Date post: | 13-Feb-2017 |
Category: |
Engineering |
Upload: | pranjul-mishra |
View: | 255 times |
Download: | 3 times |
A Seminar ON
Blind Authentication: A Secure Crypto-Biometric Authentication Protocol
OFOFM.C.A.M.C.A. ByBy
Pranjul Mishra (2014024000132)Pranjul Mishra (2014024000132)
Under the Guidence of
Mr. M.HasanDepartment of Computer Science and EngineeringMadan Mohan Malaviya University of Technology Session(2015-16)
CONTENTS1. Biometrics2. Biometric Authentication System3. Different types of biometric systems4. Privacy concerns in Biometric authentication systems5. What is Blind Authentication ?6. Features of Blind Authentication7. Previous work8. Security, Privacy and Trust9. Blind Secure Product Protocol10. Advantages11. Conclusion12. References
BIOMETRICS
A biometric is a physiological or behavioral characteristic of a human being that can distinguish one person from another and that can be used for identification or verification of identity.
Biometric Authentication System
Different type of biometric systems
Primary Concerns in a Biometric authentication System
1. Template Protection
2. User's privacy
3. Network security
What is Blind Authentication?
A blind authentication protocol that means it reveals only the identity , and no other additional information to the user and the authenticating server.
Key point of Blind Authentication
Use of cryptography primitives to bolster the authenticating process
Encryption provides protection and ability to revoke enrolled templates,
Reduced the concern on privacy
PREVIOUS WORK
Categorization of template protection schemes by Jain
SALTINGInvertible function defined by a key or passwordDue to compromise Easy to revoke and replace with new keyNo longer secure
NON-INVERTIBLE TRANSFORMApply non-invertible function on the biometric templateKey must be available at the time of transformationEg. Robust hashing etc.
KEY BINDING AND KEY GENERATIONComputationally to decode the key or the templateIt is hard to develop scheme for generate a same key for different templates of same person.
Process of blind Authentication
1.Feature extraction2.Enrollment3.Authentication
ENROLLMENT
ALGORITHM ENROLLMENT
1: Client collects multiple sample of her biometric, B1..k2: Feature vectors, xi, are computed from each sample3: Client sends xi, along with her identity and public key E, to the enrollment server4: Enrollment server uses xi and the information from otherusers to compute an authenticating classifier (ω, τ) for the user5: The classifier parameters are encrypted using the users public key: E(ωi)6: E(ωi)s, along with the user’s identity, the encryption key (E), and the threshold (τ), are sent to the authentication server for registration7: The client is then notified about success
AUTHENTICATION
Blind Authentication Process: the identity vectors x, w or the intermediate results xi · wi is revealed to anyone.
Features of blind authentication
SYSTEM SECURITY
Server Security Client Security Network Security
PRIVACY
Concern of revealing personal information Concern of being tracked
Server securityHacker gains access to the template database
Client securityHacker gains access to the user’s biometric or private keyPassive attack at the user’s computer
Concern of revealing personal information-Template is never revealed to the server.
Privacy
ADVANTAGES OF BLIND AUTHENTICATION
• Fast and Provably Secure authentication without trading off accuracy.
• Supports generic classifiers such as Neural Network and SVMs.
• Ideal for applications such as biometric ATMs etc.
CONCLUSION
Verification can be done in real-time with the help of available hardware.
Keep the interaction between the user and the server to a minimum.
Extensions to this work includes secure enerollment protocols and encryption methods to reduce computations.
THANK YOUTHANK YOU
QUERIES ??QUERIES ??