Project - Key Generation Based on Biometrics

Contents

Team Member
Motivation and Goal
System Description
Publications
Contact

Team Member

Wende Zhang

wendez@andrew.cmu.edu

Top of this page

Motivation and Goal

Many access control applications demand some secret information from users to authenticate the users’ identities. One example of such secret information is a digital key. A digital key is also used in many encryption / decryption applications.

In this project, We introduce a framework to generate stable cryptographic keys from biometric data. We also analyze the security problem of user information associated key generation (UIAKG) systems. We consider three kinds of attacks from the hacker: the exhaustive search attack, the authentic key statistics attack and the device key statistics attack. The results show that the proposed approach of key generation is user-friendly, reliable and secure.

Top of this page

System Description

Key Generation based on Biometrics

We introduce a framework to generate stable cryptographic keys from biometric data that is unstable in nature. Given the biometrics, a set of reliable features are extracted from user-dependent transforms. Each feature is compared with multiple thresholds to generate a multi-bit key. By cascading the multi-bit keys, we obtain one bio-key for security purposes. In order to generate a reliable bio-key, an optimal thresholding method is proposed to minimize the authentication error rate, in terms of the false accept rate (FAR) and the false reject rate (FRR).

We analyze the security problem of user information associated key generation (UIAKG) systems. We consider three kinds of attacks from the hacker: the exhaustive search attack, the authentic key statistics attack and the device key statistics attack. Under each attack, we give the estimate of the number of guesses the hacker has to make in order to access the system. Such analysis provides useful guidelines in designing a UIAKG system. The analysis also suggests that a user-dependent UIAKG is more secure than a user-independent one. The experimental results show that the proposed approach of key generation is user-friendly, reliable and secure.

Top of this page

Publications

W. Zhang and T. Chen, "Generalized optimal thresholding for biometric key generation using face Images," accepted by IEEE International Conference on Image Processing 2005.
W. Zhang Y. Chang, and T. Chen, "Optimal thresholding for key generation based on biometrics," IEEE International Conference on Image Processing 2004, Suntec City, Singapore, Oct., 2004.
W. Zhang, C. Zhang and T. Chen, "Security analysis for key generation systems using face images," IEEE International Conference on Image Processing 2004, Suntec City, Singapore, Oct., 2004.
Y. Chang, W. Zhang and T. Chen, "Biometric-based cryptographic key generation," IEEE Conference on Multimedia and Expo 2004, Taipei , Taiwan , June 2004.

Top of this page

Contact

Any suggestions or comments are welcome. Please send them to Wende Zhang.

Top of this page