• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.123-132
• /
• 2006

Biometric-based authentication can provide strong security guarantee about the identity of users. However, security of biometric data is particularly important as the compromise of the data will be permanent. To protect the biometric data, we need to store it in a non-invertible transformed version. Thus, even if the transformed version is compromised, the actual biometric data remains safe. In this paper, we propose an approach to protect finger-print templates by using the idea of the fuzzy vault. Fuzzy vault is a recently developed cryptographic construct to secure critical data with the fingerprint data in a way that only the authorized user can access the secret by providing the valid fingerprint. We modify the fuzzy vault to protect fingerprint templates and to perform fingerprint verification with the protected template at the same time. This is challenging because the fingerprint verification is performed in the domain of the protected form. Based on the experimental results, we confirm that the proposed approach can perform the fingerprint verification with the protected template.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.12
• /
• pp.6152-6168
• /
• 2017

Recently, the biometric-based authentication systems such as FIDO (Fast Identity Online) are increased in mobile computing environments. The biometric-based authentication systems are performed on the mobile devices with the battery, the improving energy efficiency is important issue. In the case, the size of images (i.e., face, fingerprint, iris, and etc.) affects both recognition accuracy and energy consumption, and hence the tradeoff analysis between the both recognition accuracy and energy consumption is necessary. In this paper, we propose an energy-efficient way to authenticate based on biometric information with tradeoff analysis between the both recognition accuracy and energy consumption in multimedia IoT (Internet of Things) transmission environments. We select the facial information among biometric information, and especially consider the multicore-based mobile devices. Based on our experimental results, we prove that the proposed approach can enhance the energy efficiency of GABOR+LBP+GRAY VALUE, GABOR+LBP, GABOR, and LBP by factors of 6.8, 3.6, 3.6, and 2.4 over the baseline, respectively, while satisfying user's face recognition accuracy.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.11 no.1
• /
• pp.59-67
• /
• 2015

A novel authentication mechanism is biometric authentication where users are identified by their measurable human characteristics, such as fingerprint, voiceprint, and iris scan. The technology of biometrics is becoming a popular method for engineers to design a more secure user authentication scheme. In terms of physiological and behavioral human characteristics, biometrics is used as a form of identity access management and access control, and it services to identity individuals in groups that are under surveillance. In this article, we review the biometric-based authentication protocol by Althobati et al. and provide a security analysis on the scheme. Our analysis shows that Althobati et al.'s scheme does not guarantee server-to-user authentication. The contribution of the current work is to demonstrate this by mounting threat of data integrity and bypassing the gateway node on Althobati et al.'s scheme. In addition, we analysis the security vulnerabilities of Althobati et al.'s protocol.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.11
• /
• pp.5674-5691
• /
• 2016

Fast IDentity Online(FIDO) supports biometric authentications in an online environment without transmitting biometric templates over the network. For a given FIDO client, the "Fuzzy Vault" securely stores biometric templates, houses additional biometric templates, and unlocks private keys via biometrics. The Fuzzy Vault has been extensively researched and some vulnerabilities have been discovered, such as brute force, correlation, and key inversions attacks. In this paper, we propose a simple fingerprint Fuzzy Vault for FIDO clients. By using the FIDO feature, a simple minutiae alignment, and point-to-point matching, our Fuzzy Vault provides a secure algorithm to combat a variety of attacks, such as brute force, correlation, and key inversions. Using a case study, we verified our Fuzzy Vault by using a publicly available fingerprint database. The results of our experiments show that the Genuine Acceptance Rate and the False Acceptance Rate range from 48.89% to 80% and from 0.02% to 0%, respectively. In addition, our Fuzzy Vault, compared to existing similar technologies, needed fewer attempts.

