biometric Key Generation Using Pseudo-Signatures · 2008-07-22 · Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose ... based

2. Handwriting and Key Generation

Techniques for cryptographic key generation havebeen proposed for numerous biometric modalities, includ-ing iris codes, keystroke latencies, speech, and, of course,handwritten signatures [6, 8, 15, 16]. Kuan, et al., forexample, describe a method for generating cryptographickeys from online signatures [8]. They evaluated their ap-proach on the SVC dataset [17] and achieved an EqualError Rate (ERR) of between 6% and 14% given access toa stolen token.

Generating keys from signatures has several obviousbenefits. First, compared with other biometric modalities,the capture of signatures is minimally intrusive. Second,the daily use of signatures results in a biometric modal-ity that is highly repeatable. Third, users often embel-lish their signatures with decorative flourishes, which in-creases variation across the population. We note, how-ever, that signatures have one property that makes themunappealing for key generation: each user only has onetrue signature. Since cryptographic keys can become com-promised for any number of reasons, we seek a biometricmodality that allows a user to create completely new keyswhenever they are needed.

Another approach, which shares many of the benefitsof signatures, is based on generating cryptographic keysfrom handwritten passphrases. Handwriting addresses theone-signature/one-key limitation: if a user wishes to gen-erate a new key, she can write a new passphrase. Therehave been studies that show that handwriting varies acrossthe population [12], and researchers have proposed gener-ating keys from this modality [15, 16].

Veilhauer, et al. present a biometric hash based on 24features extracted from an online handwriting signal [16].They report achieving a False Accept Rate (FAR) of 0%at a False Reject Rate (FRR) of 7%, but only included10 subjects in their studies. In a later paper they discussfeature correlation and stability for a larger set of fea-tures; however, the same number of test subjects was em-ployed [15]. Zobisch and Veilhauer developed a tool fortraining forgers to explore the limits of their abilities [14].In a test involving four users, they found that the FARincreases when the forger is shown a static image of thetarget signature, and doubles for a dynamic replay.

Our own extensive studies demonstrate the dramaticimpact that human and algorithmic forgers can have onhandwriting biometrics. A significant concern is that sincepeople use handwriting in their daily activities, they mayinadvertently leave behind samples of writing that couldbe exploited by an attacker in guessing their keys. Indeed,we have demonstrated a number of generative approachesfor using captured online [2, 9] and even offline [1] sam-ples to forge written passphrases. This raises serious is-sues with the use of such passphrase-based techniques.

3. Pseudo-Signatures

In this work, we propose a novel approach to gen-erate keys from handwriting. We wish to combine thebenefits of signatures (i.e., ease of collection, repeatabil-ity, and distinguishability) with the variety afforded bypassphrases. Naturally, we require a kind of input thata user does not write in the normal course of daily life tohelp ward-off generative attacks. We base our approachon pseudo-signatures, which are a sequence of simplesketches that a user writes only for security purposes andhence help thwart generative attacks. Additionally, webuild pseudo-signatures as the composition of commonshapes (e.g., circles, squares, and triangles), so that theywill be familiar and repeatable for users.

Our idea of pseudo-signatures is outwardly similar tothe “Draw-a-Secret” (DAS) graphical passwords proposedby Jermyn, et al. [7]. In that work, the authors presentusers with a 5 × 5 grid of blocks, and ask the users todraw a password. The authors derive a password from thesquares that the user’s stylus visits, as well as the orderin which the squares are visited. The authors argue thatthe theoretical password space for DAS is much largerthan the password space for standard text-based pass-words. However, van Oorschot and Thorpe later showedthat while the theoretical password space is large, userstended to create highly symmetric passwords, and so thesize of the password space in practice might be smallerthan first thought [13].

In an experiment involving 16 test subjects [10], Naliand Thorpe found that approximately 45% of the userschose symmetric passwords, two-thirds of which weremirror-symmetric. Moreover, approximately 80% of theusers chose passwords composed of 1-3 strokes, 10% used4-6 strokes, and 10% employed six or more strokes. Fi-nally, 56% of the passwords were centered, and an addi-tional 30% were nearly centered. Clearly, when left totheir own devices, users do not choose particularly goodgraphical passwords.

