Security Vulnerabilities of a biometric system

Share this

Share on facebook
Share on linkedin
Share on whatsapp
Share on email

Biometrics and Cryptography : The biometric Password

 

Biometrics provide a person with unique characteristics which are always there.  Can they be used as a cryptographic key?

 

First of all we can define  Conventional cryptography a methodology based on encryption keys, which are just bit strings long enough, usually 128 bit or more.  These keys, can be  “symmetric”, “public” or “private” are an essential part of any cryptosystem, for example, Public Key Infrastructure (PKI). For human being  is impossible  memorize such a long random key, generally  generated, after several steps, from a password or a PIN.  So the password management plays an important role but it  is the weakest point of any cryptosystem, as the password can be guessed, found with a brute force search, or stolen by an attacker.

 

So Biometry can help us to make a cryptography system reliable?

The answer is negative: biometric images or templates are variable by nature, i.e., each new biometric sample is always different and conventional cryptography does not tolerate a single bit error.

 

Therefore, an obvious role of biometrics in the conventional cryptosystem is just password management. Upon receiving Yes response, the system unlocks a password or a key.

 

A biometric system always produces a Yes/No response, which is essentially one bit of information.

 

The biometric system and the application are connected via one bit only.

 

Biometric templates or images stored in a database can be encrypted by conventional cryptographic

means.

 

This would improve the level of system security, since an attacker must gain the access to

the encryption keys first.

 

However, most privacy issues associated with a large database remain, since the keys and, therefore, the biometric data, are controlled by a custodian

 

Can we use Biometry for encryption?

 

Because of its variability, the biometric image or template itself cannot serve as a cryptographic

key. However, the amount of information contained in a biometric image is quite large: for

example, a typical image of 300×400 pixel size, encoded with eight bits per pixel has 300x400x8

= 960,000 bits of information. Of course, this information is highly redundant. Or, is it possible to bind a 128 bit key to the biometric information, so that the key could be consistently regenerated? While the answer to the first question is problematic, the second question has given rise to the new area of research, called Biometric Encryption (BE). Biometric Encryption is a process that securely binds a PIN or a cryptographic key to a biometric, so that neither the key nor the biometric can be retrieved from the stored template. The key is re-created only if the correct live biometric sample is presented on verification. 15 The digital key (password, PIN, etc.) is randomly generated on enrolment, so that the user (or anybody else) does not even know it. The key itself is completely independent of biometrics and, therefore, can always be changed or updated. After a biometric sample is acquired, the BE algorithm securely and consistently binds the key to the biometric to create a protected BE

template, also called “private template.” 

the key is encrypted with the biometric. The BE template provides an excellent privacy protection and can be stored either in a database or locally (smart card, token, laptop, cell phone, etc.). At the end of the enrolment, both the key and the biometric are discarded.

 

On verification, the user presents her fresh biometric sample, which, when applied to the

legitimate BE template, will let the BE algorithm retrieve the same key/password. In other

words, the biometric serves as a decryption key. At the end of verification, the biometric sample

is discarded once again. The BE algorithm is designed to account for acceptable variations in the

input biometric.

On the other hand, an attacker, whose biometric sample is different enough,

will not be able to retrieve the password. This encryption/decryption scheme is fuzzy, as the

biometric sample is different each time, unlike an encryption key in conventional cryptography.

Of course, it is a big technological challenge to make the system work.

 

After the digital key, password, PIN, etc., is retrieved, it can be used as the basis for any physical

or logical application. The most obvious way lies in the conventional cryptosystem, such as a

PKI, where the password will generate a pair of Public and Private keys.

Thus, Biometric Encryption is an effective, secure, and privacy friendly tool for biometric password

management, since the biometric and the password are bound on a fundamental level.