• Information and Communications Magazine
• /
• v.32 no.6
• /
• pp.39-49
• /
• 2015

In cryptographic applications, the key protection is either knowledge-based (passwords) or possession-based (tamper-proof device). Unfortunately, both approaches are easily forgotten or stolen, thus introducing various key management issues. By incorporating biometrics technologies which utilize the uniqueness of personal characteristics, the security of cryptosystems could be strengthened as authentication now requires the presence of the user. Biometric Cryptosystem (BC) encompasses the design of cryptographic keys protection methods by incorporating biometrics. BC involves either key-biometrics binding or direct key generation from biometrics. However, the wide acceptance and deployment of BC solutions are constrained by the fuzziness related with biometric data. Hence, error correction codes (ECCs) should be adopted to ensure that fuzziness of biometric data can be alleviated. In this overview paper, we present such ECC solutions used in various BCs. We also delineate on the important facts to be considered when choosing appropriate ECCs for a particular biometric based solution from accuracy performance and security perspectives.

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.40 no.6
• /
• pp.237-246
• /
• 2003

To acquire certificate of security evaluation for information protection Products, it is necessary for a designer to grasp the threats listed in a protection profile and to reflect them in the product design. BDPP is a protection profile for the biometric devices. In this paper, we applied BDPP to a Match-on-Card, and ertracted some security requirements to protect biometric data against threats. We also studied some countermeasures satisfying the security requirements.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.251-256
• /
• 2010

In times past, simple numeric password was the commonly used method in security system. For complement this method, the security system using biometric information is appeared. But it usually uses the scheme to utilize portion of biometric information, and has limited application fields. This biometric security system has low reliability because of some problems such as steal, robbery, and so on. Furthermore, it is associated secondary crime as leaking personal information. For this reason new security system using the unique individual biometric is required. In this paper, we propose the security scheme which used face image and iris analysis. While face image processing for specific person identification, it calculate some feature points of face image and iris's features in our proposed scheme. After person identification applying RFID tags in doorway, several feature information is extracted from camera image, and these compare with registered information of our system for final identification.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.4
• /
• pp.121-127
• /
• 2012

Biometric technology has been proposed as a new means to replace conventional PIN or password because it is hard to be lost and has the low possibility of illegal use. However, unlike a PIN or password, there is no way to modify the exposure if it is exposed and used illegally. To solve the problems, we propose to apply OTP using biometric information to mobile devices for more secure and adaptable authentication. In this paper, we propose a secure framework for delivering biometric information as mobile OTP to the server (TTP) and compared this paper with existed methods about security and performance.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.21 no.5
• /
• pp.1009-1015
• /
• 2017

Recently, the wide spread of IoT (Internet of Things) based technology enables the accumulation of big biometric data on livestock. The availability of big data allows the application of diverse machine learning based algorithm in the field of agriculture, which significantly enhances the productivity of farms. In this paper, we propose an abnormal livestock detection algorithm based on deep learning, which is the one of the most prominent machine learning algorithm. In our proposed scheme, the livestock are divided into two clusters which are normal and abnormal (disease) whose biometric data has different characteristics. Then a deep neural network is used to classify these two clusters based on the biometric data. By using our proposed scheme, the normal and abnormal livestock can be identified based on big biometric data, even though the detailed stochastic characteristics of biometric data are unknown, which is beneficial to prevent epidemic such as mouth-and-foot disease.

• Journal of the Korean Institute of Intelligent Systems
• /
• v.20 no.5
• /
• pp.610-616
• /
• 2010

This paper describes how to securely bind the identity reference and biometric reference for satisfying security requirements. To overcome the shortcomings of the simple personal authentication method using a password, such as identify theft, a biometric system that utilizes physical and behavioral characteristics of each person has been adopted. In the biometric system, the biometric information itself is personal information, and it can be used as an unique identifier that can identify a particular it vidual when combining with other identity information. As a result, a son, anb it canmethod is required for manipulat canthese information. Consider canthese issues, this paper proposes a biit canmethod uiter son, anand uisecure channels for generating the common identifier and ensuring security of identity reference and biometric reference that are stored in the separated DBs.