A biometric is a physiological or behavioural characteristic of a human being that can distinguish one person from another and that theoretically can be used for identification or verification of identity. Different biometrics systems are Physiological Biometrics and Behavioural Biometrics.
- Fingerprint recognition - No two persons share the same fingerprints. Can go for thermal sensing, optical sensing, capacitance sensing, ultrasound sensing. Wet, dry, or dirty skin may create problems.
- Face Recognition - One of the most acceptable biometrics. Not accurate and dependable.
- Hand Geometry - Include length and width of fingers, different aspect ratios of palm and fingers, thickness and width of the palm etc. Existing hand geometry systems mostly use images of the hand.
- Iris Recognition - Reliable and accurate. Believed to be unique in every individual. Not work for people who are missing both eyes or who have serious eye illnesses that affect the iris.
- Signature - High degree of acceptance. Signatures lack permanence. Static signature verification systems & Dynamic signature verification systems
- Voice - Depend on numerous characteristics of a human voice to identify the speaker. Does not require expensive input devices. Issues may skilfully imitate other's voices, record and replay attacks
Primary Concerns in a Biometric System
- Template Protection
- User's privacy
- Trust between user and server
- Network security
What is Blind Authentication?
A blind authentication protocol that does not reveal any information about the biometric samples to the authenticating server. Information regarding the classifier, employed by the server, to the user or client.
SALTING - Design a classifier in the encrypted feature space. Specific to a biometric trait. Security using a transformation function seeded by a user specific key. Do not offer well defined security
NON-INVERTIBLE TRANSFORM - Apply non-invertible function on the biometric template. Key must be available at the time of transformation Eg. Robust hashing, Cancelled templates.
KEY BINDING AND KEY GENERATION - Integrate the advantages of biometrics and cryptography. Using the biometric as a protection for the secret key or to generate secret key.
Features Of Blind Authentication
- Strong encryption
- Non-reputable authentication
- Protection against replay and client-side attacks
Blind Authentication Process: Linear kernel computation for encrypted feature vectors. At no point, the identity vectors x, w or the intermediate results xi and wi is revealed to anyone.
- Server security - Hacker gains access to the template database. Hacker is in the database server during the authentication. Impostor trying blind attacks from a remote machine
- Client security - Hacker gains access to the user’s biometric or private key. Passive attack at the user’s computer.
- Network Security - Attacker gains access to the network.
- Privacy - Concern of revealing personal information Template is never revealed to the server. Concern of being tracked-Use different keys for different applications.
Advantages Of Blind Authentication
Fast and Provably Secure authentication without trading off accuracy. Supports generic classifiers such as Neural Network and SVMs. Useful with wide variety of fixed length biometric traits. Ideal for applications such as biometric ATM's, login from public terminals.
Verification can be done in real time with the help of available hardware. Keep the interaction between the user and the server to a minimum. Extensions to this work includes secure enrolment protocols and encryption methods to reduce computations. Dynamic warping based matching of variable length feature vectors can further enhance the utility of the approach.