An Improved Approach to Secure Authentication and Signing
David Argles, Alex Pease and Robert John Walters
University of Southampton,
Southampton, UK
{da,ap1803,rjw1}@ecs.soton.ac.uk
Abstract
We know how to build secure systems but for security
measures to be truly effective it is necessary to use keys which
are far too large for people to commit to memory. The
consequence is that people avoid using security measures or
they resort to recording their key information somewhere
which they find convenient to access. If any kind of barrier to
unauthorised access to this store is used, it is invariably a
username and short password or PIN combination. This
compromises the effectiveness of primary schemes by
presenting an intruder with a weak point to attack.
This paper describes a hybrid scheme incorporating an
electronic token and biometric verification. The scheme
eliminates the need to rely on the user’s memory so it can use
keys which are long enough to be effective, yet it is also quick
and convenient in use and could be adopted anywhere that
presently uses username-password arrangements.
1. Introduction
The effectiveness of any security scheme (encryption, signing,
access control) depends on the length of the keys which are
used. Advances in techniques and widespread availability of
powerful computers means that today these keys must be
considerably longer than people are able or willing to commit
to memory. The result is that many security systems use keys
which are too short to be effective because users have to be
capable and willing to memorise them. Where the keys used
are big enough to be effective, users resort to recording this
vital information because they can’t remember it.
Unfortunately the methods they use are rarely secure and
present ideal opportunities for intruders to attack.
We
need
an
alternative
to
the
ubiquitous
username-password style of access control which will permit
the adoption of much larger encryption keys without imposing
excessive load on the users. There are number of possibilities
but none in isolation provides a satisfactory solution. We
describe a composite system which uses a combination of a
biometric and an electronic token to provide a system which
avoids the problems of using either alone and is much more
secure that a typical username-password system.
The
approach is easy to implement, non-intrusive and uses cheap
and widely available technologies. It could be implemented
on a wide scale basis to improve the security of web-based
transactions such as e-Banking and e-Commerce.
2. Weaknesses of Current approaches
How to build secure systems and applications is well
understood and documented. For example, Triple DES, RSA
or Blowfish can be highly effective for secure communication
[5]. However, none of these schemes is effective unless the
keys used are long enough. As computers and computing
techniques have progressed the keys used have needed to grow
to the point where 128bit numbers are common. Such
numbers are far beyond what people could reasonably be
expected to commit to memory so they are often stored in a
repository. Access to this repository is typically controlled by
another means of user authentication, and this is where the
problem lies: despite significant developments in alternative
systems, the username-password approach to authentication
remains widely used [2]. The same applies to access control
whether it be for gaining access to a particular item of
equipment such as a computer workstation or a secure system
such as online trading or banking. The control mechanism is
invariably some variation of username-password.
Unfortunately the protection offered by name-password
systems is generally very poor, especially when compared with
the systems they seek to protect. The root of the problem is
that the main discriminant in the selection of the size of the
password(s) is what the users will accept rather than what is
necessary to achieve an acceptable level of security. In
practice, users insist on very short, and hence weak,
passwords. The problem is exacerbated by widespread abuse
of the systems by users who select passwords which are easily
guessed, write down and share passwords [1]. Despite the
known weaknesses, few users change their passwords until
they are know to have been compromised [4] – when it is
already too late. The PIN system being widely adopted for
credit card authorisations is a good example but the same
applies for all kinds of secure access arrangements, including
online banking and other secure services. In the case of credit
cards, the PIN is a four digit number so there are at most
10,000 possibilities and now that card holders are able to self
select their PIN, it is likely that a few hundreds of numbers
account for the huge majority of PINs in use.
To address this issue, we need to break the link between
the size of the key and the ability of users to remember: we
need a form of user identification and authentication which
doesn’t rely on the user’s memory. One possibility is
electronic tokens. These can be stored on removable media
such as a smart cards (or USB “pendrives”) [11] and operate
just like everyday physical keys. Authentication is achieved
by the user being able to produce the necessary token. This
technique imposes a physical barrier to intruders: access is
denied unless the user can produce the token. The user doesn’t
need to remember anything and the level of security available
is determined by the nature of the token. Making such a
system more secure requires more sophisticated tokens and
(software) locks but has no impact on the user. However it has
weaknesses of its own. Notably, nothing links the user to their
token so an intruder who is able to steal a token (i.e., the media
on which it is stored) is immediately afforded the same level of
access as the rightful user of the key. Unfortunately, it is a
feature of human users that they do lose such tokens from time
to time in the same way that they lose other keys and valuable
items.
