Application of Biometrics to Obtain High Entropy Cryptographic Keys
In this paper, a two factor scheme is proposed to
generate cryptographic keys directly from biometric data, which
unlike passwords, are strongly bound to the user. Hash value of the
reference iris code is used as a cryptographic key and its length
depends only on the hash function, being independent of any other
parameter. The entropy of such keys is 94 bits, which is much higher
than any other comparable system. The most important and distinct
feature of this scheme is that it regenerates the reference iris code by
providing a genuine iris sample and the correct user password. Since
iris codes obtained from two images of the same eye are not exactly
the same, error correcting codes (Hadamard code and Reed-Solomon
code) are used to deal with the variability. The scheme proposed here
can be used to provide keys for a cryptographic system and/or for
user authentication. The performance of this system is evaluated on
two publicly available databases for iris biometrics namely CBS and
ICE databases. The operating point of the system (values of False
Acceptance Rate (FAR) and False Rejection Rate (FRR)) can be set
by properly selecting the error correction capacity (ts) of the Reed-
Solomon codes, e.g., on the ICE database, at ts = 15, FAR is 0.096%
and FRR is 0.76%.
[1] S. Kanade, D. Camara, E. Krichen, D. Petrovska-Delacr'etaz, and
B. Dorizzi, "Three factor scheme for biometric-based cryptographic key
regeneration using iris," in The 6th Biometrics Symposium, 2008.
[2] F. Hao, R. Anderson, and J. Daugman, "Combining crypto with biometrics
effectively," IEEE Transactions on Computers, vol. 55, no. 9, pp.
1081-1088, 2006.
[3] A. Cavoukian and A. Stoianov, "Biometric encryption: A positive-sum
technology that achieves strong authentication, security and privacy,"
Information and privacy commissioner of Ontario, White Paper, March
2007.
[4] T. E. Boult, W. J. Scheirer, and R. Woodworth, "Revocable fingerprint
biotokens: Accuracy and security analysis," in IEEE Conference on
Computer Vision and Pattern Recognition, June 2007, pp. 1-8.
[5] A. Lumini and L. Nanni, "An improved biohashing for human authentication,"
Pattern Recognition, vol. 40, no. 3, pp. 1057-1065, March
2007.
[6] N. K. Ratha, S. Chikkerur, J. H. Connell, and R. M. Bolle, "Generating
cancelable fingerprint templates," IEEE Transactions on Pattern Analysis
and Machine Intelligence, vol. 29, no. 4, pp. 561-572, April 2007.
[7] M. Savvides, B. V. Kumar, and P. Khosla, "Cancelable biometric
filters for face recognition," in Proceedings of the 17th International
Conference on Pattern Recognition (ICPR04), vol. 3, August 2004, pp.
922-925.
[8] J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, and G. Zmor, "Optimal
iris fuzzy sketches," in IEEE Conference on Biometrics: Theory,
Applications and Systems, 2007.
[9] A. Juels and M. Wattenberg, "A fuzzy commitment scheme," in Proceedings
of the Sixth ACM Conference on Computer and communication
Security (CCCS), 1999, pp. 28-36.
[10] A. Juels and M. Sudan, "A fuzzy vault scheme," in Proc. IEEE Int.
Symp. Information Theory, A. Lapidoth and E. Teletar, Eds. IEEE
Press, 2002, p. 408.
[11] F. Monrose, M. Reiter, and R. Wetzel, "Password hardening based on
keystroke dynamics," in Proceedings of the Sixth ACM Conference on
Computer and communication Security (CCCS), 1999, pp. 73-82.
[12] F. Monrose, M. Reiter, Q. Li, and S. Wetzel, "Cryptographic key
generation from voice," in Proceedings of the IEEE Symposium on
Security and Privacy, May 2001, pp. 202-213.
[13] Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate
strong keys from biometrics and other noisy data," in Proceedings of
the Eurocrypt, 2004.
[14] U. Uludag and A. Jain, "Securing fingerprint template: Fuzzy vault with
helper data," in Proc. of the 2006 Conference on Computer Vision and
Pattern Recognition Workshop, June 2006, pp. 163-170.
[15] E. Krichen, B. Dorizzi, Z. Sun, S. Garcia-Salicetti, and T. Tan, Guide to
Biometric Reference Systems and Performance Evaluation. Springer-
Verlag, 2008, ch. Iris Recognition, pp. 25-50.
[16] F. J. MacWilliams and N. J. A. Sloane, Theory of Error-Correcting
Codes. North Holland, 1991.
[17] National Institute of Science and Technology (NIST), "Iris Challenge
Evaluation," 2005, http://iris.nist.gov/ice.
[18] W. E. Burr, D. F. Dodson, and W. T. Polk, "Electronic authentication
guideline: Recommendations of the National Institute of Standards and
Technology," April 2006.
[19] J. Daugman, "The importance of being random: Statistical principles
of iris recognition," Pattern Recognition, vol. 36, no. 2, pp. 279-291,
February 2003.
[1] S. Kanade, D. Camara, E. Krichen, D. Petrovska-Delacr'etaz, and
B. Dorizzi, "Three factor scheme for biometric-based cryptographic key
regeneration using iris," in The 6th Biometrics Symposium, 2008.
