Construction of a New Biometric-Based Key Derivation Function and Its Application

Biometric data is user-identifiable and therefore methods to use biometrics for authentication have been widely researched. Biometric cryptosystems allow for a user to derive a cryptographic key from noisy biometric data and perform a cryptographic task for authentication or encryption. The fuzzy extractor is known as a prominent biometric cryptosystem. However, the fuzzy extractor has a drawback in that a user is required to store user-specific helper data or receive it online from the server with additional trusted channel, to derive a correct key. In this paper, we present a new biometric-based key derivation function (BB-KDF) to address the issues. In our BB-KDF, users are able to derive cryptographic keys solely from their own biometric data: users do not need any other user-specific helper information. We introduce a security model for the BB-KDF. We then construct the BB-KDF and prove its security in our security model. We then propose an authentication protocol based on the BB-KDF. Finally, we give experimental results to analyze the performance of the BB-KDF. We show that our proposed BB-KDF is computationally efficient and can be deployed on many different kinds of devices.

Download Full-text

An Improved Fuzzy Vector Signature with Reusability

Applied Sciences ◽

10.3390/app10207141 ◽

2020 ◽

Vol 10 (20) ◽

pp. 7141

Author(s):

Ilhwan Lim ◽

Minhye Seo ◽

Dong Hoon Lee ◽

Jong Hwan Park

Keyword(s):

Sampling Method ◽

Performance Comparison ◽

Error Rates ◽

Efficiency Improvement ◽

Fuzzy Extractor ◽

Authentication Protocols ◽

Biometric Data ◽

Single User ◽

Helper Data ◽

Fuzzy Vector

Fuzzy vector signature (FVS) is a new primitive where a fuzzy (biometric) data w is used to generate a verification key (VKw), and, later, a distinct fuzzy (biometric) data w′ (as well as a message) is used to generate a signature (σw′). The primary feature of FVS is that the signature (σw′) can be verified under the verification key (VKw) only if w is close to w′ in a certain predefined distance. Recently, Seo et al. proposed an FVS scheme that was constructed (loosely) using a subset-based sampling method to reduce the size of helper data. However, their construction fails to provide the reusability property that requires that no adversary gains the information on fuzzy (biometric) data even if multiple verification keys and relevant signatures of a single user, which are all generated with correlated fuzzy (biometric) data, are exposed to the adversary. In this paper, we propose an improved FVS scheme which is proven to be reusable with respect to arbitrary correlated fuzzy (biometric) inputs. Our efficiency improvement is achieved by strictly applying the subset-based sampling method used before to build a fuzzy extractor by Canetti et al. and by slightly modifying the structure of the verification key. Our FVS scheme can still tolerate sub-linear error rates of input sources and also reduce the signing cost of a user by about half of the original FVS scheme. Finally, we present authentication protocols based on fuzzy extractor and FVS scheme and give performance comparison between them in terms of computation and transmission costs.

Download Full-text

Improving an Anonymous and Provably Secure Authentication Protocol for a Mobile User

Security and Communication Networks ◽

10.1155/2017/1378128 ◽

2017 ◽

Vol 2017 ◽

pp. 1-13 ◽

Cited By ~ 8

Author(s):

Jongho Moon ◽

Youngsook Lee ◽

Jiye Kim ◽

Dongho Won

Keyword(s):

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle ◽

Authentication Protocol ◽

Mobile User ◽

Internet Security ◽

Computationally Efficient ◽

Fuzzy Extractor ◽

On Line

Recently many authentication protocols using an extended chaotic map were suggested for a mobile user. Many researchers demonstrated that authentication protocol needs to provide key agreement, mutual authentication, and user anonymity between mobile user and server and resilience to many possible attacks. In this paper, we cautiously analyzed chaotic-map-based authentication scheme and proved that it is still insecure to off-line identity guessing, user and server impersonation, and on-line identity guessing attacks. To address these vulnerabilities, we proposed an improved protocol based on an extended chaotic map and a fuzzy extractor. We proved the security of the proposed protocol using a random oracle and AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. Furthermore, we present an informal security analysis to make sure that the improved protocol is invulnerable to possible attacks. The proposed protocol is also computationally efficient when compared to other previous protocols.

