Biometrics
advertisement
Biometric Security Pieter.Hartel@utwente.nl Problem People use weak passwords People write the pin code on their bank card Biometrics cannot be “forgotten” and you do not have to “think of it” 2 IIS Personal Identification Associating an individual with an identity: Something you have » Token, smart card Something you know » Password, pin Something you are: » Physiological » Behavioural 3 IIS Forms of Identification Authentication (aka Verification) » Am I who a claim to be? Recognition (aka Identification) » Who am I? » Harder than Authentication (why?) 4 IIS Physiological or Behavioural? [Jai00] A. K. Jain, L. Hong, and S. Pankanti. Biometric identification. Commun. ACM, 43(2):9098, Feb 2000. http://doi.acm.org/10.1145/328236.328110 5 IIS Sample Application Areas Forensic Civilian Commercial Criminal investigation National ID ATM (India), POS (AH) Corpse identification Driver's license Credit card (Oklahoma) Parenthood determination 6 IIS Welfare disbursement (Singapore) Laptop login Verification Verification is easier than identification… 7 IIS Two examples Hand geometry Fingerprint 8 IIS Hand Geometry (Hand Key) 9 IIS Measure your Right hand 10 IIS FBI classification Arch Whorl Loop What is your right hand index finger? 11 IIS Accidental Fingerprint matching Ridge thinning & extraction Minutiae (bifurcation, end point) detection Ridge based alignment & overlaying 12 IIS Desired Characteristics Biometric » Universal » Unique » Permanent » Collectable Watch this video System » Performance » Acceptability » Circumvention [Put00] T. van der Putte and J. Keuning. Biometrical fingerprint recognition: Don't get your fingers burned. In 4th Int. IFIP wg 8.8 Conf. Smart card research and advanced application (CARDIS), pages 289-303, Bristol, UK, Sep 2000. Kluwer Academic Publishers, Boston, Massachusetts. http://www.keuning.com/biometry/Biometrical_Fingerprint_Recognition.pdf 13 IIS Some Comparisons Biometrics Univer -sality Uniqueness Permanence Collectability Performance Acceptability Circumvention Face high low med. high low high low Finger med. high high med. high med. high Hand Geometry med. med. med. high med. med. med. Iris high high high med. high low high Signature low low low high low high low Voice Print med. low low med. low high low print 14 IIS Biometrics is not perfect High False Accept rate is bad for high security applications -- dangerous High False Reject rate is bad for high usability applications -- annoying accept reject 15 Alice is recognised as Alice true Bob is recognised as Alice false Alice is not recognised as Alice false Bob is not recognised as Alice true IIS Low False Accept Rate High Receiver Operating Characteristics 16 IIS Low False Reject Rate High Security Attacks How many templates do you have? 18 IIS Template protection Requirements » Diversity (no cross matching of data bases for privacy) » Revocability (easy to replace template) » Security (hard to obtain the original) » Performance (matching must be robust) Why does encryption not work? Two examples » Non-invertible transforms » Fuzzy commitment [Jai08] A. K. Jain, K. Nandakumar, and A. Nagar. Biometric template security. EURASIP Journal on Advances in Signal Processing, 2008:579416, 2008. http://dx.doi.org/10.1155/2008/579416 19 IIS Non invertible transform “crumple” User specific transformation (revocability) Locally smooth translation outside mather tolerance (performance) Globally non smooth (security) [Rat06] N. Ratha, J. Connell, R. M. Bolle, and S. Chikkerur. Cancelable biometrics: A case study in fingerprints. In 18th Int. Conf. on Pattern Recognition (ICPR), volume 4, pages 370-373, Honkong, IIS China, Aug 2006. IEEE Computer Society. http://dx.doi.org/10.1109/ICPR.2006.353 20 Fuzzy commitment Verification » Measure : x’ » Compute: c’ = decode (x’- δ) » Match if h(c’) = h(c) 300 200 The commitment is » Hash code word for security : h(c) » Leave distance in clear for fuzziness : δ c c’? 100 Idea » Use biometric template : x » As a corrupted code word : c = x-δ Example x x’ 100 200 [Jue99a] A. Juels and M. Wattenberg. A fuzzy commitment scheme. In 6th ACM conf. on Computer and communications security (CCS), pages 28-36, Kent Ridge Digital Labs, Singapore, 1999. ACM. http://doi.acm.org/10.1145/319709.319714 IIS 21 Template protection application [Buh07] I. R. Buhan, J. M. Doumen, P. H. Hartel, and R. N. J. Veldhuis. Secure ad-hoc pairing with biometrics: SAfE. In 1st Int. Workshop on Security for Spontaneous Interaction (Ubicomp 2007 Workshop Proceedings), pages 450-456, Innsbruck, Austria, Sep 2007. http://www.comp.lancs.ac.uk/iwssi2007/papers/iwssi2007-02.pdf Secure ad-hoc pairing Suppose two people meet » Who have never met before » There is no TTP and/or they are not online » They are not technical » They would like to exchange data » Concerned about eavesdropper How to do this? » Biometrics » Shielding function as fuzzy extractor » Protocol with novel “related key attack” 23 IIS Idea: Take each other’s photo ma=0110... Enrollment wa mb=1101... wb radio mb=decode( ,wb ) Alice has ma,mb 24 IIS Verification ma=decode( , wa) Bob has ma,mb Coping with noise Problem: » Alice gets m’b close to mb but not the same » The same for Bob... Solution: » During enrollment calculate error profiles » Cryptanalysis using those profiles to recover the correct key » More work for eavesdropper 25 IIS Usability Compare Pin to SAFE 30 subjects: questionnaire + interview Mainly CS Results 29 IIS Conclusions Identification or verification Complements password and token Systems getting affordable Biggest problems: » Performance » Public acceptance Biometrics is fun 30 IIS