We are all unique so another alternative to the
user-password system is biometrics. A biometric is a measure
of any of the many features which can be used to identify a
person. Well known examples include finger prints and iris
recognition but there are many others and there are established
criteria by which biological measurements qualify as a
biometric [8]. Systems which use biometrics operate in two
phases. First, the distinguishing features of a user’s biometric
are extracted and a template created. Then, or verification, the
biometric data is captured again and compared with one or
more stored templates to find a match [6]. It has been
suggested that a user’s key could be derived from a biometric
[3].
Using biometrics has many attractions and they enjoy
advantages which arise from the fact that they are a feature of
who we are, not what we know or what we have in our
possession. They are difficult to forge, there is nothing for the
user to remember and there is no simple way to borrow or steal
a biometric. However, they have weaknesses too. The
extraction of biometric data using commonly available systems
is not exact. As a result, if a user’s key were derived from
their biometric data it is unlikely the user would be able to
recreate their key reliably. Ironically too, the very fact that
they are an intrinsic part of who we are also leads to their
biggest problem: should a biometric or a key which is derived
from it be compromised, there is no equivalent of renewing
passwords or changing locks.
afforded to anyone who is able to produce a valid token (at
least until the loss is discovered). For biometrics, problems
arise from the difficulty of dealing with compromise because
of the very feature which makes them so attractive: a biometric
is a property of the individual. You can’t change or replace a
user’s biometric.
Our system combines these two systems in a way which
addresses these drawbacks. The template against which the
user’s biometric is validated is encrypted. It is then divided
into two parts. One is recorded on electronic media as part of
the user’s token and the other is retained inside the secured
system. In place of a key generated directly from the user’s
biometric we use a key which is generated independently.
This is also encrypted, split and stored in the same two
locations.
The division and separate storage of the encrypted
biometric template and user key mean that an intruder who
steals the media is unable to extract either the user’s key or the
template for their biometric as they only have part of the
information. The same is true for an intruder who manages to
compromise the repository of the secured system.
In the event of loss of the token, it can be invalidated by
removal of the matching records within the secured system and
a replacement generated for the user. The replacement token
will again be tied to the user. As before it will comprise parts
of the users encrypted biometric template and their new key
but, not only will the users key itself be different, the key used
to encrypt it and the template will also have changed.
4. Operation of the system
There are two distinct activities involved in using the system.
The first is enrolment which involves the capture of the user’s
biometric and generation of their electronic token. Once a
user has been enrolled, they may then present their token and
biometric when authorisation is required.
4.1. Enrolment
The user performs an enrolment similar to that of a standard
biometric system: they present their biometric data a number
of times from which a standard commercial system generates a
template against which later reading of the biometric may be
validated.
Biometric read
from user
3. Constructing a hybrid approach
A replacement for current username-password systems is
needed and two possible alternatives have been described
above but each has drawbacks. In the case of electronic
tokens, they are not tied to the user so the obligation for a user
to remember their password and keep it safe is transformed
into an obligation to keep the token safe since system access is
Creation of
Biometric
Template
Part encrypted key
data stored on
computer or server
Encryption
Key generated
by system
Division of
encrypted data
Part encrypted key
data stored on
removable media
Figure 1: Enrolment procedure
The system then secures this data and creates the user’s
electronic key. The user’s biometric template is encrypted
using a key derived from a variety of factors, including the
serial number of the media onto which it will be placed. The
user’s key is then encrypted using a key which is again derived
from a number of factors which include the cipher text of the
user’s biometric template. The resulting two pieces of cipher
text are then divided. One portion of each is saved onto the
removable media as user’s electronic token and the remainder
is stored in a secure location within the protected system. See
Figure 1.
The algorithms selected to generate the encryption keys
and the division of the cipher should ensure that an intruder
cannot regenerate the keys easily and that neither portion of
the divided text contains all of the information required to
decode the template or key. Ideally these algorithms should be
kept secret.
The user key used will depend on the details of how the
system is being used. For example, if the system is used for
signing onto an online system (such as online banking), the
key will be provided by or negotiated with the secured system
as part of the user sign-up procedure. It will take the form
demanded by the online system and be communicated in full
or in part at authorisation as demanded by the system. The key
can be made as long as the online system deems necessary and
the user need never see it.
Alternatively, as in the
demonstration system, the key could be used to unlock
encrypted data held for the user by the system (such as
encryption keys allocated to them).
With this process complete, the user now has an electronic
token/key which has been created for them on which part of
their encrypted biometric template and part of their encrypted
personal key is stored. Without this electronic key, the system
cannot match their biometric, nor regenerate their personal
key.
