Proposal Design: Fingerprint Random Number Generators
advertisement
The 13th International Arab Conference on Information Technology ACITˈ2012 Dec.10-13
1812-0857: ISSN
Proposal Design: Fingerprint Random Number
Generators
Hanaa M. A. Salman
Computer Science Department, University of Technology, Iraq
Abstract: The essence of each technique and transfer of data security, such as encryption, digital signature and protocols is a
random number generator (RNG). In this paper we offer the design of fingerprint random number generator (FPRNG) which
produces non repeated, endless random number. The location of minute points on the fingerprint image is used as a seed for
RNG were carried out using residue classes and the complete system of reside classes module n as mathematical model. The
random number generated using generator is tested via the statistical test set for random and pseudorandom number
generators of NIST. Test results show that the random number generated by this FPPRNG has perfect randomness, which
opens the possibility of new design technique.
Keywords: Random Number Generator; FPPRNG; Randomness Testing; Fingerprint; Reside Classes, Complete System.
Received May 4, 2012; accepted September 13, 2012
1. Introduction
Random number is core in a cryptographic system.
Approximately all cryptographic algorithm and
protocol are constructed on a need for high quality
random number. This could be of great practical
importance for generating the "session key" in the SSL,
SSH, PGP or SET computer communication protocols.
It would reduce also the security concerns that arise
when one uses software random generators based on
the system clock, the content of the input/output
buffers, etc. because of their weakness against
intruder's attacks [1].
There are two kinds of RNG: TRNG and PRNG. A
TRNG will never produce repeated random number and
is always obtained from a physical quantity or physical
random information. The PRNG is developed from a
defined algorithm, in which a sequence of m characters
is the seed as an input and a pseudo random sequence
of n characters is the result, with 𝑛 ≥ 𝑚 and is to
produce recurrent sequences as long as the seed and
algorithm is defined. Although the true TRNG can
produce high quality random number, its efficiency is
low thus is seldom used in information security system
[2].
Biometrics are inherently variable, [3] it is extremely
rare, if not impossible, to obtain two identical samples
from two separate biometric measurements for the
same user. While the observed features, such as the
image of an iris, a fingerprint, or hand geometry, rarely
change between two measurements, the measurement
process itself is prone to errors. These can originate
from the surrounding environment, the measurement
device (e.g., a camera) or the user himself. The user
may, for example, apply different fingerprint or hand
516
pressure, or blink when capturing an image of his iris;
the electronic nature of measurement devices may
introduce noise into the captured biometric sample;
finally, different environmental conditions such as
temperature or light conditions may affect the
measurement process.
In [1] propose the use of biometric data to explore
the randomness of biometric data in order to use them
(after codification in integer or bit format) as seeds for
PRNG or, directly, as random number sequences.
In [2], a true random number generator based on the
data of fingerprint (FPTRNG) is designed, from the
fact that middle grayscale pixels of fingerprint image
have large random information. The FPTRNG extracts
random information from fingerprint image. It is a true
random number generator and is able to produce high
quality random number. Its efficiency is high. As the
fingerprint image always has large information and the
random number generated from it is dedicated to using
in fingerprint authentication system, it meets the
system requirement for random number.
In [3], present and evaluate the idea of using
variability in captured samples could be potentially
used to obtain truly random bit sequences, which
could be used as a seed for PRNG, or as a random
number by itself. The proposed method uses
fingerprints as the measured biometric and aims to
provide a readily available means of generating
random numbers on mobile devices equipped with
fingerprint readers.
In [4], present and evaluate the idea to use physical,
biometric data to generate strong random numbers, by
investigates how to combine biometric feature
extraction and random number generation, how to
generate the random numbers and how to verify
claimed randomness properties. Simulation results are
presented. Their idea present that, independent from the
biometric modality, the only requirement of the
proposed solution is feature vectors of fixed length and
structure. Each element of such a feature vector is
analysed for its reliability, only unreliable positions,
which cannot be reproduced coherently from one
source, are extracted as bits to form the final random bit
sequences. Optionally a strong hash-based random
extraction can be used. The practicability presents
testing vascular patterns against the NISTrecommended test suite for random number generators.
In this paper, a random number generator based on
the feature vector of fingerprint combined with residues
classes is designed, which extracts the pixel value that
correspond to the local fingerprint feature vector as a
seed for the mathematical structure represented by the
corresponding residue classes and the selected complete
system each time as a result to generate random number
in an endless non repeated sequence. The efficiency of
the proposal design is high due mainly to the results of
the statistical testes of randomness.
