Abstract
Cryptography is the most reliable tool in network and information security. The security of cryptography depends on the cryptographic key management. It consists of key generation, key storing and key sharing. A randomly generated long key (of 128, 190 or 256 bits) is difficult to remember. As a consequence, it is needed to be stored in a secured place. An additional authentication like knowledge or token based authentication is used to control the unauthorized access to the key. It is found that password is easy to break and token can be damaged or stolen. Moreover, knowledge or token based authentication does not assures the non-repudiation of a user. As an alternate, it is advocated to combine biometric with cryptography, known as crypto-biometric system (CBS), to address the above mentioned limitations of traditional cryptography as well as enhance the network security. This paper introduces a CBS to exchange a randomly generated cryptographic key with user’s fingerprint data. Cryptographic key is hidden within fingerprint data using fuzzy commitment scheme and it is extracted from the cryptographic construction with the production of genuine fingerprint data of that user. Our work also protects the privacy and security of fingerprint identity of the user using revocable fingerprint template.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Stallings, W.: Cryptography and Network Security: Principles and Practice, 5th edn. Prentice Hall (2010)
Advance Encryption Standard (AES), Federal Information Processing Standards Publication 197 United States National Institute of Standards and Technology (NIST) (November 26, 2001)
Maltoni, D., Maio, D., Jain, A.K., Prabhakar, S.: Handbook of Fingerprint Recognition. Springer, New York (2003)
Hao, F., Anderson, R., Daugman, J.: Combining Crypto with Biometrics Effectively. IEEE Transactions on Computers 55(9), 1081–1088 (2006)
Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.K.: Biometric Cryptosystems: Issues and Challenges. Proceedings of the IEEE 92(6), 948–960 (2004)
Ratha, N.K., Chikkerur, S., Connell, J.H., Bolle, R.M.: Generating Cancellable Fingerprint Templates. IEEE Transactions on Pattern Analysis and Machine Intelligence 29(4), 561–572 (2007)
Jain, A.K., Nandakumar, K., Nagar, A.: Fingerprint Template Protection: From Theory to Practice. In: Security and Privacy in Biometrics. Springer
Jagadeesan, A., Duraiswamy, K.: Secured Cryptographic Key Generation from Multimodal Biometrics: Feature Level Fusion of Fingerprint and Iris. International Journal of Computer Science and Information Security 7(2), 28–37 (2010)
Nandakumar, K., Jain, A.K., Pankanti, S.: Fingerprint-Based Fuzzy Vault: Implementation and Performance. IEEE Transactions on Information Forensics and Security 2(4), 744–757 (2007)
Watson, C., Garris, M., Tabassi, E., Wilson, C., McCabe, M., Janet, S., Ko, K.: User’s Guide to NIST Biometric Image Software (NBIS), National Institute of Standards and Technology (2007)
Yang, S., Verbauwhede, I.: Automatic secure fingerprint verification system based on fuzzy vault scheme. In: Proceedings of the IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP 2005), vol. 5. IEEE (2005)
Monrose, F., Reiter, M.K., Li, Q., Wetzel, S.: Cryptographic key generation from voice. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 202–213 (2001)
Feng, H., Wah, C.C.: Private key generation from on-line handwritten signatures. Information Management & Computer Security 10(4), 159–164 (2002)
Chen, B., Chandran, V.: Biometric Based Cryptographic Key Generation from Faces. In: Proceedings of 9th Biennial Conference of the Australian Pattern Recognition Society on Digital Image Computing Techniques and Applications, pp. 394–401 (2007)
Rathgeb, C., Uhl, A.: Context-based biometric key generation for Iris. IET Computer Vision 5(6), 389–397 (2011)
Gaddam, S.V.K., Lal, M.: Efficient Cancellable Biometric Key Generation Scheme for Cryptography. International Journal of Network Security 11(2), 57–65 (2010)
Lalithamani, N., Soman, K.P.: Irrevocable Cryptographic Key Generation from Cancelable Fingerprint Templates: An Enhanced and Effective Scheme. European Journal of Scientific Research 31(3), 372–387 (2009)
Juels, A., Wattenberg, M.: A Fuzzy Commitment Scheme. In: Tsudik, G. (ed.) Proc. 6th ACM Conf. Computer and Communications Security, pp. 28–36 (1999)
Fingerprint Verification Competition FVC2004 (2004), http://bias.csr.unibo.it/fvc2004
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barman, S., Chattopadhyay, S., Samanta, D. (2014). An Approach to Cryptographic Key Exchange Using Fingerprint. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-662-44966-0_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44965-3
Online ISBN: 978-3-662-44966-0
eBook Packages: Computer ScienceComputer Science (R0)