Biometric Cryptosystem Using Online Signatures

  • Alisher Kholmatov
  • Berrin Yanikoglu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4263)

Abstract

Biometric cryptosystems combine cryptography and biometrics to benefit from the strengths of both fields. In such systems, while cryptography provides high and adjustable security levels, biometrics brings in non-repudiation and eliminates the need to remember passwords or to carry tokens etc. In this work, we present a biometric cryptosystem which uses online signatures, based on the fuzzy vault scheme of Jules et al. The fuzzy vault scheme releases a previously stored key when the biometric data presented for verification matches the previously stored template hidden in a vault. The online signature of a person is a behavioral biometric which is widely accepted as the formal way of approving documents, bank transactions, etc. As such, biometric-based key release using online signatures may have many application areas.

We extract minutiae points (trajectory crossings, endings and points of high curvature) from online signatures and use those during the locking & unlocking phases of the vault. We present our preliminary results and demonstrate that high security level (128 bit encryption key length) can be achieved using online signatures.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Feng, H., Wah, C.: Private key generation from on-line handwritten signatures. Information Management & Computer Security 10(4), 159–164 (2002)CrossRefGoogle Scholar
  2. 2.
    Juels, A., Sudan, M.: A fuzzy vault scheme. In: IEEE International Symposium on Information Theory, p. 408 (2002)Google Scholar
  3. 3.
    Tuyls, P., Verbitskiy, E., Ignatenko, T., Denteneer, D., Akkermans, T.: Privacy protected biometric templates: Acoustic ear identification. In: Proceedings of SPIE: Biometric Technology for Human Identification, vol. 5404, pp. 176–182 (2004)Google Scholar
  4. 4.
    Davida, G., Frankel, Y., Matt, B.: On enabling secure applications through on-line biometric identification. In: IEEE Symposium on Privacy and Security, p. 408 (1998)Google Scholar
  5. 5.
    Soutar, C., Roberge, D., Stojanov, S., Gilroy, R., Kumar, B.V.: Biometric encryption using image processing. In: Proc. SPIE, Optical Security and Counterfeit Deterrence Techniques II, vol. 3314, pp. 178–188 (1998)Google Scholar
  6. 6.
    Linnartz, J.P., Tuyls, P.: New shielding functions to enhance privacy and prevent misuse of biometric templates. In: Kittler, J., Nixon, M.S. (eds.) AVBPA 2003. LNCS, vol. 2688, pp. 393–402. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.: Biometric cryptosystems: Issues and challenges. Proceedings of the IEEE 92(6) (2004)Google Scholar
  8. 8.
    Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Conference on Computer and Communications Security, pp. 28–36. ACM Press, New York (1999)Google Scholar
  9. 9.
    Yang, S., Verbauwhede, I.: Secure fuzzy vault based fingerprint verification system. In: Conference Record of the Thirty-Eighth Asilomar Conference on Signals, Systems and Computers, pp. 577–581 (2004)Google Scholar
  10. 10.
    Uludag, U., Pankanti, S., Jain, A.: Fuzzy vault for fingerprints. In: Proceeding of International Conference on Audio- and Video-Based Biometric Person Authentication, pp. 310–319 (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Alisher Kholmatov
    • 1
  • Berrin Yanikoglu
    • 1
  1. 1.Faculty of Engineering and Natural SciencesSabanci UniversityTurkey

Personalised recommendations