Download Full-text

Key Generation from Multibiometric System Using Meerkat Algorithm

Engineering and Technology Journal ◽

10.30684/etj.v38i3b.652 ◽

2020 ◽

Vol 38 (3B) ◽

pp. 115-127

Author(s):

Duha D. Salman ◽

Raghad A. Azeez ◽

Adul mohssen J. Hossen

Keyword(s):

Swarm Intelligence ◽

Autonomous Agents ◽

Collective Intelligence ◽

Key Generation ◽

Biometric Data ◽

Cryptographic Key Generation ◽

Cryptographic Keys ◽

Cryptographic Key ◽

Left And Right ◽

Better Than

Biometrics are short of revocability and privacy while cryptography cannot adjust the user’s identity. By obtaining cryptographic keys using biometrics, one can obtain the features such as revocability, assurance about user’s identity, and privacy. Multi-biometrical based cryptographic key generation approach has been proposed, subsequently, left and right eye and ear of a person are uncorrelated from one to other, and they are treated as two independent biometrics and combine them in our system. None-the-less, the encryption keys are produced with the use of an approach of swarm intelligence. Emergent collective intelligence in groups of simple autonomous agents is collectively termed as a swarm intelligence. The Meerkat Clan Key Generation Algorithm (MCKGA) is a method for the generation of a key stream for the encryption of the plaintext. This method will reduce and distribute the number of keys. Testing of system, it was found that the keys produced by the characteristics of the eye are better than the keys produced by the characteristics of the ear. The advantages of our approach comprise generation of strong and unique keys from users’ biometric data using MCKGA and it is faster and accurate in terms of key generation.

Download Full-text

An Efficient Method for Secure ECG Feature based Cryptographic Key Generation

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.l3506.1081219 ◽

2019 ◽

Vol 8 (12) ◽

pp. 159-164

Keyword(s):

Normal Sinus Rhythm ◽

Linear Feedback ◽

Security Level ◽

Pseudorandom Number Generator ◽

Random Number Generators ◽

Appearance Time ◽

Normal Sinus ◽

Myocardial Infraction ◽

Cryptographic Keys ◽

Cryptographic Key

A novel method to generate ECG feature oriented cryptographic keys is proposed. Due to the advantage of the uniqueness and randomness properties of ECG’s main feature, this feature is achieved. As the production of key depends on four reference- free ECG main features, Low-latency property is obtained. These features are obtained in short time. This process is referred as (SEF)-based cryptographic key production. The SEF has the following features like: 1) identifying the appearance time of ECG’s fiducial values by means of Daubechies wavelet transform to calculate ECG’s main features conversely; 2) A dynamic method is used to denote the best quantity of bits that can be obtained from the main ECG feature, which consists of PR, RR, PP, QT, and ST time periods; 3) Generating cryptographic keys by the ECG features extracted in the method mentioned above and 4) Making the SEF method as strong with cryptographically secure pseudo-random number generators. Fibonacci linear feedback shift register and recent encryption traditional algorithms are executed as the pseudorandom number generator to improve the safety stage of the produced cryptographic keys. This method is executed to 239 subjects’ ECG signals consisting of normal sinus rhythm, arrhythmia, atrial brillation, and myocardial infraction. Normal ECG rhythms have slightly better randomness when compare with the abnormal.The output results proves that the SEF method is faster than the present existing key production methods. It produces higher security level when compared to existing methods

Download Full-text

An Authentication Protocol with Encrypted Biometric Data

Progress in Cryptology – AFRICACRYPT 2008 - Lecture Notes in Computer Science ◽

10.1007/978-3-540-68164-9_8 ◽

2008 ◽

pp. 109-124 ◽

Cited By ~ 41

Author(s):

Julien Bringer ◽

Hervé Chabanne

Keyword(s):

Authentication Protocol ◽

Biometric Data

Download Full-text

Efficient Hierarchical Authentication Protocol for Multiserver Architecture

Security and Communication Networks ◽

10.1155/2020/2523834 ◽

2020 ◽

Vol 2020 ◽

pp. 1-14

Author(s):

Jiangheng Kou ◽

Mingxing He ◽

Ling Xiong ◽

Zeqiong Lv

Keyword(s):

Service Providers ◽

Security Analysis ◽

Authentication Protocol ◽

Security Requirements ◽

Secure Communications ◽

Security Model ◽

Practical Applications ◽

Levels Of Service ◽

Different Levels ◽

Provably Secure

The multiserver architecture authentication (MSAA) protocol plays a significant role in achieving secure communications between devices. In recent years, researchers proposed many new MSAA protocols to gain more functionality and security. However, in the existing studies, registered users can access to all registered service providers in the system without any limitation. To ensure that the system can restrict users that are at different levels and can access to different levels of service providers, we propose a new lightweight hierarchical authentication protocol for multiserver architecture using a Merkle tree to verify user’s authentication right. The proposed protocol has hierarchical authentication functionality, high security, and reasonable computation and communication costs. Moreover, the security analysis demonstrates that the proposed protocol satisfies the security requirements in practical applications, and the proposed protocol is provably secure in the general security model.

