• Title/Summary/Keyword: Authentication template protection

Search Result 10, Processing Time 0.025 seconds

Authentication Template Protection Using Function Encryption (함수암호를 이용한 인증정보 Template 보호 기술)

  • Park, Dong Hee;Park, Young-Ho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.6
    • /
    • pp.1319-1326
    • /
    • 2019
  • Recently, biometrics and location information are being used for authentication in many devices. However, these information are stored as plaintext in safe device or, stored as ciphertext in authentication server it is used for authentication in plaintext by decrypting. Therefore, the leakage of authentication information as well as hacking can cause fatal privacy problems. In this paper, we propose a technique that can be authenticated without exposing authentication information to ciphertext using function encryption.

A Revocable Fingerprint Template for Security and Privacy Preserving

  • Jin, Zhe;Teoh, Andrew Beng Jin;Ong, Thian Song;Tee, Connie
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.4 no.6
    • /
    • pp.1327-1342
    • /
    • 2010
  • With the wide deployment of biometric authentication systems, several issues pertaining security and privacy of the biometric template have gained great attention from the research community. To resolve these issues, a number of biometric template protection methods have been proposed. However, the design of a template protection method to satisfy four criteria, namely diversity, revocability and non-invertibility is still a challenging task, especially performance degradation when template protection method is employed. In this paper, we propose a novel method to generate a revocable minutiae-based fingerprint template. The proposed method consists of feature extraction from fingerprint minutiae pairs, quantization, histogram binning, binarization and eventually binary bit-string generation. The contributions of our method are two fold: alignment-free and good performance. Various experiments on FVC2004 DB1 demonstrated the effectiveness of the proposed methods.

Fingerprint Template Protection Using One-Time Fuzzy Vault

  • Choi, Woo-Yong;Chung, Yong-Wha;Park, Jin-Won;Hong, Do-Won
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.5 no.11
    • /
    • pp.2221-2234
    • /
    • 2011
  • The fuzzy vault scheme has emerged as a promising solution to user privacy and fingerprint template security problems. Recently, however, the fuzzy vault scheme has been shown to be susceptible to a correlation attack. This paper proposes a novel scheme for one-time templates for fingerprint authentication based on the fuzzy vault scheme. As in one-time passwords, the suggested method changes templates after each completion of authentication, and thus the compromised templates cannot be reused. Furthermore, a huge number of chaff minutiae can be added by expanding the size of the fingerprint image. Therefore, the proposed method can protect a user's fingerprint minutiae against the correlation attack. In our experiments, the proposed approach can improve the security level of a typical approach against brute-force attack by the factor of $10^{34}$.

Fingerprint Template Protection using Fuzzy Vault

  • Moon Dae-Sung;Lee Sung-Ju;Jung Seung-Hwan;Chung Yong-Wha;Moon Ki-Young
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 2006.06a
    • /
    • pp.123-132
    • /
    • 2006
  • Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. To protect the biometric data, we need to store it in a non-invertible transformed version. Thus, even if the transformed version is compromised, the actual biometric data remains safe. In this paper, we propose an approach to protect finger-print templates by using the idea of the fuzzy vault. Fuzzy vault is a recently developed cryptographic construct to secure critical data with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint. We modify the fuzzy vault to protect fingerprint templates and to perform fingerprint verification with the protected template at the same time. This is challenging because the fingerprint verification is performed in the domain of the protected form. Based on the experimental results, we confirm that the proposed approach can perform the fingerprint verification with the protected template.

  • PDF

Biometric Template Security for Personal Information Protection (개인정보 보호를 위한 바이오인식 템플릿 보안)

  • Shin, Yong-Nyuo;Lee, Yong-Jun;Chun, Myung-Geun
    • Journal of the Korean Institute of Intelligent Systems
    • /
    • v.18 no.4
    • /
    • pp.437-444
    • /
    • 2008
  • This paper deals with the biometric template protection in the biometric system which has been widely used for personal authentication. First, we consider the structure of the biometric system and the function of its sub-systems and define the biometric template and identification(ID) information. And then, we describe the biometric template attack points of a biometric system and attack examples and provide their countermeasures. From this, we classify the vulnerability which can be protected by encryption and hashing techniques. For more detail investigation of these at real operating situations, we analyze them and suggest several protection methods for the typical application scheme of biometric systems such as local model, download model, attached model, and center model. Finally, we also handle the privacy problem which is most controversy issue related to the biometric systems and suggest some guidances of safeguarding procedures on establishing privacy sympathy biometric systems.

The One Time Biometric Key Generation and Authentication Model for Portection of Paid Video Contents (상용 비디오 콘텐츠 보호를 위한 일회용 바이오메트릭 키 생성 및 인증 모델)

  • Yun, Sunghyun
    • Journal of the Korea Convergence Society
    • /
    • v.5 no.4
    • /
    • pp.101-106
    • /
    • 2014
  • Most peoples are used to prefer to view the video contents rather than the other contents since the video contents are more easy to understand with both their eyes and ears. As the wide spread use of smartphones, the demands for the contents services are increasing rapidly. To promote the contents business, it's important to provide security of subscriber authentication and corresponding communication channels through which the contents are delivered. Generally, symmetric key encryption scheme is used to protect the contents in the channel, and the session key should be upadated periodically for the security reasons. In addition, to protect viewing paid contents by illegal users, the proxy authentication should not be allowed. In this paper, we propose biometric based user authentication and one time key generation models. The proposed model is consist of biometric template registration, session key generation and chanel encryption steps. We analyze the difference and benefits of our model with existing CAS models which are made for CATV contents protection, and also provides applications of our model in electronic commerce area.