[2] F. Hao, R. Anderson, and J. Daugman, "Combining crypto with biometrics
effectively," IEEE Transactions on Computers, vol. 55, no. 9, pp.
1081-1088, 2006.
[3] A. Cavoukian and A. Stoianov, "Biometric encryption: A positive-sum
technology that achieves strong authentication, security and privacy,"
Information and privacy commissioner of Ontario, White Paper, March
2007.
[4] T. E. Boult, W. J. Scheirer, and R. Woodworth, "Revocable fingerprint
biotokens: Accuracy and security analysis," in IEEE Conference on
Computer Vision and Pattern Recognition, June 2007, pp. 1-8.
[5] A. Lumini and L. Nanni, "An improved biohashing for human authentication,"
Pattern Recognition, vol. 40, no. 3, pp. 1057-1065, March
2007.
[6] N. K. Ratha, S. Chikkerur, J. H. Connell, and R. M. Bolle, "Generating
cancelable fingerprint templates," IEEE Transactions on Pattern Analysis
and Machine Intelligence, vol. 29, no. 4, pp. 561-572, April 2007.
[7] M. Savvides, B. V. Kumar, and P. Khosla, "Cancelable biometric
filters for face recognition," in Proceedings of the 17th International
Conference on Pattern Recognition (ICPR04), vol. 3, August 2004, pp.
922-925.
[8] J. Bringer, H. Chabanne, G. Cohen, B. Kindarji, and G. Zmor, "Optimal
iris fuzzy sketches," in IEEE Conference on Biometrics: Theory,
Applications and Systems, 2007.
[9] A. Juels and M. Wattenberg, "A fuzzy commitment scheme," in Proceedings
of the Sixth ACM Conference on Computer and communication
Security (CCCS), 1999, pp. 28-36.
[10] A. Juels and M. Sudan, "A fuzzy vault scheme," in Proc. IEEE Int.
Symp. Information Theory, A. Lapidoth and E. Teletar, Eds. IEEE
Press, 2002, p. 408.
[11] F. Monrose, M. Reiter, and R. Wetzel, "Password hardening based on
keystroke dynamics," in Proceedings of the Sixth ACM Conference on
Computer and communication Security (CCCS), 1999, pp. 73-82.
[12] F. Monrose, M. Reiter, Q. Li, and S. Wetzel, "Cryptographic key
generation from voice," in Proceedings of the IEEE Symposium on
Security and Privacy, May 2001, pp. 202-213.
[13] Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate
strong keys from biometrics and other noisy data," in Proceedings of
the Eurocrypt, 2004.
[14] U. Uludag and A. Jain, "Securing fingerprint template: Fuzzy vault with
helper data," in Proc. of the 2006 Conference on Computer Vision and
Pattern Recognition Workshop, June 2006, pp. 163-170.
[15] E. Krichen, B. Dorizzi, Z. Sun, S. Garcia-Salicetti, and T. Tan, Guide to
Biometric Reference Systems and Performance Evaluation. Springer-
Verlag, 2008, ch. Iris Recognition, pp. 25-50.
[16] F. J. MacWilliams and N. J. A. Sloane, Theory of Error-Correcting
Codes. North Holland, 1991.
[17] National Institute of Science and Technology (NIST), "Iris Challenge
Evaluation," 2005, http://iris.nist.gov/ice.
[18] W. E. Burr, D. F. Dodson, and W. T. Polk, "Electronic authentication
guideline: Recommendations of the National Institute of Standards and
Technology," April 2006.
[19] J. Daugman, "The importance of being random: Statistical principles
of iris recognition," Pattern Recognition, vol. 36, no. 2, pp. 279-291,
February 2003.
@article{"International Journal of Information, Control and Computer Sciences:51246", author = "Sanjay Kanade and Danielle Camara and Dijana Petrovska-Delacretaz and Bernadette Dorizzi", title = "Application of Biometrics to Obtain High Entropy Cryptographic Keys", abstract = "In this paper, a two factor scheme is proposed to
generate cryptographic keys directly from biometric data, which
unlike passwords, are strongly bound to the user. Hash value of the
reference iris code is used as a cryptographic key and its length
depends only on the hash function, being independent of any other
parameter. The entropy of such keys is 94 bits, which is much higher
than any other comparable system. The most important and distinct
feature of this scheme is that it regenerates the reference iris code by
providing a genuine iris sample and the correct user password. Since
iris codes obtained from two images of the same eye are not exactly
the same, error correcting codes (Hadamard code and Reed-Solomon
code) are used to deal with the variability. The scheme proposed here
can be used to provide keys for a cryptographic system and/or for
user authentication. The performance of this system is evaluated on
two publicly available databases for iris biometrics namely CBS and
ICE databases. The operating point of the system (values of False
Acceptance Rate (FAR) and False Rejection Rate (FRR)) can be set
by properly selecting the error correction capacity (ts) of the Reed-
Solomon codes, e.g., on the ICE database, at ts = 15, FAR is 0.096%
and FRR is 0.76%.", volume = "3", number = "3", pages = "550-5", }