An Electronic Contract Signing Protocol Using Fingerprint Biometrics

Fair exchange between a pair of parties can be defined as the fundamental concept of trade where none of the parties involved in the exchange have an unfair advantage over the other once the transaction completes. Fair exchange protocols are a group of protocols that provide means for accomplishing such fair exchanges. In this chapter we analyze one such protocol which offers means for fair contract signing, where two parties exchange their commitments over a pre-negotiated contract. We show that this protocol is not entirely fair and illustrate the possibilities of one party cheating by obtaining the other’s commitment and not providing theirs. We also analyze a revised version of this protocol which offers better fairness by handling many of the weaknesses. Both these protocols however fail to handle the possibilities of replay attacks where an intruder replays messages sent earlier from one party to the other. Our proposed protocol improves upon these protocols by addressing to the weaknesses which leads to such replay attacks. We implement a complete working system which provides fair contract signing along with properties like user authentication and efficient password management achieved by using a fingerprint based authentication system and features like confidentiality, data-integrity and non-repudiation accomplished through implementation of cryptographic algorithms based on elliptic curves.

Download Full-text

Fair Electronic Exchange Based on Fingerprint Biometrics

International Journal of Information Security and Privacy ◽

10.4018/jisp.2009100705 ◽

2009 ◽

Vol 3 (3) ◽

pp. 76-106 ◽

Cited By ~ 5

Author(s):

Harkeerat Bedi ◽

Li Yang

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

User Authentication ◽

Software Implementation ◽

The Other ◽

Fair Exchange ◽

Replay Attack ◽

Fingerprint Biometrics ◽

Authentication System ◽

Contract Signing

Fair exchange between two parties can be defined as an instance of exchange such that either both parties obtain what they expected or neither one does. Protocols that facilitate such transactions are known as “fair exchange protocols”. We analyze one such protocol by Micali that demonstrates fair contract signing, where two parties exchange their commitments over an already negotiated contract. In this journal we show that Micali’s protocol is not completely fair and demonstrate the possibilities for one party cheating by obtaining the other party’s commitment and not offer theirs. A revised version of this protocol by Bao provides superior fairness by handling the above mentioned weakness but fails to handle the possibility of a replay attack. Our proposed protocol improves upon Bao’s protocol by addressing the weakness that leads to a replay attack. We also demonstrate a software implementation of our system which provides fair contract signing along with properties like user authentication achieved through the use of a fingerprint based authentication system and features like confidentiality, data-integrity and non-repudiation through implementation of hybrid cryptography and digital signatures algorithms based on Elliptic Curve Cryptography.

Download Full-text

A Resilient Fair Electronic Contract Signing Protocol

Security and Privacy Assurance in Advancing Technologies ◽

10.4018/978-1-60960-200-0.ch017 ◽

2011 ◽

pp. 271-294

Author(s):

Harkeerat Bedi ◽

Li Yang

Keyword(s):

Elliptic Curves ◽

Recent Work ◽

Digital Signature ◽

The Other ◽

Prior Work ◽

Fair Exchange ◽

Replay Attack ◽

Work Related ◽

Electronic Contract ◽

Contract Signing

Fair exchange between parties can be defined as an instance of exchange such that either all parties involved in the exchange obtain what they expected or neither one does. The authors examine a protocol by Micali that provides fair contract signing, where two parties exchange their commitments over a pre-negotiated contract in a fair manner. They show that Micali’s protocol is not entirely fair and demonstrate the possibilities for one party cheating the other by obtaining the other party’s commitment and not offering theirs. A revised version of this protocol by Bao which provides superior fairness by handling some of the weaknesses is also discussed. However, both these protocols fail to handle the possibilities of a replay attack. Their prior work improves upon these protocols by addressing the weakness that leads to a replay attack. This journal extends their prior work on fair electronic exchange by handling a type of attack which was not handled earlier and provides a brief survey of the recent work related to the field of fair electronic exchange. They also discuss the application of cryptography to our protocol which includes implementation of hybrid cryptography and digital signature algorithms based on elliptic curves to achieve features like confidentiality, data-integrity and non-repudiation.

Download Full-text

Motor Imagery Based Multimodal Biometric User Authentication System Using EEG

2020 International Conference on Cyberworlds (CW) ◽

10.1109/cw49994.2020.00050 ◽

2020 ◽

Author(s):

Akshay Valsaraj ◽

Ithihas Madala ◽

Nikhil Garg ◽

Mohit Patil ◽

Veeky Baths

Keyword(s):

Motor Imagery ◽

User Authentication ◽

Authentication System

Download Full-text

Voice In Ear

Proceedings of the ACM on Interactive Mobile Wearable and Ubiquitous Technologies ◽

10.1145/3448113 ◽

2021 ◽

Vol 5 (1) ◽

pp. 1-25

Author(s):

Yang Gao ◽

Yincheng Jin ◽

Jagmohan Chauhan ◽

Seokmin Choi ◽

Jiyang Li ◽

...

Keyword(s):

User Authentication ◽

Low Cost ◽

The Body ◽

Ear Canal ◽

Replay Attacks ◽

Increasing Demand ◽

The Right ◽

Sound Conduction ◽

Enrollment Data ◽

Secure Authentication

With the rapid growth of wearable computing and increasing demand for mobile authentication scenarios, voiceprint-based authentication has become one of the prevalent technologies and has already presented tremendous potentials to the public. However, it is vulnerable to voice spoofing attacks (e.g., replay attacks and synthetic voice attacks). To address this threat, we propose a new biometric authentication approach, named EarPrint, which aims to extend voiceprint and build a hidden and secure user authentication scheme on earphones. EarPrint builds on the speaking-induced body sound transmission from the throat to the ear canal, i.e., different users will have different body sound conduction patterns on both sides of ears. As the first exploratory study, extensive experiments on 23 subjects show the EarPrint is robust against ambient noises and body motions. EarPrint achieves an Equal Error Rate (EER) of 3.64% with 75 seconds enrollment data. We also evaluate the resilience of EarPrint against replay attacks. A major contribution of EarPrint is that it leverages two-level uniqueness, including the body sound conduction from the throat to the ear canal and the body asymmetry between the left and the right ears, taking advantage of earphones' paring form-factor. Compared with other mobile and wearable biometric modalities, EarPrint is a low-cost, accurate, and secure authentication solution for earphone users.

Download Full-text