Invariant Biometric Key Extraction based on Iris Code (홍채 코드 기반 생체 고유키 추출에 관한 연구)

  • Lee, Youn-Joo;Lee, Hyung-Gu;Park, Kang-Ryoung;Kim, Jai-Hie
    • Proceedings of the IEEK Conference
    • /
    • 2005.11a
    • /
    • pp.1011-1014
    • /
    • 2005
  • In this paper, we propose a method that extracts an invariant biometric key in order to apply this biometric key to the crypto-biometric system. This system is a new authentication architecture which can improve the security of current cryptographic system and solve the problem of stored template protection in conventional biometric system, also. To use biometric information as a cryptographic key in crypto-biometric system, same key should be generated from the same person. However, it is difficult to obtain such an invariant biometric key because biometric data is sensitive to surrounding environments. The proposed method solves this problem by clustering Iris Codes obtained by using independent component analysis (ICA).

  • PDF

JTC1 SC27 바이오 정보보호 국제표준화 동향

  • Moon, Ji-Hyun
    • Review of KIISC
    • /
    • v.18 no.4
    • /
    • pp.5-12
    • /
    • 2008
  • ISO/IEC JTC1 SC27은 IT 정보보호 및 보안에 관한 국제표준 제정 활동을 하는 국제기구이다. SC27은 다섯 개의 WG으로 구성되어 있는데, 이들 중 WG3와 WG5에서 총 3건의 바이오인식 관련 정보보호 표준화 작업을 수행하고 있다. 19792 바이오인식 보안 평가(Security Evaluation of Biometrics), 24761 바이오인식 인증 컨텍스트(Authentication Context for Biometrics), 24745 바이오 템플릿 보호(Biometric Template Protection)의 세 건이 바로 그것이다. 바이오인식 관련 전문가들의 활동이 적은 SC27에서 바이오인식 기술에 관한 국제표준화가 함께 진행될 수 있었다는 점은 놀라운 일이며, SC37 바이오인식 관련 국제표준 전문가들의 많은 관심을 통해 SC27에서의 바이오인식 관련 국제표준화 활동이 조속한 결실을 맺을 수 있도록 함께 노력해 나가야 할 시점에 있다 하겠다. 본 고에서는 바이오인식 기술의 관점에서의 SC27 국제표준화 활동 내용을 소개하고 현재까지의 진행상황과 앞으로의 일정 및 추진 방향 등을 분석, 정리하여, 관련 전문가들로 하여금 SC27에서의 바이오인식 관련 표준화 활동에 보다 많은 관심을 가질 수 있도록 하는 계기를 마련하고자 한다.

Cancelable Iris Templates Using Index-of-Max Hashing (Index-of-Max 해싱을 이용한 폐기가능한 홍채 템플릿)

  • Kim, Jina;Jeong, Jae Yeol;Kim, Kee Sung;Jeong, Ik Rae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.3
    • /
    • pp.565-577
    • /
    • 2019
  • In recent years, biometric authentication has been used for various applications. Since biometric features are unchangeable and cannot be revoked unlike other personal information, there is increasing concern about leakage of biometric information. Recently, Jin et al. proposed a new cancelable biometric scheme, called "Index-of-Max" (IoM) to protect fingerprint template. The authors presented two realizations, namely, Gaussian random projection-based and uniformly random permutation-based hashing schemes. They also showed that their schemes can provide high accuracy, guarantee the security against recently presented privacy attacks, and satisfy some criteria of cancelable biometrics. However, the authors did not provide experimental results for other biometric features (e.g. finger-vein, iris). In this paper, we present the results of applying Jin et al.'s scheme to iris data. To do this, we propose a new method for processing iris data into a suitable form applicable to the Jin et al.'s scheme. Our experimental results show that it can guarantee favorable accuracy performance compared to the previous schemes. We also show that our scheme satisfies cancelable biometrics criteria and robustness to security and privacy attacks demonstrated in the Jin et al.'s work.

Genetic Authentication of Cynanchi Wilfordii Radix and Cynanchi Auriculati Radix by Using Conventional-PCR and Real-time PCR (Conventional-PCR 및 Real-time PCR을 이용한 백수오와 이엽우피소의 유전자 종감별 시험법 비교)

  • Ryu, Hoe Jin;Kim, Ae Kyung;Kim, Sung Dan;Jung, Sam Joo;Jang, Jung Im;Lee, Hee Jin;Lee, Jung Mi;Yu, In Sil;Jung, Kweon
    • Korean Journal of Pharmacognosy
    • /
    • v.49 no.1
    • /
    • pp.55-64
    • /
    • 2018
  • Recently, it has been a big issue to distinguish the dried roots of Cynanchum wilfordii and C. auriculatum in health functional food market. The original plant species of Cynanchi Wilfordii Radix belong to the Asclepiadaceae family is differentially described in the national pharmacopoeia of Korea, China and Japan. Owing to the morphological similarities of the dried roots of this plant to those of C. auriculatum, which is often misidentified in Korean herbal medicine marketplace, distinguishing these two species is exceedingly difficult. The purpose of this study was to compare the conventional-PCR with the real-time PCR for detection of C. wilfordii and C. auriculatum DNA. We also tried to realize a quantitative real-time PCR assay using species-specific matK primers, which allowed us to estimate the ratio of C. willfordii and C. auriculatum using varying ratios of mixed genomic DNA template from the two species. The differentiation of intentional and unintentional mixture in this study would be applied to food safety management and can be helpful for protection of consumer's right and cultivators.