The rest of the paper is organized as follows: first,
the background is described followed by the design
implementation. Second, a random ability test is
implemented for the random number generated using
an example. Finally, we make a conclusion in our work.
Example: Let n = 9. Then the eight residue classes,
modulo 9, are as follows:
[0]9 =
[1]9 =
[2]9 =
[3]9 =
[4]9 =
[5]8 =
[6]9 =
[7]9 =
[8]9 =
{⋯ , −18 , −9 , 0 ,9 ,18 , … }
{⋯ , −17 , −8 ,1,10 ,19 , … }
{⋯ , −16 , −7,2,11 ,20 , … }
{⋯ , −15, −6,3,12 ,21 , … }
{⋯ , −14, −5 ,4, 13, 22, … }
{⋯ , −13 , −4 ,5, 14,23 , … }
{⋯ , −12, −3 ,6,15 ,24 , … }
{⋯ , −11 , −2 ,7,16 ,25 , … }
{⋯ , −10 , −1 ,8, 17,26 , … }
The complete system set is depicted bellow, which
its element is selected randomly from the
corresponding residue classes:
{-18, 10,-7, 21, 4,-12, 7, 26}
Algorithm: Complete system of residue classes model n
Input: n
Output: complete system
Process:
Step 1: find the residue classes using n
Step 2: randomly select one element from residue
classes
Step 3: End
2.2 Fingerprint Principals
The surface of the finger formed so-called a
fingerprint, which is a set of associated curves
represents ridges (dark curves) and valleys (bright
curves), as depicted in Figure (1).
2. Background
2.1 Theory of Congruencies [5]:
Definition: Let a and b be integers and n a positive
integer. We say that "a
is congruent to
b modulo n", denoted by:
a ≡ b (mod n),….………….. (1)
If n is a divisor of a − b.
Definition: If x ≡ a (mod n)then a, is called a
residue of x modulo n. The residue class
of, a modulo ndenoted by[a]n ,is the set of all
those integers that are congruent to a modulo n.
[a]n ={x ∶ x ∈ Z and x ≡ a(mod)n },…. (2)
Definition: Let n be a positive integer. A set of
integers a1 , a2 …an is called a complete system of
residues modulo n, if the set contains exactly one
element from each residue class modulo n.
517
Figure 1. Fingerprint image [6]
The points on the finger surface where the ridges
end or bifurcate formed so-called the Minutiae, as
depicted in Figure (2), which is the most common and
distinctive representation of a fingerprint local feature
for each individual.
(a) Ending
(b) Bifurcation
Figure 2 (a-b). The Ridge [6]
2.2.1 Minutiae Model
The actual minutiae mining are divided into three main
steps: Pre-Processing, Minutiae extraction, and PostProcessing [6]. The algorithm is depicted bellow.
Algorithm: Minutiae point extraction
Input: Fingerprint Image
Output: Actual minutiae
Process:
Step1: Input Fingerprint Image
Step 2: Segmented Image along with the orientation
field
Step 3: Normalized Image
Step 4: Gradient along x – direction
Step 5: Gradient along y – direction
Step 6: Enhanced Image after Gabor Filtering
Step 7: Binary Output
Step 8: Thinned Binary Output
Step 9: Thinned Binary along with all the minutiae
Step 10: Minutiae obtained after deleting spurious
minutiae at the borders
Step 11: Final extracted Minutiae after applying the
windowing technique
Step 12: End.
An example of the Images obtained in each step carried
out [6], followed by the result of actual minute as
depicted in Table (1).
Input: Fingerprint Image
Output: Actual minutiae:
Step4.
Figure 6. Gradient along x – direction
Step5.
Figure 7. Gradient along y – direction
Step6.
Figure 8. Enhanced Image after Gabor Filtering
Process:
Step7.
Figure 9. Binary Output
Step1.
Figure 3. Original Fingerprint Image
Step8.
Figure 10. Thinned Binary Output
Step2.
Figure 4. Segmented Image along with the orientation field
Step9.
Figure 11. Thinned Binary along with all the minutiae
Step3.
Figure 5. Normalized Image
518
Competition 2004), is used as a source to the input
fingerprint image, so no acquisition stage is used. The
major steps involved in each phase are in the
following sub section, followed by an example
Step10.
