Chapter

Computer and Information Sciences – ISCIS 2006

Volume 4263 of the series Lecture Notes in Computer Science pp 981-990

Biometric Cryptosystem Using Online Signatures

  • Alisher KholmatovAffiliated withCarnegie Mellon UniversityFaculty of Engineering and Natural Sciences, Sabanci University
  • , Berrin YanikogluAffiliated withCarnegie Mellon UniversityFaculty of Engineering and Natural Sciences, Sabanci University

* Final gross prices may vary according to local VAT.

Get Access

Abstract

Biometric cryptosystems combine cryptography and biometrics to benefit from the strengths of both fields. In such systems, while cryptography provides high and adjustable security levels, biometrics brings in non-repudiation and eliminates the need to remember passwords or to carry tokens etc. In this work, we present a biometric cryptosystem which uses online signatures, based on the fuzzy vault scheme of Jules et al. The fuzzy vault scheme releases a previously stored key when the biometric data presented for verification matches the previously stored template hidden in a vault. The online signature of a person is a behavioral biometric which is widely accepted as the formal way of approving documents, bank transactions, etc. As such, biometric-based key release using online signatures may have many application areas.

We extract minutiae points (trajectory crossings, endings and points of high curvature) from online signatures and use those during the locking & unlocking phases of the vault. We present our preliminary results and demonstrate that high security level (128 bit encryption key length) can be achieved using online signatures.