4.2. Authentication
When the user wishes to gain access to the secured system,
they need to produce their electronic key and the right
biometric. See Figure 2.
The process works as follows:
1. The system reads the serial number of the key media
and uses the algorithm to reconstruct the key used to encrypt
the biometric template.
2. The encrypted biometric template is then reassembled
from the part recovered from the key and the part already held
within the system. This template is then presented to the
biometric software.
3. The software is then able to read the biometric
presented and decide whether it is a match to the template and
so whether to accept or reject the user.
4. Assuming the user’s biometric is accepted, the key
used to encrypt the user’s personal key can be regenerated
from the cipher text of the template. Using this key, the user’s
personal key can then be extracted from the cipher text which
is again reassembled from parts held on the electronic key and
within the system.
5. Now the secure system has the user’s personal key
which, depending on the application, may be used directly by
being presented to another system or indirectly to encode or
extract other sensitive data.
User Biometric
Media Serial no.
Part template
from system or
server
Part template
from removable
media
Part key from
system or server
Key regeneration
Combination of
encrypted data
parts
Matching by
commercial
software
Authorised or
Denied
Template
Decryption
Key regeneration
Extraction of User
Key
Part key from
removable
media
Figure 2: The authorization and key extraction process
5. A prototype implementation
To build a prototype, the first decision is to select an
appropriate biometric (and hardware) and an appropriate
technology for the electronic key.
For the biometric we selected a finger print system for the
following reasons:
 Fingerprints can be read quickly and reliably using
inexpensive equipment.
 It is not invasive.
 It is familiar and accepted by users.
The actual system used was ‘Griaule Fingerprint
Recognition SDK’ [7] in conjunction with the Microsoft
Fingerprint reader.
An inexpensive USB “pendrive” was used as a carrier for
the electronic key.
The user interface of the authentication process is shown in
Figure 3. This program uses our authentication scheme to
decide whether to disclose (previously encrypted) data to a
user or not. In the demonstration, a string previously
encrypted using the users key is extracted and displayed if the
users electronic token and biometric are accepted. The
application also displays trace output, including the graphic of
the fingerprint and output from the fingerprint software.
In a practical application, much of the interface shown here
would be concealed and only the outcome would be
communicated to the user. We also anticipate the user being
prompted to insert their electronic key and place their finger
on the reader in similar style to the familiar request for user
name and password and prompted again to remove both before
the authentication process is completed. The outcome (in the
form of allowing or denying access) would also be
communicated in the way that systems currently respond to the
input of the username-password pair.
Figure 3: User interface of prototype system
This software was developed as a proof of concept
application. It uses simple schemes for the separation of the
cipher strings into parts, the derivation of the key for
encrypting the template from the media serial number and the
derivation of the key for the encryption of the user key from
the template cipher text. Much more sophisticated techniques
which use additional factors could be applied in a full
implementation. However, this software has demonstrated that
the system works and provided some useful insight into the use
of this type of system. In particular it has confirmed that the
system is easy to use in practice. Enrolment is not difficult nor
time consuming. Also, although it does depend on the
biometric and hardware, authentication is quick and reliable.
Even taking into account time for user to insert their electronic
token, we believe this system is at least as quick in use as
eliciting a username-password pair from the user.
6. Discussion
We used an inexpensive fingerprint reader and a free SDK so
we expected the reliability of the fingerprint verification to be
problematic. We were confident that the integration of the
electronic key would eliminate “false positives” allowing
access to unauthorised users but we did expect that genuine
users would suffer significant numbers of “false negatives”.
However, several hundred tests revealed false negatives at
around 7% of verifications (and not one false positive) from
the fingerprint software which matches findings of other
studies [10]. Of the false negatives, a significant proportion
can be attributed to improper or careless finger placement on
the reader by users. It seems reasonable to expect that this
would improve as users become more familiar with the
procedure.
For the electronic key, our prototype system uses a USB
pendrive and merely requires that it be present whenever it is
needed. It might be preferable to replace this with a form of
media which isn’t so readily accessed by users and other
applications such as a smart card, but this would necessitate
the addition of suitable hardware. The system should also
insist that the user remove the key (and finger) after
authentication, thus minimizing the opportunity for an intruder
who has achieved some access to the system to read the
contents of the key.
The important issue here was that we were able to establish
that our system is no less usable and at least as quick in use as
conventional username-password authorization systems.
