DSpace Repository

Secure use of biometric data in cryptographic applications

Show simple item record

dc.contributor.advisor Dailey, Matthew N. (Co-chairperson) en_US
dc.contributor.advisor Chanathip Namprempre (Co-chairperson) en_US
dc.contributor.author Uddin, Zia en_US
dc.date.accessioned 2015-01-12T10:36:57Z
dc.date.available 2015-01-12T10:36:57Z
dc.date.issued 2009-05 en_US
dc.identifier.other AIT Diss no.CS-09-01 en_US
dc.identifier.uri http://www.cs.ait.ac.th/xmlui/handle/123456789/104
dc.description 89 p. en_US
dc.description.abstract In many cases, secret key management is the weakest link in a cryptographic system. Biometric data can help in providing a secure and user friendly way to manage crypto- graphic keys. One way to use biometrics for secret key management is to release keys once the associated biometric templates are found to match. However, as biometric templates are normally stored in cleartext form, this introduces many concerns about the security of stored biometric templates. A practical and possibly secure solution is to bind the secret key with the biometric template in a way that eliminates the need for direct storage of the key or the template. The binding information stored in the system would not reveal much about either of its components. However, due to inherently di erent characteristics of biometric templates and cryptographic keys, a few issues must be addressed before such a system can be built. For example, bio- metric readings are non-uniform, noisy, and irrevocable, while cryptographic keys must be uniform, exact, and revocable. In addition, there is a tradeo between key sizes and error correcting capability (distance between the enrollment and the veri cation templates) in such systems which demands techniques to reduce noise and to improve recognition accuracy. In this thesis, we address the above-mentioned issues. Our contribution is fourfold. First, we devise a cryptographic key management system using iris templates. Instead of authenticating by matching templates directly, the system matches hashes of gener- ated cryptographic keys. Authentication can be carried out without physically storing the cryptographic keys or the biometric templates. Instead, we store, on a smart card, some recovery information generated during the process of binding a cryptographic key and a biometric template. For each veri cation request, the secret key is regenerated with the help of the veri cation template and the recovery information. The system, evaluated on the University of Bath iris image dataset, generates cryptographic keys of 260 bits with a false recognition rate of 0.24% and a false acceptance rate of 0%. This is among the largest reported keys which have been generated using biometric readings with reasonably low error rates. Second, we present a biometrics-based full disk encryption scheme. A full disk en- cryption scheme encrypts everything on the disk including the swap space and the temporary les, and therefore does not leave any trace of plain data on the disk. To provide security against malicious modi cation of disk contents, a full disk encryption scheme is required to o er both privacy and authenticity of disk contents. Unfortu- nately, existing schemes provide only privacy of data. We present a disk encryption scheme using, as its building blocks, a robust fuzzy extractor and an authenticated encryption scheme. The scheme provides both privacy and authenticity of data. To support this claim, we provide new de nitions for privacy and authenticity for disk en- cryption schemes and prove the security of our constructions by reducing their security to the security of the underlying robust fuzzy extractor and authenticated encryption scheme. Third, we present a weighted majority voting scheme to improve the recognition rate of any iris recognition system by treating it as a black box. An experimental evaluation with CASIA version 1 iris image dataset shows that the proposed scheme improves on the existing majority voting and reliable bit selection schemes.Finally, we present an algorithm to localize the iris in a given eye image. We use image intensity to detect the pupil-iris boundary while edge detection and a circular Hough transform are used to detect the iris-sclera boundary. Experiments with University of Bath and CASIA iris image datasets show promising results in each case. en_US
dc.description.sponsorship Higher Education Commission, Pakistan en_US
dc.language.iso en en_US
dc.publisher Asian Institute of Technology en_US
dc.relation.ispartofseries AIT Publications; en_US
dc.subject Biometric data en_US
dc.subject Cryptographic system en_US
dc.title Secure use of biometric data in cryptographic applications en_US
dc.type Dissertation en_US

Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace

Advanced Search


My Account