Section 10. Mechanical engineering
Khudoykulov Zarif Turakulovich, Phd student, the faculty of Information Security, E-mail: [email protected] Islomov Shaxboz Zokir ugli, Phd student, the faculty of Information Security, E-mail: [email protected] Allanov Orif Menglimuratovich Teacher, the faculty of Information Security, E-mail: [email protected] Mardiyev Ulugbek Rasulovich, Teacher, the faculty of Information Security, Tashkent University of Information Technology, E-mail: [email protected]
A PRACTICAL IMPLEMENTATION OF FINGERPRINT BASED FUZZY COMMITMENT SCHEME
Abstract: This paper offers a method that allows practical usage of the key binding scheme based on fingerprint image. This method uses Reed - Solomon error correction code to correct until five minutiae point's data in maximum and as a result of this the false rejection rate (FRR) error will be equal to 31. At least 10 true minutiae points are required to successfully recover a key and in this case false acceptance rate (FAR) error will be equal to zero.
Keywords: minutiae point, key binding, key generation, biometric cryptosystem, error correction cede, fuzzy commitment scheme.
1. Introduction
Biometric based cryptosystems does not only eliminate issues like forgetting and always carrying problems, but also, solves many disadvantages related to human factors. However, biometric cryptosystems also has its disadvantages because biometric parameters have fuzzy type of information. Among them, falsification and FAR based threats that occur by improper selection of biometric parameters which are more serious.
Iris and fingerprint parameters are most suitable ones for biometric cryptographic systems because of them we could have enough information for cryptographic key [1]. Among the remaining biometric parameters, iris is not only non - falsified, unique and high entropy parameter, but also has very high cost to implement and requires user attention. However, fingerprint is most used parameter in biometric cryptosystems because of low cost, high uniqueness degree (even in twins) and easy to use even lower entropy than iris [2].
Despite biometric cryptosystems have been in development, their primary visions have already implemented For ex-
ample, among a project of GenKey by priv-ID [3], fingerprint and iris based cryptographic key generation have a significant impacts that is practically implemented.
Biometric cryptosystems. Additional information related to biometric parameters called "helper data" that are saved to generate key in all biometric cryptosystems. Based on the method of taking the helper data, cryptosystems divided into: key binding scheme and key generation scheme [4]. Cryptographic key is mixed with biometric parameters and saved as helper data in key binding scheme. This scheme includes fuzzy commitment andfuzzy vault forms. Helper data are extracted from only biometric parameters in key generation scheme and use to recover original biometric parameters. Fuzzy extractor and secure sketches are most used forms in this scheme.
2. Related work
We choose fingerprint as biometric for our proposed key binding scheme because it is easy to use, low cost to implement and saving enough information for key. Therefore, the
first, we give quick analysis of current fingerprint based cryptosystems and then describe our.
Sharda Sinx et al. [5] proposed key generation method for RSA algorithm based on fingerprint minutiae points. Firstly, enough minutiae points are extracted and two-dimension matrix of minutiae point positions were created. Generated random numbers were mixed with fingerprint features and created new features array. Prime number was created with new features array by checking and incrementing values. There was possibility of practical implementation of this method when minutiae coordinates were same as previous one.
Aditi Bhatega et al. [6] proposed another key generation methods based on fingerprint with cancelable biometric
Based on the results of the above analysis, the following conclusions can be obtained:
- there is no single and reliable way to convert fingerprint features to a numerical values;
- the magnitude of the differences in the numerical values of two biometric features to a single user;
- it is impossible to construct appropriate errors correction codes to correct existing errors;
- Impossibility of experiment implementation in real practical life
Above mentioned fingerprint based cryptographic systems which gives the change to eliminate the existing errors, has been given below on biometric key binding methods.
3. Proposed method
In this paper, new key binding method based on minutiae point's positions, and its feature and structures described as following.
Assumption and requirements. There is not any universal key binding method that is used practically. Therefore, we define some assumption and requirements to practical implementation of proposed method.
scheme. FAR/FRR errors was equals to 0/15 respectively in this proposed method is tolerable to different changes in case of high quality fingerprint image was used, it will make decent productivity.