However, it is significantly more secure because it uses a
combination of a biometric and an electronic token and the
keys used to encrypt sensitive data (notably the user’s key) can
be as long as necessary. None of the keys used in our
implementation is less than 128bits which is far in excess of
anything which the user could be expected to commit to
memory. The split of the encrypted information between the
removable token and the system means that an intruder who
steals the key or gains access to the system is not able to
access users’ keys or biometric templates. Should the key be
lost or compromised, a user can be re-enrolled into the system
with a replacement key which is different from the lost item;
the encryption of the template depends on the physical key so,
even it the replacement template generated by the biometric
software were to be exactly the same as the original, the newly
created token will be different from the one that is lost. The
lost media can be rendered useless by deletion of the
corresponding portions of the template and user key cipher
text from the secured system.
We have used the system to control access to a laptop (and
to give demonstrations using a word or phrase of a user’s
choosing) but it could be applied equally well to any situation
where users username-password schemes are currently
employed. In online situations, the parts of the encrypted
cipher texts could be stored on removable media in the exactly
the manner described above with the user’s personal computer
merely acting as go-between reading the key and biometric
data and passing this on to the secured system using secure
communications techniques. Alternatively, the user’s personal
computer which could then stand in for (store the data of) the
removable media. In this way, user’s access to a secure online
system could be restricted to logons in which the correct
biometric is presented from the authorised machine. Loss of
the machine would amount to the loss of the token and would
necessitate re-enrolment. A user wishing to use more than one
machine would need to enrol from each.
7. Conclusion and future work
Username-password is a poor method for securing access
to valuable systems or data because the length of names and
passwords is severely limited by the necessity for them to be
committed to memory by users. Although this and other
weaknesses and widespread abuses are well documented, it is
almost universally used and it presents a vulnerability for
attack by intruders.
This work has taken widely available, proven technologies
and combined them to produce an alternative authorisation
system which uses an electronic key and a biometric in
combination. The system proposed eliminates the need for the
user to commit important access information to memory.
Instead access is controlled by a combination of the user being
able to satisfy a biometric measurement and produce a
matching electronic token. We used fingerprints for a proof of
concept implementation because the technology involved is
widely available and inexpensive but any biometric could be
used.
Features of our system mean that in the event of the loss of
an electronic key, the system and data it protects remains safe
and the key can be replaced.
We believe this system could provide a very acceptable
and convenient alternative to the current de-facto standard of
username-password (or PIN) systems which is in use to secure
all kinds of system access, including personal workstations and
online transactions.
8. References
[1] A. Adams and M. A. Sasse, "Users Are Not The Enemy,"
Communications of the ACM, vol. 42, pp. 40-46, 1999.
[2] E. Bardram, "The trouble with login: on usability and computer
security in ubiquitous computing," Personal and Ubiquitous
Computing, vol. 9, 2005.
[3] A. Bodo, "Method for producing a digital signature with aid of
a Biometric," 1994.
[4] A. M. DeAlvare, "A Framework for Password Selection," in
Unix Security Workshop II, Portland, 1998.
[5] D. Denning, "Protecting Public Keys and Signature Keys,"
IEEE Computer, vol. 16, pp. 17-35, Feb 1983.
[6] D. Dunlap, "Biometric Technology," Western Carolina
University 2001.
[7] Griaule, "Griaule Fingerprint Recognition SDK."
[8] A. K. Jain, "Biometric Recognition: How Do I Know Who You
Are?," Department of Computer Science and Engineering, Michigan
State University 2004.
[9] D. Kresimir and M. Grgic, "A Survey of Biometric Recognition
Methods," in 46th International Symposium Electronics, Marine,
Zadar, Croatia, 2004.
[10] T. Matsumoto, H. Matsumoto, K. Yamada, and S. Hoshino,
"Impact of artificial gummy fingers on fingerprint systems," in SPIE Optical Security and Counterfeit Deterrence Techniques IV, 2002.
[11] SafeNet Inc, "Disk Encryption Belcamp, MD," 2006.
[12] Y. Sutcu, H. T. Sencar, and N. Memon, "Authentication
protocols: A secure biometric authentication scheme based on robust
hashing," in 7th Workshop on Multimedia and Security at ACM
Multimedia, New York, USA, 2005.
[13] Q. Xiao, "Security Issues in Biometric Authentication," in IEEE
Workshop in Information Assurance and Security, U.S. Military
Academy, West Point, NY, 2005.
[14] N. Yoshiura, Y. Onozato, and H. Kimura, "Application of one
way function to biometric authentication," Transactions of the
Institute of Electical Engeineers of Japan, vol. 124-C, 2004.