Our approach to pseudo-signatures attempts to rectifythe shortcomings of DAS in order to find an input that si-multaneously has higher entropy and is less likely to suc-cumb to generative attacks. We make two extensions tothe original DAS scheme to accomplish our goals:

1. We add online features, such as the velocity of thepen tip and the length of dwells, in addition to thecoarse offline features that were employed in theoriginal construction. We hope that this extra in-formation will increase the entropy of the pseudo-signature space.

2. We provide users with randomly generated visualcues to help them draw passwords that cover moreof the theoretical DAS space.

Page 3: Biometric Key Generation Using Pseudo-Signatures · 2008-07-22 · Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose ... based

This second point deserves more explanation. In orderto encourage users to draw (potentially) non-symmetricgraphical passwords, we propose to show each user a dif-ferent set of visual cues generated using a random process.The user can use these templates as hints for creating moredistinctive passwords. The entropy from the keying mate-rial will not be computed from the templates, but ratherhow the user chooses to combine the templates and thendraw her password based on these cues. These templatesinclude, but are not limited to, different shapes to trace,colors to indicate pen velocity, arrows to indicate direc-tions of strokes, and locations and lengths of suggestedpen-tip dwells.

For example, a user might be presented with theprompt in Figure 1. She might then draw the four edgesof a square in the indicated order, with the red stroke (1)drawn slowly, the yellow stroke (2) somewhat faster anddashed, and the green strokes (3, 4) drawn quickly. Shewould also dwell the pen tip for a short time period in thelower left corner of the square, and for a longer time inthe upper left corner. After finishing this, she could drawa circle at moderate speed, pausing to dwell for a shortperiod just after the three o’clock position on the circle.

Figure 1. An example of a pseudo-signature prompt.

Of course, the user is free to ignore the hints providedby the system, draw different symbols, or overlap the vi-sual cues. We also leave it to the user’s interpretation asto what constitutes “medium” velocity, or a “long” dwell.We hope that by vaguely specifying the meanings of thevisual cues, we will allow the personal interpretations ofeach user to naturally enhance the entropy of the biomet-ric. At the same time, the minimal directions that we pro-vide should reduce the tendency to create symmetric pass-words. Moreover, another important goal for the visualcues is to increase repeatability by providing the user away to remember what she had previously written.

These are important open questions that we seek to be-gin answering in a series of experiments now underway.We present some preliminary observations in a later sec-tion of the paper.

4. Creating Visual Prompts

For our approach to be viable, the user must be able torecreate her key reliably at a later time. Thus, we seek atechnique to show randomly generated visual prompts tothe user when her pseudo-signature is first enrolled, andalso to display the same set of prompts to the user whenshe later returns to recreate her key. At the same time,to guarantee that the user can create different keys if sheso chooses, we must allow her to specify when she wouldlike to be presented with a new set of visual prompts.

We accomplish this by having the user select a tradi-tional password for each key that she wishes to derive, anduse this password to build a different set of randomly gen-erated visual cues. We do not assume that the passwordshave high entropy (otherwise, we would not need to gen-erate keys from biometrics), but the entropy that they doprovide will supplement the entropy of the biometric inthe key derivation process.

Each visual cue is composed of a basic shape with aset of modifying characteristics, such as pen-tip dwell lo-cations, stroke direction indicators, and speed indicators.The key generator stores each of these descriptors in ta-bles; there is a different table for shapes, and one for eachtype of modifier. During enrollment, a user supplies herID u and password πtxt to the system, which computesa cryptographic hash function, H, (e.g., SHA1 [11]) overthe two strings to create an index i = H(u||πtxt). Thebits of i serve as indexes into each of the visual cue ta-bles. The system processes i by repeatedly indexing intoeach table using the appropriate bits, and outputing thecorrect shapes and modifiers. Since H is a cryptographichash function, each of the bits in i are independent of oneanother, and so each table is indexed independently.