B. K. Sy et al. [7] establish robust key binding scheme based on fingerprint. Fingerprint image was separated to rings and sectors from core point and maximum and minimum Euclidian distances between minutiae points in each sectors and core point was calculated. This method was efficient against deviation of fingerprint image and there was not possibility of key binding in case of few minutiae points.
In general, analysis of fingerprint - based cryptographic systems are shown in (Table 1).
Requirement for fingerprint image. High-resolution fingerprint scanners are needed (500 dpi) and captured image quality should be at least two in NIST NFIQ range. Besides that, we assume that helper data and training images have to be saved securely.
Error correction code. An error correction code is important for biometric cryptographic systems. The proposed method uses the Reed - Solomon code to eliminate the differences between the minutiae points in the learning and testing templates and configure to correct five minutiae points data.
Changing biometric features (fingerprint images) to numerical values. We extract numerical values from fingerprint images based on minutiae points' position: X, Y coordination, angle and type. Besides that, Euclidian distances between minutiae points are calculated and used as key data.
Enrollment phrase. For learning process captured fingerprint images are important for receiving through scanner and so that we use four high quality fingerprint images per subj ect for learning system.
Extraction of important minutiae points. We get n common minutiae points among four fingerprint images and save them
Table 1.
Methods Used biometric cryptosystem scheme Extracting numerical values from fingerprint image FAR/FRR (%)
L.You et al. [8] Key binding N/A -
S.Barman et al. [9] Key generation Distances between minutiae points 4,95/-
B.Liang et al. [10] Key binding Positions and angle of minutiae points If D=11 and n=5 then 0,396/17,7
R.Ranjan et al. [11] Key generation Positions of minutiae points -
C.Xie et al. [12] Key generation Positions of minutiae points 0.077/10.261 (FVC2000-DB2, t=19, k=2124)
S.Sinx et al. [5] Key generation Positions and type of minutiae points -
A.Bhatega et al. [6] Key generation Distances between central point and minutiae points 0/15
B.K.Sy et al. [7] Key binding Distances between central point and minutiae points -
as M = {P0,Pp...,Pn} . Each minutiae points P; describe as {Xi, Y ,Oj ,type i} form. Based on fingerprint images and scanner quality number of extracted minutiae points, n, will be different and result of this effect to occur some issues to get numerical values.
We use NIST Barycenter minutiae point selection methods to eliminate this problem [13]. NIST Barycenter method is used to get fixed N minutiae points that located in the center of fingerprint image. We define two values for N: if common minutiae points belong to 15 < n < 20 range, then
N = 15 and if n > 21 then N = 21. There is no chance to bind key in case of number of common minutiae points among four fingerprint images will be smaller than 15.
Fingerprint feature quantitation. Position of minutiae points might be different during putting fingerprint on scanner even fingerprints belong to same person. As result, minutiae points might be shift left/right or top/bottom side. In this case, minutiae position based on numerical values extraction will be incorrect. We use quantitation method by Liang B. et al. to solve this problem [14]. Positions of selected N minutiae points are updated by the quantitation method with D = 10.
A(x ) =
— + (D + 1)*i& (D + 1)*i< x < (D + 1)*i + D & (i = 0,1,..),mod(D,2) = 0 2
(1)
D -1
+ D * i & (i -1)* D +1 < x < D * i & (i = 0,1,..),mod(D,2) = 1
Creatingfeature vectors. Feature vectors are created as follow from last form of updating N minutiae points.
1) If N = 15, we set-up Reed - Solomon code as (32,9,22,0 x 25) to correct 5 minutiae points data. In this case, we can bind K = 45-bit key and needed biometric feature vectors Fvec with 31 elements. First 30 elements of feature vector calculated from X; and Y coordinates of15 minutiae points and last one element derived from average value of all minutiae points type, typet.
2) If N = 21, we set-up Reed - Solomon code as (256,49,206,0 x 11D) to correct 5 minutiae points data. In this case, we can bind K = 392-bit key and needed biometric feature vectors Fvec with 255 elements. First 42 elements of vector consist from X; and Yi coordinates of 21 minutiae
N (N -1)
points, next
- = 210 elements are Euclidian distanc-
es that calculated among 21 minutiae points and last 3 elements are derived from average value of all minutiae points position, X.,Y angle, and type, typei, respectively.
Key binding. Helper data, S, derived from code word C=EEC(K) and feature vector Fvec:
S = C © Fvec (2)
Helper data S and hashed key value H = h(K) are securely saved in database.
