Secure smartcard-based fingerprint authentication

T. Charles Clancy, Negar Kiyavash, Dennis J. Lin

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, the fundamental insecurities hampering a scalable, wide-spread deployment of biometric authentication are examined, and a cryptosystem capable of using nger-print data as its key is presented. For our application, we focus on situations where a private key stored on a smartcard is used for authentication in a networked environment, and we assume an attacker can launch online attacks against a stolen card. Juels and Sudan's fuzzy vault is used as a starting point for building and analyzing a secure authentication scheme using ngerprints and smartcards called a fingerprint vault. Fingerprint minutiae coordinates mi are encoded as elements in a nite eld F and the secret key is encoded in a polynomial f (x) over F [x]. The polynomial is evaluated at the minutiae locations, and the pairs (mi, f(mi)) are stored along with random (ci,di) cha points such that di = f (ci). Given a matching ngerprint, a valid user can seperate out enough true points from the cha points to reconstruct f(x), and hence the original secret key. The parameters of the vault are selected such that the attacker's vault unlocking complexity is maximized, subject to zero unlocking complexity with a matching ngerprint and a reasonable amount of error. For a feature location measurement variance of 9 pixels, the optimal vault is 269 times more di cult to unlock for an attacker compared to a user posessing a matching ngerprint, along with approximately a 30% chance of unlocking failure.

Original languageEnglish (US)
Title of host publicationProceedings of the 2003 ACM SIGMM Workshop on Biometrics Methods and Applications, WBMA 2003
PublisherAssociation for Computing Machinery
Pages45-52
Number of pages8
ISBN (Electronic)1581137796, 9781581137798
DOIs
StatePublished - Nov 8 2003
Externally publishedYes
Event2003 ACM SIGMM Workshop on Biometrics Methods and Applications, WBMA 2003 - Berkley, United States
Duration: Nov 8 2003 → …

Publication series

NameProceedings of the 2003 ACM SIGMM Workshop on Biometrics Methods and Applications, WBMA 2003

Other

Other2003 ACM SIGMM Workshop on Biometrics Methods and Applications, WBMA 2003
Country/TerritoryUnited States
CityBerkley
Period11/8/03 → …

Keywords

  • Authentication
  • Biometrics
  • Ngerprint
  • Smartcard

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Control and Systems Engineering
  • Artificial Intelligence
  • Computer Science Applications
  • Computational Theory and Mathematics

Fingerprint

Dive into the research topics of 'Secure smartcard-based fingerprint authentication'. Together they form a unique fingerprint.

Cite this