Note that the only source of entropy from an attacker’spoint of view is from πtxt. Since u is public, including itin the computation of i offers no theoretical security, al-though in a practical setting, it acts as a “salt” [5]. That is,an attacker who attempts to guess the graphical passwordfor a specific user must rebuild a dictionary of graphicalpasswords based on that user’s identifier.

For an example of a randomized palette from whichthe user is free to pick any number of templates to serveas cues, see the upper half of the display in Figure 2.

After being presented with a palette, the user then se-lects and arranges the templates needed to form a graph-ical password, as shown in the lower half of the displayin Figure 2. Note that the user will be presented with thissame palette each time she attempts to generate her key, soshe must be able to recall the proper set of cues from thepalette and their locations. This task is likely to be easierthan trying to draw a complex graphical password withoutany cues, working only from memory. The system can bedesigned to enforce choosing a specific minimum num-

Page 4: Biometric Key Generation Using Pseudo-Signatures · 2008-07-22 · Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose ... based

ber of templates to guarantee against trivial passwords thatwould be easy to attack. The password shown in the fig-ure was created by overlaying four templates chosen fromthe palette: a quick glance makes it clear which ones wereused.

To increase memorability, the system could be de-signed to show fewer visual prompts to the user. Theproper number to employ is a parameter that we are eval-uating in our experiments.

Figure 2. Cues selected by a user in preparation forcreating a graphical password.

Once the templates are placed, the user can then drawher password. While one strategy here is to trace overthe cues, it is important to note that the user is not lim-ited to tracing – she can create a completely new drawingthat bears little resemblance to the cues, making use of thespace between the templates in creative ways. We can alsoanticipate that over time, the user may be able to memo-rize her pseudo-signatures, just as we do with our one truesignature, and hence no longer need the cues.

5. Computing Cryptographic Keys

After the system shows πgr to the user, it is up to herto create a pseudo-signature. She could try to replicateπgr precisely, use it for inspiration, augment it, or ignoreit completely. No matter what her choice is, the user in-puts her writing using a stylus, and the system extracts

the digital signals β that compose the handwriting signal.Let φ1, . . . , φm be m error-corrected features (e.g., thesecould be the indexes of bins over the range of each featurethat contain the user’s samples). The final key is computedas K = H

′(u||πtxt||φ1(β)|| . . . ||φm(β)). Here, H′ is also

cryptographic hash function that outputs λ bits, but is in-dependent of H. Note that it is not necessarily the casethat the entropy of the key is λ (in all likelihood, it will bemuch less). The security afforded by the key must be ar-gued empirically based on the variability of the biometricreading.

We believe that since each user will be shown a dif-ferent set of graphical cues, and that since these cues canbe combined into arbitrary asymmetric shapes, the maxi-mum theoretical entropy available from pseudo-signaturesis likely to be much greater than what was offered in theoriginal DAS scheme, or other passphrase-based hand-writing key generators. Additionally, we aim to furtherincrease this entropy by incorporating online features inaddition to the static features used in DAS, such as thelength of pen-tip dwells, velocity, and acceleration.

6. Experimental Evaluation

We have developed a graphical tool written in theTcl/Tk scripting language to support our work on pseudo-signatures. The tool is platform-independent and runs un-der both Linux and MS Windows. Screen snapshots ear-lier in the paper show the tool in action.

Our data collection activities are taking place usingNEC Versa LitePad tablet computers; this is the same sys-tem we used in our previous studies on handwriting bio-metrics. Ultimately, we expect to gather data from 30-40test subjects, students recruited from our respective insti-tutions through various reward policies that encourage se-rious attempts at using and stressing the system.

One of our first goals will be to evaluate the traditionalFRR / FAR tradeoff, making use of so-called “blind” (ornaıve) forgeries. We will also analyze this data for mea-sures of password complexity (e.g., symmetry, the numberof templates the user has chosen and how they are arrayedon the page, etc.) so that we can begin to characterize userpreferences. We will conduct additional data collectionsat later dates to determine how performance degrades overtime, and in particular whether the graphical passwordsusers create are indeed memorable and reproducible.

