• Journal of Korea Multimedia Society
• /
• v.10 no.12
• /
• pp.1655-1662
• /
• 2007

Although the PKl-based user authentication solution has been widely used, the security of it can be deteriorated by a simple password. This is because a long and random private key may be protected by a short and easy-to-remember password. To handle this problem, many biometric-based user authentication solutions have been proposed. However, protecting biometric data is another research issue because the compromise of the biometric data will be permanent. In this paper, we present an implementation to improve the security of the typical PKI-based authentication by protecting the private key with a fingerprint. Compared to the unilateral authentication provided by the typical biometric-based authentication, the proposed solution can provide the mutual authentication. In addition to the increased security, this solution can alleviate the privacy issue of the fingerprint data by conglomerating the fingerprint data with the private key and storing the conglomerated data in a user-carry device such as a smart card. With a 32-bit ARM7-based smart card and a Pentium 4 PC, the proposed fingerprint-based PKI authentication can be executed within 1.3second.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1113-1118
• /
• 2018

Fingerprint authentication is the most popular biometric in smart devices. However it has vulnerability to fake fingerprints. This paper shows that it is possible to pass fingerprint authentication of smartphone by creating counterfeit fingerprint without approval of legitimate users. As a technical countermeasure to prevent such a smudge-based attack, there has been proposed an under-screen Touch ID with a slide bar, which is a method of removing the fingerprint trail by dragging the UI to the side after fingerprint authentication on the touch screen. In this paper, we analyze how the proposed attack method and mitigation are perceived by actual user through 61 user survey.

• Proceedings of the IEEK Conference
• /
• 2000.09a
• /
• pp.901-904
• /
• 2000

A direct authentication from gray-scale image, instead of the conventional multi-step preprocessing, is proposed using Gabor filter-based features from the gray-scale fingerprint around core point. The core point is located as a reference point for the translation invariant matching. And its principal symmetry axis is detected for the rotation invariant matching from its neighboring region centered at the core point. And then fingerprint is divided into non-overlapping blocks with respect to the core point and features are directly extracted form the blocked gray level fingerprint using Gabor filter. The proposed fingerprint authentication is based on the Euclidean distance between the corresponding Gabor features of the input and the template fingerprints. Experiments are conducted on 300${\times}$300 fingerprints obtained from a CMOS sensor with 500 dpi resolution, and the proposed method could lower the False Reject Rate(FRR) to 18.2% under False Acceptance Rate(FAR) of 0%.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.6
• /
• pp.1294-1310
• /
• 2010

User authentication using fingerprint information provides convenience as well as strong security. However, serious problems may occur if fingerprint information stored for user authentication is used illegally by a different person since it cannot be changed freely as a password due to a limited number of fingers. Recently, research in fuzzy fingerprint vault system has been carried out actively to safely protect fingerprint information in a fingerprint authentication system. In addition, research to solve the fingerprint alignment problem by applying a geometric hashing technique has also been carried out. In this paper, we propose the hardware architecture for a geometric hashing based fuzzy fingerprint vault system that consists of the software module and hardware module. The hardware module performs the matching for the transformed minutiae in the enrollment hash table and verification hash table. On the other hand, the software module is responsible for hardware feature extraction. We also propose the hardware architecture which parallel processing technique is applied for high speed processing. Based on the experimental results, we confirmed that execution time for the proposed hardware architecture was 0.24 second when number of real minutiae was 36 and number of chaff minutiae was 200, whereas that of the software solution was 1.13 second. For the same condition, execution time of the hardware architecture which parallel processing technique was applied was 0.01 second. Note that the proposed hardware architecture can achieve a speed-up of close to 100 times compared to a software based solution.