Figure 12. Minutiae obtained after deleting spurious minutiae at the
borders
Step11.
Figure 13. Final extracted Minutiae after applying the windowing
technique
Example:
Input: fingerprint image
Output: Random number sequence
Process:
Step 1: Input the grayscale fingerprint image
Step 12: End.
Table (1): Actual Minutiae
X position
112.0000
208.0000
50.0000
177.0000
39.0000
157.0000
Y position
77.0000
34.0000
54.0000
73.0000
55.0000
239.0000
Algorithm: The proposal design of FPPRNG
Input: fingerprint image
Output: Random number sequence
Process
Step 1: Input the grayscale fingerprint image
Step 2: Apply minute feature vector extraction
Step 3: Find pixel value of minute feature vector over
the fingerprint image (seed)
Step 4: Find the corresponding residue classes mod
(maximum pixel value +one)
Step 5: Each time extract a complete system as result
key
Step 6: End.
Orientation
3.1416
-1.3191
0.1326
2.4585
0.0286
-2.3816
3. Proposal Design
The general framework of the biometric based random
number generators is composed of two phases as
depicted in Figure (14). The input to the biometric
phase is the sensed image, and the output is the
biometric feature vector, while the input to the key
generation phase is the biometric feature vector, and the
output is the bio-cryptographic key.
Sensed Image
Biometric Phase
Mathematical
Model
Figure 14. Grayscale Fingerprint Image
Step 2: Apply minute feature vector extraction
Table (2): Minute feature vector
x
146
114
52
126
169
96
79
178
77
160
90
119
y
13
98
105
115
136
137
145
149
153
159
167
174
Angle1
2.3562
0
-2.3562
-2.3562
-2.3562
0
2.6180
-2.6180
-2.6180
0
2.3562
2.3562
Angel2
0
0
1.5708
1.5708
2.0944
0
-1.0472
1.5708
2.0944
0
-2.3562
-2.0944
Angle3
0
-0.7854
-1.0472
-0.7854
0
0.5236
-0.7854
0
0
0.5236
0
0
Step 3: Find pixel value of minute feature vector over
the fingerprint image (seed)
Random Numbers
Table (3): pixel value of minute feature vector
Figure 14. Bio-cryptographic key generation
We have extracted pixels value that corresponds to the
minutiae points from the offline fingerprint and them as
a seed for the mathematical model. The mathematical
model consist of selected reside classes model n, and
the randomly selected of complete system each instance
of time to n generate random numbers. The database
provided by FVC2004 (Fingerprint Verification
519
x
146
114
52
126
169
96
79
178
77
160
90
119
y
13
98
105
115
136
137
145
149
153
159
167
174
Angle1
2.3562
0
-2.3562
-2.3562
-2.3562
0
2.6180
-2.6180
-2.6180
0
2.3562
2.3562
Angel2
0
0
1.5708
1.5708
2.0944
0
-1.0472
1.5708
2.0944
0
-2.3562
-2.0944
Angle3
0
-0.7854
-1.0472
-0.7854
0
0.5236
-0.7854
0
0
0.5236
0
0
Pixel value
47
185
23
46
18
178
48
50
6
163
68
151
Step 4: Find the corresponding residue classes mod
(maximum pixel value +one)
Table (4): corresponding residue classes
5
Pixel
value
Correspond classes
47
[47]186
=
{
…
,
139
,
47
,
419
,
…
}
185
[185]186
=
{
…
,
-1
,
185
,
557
,
…
}
23
[23]186
=
{
…
,
,
23
,
395
,
…
}
46
[46]186
=
{
…
,
,
46
,
418
,
…
}
18
[18]186
=
{
…
,
,
18
,
390
,
…
}
178
[178]186
=
{
…
,
,
178
,
550
,
…
}
48
[48]186
=
{
…
,
,
48
,
420
,
…
}
50
[50]186
=
{
…
,
,
50
,
422
,
…
}
6
[6]186
=
{
…
,
,
6
,
378
,
…
}
163
[163]186
=
{
…
,
-23
,
163
,
535
,
…
}
,
68
,
440
,
…
}
,
151
,
523
,
…
}
163
140
168
-8
138
136
180
68
[68]186
=
{
…
,
118
151
[151]186
=
{
…
,
-35
Step 5: Each time extract a complete system as result
key
Table (5): complete system
Correspond
classes
Complete system
[47]186
[185]186
[23]186
[46]186
[18]186
[178]186
[48]186
[50]186
[6]186
[163]186
[68]186
[151]186
47
-1
395
46
390
178
48
-136
6
163
440
-221
AUTOCORRELSTION
TEST
Shift No.1>--> Pass value 0.000
Shift No.2>--> Pass value 0.062
Shift No.3>--> Pass value 0.000
Shift No.4>--> Pass value 0.921
Shift No.5>--> Pass value 0.218
Shift No.6>--> Pass value 0.103
Shift No.7>--> Pass value 0.643
Shift No.8>--> Pass value 0.283
Shift No.9>--> Pass value 0.501
Shift No.10>--> Pass value 0.150 With freedom
degree "1"must be ≤ 3.84
7. Conclusion
Security of a cryptographic system depends much on
the randomness of random number used in the system.