Testingphrase. In this process, candidate enter new fresh fingerprint template and then will do following sequences:
- m minutiae points will be extracted from candidate template and will be combined to M = {P0, Pp..., Pm} set;
- significant N minutiae points separated from M set by NIST Barycenter method;
- position of separated N minutiae points, X; and Yi, updated with (1) equation;
- depend on the value of N, feature vector F'vec is extracted from updated minutiae points as 1) or 2) step in learning process;
- extracted feature vector F'vec and helper data, S belong to user will be used to recover code word: C' = S © F'vec ;
- then from code word C', we decode K' = DEC(C'), after that we compute hash of new key and compare with hashed key in learning process: h(K') = H ;
- If the result of comparison is "true", then key is successfully recovered, else not.
Experimental result and analysis. We use 160 fingerprint images of 40 subjects, four images per subject, in learning process. We use FS88H FIPS201/PIV scanner to capture fingerprint images. In test phrase, 240 fingerprint images of 40 subjects, six images per subject, are used. The average difference between the minutiae points in the enrollment and the testing phrase was 4.78. There were no errors to recover the key during testing phrase. The proposed method requires at least 10 minutiae points to match, and in this case, FAR error is zero. Based on the experience, result of correcting five minutiae points' data, FRR's error was 31% or in other words, genuine user that was enrolled can recover the key in one of three trials. One of the example of result is given in (table 2).
Table 2.
2
Data Values (byte)
1 2
Helper data 245, 39, 124, 87, 24, 173, 27, 90, 198, 195, 24, 24, 95, 91, 240, 177, 64, 185, 150, 126, 65, 32, 11, 215, 239, 17, 146, 183, 113, 88, 206, 91, 42, 10, 92, 234, 127, 43, 26, 109, 143, 77, 92, 181, 252, 147, 133, 174, 6, 146, 92, 154, 19, 141, 104, 71, 196, 47, 135, 184, 28, 148, 245, 159, 235, 53, 28, 58, 59, 241, 95, 123, 56, 248, 235, 230,
1 2
Helper data 248, 181, 195, 75, 191, 141, 91, 227, 190, 232, 3, 212, 29, 133, 50, 149, 45, 229, 244, 187, 179, 3, 24, 128, 16, 94, 118, 224, 195, 239, 212, 133, 186, 204, 152, 36, 46, 192, 237, 180, 171, 154, 2, 13, 29, 216, 150, 96, 222, 111, 112, 87, 158, 237, 154, 82, 174, 190, 83, 226, 167, 39, 243, 130, 187, 119, 25, 106, 59, 49, 28, 63, 54, 29, 81, 173, 150, 174, 2, 12, 133, 179, 25, 160, 206, 138, 51, 158, 169, 41, 249, 168, 75, 88, 178, 154, 91, 31, 11, 168, 62, 181, 11, 162, 253, 211, 31, 8, 160, 136, 116, 208, 211, 233, 29, 172, 174, 130, 78, 247, 216, 124, 0, 232, 243, 88, 140, 205, 219, 110, 210, 114, 186, 185, 232, 214, 49, 40, 149, 41, 128, 231, 246, 227, 194, 222, 83, 70, 242, 97, 29, 210, 77, 115, 209, 103, 60, 211, 133, 28, 101, 172, 34, 164, 237, 250, 194, 97, 64, 166, 154, 228, 232, 94, 102, 117, 133, 130, 41
Feature vector 43, 34, 33, 49, 44, 66, 54, 75, 64, 67, 80, 83, 80, 78, 83, 73, 90, 97, 100, 84, 9, 76, 14, 65, 63, 27, 87, 107, 52, 113, 48, 121, 118, 120, 113, 102, 88, 109, 101, 67, 22, 56, 66, 26, 87, 99, 48, 108, 58, 114, 111, 114, 103, 102, 93, 110, 92, 82, 53, 84, 85, 80, 31, 92, 64, 113, 49, 50, 59, 47, 94, 115, 105, 86, 78, 53, 40, 80, 112, 65, 111, 35, 124, 119, 120, 122, 94, 75, 99, 114, 110, 55, 119, 77, 48, 116, 114, 99, 102, 112, 60, 135, 141, 145, 40, 91, 31, 105, 114, 77, 54, 107, 97, 91, 131, 42, 31, 46, 150, 113, 116, 25, 133, 70, 