We also plan to examine several types of forgery at-tempts, of course, using the same paradigms we developedfor our earlier studies ([1, 2, 3]). For example, prospectiveforgers will be allowed access to the same palette of cuesas the targeted user to see whether that raises their successrates. In addition, we will also study simulated “shouldersurfing” attacks to see whether these are a risk to pseudo-signature systems. Finally, we plan to attempt algorithmic

Page 5: Biometric Key Generation Using Pseudo-Signatures · 2008-07-22 · Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose ... based

attacks based on our generative handwriting models.A key set of questions to be answered concerns the

composition of visual cues and its impact on both the us-ability of our approach, and on the entropy of the pseudo-signatures. For instance, the templates that we have pre-sented in this paper are comprised of a small set of shapes.Each shape has indicators specifying location of pen-tipdwells, dwell lengths, direction of strokes, and speed. Itis unclear whether applying each of the indicators to eachshape will improve usability by providing users with pre-cise directions, or whether the many different indicatorswill simply confuse users. Our experiments will addressthis question. Additionally, we might further increase theentropy of our approach by not specifying the length ofpen-tip dwells (which is currently suggested by the diam-eter of the dwell-tip circles). By simply specifying thelocation of the dwells instead of the length, we might ex-tract additional entropy by drawing on each user’s naturalinterpretation of what constitutes a dwell. It is also im-portant to explore whether simple symmetric shapes suchas circles and squares are useful, or whether more abstractshapes might improve entropy.

Figure 3. Time to place cues (lower curve) and towrite pseudo-signature (upper curve) for Subject #3.

For now, we report preliminary observations basedon five test subjects, each of whom created a pseudo-signature and drew it a total of 100 times over a period offive sessions. In this “beta-test” of the system, users werepresented with visual cues in a 2 × 3 grid. We begin bynoting that three of the five users chose to generate theirpalette of visual cues using only a single digit password,further emphasizing the need both for good strategies forselecting cues and for extracting significant entropy fromthe user’s writing. Four of the five test subjects chose threecues to create their pseudo-signatures, while the fifth sub-ject chose seven cues.

One question concerns how quickly users will adapt tothe system. As a way of measuring this, we plot in Fig-ure 3 how much time a particular individual – Subject #3in our experiments – took to place the visual cues and then

to write his pseudo-signature. Note that after an initial ac-climation phase, the user appears to settle down to moreconsistent timings.

Another important measure of security is the inherentsymmetry present in the pseudo-signatures that users de-sign. As noted earlier in the discussion of Draw-a-Secret,symmetric drawings provide less entropy. On the otherhand, it may be natural for users to select more symmetricarrangements to help them remember where to place theircues. A relatively simple measure of symmetry is first todetermine the bounding box for the handwriting compris-ing the pseudo-signature and then to subdivide the boxinto four quadrants. By plotting the number of pen tipsamples that fall within a given quadrant, we can createquick displays indicative of whether a pseudo-signature isasymmetric (Figure 4) or symmetric (Figure 5).

Figure 4. Sampled point distribution for asymmetricpseudo-signature created by Subject #2.

Figure 5. Sampled point distribution for symmetricpseudo-signature created by Subject #4.

In addition to studying the ease with which users canreliability recreate their pseudo-signatures, we are alsonow collecting data to support analysis of FRR / FAR un-der various forgery models.

Page 6: Biometric Key Generation Using Pseudo-Signatures · 2008-07-22 · Biometric Key Generation Using Pseudo-Signatures Lucas Ballard Jin Chen Daniel Lopresti Fabian Monrose ... based

7. Conclusions

In this paper we have introduced the notion of pseudo-signatures as a way of overcoming the serious limitationswith using an individual’s one true signature or her normalhandwriting for biometric key generation. This conceptbuilds on past work on graphical passwords, in particularDraw-a-Secret, posing a number of interesting questions.Preliminary observations suggest that the scheme is fea-sible, although we have not yet collected sufficient datato understand its vulnerabilities, which hinge on a user’sability to design and then draw a strong pseudo-signature.