In this paper we offer fingerprint feature vector as a
seed for RNG were carried out using residue classes as
a new method for RNG.
The random number generated by the generator is
tested using the statistical test suite for random and
pseudorandom number generators of NIST as depicted
in table (6), and it found to be suitable as a proposed
method for RNG.
The strength of the proposed design for fingerprint
based random number generators depends mainly on:
1. Randomness provided by the input fingerprint
seed due to the biometrics themselves
2. Randomness provided by the mathematical model
due to the randomly selected of complete system
of reside classes model n.
3. The endless random number due to the endless
elements that cornpones to each residue class.
Acknowledgements
I would like to thank the International Arab Conference
on Information Technology, and CCIS, Zarqa
University, Jordan for supporting this publication.
Step 6: End.
4. Testing
References
The randomness test of (arbitrarily long) binary
sequences produced by proposed method based
cryptographic random or pseudorandom number
generators is depicting in Table (6), we can conclude
that the random number generated by FPPRNG has
good randomness.
[1]
J. Szczepanski, E. Wajnryb, J. M.
Amigo, M. V. Sanchez-Vives, M. Slater,
Biometric
Random
Number
Generators,
Computers & Security, 23/1, pp. 77-84,
(2004)
Table (6): Randomness Test
1 FREQUENCY TEST
Pass with value 1.054 must be ≤3.84
2 RUN TEST
Pass with value T0 = 2.649must be ≤5.702
Pass with value T1 =2.889must be ≤ 7.531
3 POKER TEST
Pass with value 5.33 must be ≤11.1
4 SERIAL TEST
Pass value 0.833 with freedom degree "3 "must be ≤
7.81
[2]
Liu Ying, Wang Shu, Yue Jing, Liang
Xiao, "Design of a Random Number
Generator from Fingerprint," iccis, pp.278280,
2010
International
Conference
on
Computational
and
Information
Sciences,
2010
[3]
Shkodran Gerguri, Biometrics Used for
Random
Number
Generation,
Masaryk
University Faculty of Informatics, Brno,
Spring 2008
520
[4]
D. Hartung, K. Wold, K. Graffi, and S.
Petrovic.
Towards
a
Biometric
Random
Number Generator A General Approach For
True Random Extraction From Biometric
Samples. In BIOSIG, 2011.
[5]
Song Y. Yan, "Number Theory
Computing", Second Edition, Springer, 2002
for
[6]
K. Hassanain ,M. Shaarawy, E. Hesham ,"
A Proposal for a Biometric Key Dependent
Cryptosystem", Global Journal of Computer
Science and Technology; Vol 10, No 11
(2010).
[7]
K.P. Mani Annand, Asst. Professor,
S.
Hari
Krishna
Prabu,
"BLIND
AUTHENTICATION
:CRYPTO-BIOMETRIC
VERIFICATION PROTOCOL ", Proceedings
of the International Conference “Embedded
Electronics and Computing
Systems(EECS)”
29-30 July, 2011 by
S K R
engineering
COLLEGE,CHENNAI-600123
Associate Prof. Dr. Hanaa
M. A. Salman awarded her
MSc and her PhD from
University of technology
Iraq
in
2002,
2006
respectively. Currently she
is a senior lecturer in
computer science and a
member of the scientific
Committee and Promotion
Committee in the Department of Computer
Science. Dr. Hanaa has more than 15 years of
experience and she supervise of graduate students
and preliminary,her research interests include
Cryptography, Computer Security, Biometrics,
image processing, and Computer graphics.
521
