Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Andere mochten auch
Andere mochten auch (20)
Ähnlich wie Biometrics
Ähnlich wie Biometrics (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Biometrics
- 1. Biometrics Made by Mufaddal AunAli Class: Cryptography and Data Security Batch: NI-W13-BS-030023
- 2. Contents • What is biometrics? • Categories of biometrics. • How it works? • What is Biometric Encryption? • Advantages of using biometrics. • Disadvantages of using biometrics. • Conclusion
- 3. What is biometrics? • Generally, the study of measurable biological characteristics. In computer security, biometrics refers to authentication techniques that rely on measurable physical characteristics that can be automatically checked. • Biometrics is the identification or verification of human identity through the measurement of repeatable physiological and behavioral characteristics.
- 4. Categories of biometrics Biometrics can be sorted into two classes: Physiological Behavioral
- 5. Categories of biometrics • Physiological Face Finger Prints Hand Geometry Iris Recognition DNA
- 6. Categories of biometrics • Behavioral • Signature • Voice Recognition
- 8. What is Biometric Encryption? Because of its variability, the biometric image or template itself cannot serve as a cryptographic key. However, the amount of information contained in a biometric image is quite large: for example, a typical image of 300x400 pixel size, encoded with eight bits per pixel has 300x400x8 = 960,000 bits of information. Of course, this information is highly redundant. One can ask a question: Is it possible to consistently extract a relatively small number of bits, say 128, out of these 960,000 bits? Or, is it possible to bind a 128 bit key to the biometric information, so that the key could be consistently regenerated? While the answer to the first question is problematic, the second question has given rise to the new area of research, called Biometric Encryption.
- 9. What is Biometric Encryption? Biometric Encryption is a process that securely binds a PIN or a cryptographic key to a biometric, so that neither the key nor the biometric can be retrieved from the stored template. The key is re-created only if the correct live biometric sample is presented on verification. The digital key (password, PIN, etc.) is randomly generated on enrolment, so that the user (or anybody else) does not even know it. The key itself is completely independent of biometrics and, therefore, can always be changed or updated. After a biometric sample is acquired, the BE algorithm securely and consistently binds the key to the biometric to create a protected BE template, also called “private template.” In essence, the key is encrypted with the biometric. The BE template provides an excellent privacy protection and can be stored either in a database or locally (smart card, token, laptop, cell phone, etc.). At the end of the enrolment, both the key and the biometric are discarded. On verification, the user presents her fresh biometric sample, which, when applied to the legitimate BE template, will let the BE algorithm retrieve the same key/password. In other words, the biometric serves as a decryption key. At the end of verification, the biometric sample is discarded once again. The BE algorithm is designed to account for acceptable variations in the input biometric. On the other hand, an attacker, whose biometric sample is different enough, will not be able to retrieve the password. This encryption/decryption scheme is fuzzy, as the biometric sample is different each time, unlike an encryption key in conventional cryptography. Of course, it is a big technological challenge to make the system work. After the digital key, password, PIN, etc., is retrieved, it can be used as the basis for any physical or logical application. The most obvious way lies in the conventional cryptosystem, such as a PKI, where the password will generate a pair of Public and Private keys. Thus, Biometric Encryption is an effective, secure, and privacy friendly tool for biometric password management, since the biometric and the password are bound on a fundamental level.
- 10. High level diagram of a Biometric Encryption process
- 11. Advantages of using biometrics. • Better security (can't be stolen as easily as a password). • No memorization of passwords by user. • Non transferable.
- 12. Disadvantages of using biometrics. • Soon or later someone is going to get their hand chopped of by a criminal who wants to use it to get through a biometric security system. • Retinal scanning systems, are still uncomfortable for the user (light is too bright and you have to stick your eye up to a camera and hold it there).
- 13. Conclusion • Biometrics points are useful for making identifications with cameras systems, but they depend on the existence of a previously generated database so that distances can be compared.
Hinweis der Redaktion
- Biometric devices use a scanner and software that translates data into a digital form and compares this data with a pre-recorded biometric database (refer to diagram 1.1). Enrolment entails converting a unique characteristic into a template which identifies the specific points of data. Using an algorithm, these match points are processed into a value that can be compared with biometric data in the database. Templates are stored in a secure central database. Diagram 1.1. A basic diagram of a biometric system Biometrics preclude illegal access because the authorized person actually has to be there to gain access. Biometric systems can also be used as a highly effective time-and-attendance system. With technology in the biometric industry changing every day, we are seeing new devices that are more accurate, cost-effective and easy to install. Biometric systems save time, energy and money.