Upload
jimmy-dockery
View
229
Download
0
Tags:
Embed Size (px)
Citation preview
Outline
ReviewPrevious Work
Introduction – Fuzzy vault
Proposed SystemEncodingDecoding
Experimental ResultsGenuine Accept Rate (GAR)False Accept Rate (FAR)
Conclusions
Registration
Template
Alice
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Authentication
?
It’s Alice!
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Templates represent intrinsic information about you
Alice
Theft of a template is theft of identity
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Server-side matching
Server
Client
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Server-side matching
Server
Client
“access
granted”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Client-side matching
Server
“It’s Alice!”“Hi, Alice!”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Client-side matching
Server
“It’s Alice!”“It’s Alice!”“Hi, Alice!”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
On-device matching
SecurID
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
On-device matching
SecurID
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
“password”
UNIX protection of passwords
“password” h(“password”)
“password”
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Template protection?
h( )
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Fingerprint is variable
Differing angles of presentation
Differing amounts of pressure
Chapped skin
Don’t have exact key!So hashing won’t work...
[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002
Introduction – Fuzzy vault
Juels and Sudan (2002)
The movie lover problem - encryptAlice has a set of favorite movies (A)
Alice wants to give her Tel # to someone with the same interests
Alice does not want the others to know about her interests
Alice encrypt her Tel # under A
Introduction – Fuzzy vault
The movie lover problem – decryptBob has a set of favorite movies (B)
If B is identical to A, then Bob gets Alice’s Tel #
If B is different than A, then Bob gets nothing
If B is similar to A, then Bob might get Alice’s Tel # ( depend on the algorithm Alice used to encrypt he Tel # )
EncodingAlice partitions her secret value (S) into shares s1, s2,..., sk
Construct a polynomial (p) so that
p(xj) = sk-1xk-1 + sk-2xk-2 + ... + s1x + s0
For every element in set A,
find ( ai, p(ai) )
Projecting elements of A onto p
Create chaff points that do not lie on p
Call this collection of points R
Flow chart - Encode
Secret data (S)(Tel #)
Polynomial (p)construction
PolynomialProjection
Chaff PointGeneration (C)
Set (A)(Favorite movies)
+
Vault (VA)
Algorithm Lock
[1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002
Decoding
Project R onto bi (elements in set B)
If there exists a pair (bi, y) in R for any y
then (xi, yi) = (bi, y), else (xi, yi) = null
Call this collection of points Q
Perform the Reed-Solomon decoding algorithm and reconstruct a unique polynomial p
Reed-Solomon decoding
The classical algorithm of
Peterson-Berlekamp-Massey decodes successfully if at least (k+t)/2 points in Q share a common polynomial
t = the # of points in set A
k = a polynomial of degree less than k
Flow chart - Decode
Vault (VA)
Secret data (S)(Tel #)
Set (B)(Favorite movies)
Error-correctingcodes
(Reed-Solomon codes)
Polynomial (p)reconstruction
Candidate pointidentification
Algorithm Unlock
[1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002
Security
Depends on the # of chaff points r-t in the target set R
r = the total # of points
t = the # of points in set A
Attacker cannot distinguish between the correct polynomial p and all of the spurious ones
Security proportional to the # of spurious polynomials
Fuzzy Fingerprint VaultReplace favorite movies with Fingerprint minutiae data
Different from favorite movies, minutiae data needs to be aligned
without any information leak
Quantification is applied to account for slight variations in minutiae data
example:block size = 11x11
[1,11] → 6
EncodeError-correction scheme
Cyclic Redundancy Check (CRC)
16bit CRC: gCRC(a) = a16 + a15 + a2 +1
128bit secret + 16bit CRC = 144bit (S)divided into 9 non-overlapping 16-bit segments ( 144/16 = 9)
p(x) = s8x8 + s7x7 + ... + s1x + s0
Quantify minutiae data (A)
Apply fuzzy vault scheme → get VA
Construct helper data
Secret data (S)Polynomial (p)construction
PolynomialProjection
Chaff PointGeneration (C)
Set (A)(Quantified minutiae)
+
Vault (VA)
00110100
CRC encoding
0011010011
Decode
Quantify minutiae data (B)
Apply fuzzy vault scheme → get p
Decrypt secret from p (144bit code)
Apply CRC coding to check whether there are errors in this secret
Divide the secret with CRC code
0011010011 / 11 = 00110100 ..... 0Remainder is not zero : error!
Secret data (S)
Set (B)(Quantified minutiae)
Vault (VA)
00110100
CRC decoding 0011010011
Candidate pointidentification
Error-correctingcodes
(Reed-Solomon codes)
Polynomial (p)reconstruction
Helper data
Orientation Field Flow Curves (OFFC)Sets of piecewise linear segments the represent the underlying flow of fingerprint ridges
Robust to noise minutiae
islands
smudges
cuts
Constructing Helper DataFind the orientation field that shows the dominant orientation in each block
8*8
sj = sj-1 + dj * lj * oSj-1
j = the index of points on the curve
dj = the flow direction between sj and sj-1
{ -1, 1 }
lj = the length of line segment between these two points
oSj-1 = the orientation value at location sj-1
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
ICP base AlignmentIterative Closest Point
1. Estimate the initial transformationFind the center of mass
2. Iterate until convergence
C: curvature, r: row, c: column
higher αvalues emphasize the effect of curvature
(100, 150, 400)
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006
Experiments
DB2 database of FVC 2002 study8 impressions for each of the 100 distinct fingers
Image size: 560*296
Resolution: 569dpi
Block size: 11*11
24 genuine minutiae points dispersed among 200 chaff points are used
ResultsTwo impression per finger are used
1 for locking, 1for unlockingGAR = 72.6% at FAR = 0%
has less than 24 minutiae (16)
Unlocking with two impression per finger
GAR = 84.5% at FAR = 0%errors in helper data (7)poor quality image (4)common minutiae between locking and unlocking prints less than the required number (2)
Conclusion
Secured 128-bit AES keys feasiblyAn automatic alignment scheme based on helper data derived from the orientation field of fingerprintsThe helper data does not leak any information about the minutiae-based fingerprint template User is expected to be cooperative
Reduce false rejects
References[1] A. Juels and M. Sudan. “A fuzzy vault scheme.” In A. Lapidoth and E. Teletar, editors, Proc. IEEE Int. Symp. Information Theory, 2002[2]Umut Uludag, Anil Jain, "Securing Fingerprint Template: Fuzzy Vault with Helper Data," cvprw, p. 163, 2006 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'06), 2006[3] Ari Juels RSA Labortories 10th CAR Information Security Workshop 8 May, 2002