• Journal of the Korean Society for Industrial and Applied Mathematics
• /
• v.24 no.4
• /
• pp.363-374
• /
• 2020

Fingerprint authentication identifies a user based on the individual's unique fingerprint features. Fingerprint authentication methods are used in various real-life devices because they are convenient and safe and there is no risk of leakage, loss, or oblivion. However, fingerprint authentication methods are often ineffective when there is contamination of the given image through wet, dirty, dry, or wounded fingers. In this paper, a method is proposed to remove noise from fingerprint images using a convolutional neural network. The proposed model was verified using the dataset from the ChaLearn LAP Inpainting Competition Track 3-Fingerprint Denoising and Inpainting, ECCV 2018. It was demonstrated that the model proposed in this paper obtains better results with respect to the methods that achieved high performances in the competition.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.233-240
• /
• 2017

Fingerprint authentication identifies individuals based on user specific information. It is widely used as it is convenient, secure and has no risk of leakage, loss, or forgotten. However, the latent fingerprints remaining on the smart device's surface are vulnerable to smudge attacks. We analyze the usage patterns of individuals using smart device and propose methods to reconstruct damaged fingerprint images using fingerprint smudges. We examine the feasibility of smudge attacks with frequent usage situations by reconstructing fingerprint smudges collected from touch screens. Finally, we empirically verify the vulnerability of fingerprint authentication systems by showing high attack rates.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2221-2234
• /
• 2011

The fuzzy vault scheme has emerged as a promising solution to user privacy and fingerprint template security problems. Recently, however, the fuzzy vault scheme has been shown to be susceptible to a correlation attack. This paper proposes a novel scheme for one-time templates for fingerprint authentication based on the fuzzy vault scheme. As in one-time passwords, the suggested method changes templates after each completion of authentication, and thus the compromised templates cannot be reused. Furthermore, a huge number of chaff minutiae can be added by expanding the size of the fingerprint image. Therefore, the proposed method can protect a user's fingerprint minutiae against the correlation attack. In our experiments, the proposed approach can improve the security level of a typical approach against brute-force attack by the factor of $10^{34}$.

• Journal of KIISE
• /
• v.42 no.4
• /
• pp.419-426
• /
• 2015

This paper proposes a fingerprint verification system on a fuzzy vault with steganography for a smartphone. While biometric-based authentication can provide strong security, the biometric data must be handled carefully as it cannot be re-enrolled when it is revealed to other people. When the transformed data is used for authentication, the original biometric data can be protected. In this paper, we combine a fingerprint verification system with a fuzzy vault scheme to protect the fingerprint data of a smartphone user. In addition, the transformed data using a fuzzy vault scheme increases the security as it is concealed by the steganography scheme. The result of the experiment using fingerprint databases shows that the proposed scheme provides a high level of convenience and security for authentication of a smartphone having with a fingerprint sensor.

• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.379-388
• /
• 2011

Ensuring the security of medical records is becoming an increasingly important problem as modern technology is integrated into existing medical services. As a consequence of the adoption of EMR(Electronic Medical Records) in the health care sector, it is becoming more and more common for a health professional to edit and view a patient's record. In order to protect the patient's privacy, a secure authentication model to access the electronic medical records system must be used. A traditional identity based digital certificate for the authenticity of EMR has private key management and key escrow of a user's private key. In order to protect the EMR, The traditional authentication system is based on the digital certificate. The identity based digital certificate has many disadvantages, for example, the private key can be forgotten or stolen, and can be easily escrow of the private key. Nowadays, authentication model using fingerprint recognition technology for EMR has become more prevalent because of the advantages over digital certificate -based authentication model. Because identity-based fingerprint recognition can eliminate disadvantages of identity-based digital certificate, the proposed authentication model provide high security for access control in EMR.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.11-21
• /
• 2008

Biometrics-based user authentication has several advantages over traditional password-based systems for standalone authentication applications. This is also true for new authentication architectures known as crypto-biometric systems, where cryptography and biometrics are merged to achieve high security and user convenience at the same time. Recently, a cryptographic construct, called fuzzy vault, has been proposed for crypto-biometric systems. This construct aims to secure critical data(e.g., secret key) with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint, and some implementations results for fingerprint have been reported. However, the previous results had some limitation of the provided security due to the limited numbers of chaff data fer hiding real fingerprint data. In this paper, we propose an approach to provide both the automatic alignment of fingerprint data and higher security by using a 3D geometric hash table. Based on the experimental results, we confirm that the proposed approach of using the 3D geometric hash table with the idea of the fuzzy vault can perform the fingerprint verification securely even with more chaff data included.