133, 132, 137, 112, 128, 116, 136, 82, 93, 135, 50, 85, 88, 77, 67, 125, 15, 46, 25, 159, 121, 58, 142, 23, 31, 45, 39, 103, 134, 114, 102, 148, 95, 141, 142, 149, 109, 150, 140, 158, 64, 128, 43, 31, 18, 97, 54, 96, 64, 150, 150, 143, 141, 156, 95, 61, 97, 149, 12, 27, 60, 95, 132, 106, 125, 15, 70, 84, 122, 94, 132, 85, 72, 113, 82, 144, 138, 162, 149, 71, 46, 11, 174, 43, 181, 184, 161, 215, 148, 0, 155, 249, 170, 183, 134, 1, 205, 223, 95, 221, 173, 12, 90, 190, 175, 152, 198, 15, 117, 147, 103, 19, 159, 135, 147, 138, 132, 137, 213, 163, 76, 183, 64, 228, 65, 185, 245, 227, 144, 204, 150
Recovered key 24, 89, 15, 1, 73, 1, 144, 219, 14, 208, 42, 80, 112, 226, 15, 1, 12, 155, 95, 109, 71, 108, 251, 234, 23, 104, 73, 64, 226, 15, 220, 62, 177, 46, 105, 115, 23, 194, 12, 17, 218, 0, 169, 231, 147, 150, 23, 78, 181
4. Conclusion
Probability of practical implementation of fuzzy commitment based key binding scheme increases by using error correction codes. However, due to the large differences of the scanned fingerprints, a number of practical issues are encountered to convert biometric features to numerical values. The
proposed method to eliminate these problems and to use practically is different from with factors of security and reliability. When fingerprint image quality is high, there is a possibility to bind a 392-bit key, which can now be used for symmetric - key encryption systems.
References:
1. Ganiev S. K., Khudoykulov Z. T., Islomov Sh. Z. Selection suitable biometrics for cryptographic key generators. Вестник, ТУИТ.- 2016.- No. 4 (40).
2. Biometrics: the Future of Mobile Payments. U. S. Economic Watch. Nathaniel Karp. 20 July - 2015.
3. URL: http://www.priv-id.com/
4. Rathgeb C., Uhl A. A survey on biometric cryptosystems and cancelable biometrics. EURASIP Journal on Information Security - 2011.- 3 p.
5. Singh S., Dr. J. Laxminarayana A. RSA Key Generation Using Combination of Fingerprints. IOSR Journal of Computer Engineering (iOSR-JCE), e-ISSN: 2278-0661, p-ISSN: 2278-8727,- P. 48-53.
6. Bhatega A., Sharma K. Secure Cancelable Fingerprint Ley Generation.- 2014. IEEE.
7. Sy B. К., Krishnan A. K. Generation of Cryptographic Keys from Personal Biometrics: An Illustration Based on Fingerprints. URL: http://dx.doi.org/10.5772/51372.
8. You L., Zhang G., Zhang F. A fingerprint and Threshold Scheme-based Key generation methods.
9. Barman S., Samanta D., Chattopadhyay S. Revocable Key Generation From Irrevocable Biometric Data for Symmetric Cryptography.
10. Liang B., Wu Z., You L. A novel Fingerprint - based Biometric Encryption. 9 th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.- 2014.
11. Ranjan R., Singh S. K. Improved and Innovative Key Generation Algorithms for Biometric Cryptosystems.- 2013. 3rd IEEE International Advance Computing Conference.
12. Xie C., Liu J., Yao X., Tang D. Research of biometric Key generation based on Fingerprint bit-strings. Journal of Fiber Bioengineering and Informatics 8:4-2015.- P. 713-724.
13. Vibert B., Christophe Charrier, Jean-Marie Le Bars, Christophe Rosenberger. Comparative Study of Minutiae Selection Algorithms for ISO Fingerprint Templates. IS T/SPIE Electronic Imaging, - Feb - 2015. - San Francisco, United States.-2015. <hal-01120639>
14. Liang B. et al. A novel fingerprint-based biometric encryption // P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC),- 2014. Ninth International Conference on.- IEEE,- 2014.- C. 146-150.