Download Full-text

Fujitsu tech turns biometric data into a cryptographic key

Biometric Technology Today ◽

10.1016/s0969-4765(15)30165-x ◽

2015 ◽

Vol 2015 (11) ◽

pp. 3

Keyword(s):

Biometric Data ◽

Cryptographic Key

Download Full-text

Analysis of Vulnerabilities of Key Management Systems in Distributed Ledger Using the Example of the IBM Blockchain

Voprosy kiberbezopasnosti ◽

10.21681/2311-3456-2021-2-61-70 ◽

2021 ◽

pp. 61-70

Author(s):

Alexander Plotkin ◽

◽

Sergey Kesel ◽

Maxim Repin ◽

Nikolay Fedorov ◽

...

Keyword(s):

Information Technology ◽

Life Cycle ◽

Key Management ◽

Business Processes ◽

Management Systems ◽

Management Process ◽

Distributed Ledger ◽

Registry System ◽

Cryptographic Keys ◽

Cryptographic Key

Abstract. Today, one of the most discussed topics in the field of information technology is distributed registry systems. They attract investors and developers with their functionality. Distributed ledger systems are being introduced into business processes in many areas of human activity, which makes their contribution to development irreplaceable. One of the most vulnerable parts of such systems is the process of managing cryptographic keys, an attack on which can destroy the entire security of the distributed registry system. The aim of the research is to identify possible threats to the process of managing cryptographic keys, on the basis of which recommendations and standards for managing cryptographic keys in distributed ledger systems will be developed. Research methods: to achieve this goal, the structure of the life cycle of cryptographic keys was considered, an analysis of possible vulnerabilities in the process of managing cryptographic keys at each stage of the life cycle of a cryptographic key was carried out. In addition, the distributed ledger system was analyzed in the context of the identified vulnerabilities of the key management process using the example of the IBM blockchain and the possibility of outsourcing cryptographic key management systems was considered. Result: a set of possible threats to the process of managing cryptographic keys was proposed, the necessity of assessing the security of the key management system before deciding on the introduction of these systems into distributed registries was proposed, conclusions were drawn about the need to develop recommendations and standards for the process of managing cryptographic keys for such systems, as well as the possibility applicability of the recommendations for assessing the security of the implementation of outsourcing of cryptographic key management systems in distributed ledgers.

Download Full-text

User Integrity Protection Security Model for Enhanced Telemedicine For Healthcare Networks

10.31219/osf.io/69jdq ◽

2020 ◽

Author(s):

Nishu Gupta

Keyword(s):

Key Management ◽

Energy Efficient ◽

Key Exchange ◽

Sensor Nodes ◽

Base Stations ◽

Wireless Sensor ◽

Sensitive Information ◽

Security Model ◽

Wireless Sensor Nodes ◽

Cryptographic Keys

The wireless sensor nodes utilizes the wireless channels in the frequency bands of the 802.11, 802.16, 802.15.4, 802.15.1 and other similar wireless standards. The wireless sensor networks are built of the small sensor nodes built upon the microcontroller platforms such as PIC, 8051, ARM, AVR, etc. During the periods when the WSN nodes are in working condition, they need secure cryptographic keys for secure propagation of the sensitive information. Efficient key management and distribution scheme play an important role for the data security in WSNs. Existing cryptographic key management and distribution technique usually consume higher amount of energy and put larger computational overheads on Wireless sensor nodes. The cryptographic keys are used on different communication levels of WSN communications i.e. neighbour nodes, cluster heads and base stations. A successful corporate key administration and distribution policy is required to keep up the security of the remote sensor systems. The problems described in the base papers are related to the requirement of energy efficient key exchange policies for WSNs. So to overcome the above problem there is a need to design the model to solve the key-problem of energy efficient and secure key exchange scheme. The proposed model has been found improved after the in-depth result analysis over the given scenario.

Download Full-text

Key Management

10.1093/oso/9780198788003.003.0010 ◽

2017 ◽

Author(s):

Keith M. Martin

Keyword(s):

Key Management ◽

Hardware Security ◽

Key Generation ◽

Short Discussion ◽

Key Establishment ◽

Cryptographic Key ◽

Hardware Security Modules ◽

Key Derivation

This chapter provides an understanding of the fundamental principles behind key management. We consider the typical stages in the lifecycle of a cryptographic key and then review each of these stages in some detail. We discuss the choosing of key lengths and look at different techniques for key generation, including key derivation and generation from components. We then look at different techniques for key establishment, including the use of key hierarchies, key wrapping, and quantum key establishment. We then look at key storage and discuss the role of hardware security modules. We also consider key separation, key change, and key destruction, before closing with a short discussion on governance of key management.

Download Full-text