8. Acknowledgments

This work is supported by the National Science Foun-dation under grants CNS-0430338 (Johns Hopkins) andCNS-0430178 (Lehigh).

References

[1] L. Ballard, D. Lopresti, and F. Monrose. Evalu-ating the security of handwriting biometrics. InProceedings of the 10th International Workshop onthe Foundations of Handwriting Recognition, pages461–466, La Baule, France, October 2006.

[2] L. Ballard, D. Lopresti, and F. Monrose. Forgeryquality and its implications for biometric security.IEEE Transactions on Systems, Man, and Cybernet-ics, Part B (Special Issue), 37(5):1107–1118, Octo-ber 2007.

[3] L. Ballard, F. Monrose, and D. Lopresti. Biomet-ric authentication revisited: Understanding the im-pact of wolves in sheep’s clothing. In Proceedingsof the 15th Annual USENIX Security Symposium,pages 29–41, Vancouver, BC, Canada, August 2006.

[4] M. C. Fairhurst. Signature verification revisited:promoting practical exploitation of biometric tech-nology. Electronics & Communication EngineeringJournal, pages 273–280, December 1997.

[5] D. Feldmeier and P. Karn. UNIX password secu-rity – ten years later. In Advances in Cryptology –CRYPTO ’89 Proceedings, volume 435 of LectureNotes in Computer Science, pages 44–63, Berlin,Germany, 1990. Springer-Verlag.

[6] F. Hao and C. Wah. Private key generation from on-line handwritten signatures. Information Manage-ment and Computer Security, 10(4):159–164, 2002.

[7] I. Jermyn, A. Mayer, F. Monrose, M. Reiter, andA. Rubin. The design and analysis of graphical pass-words. In Proceedings of the Eighth USENIX Secu-rity Symposium, August 1999.

[8] Y. Wai Kuan, A. Goh, D. Ngo, and A. Teoh. Cryp-tographic keys from dynamic hand-signatures withbiometric security preservation and replaceability. InProceedings of the Fourth IEEE Workshop on Auto-matic Identification Advanced Technologies, pages27–32, Los Alamitos, CA, 2005. IEEE ComputerSociety.

[9] D. P. Lopresti and J. D. Raim. The effectivenessof generative attacks on an online handwriting bio-metric. In Proceedings of the International Confer-ence on Audio- and Video-based Biometric PersonAuthentication, pages 1090–1099, Hilton Rye Town,NY, USA, 2005.

[10] D. Nali and J. Thorpe. Analyzing user choice ingraphical passwords. Technical report, School of In-formation Technology and Engineering, Universityof Ottawa, May 27 2004.

[11] NIST. Secure Hash Standard. FIPS PUB 180-1, May1993.

[12] S. N. Srihari, S-H. Cha, H. Arora, and S. Lee. In-dividuality of handwriting: A validation study. InICDAR ’01: Proceedings of the Sixth InternationalConference on Document Analysis and Recognition,page 106, Washington, DC, USA, 2001. IEEE Com-puter Society.

[13] P. C. van Oorschot and J. Thorpe. On predictivemodels and user-drawn graphical passwords. ACMTransactions on Information and System Security,June 2007.

[14] C. Veilhauer and F. Zobisch. A test tool to sup-port brute-force online and offline signature forgerytests on mobile devices. In Proceedings of the Inter-national Conference on Multimedia and Expo, vol-ume 3, pages 225–228, 2003.

[15] C. Vielhauer and R. Steinmetz. Handwriting:Feature correlation analysis for biometric hashes.EURASIP Journal on Applied Signal Processing,4:542–558, 2004.

[16] C. Vielhauer, R. Steinmetz, and A. Mayerhofer. Bio-metric hash based on statistical features of onlinesignatures. In Proceedings of the Sixteenth Interna-tional Conference on Pattern Recognition, volume 1,pages 123–126, 2002.

[17] D. Y. Yeung, H. Chang, Y. Xiong, S. George,R. Kashi, T. Matsumoto, and G. Rigoll. SVC2004:First International Signature Verification Competi-tion. In Proceedings of the International Conferenceon Biometric Authentication, Hong Kong, July 2004.