biometric security [email protected]. iis 2 problem people use weak passwords people write...
TRANSCRIPT
IIS2
Problem
People use weak passwords
People write the pin code on their bank card
Biometrics cannot be “forgotten” and you do not have to “think of it”
IIS3
Personal Identification
Associating an individual with an identity: Something you have
» Token, smart card
Something you know» Password, pin
Something you are:» Physiological» Behavioural
IIS4
Forms of Identification
Authentication (aka Verification)» Am I who a claim to be?
Recognition (aka Identification)» Who am I?
» Harder than Authentication (why?)
IIS5
Physiological or Behavioural?
[Jai00] A. K. Jain, L. Hong, and S. Pankanti. Biometric identification. Commun. ACM, 43(2):90-98, Feb 2000. http://doi.acm.org/10.1145/328236.328110
Sample Application Areas
Forensic Civilian Commercial
Criminal investigation
National ID ATM (India), POS (AH)
Corpse identification Driver's license
(Oklahoma)
Credit card
(Singapore)
Parenthood determination
Welfare disbursement
Laptop login
IIS6
IIS12
Fingerprint matching
Ridge thinning & extraction
Minutiae (bifurcation, end point) detection
Ridge based alignment & overlaying
IIS13
Desired Characteristics
Biometric» Universal» Unique» Permanent» Collectable
System» Performance» Acceptability» Circumvention
[Put00] T. van der Putte and J. Keuning. Biometrical fingerprint recognition: Don't get your fingers burned. In 4th Int. IFIP wg 8.8 Conf. Smart card research and advanced application (CARDIS), pages 289-303, Bristol, UK, Sep 2000. Kluwer Academic Publishers, Boston, Massachusetts. http://www.keuning.com/biometry/Biometrical_Fingerprint_Recognition.pdf
Watch this video
Some Comparisons
Biome-trics
Univer-sality
Unique-ness
Perma-nence
Collec-tability
Perfor-mance
Accep-tability
Circum-vention
Face high low med. high low high low
Finger
med. high high med. high med. high
Hand Geo-metry
med. med. med. high med. med. med.
Iris high high high med. high low high
Signa-ture
low low low high low high low
Voice Print
med. low low med. low high low
IIS14
Biometrics is not perfect
High False Accept rate is bad for high security applications -- dangerous
High False Reject rate is bad for high usability applications -- annoying
accept reject
Alice is recognised as Alice true
Bob is recognised as Alice false
Alice is not recognised as Alice false
Bob is not recognised as Alice true
IIS15
IIS19
Template protection
Requirements» Diversity (no cross matching of data bases for privacy)
» Revocability (easy to replace template)
» Security (hard to obtain the original)
» Performance (matching must be robust)
Why does encryption not work?
Two examples» Non-invertible transforms
» Fuzzy commitment
[Jai08] A. K. Jain, K. Nandakumar, and A. Nagar. Biometric template security. EURASIP Journal on Advances in Signal Processing, 2008:579416, 2008.
http://dx.doi.org/10.1155/2008/579416
IIS20
Non invertible transform
User specific transformation (revocability)
Locally smooth translation outside mather tolerance (performance)
Globally non smooth (security)
[Rat06] N. Ratha, J. Connell, R. M. Bolle, and S. Chikkerur. Cancelable biometrics: A case study in fingerprints. In 18th Int. Conf. on Pattern Recognition (ICPR), volume 4, pages 370-373, Honkong, China, Aug 2006. IEEE Computer Society. http://dx.doi.org/10.1109/ICPR.2006.353
“crumple”
IIS21
Example
Fuzzy commitment
Idea» Use biometric template : x
» As a corrupted code word : c = x-δ
The commitment is» Hash code word for security : h(c)
» Leave distance in clear for fuzziness : δ
Verification» Measure : x’» Compute: c’ = decode (x’- δ)
» Match if h(c’) = h(c)[Jue99a] A. Juels and M. Wattenberg. A fuzzy commitment scheme. In 6th ACM conf. on Computer and communications security (CCS), pages 28-36, Kent Ridge Digital Labs, Singapore, 1999. ACM. http://doi.acm.org/10.1145/319709.319714
100 200
100
2
00
3
00
x x’
c
δ
δ
c’?c’?
Template protection application
[Buh07] I. R. Buhan, J. M. Doumen, P. H. Hartel, and R. N. J. Veldhuis. Secure ad-hoc pairing with biometrics: SAfE. In 1st Int. Workshop on Security for Spontaneous Interaction (Ubicomp 2007 Workshop Proceedings), pages 450-456, Innsbruck, Austria, Sep 2007. http://www.comp.lancs.ac.uk/iwssi2007/papers/iwssi2007-02.pdf
IIS23
Secure ad-hoc pairing
Suppose two people meet» Who have never met before
» There is no TTP and/or they are not online
» They are not technical
» They would like to exchange data
» Concerned about eavesdropper
How to do this?» Biometrics
» Shielding function as fuzzy extractor
» Protocol with novel “related key attack”
IIS24
Idea: Take each other’s photo
ma=0110... mb=1101...
wa wb
mb=decode( , )Alice has ma,mb
ma=decode( , )Bob has ma,mb
Enroll-ment
Verifi-cation
wb wa
radio
IIS25
Coping with noise
Problem:
» Alice gets m’b close to mb but not the same
» The same for Bob...
Solution:» During enrollment calculate error profiles
» Cryptanalysis using those profiles to recover the correct key
» More work for eavesdropper