Secure use of biometric data in cryptographic applications

Abstract

In many cases, secret key management is the weakest link in a cryptographic system. Biometric data can help in providing a secure and user friendly way to manage crypto- graphic keys. One way to use biometrics for secret key management is to release keys once the associated biometric templates are found to match. However, as biometric templates are normally stored in cleartext form, this introduces many concerns about the security of stored biometric templates. A practical and possibly secure solution is to bind the secret key with the biometric template in a way that eliminates the need for direct storage of the key or the template. The binding information stored in the system would not reveal much about either of its components. However, due to inherently di erent characteristics of biometric templates and cryptographic keys, a few issues must be addressed before such a system can be built. For example, bio- metric readings are non-uniform, noisy, and irrevocable, while cryptographic keys must be uniform, exact, and revocable. In addition, there is a tradeo between key sizes and error correcting capability (distance between the enrollment and the veri cation templates) in such systems which demands techniques to reduce noise and to improve recognition accuracy. In this thesis, we address the above-mentioned issues. Our contribution is fourfold. First, we devise a cryptographic key management system using iris templates. Instead of authenticating by matching templates directly, the system matches hashes of gener- ated cryptographic keys. Authentication can be carried out without physically storing the cryptographic keys or the biometric templates. Instead, we store, on a smart card, some recovery information generated during the process of binding a cryptographic key and a biometric template. For each veri cation request, the secret key is regenerated with the help of the veri cation template and the recovery information. The system, evaluated on the University of Bath iris image dataset, generates cryptographic keys of 260 bits with a false recognition rate of 0.24% and a false acceptance rate of 0%. This is among the largest reported keys which have been generated using biometric readings with reasonably low error rates. Second, we present a biometrics-based full disk encryption scheme. A full disk en- cryption scheme encrypts everything on the disk including the swap space and the temporary les, and therefore does not leave any trace of plain data on the disk. To provide security against malicious modi cation of disk contents, a full disk encryption scheme is required to o er both privacy and authenticity of disk contents. Unfortu- nately, existing schemes provide only privacy of data. We present a disk encryption scheme using, as its building blocks, a robust fuzzy extractor and an authenticated encryption scheme. The scheme provides both privacy and authenticity of data. To support this claim, we provide new de nitions for privacy and authenticity for disk en- cryption schemes and prove the security of our constructions by reducing their security to the security of the underlying robust fuzzy extractor and authenticated encryption scheme. Third, we present a weighted majority voting scheme to improve the recognition rate of any iris recognition system by treating it as a black box. An experimental evaluation with CASIA version 1 iris image dataset shows that the proposed scheme improves on the existing majority voting and reliable bit selection schemes.Finally, we present an algorithm to localize the iris in a given eye image. We use image intensity to detect the pupil-iris boundary while edge detection and a circular Hough transform are used to detect the iris-sclera boundary. Experiments with University of Bath and CASIA iris image datasets show promising results in each case.