• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.1011-1014
• /
• 2005

In this paper, we propose a method that extracts an invariant biometric key in order to apply this biometric key to the crypto-biometric system. This system is a new authentication architecture which can improve the security of current cryptographic system and solve the problem of stored template protection in conventional biometric system, also. To use biometric information as a cryptographic key in crypto-biometric system, same key should be generated from the same person. However, it is difficult to obtain such an invariant biometric key because biometric data is sensitive to surrounding environments. The proposed method solves this problem by clustering Iris Codes obtained by using independent component analysis (ICA).

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.8
• /
• pp.2010-2026
• /
• 2013

The combination of biometrics and cryptography gains a lot of attention from both academic and industry community. The noisy biometric measurement makes traditional identity based cryptosystems unusable. Also the extraction of key from biometric information is difficult. In this paper, we propose an efficient biometric identity based signature scheme (Bio-IBS) that makes use of fuzzy extractor to generate the key from a biometric data of user. The component fuzzy extraction is based on error correction code. We also prove that the security of suggested scheme is reduced to computational Diffie-Hellman (CDH) assumption instead of other strong assumptions. Meanwhile, the comparison with existing schemes shows that efficiency of the system is enhanced.

• Smart Media Journal
• /
• v.6 no.2
• /
• pp.15-25
• /
• 2017

The security and privacy issues derived from unsecurely storing biometrics templates in biometric authentication/ recognition systems have opened a new research area about how to secure the stored biometric templates. Biometrics-based key generation is the newest approach that provides not only a mechanism to protect stored biometric templates in authentication/ recognition systems, but also a method to integrate biometric systems with cryptosystems. Therefore, this approach has attracted much attention from researchers worldwide. A review of current research state to summarize the achievements and remaining works is necessary for further works. In this study, we first outlined the requirements and the primary challenges when implementing these systems. We then summarize the proposed techniques and achievements in representative studies on biometrics-based key generation. From that, we give a discussion about the accomplishments and remaining works with the corresponding challenges in order to provide a direction for further researches in this area.

• Journal of Korea Multimedia Society
• /
• v.13 no.6
• /
• pp.875-883
• /
• 2010

In this paper, we present a secure biometric hashing scheme for face recognition by random fusion of global and local features. The Fourier-Mellin transform and Radon transform are adopted respectively to form specialized representation of global and local features, due to their invariance to geometric operations. The final biometric hash is securely generated by random weighting sum of both feature sets. A fourfold key is involved in our algorithm to ensure the security and privacy of biometric templates. The proposed biometric hash can be revocable and replaced by using a new key. Moreover, the attacker cannot obtain any information about the original biometric template without knowing the secret key. The experimental results confirm that our scheme has a satisfactory accuracy performance in terms of EER.

• Information and Communications Magazine
• /
• v.32 no.6
• /
• pp.39-49
• /
• 2015

In cryptographic applications, the key protection is either knowledge-based (passwords) or possession-based (tamper-proof device). Unfortunately, both approaches are easily forgotten or stolen, thus introducing various key management issues. By incorporating biometrics technologies which utilize the uniqueness of personal characteristics, the security of cryptosystems could be strengthened as authentication now requires the presence of the user. Biometric Cryptosystem (BC) encompasses the design of cryptographic keys protection methods by incorporating biometrics. BC involves either key-biometrics binding or direct key generation from biometrics. However, the wide acceptance and deployment of BC solutions are constrained by the fuzziness related with biometric data. Hence, error correction codes (ECCs) should be adopted to ensure that fuzziness of biometric data can be alleviated. In this overview paper, we present such ECC solutions used in various BCs. We also delineate on the important facts to be considered when choosing appropriate ECCs for a particular biometric based solution from accuracy performance and security perspectives.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.69-79
• /
• 2016

Biometric authentication is considered as being an efficient authentication method, since a user is not required to possess or memorize any other information other than biometrics. However, since biometric information is sensitive and could be permanently unavailable in case of revealing that information just once, it is essential to preserve privacy of biometrics. In addition, since noise is inherent in the user of biometric recognition technologies, the biometric authentication needs to handle the noise. Recently, biometric authentication protocols using fuzzy extractor have been actively researched, but the fuzzy extractor-based authentication has a problem that a user should memorize an additional information, called helper data, to deal with their noisy biometric information. In this paper, we propose a novel biometric authentication protocol using Hidden Vector Key Encapsulation Mechanism(HV-KEM) which is one of functional encryption schemes. A primary advantage of our protocol is that a user does not need to possess or memorize any additional information. We propose security requirements of HV-KEM necessary for constructing biometric authentication protocols, and analyze our proposed protocol in terms of correctness, security, and efficiency.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.7
• /
• pp.2919-2937
• /
• 2020

Post-Quantum Cryptography (PQC) is rapidly developing as a stable and reliable quantum-resistant form of cryptography, throughout the industry. Similarly to existing cryptography, however, it does not prevent a third-party from using the secret key when third party obtains the secret key by deception, unauthorized sharing, or unauthorized proxying. The most effective alternative to preventing such illegal use is the utilization of biometrics during the generation of the secret key. In this paper, we propose a biometric-based secret key generation scheme for multivariate quadratic signature schemes, such as Rainbow. This prevents the secret key from being used by an unauthorized third party through biometric recognition. It also generates a shorter secret key by applying Principal Component Analysis (PCA)-based Confidence Interval Analysis (CIA) as a feature extraction method. This scheme's optimized implementation performed well at high speeds.

• Journal of the Korea Society of Computer and Information
• /
• v.28 no.3
• /
• pp.59-65
• /
• 2023

As research on blockchain applications in various fields is actively increasing, management of private keys that prove users of blockchain has become important. If you lose your private key, you lose all your data. In order to solve this problem, previously, blockchain wallets, private key recovery using partial information, and private key recovery through distributed storage have been proposed. In this paper, we propose a safe private key backup and recovery method using Shamir's Secrete Sharing (SSS) scheme and biometric information, and evaluate its safety. In this paper, we propose a safe private key backup and recovery method using Shamir's Secrete Sharing (SSS) scheme and biometric information, and evaluate its safety against robustness during message exchange, replay attack, man-in-the-middle attack and forgery and tampering attack.

• Journal of Multimedia Information System
• /
• v.3 no.2
• /
• pp.13-20
• /
• 2016

Biometric authentication for account-based mobile payment continues to gain attention because of improvements on sensors that can collect biometric information. We propose an enhanced method for mobile payment security based on biometric authentication. In this mobile payment system, the communication between the user and the relying party is based on public key infrastructure. This method secures both the key and the biometric template in the user side using fuzzy vault biometric cryptosystems, which is based on non-random chaff point generator. In this paper, we consider an important process for the common fuzzy vault system, that is, the feature extraction method. We evaluate various feature extraction methods to enhance the accurate performance of the system.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.2
• /
• pp.347-355
• /
• 2012

A biometric hardware security module is a physical device that comes in the form of smartcard or some other USB type security token is composed with biometric sensor and microcontroller unit (MCU). These modules are designed to process key generation and electronic signature generation inside of the device (so that the security token can safely save and store confidential information, like the electronic signature generation key and the biometric sensing information). However, the existing model is not consistent that can be caused by the disclosure of an ID and password, which is used by the existing personal authentication technique based on the security token, and provide a high level of security and personal authentication techniques that can prevent any intentional misuse of a digital certificate. So, this paper presents a model that can provide high level of security by utilizing the biometric security token and Public Key Infrastructure efficiently, presenting a model for privacy preserving personal authentication that links the biometric security token and the digital certificate.