Method for reinforcing fingerprint Fuzzy Vault system security

A system security and fingerprint technology, applied in the fields of information security and biometric identification, network and information security, biometric authentication, and biometric encryption, it can solve problems such as increasing attack complexity, short exposure of minutiae templates, and affecting system performance. , to prevent cross-comparison security loopholes, improve system availability, and improve computing performance.

Inactive Publication Date: 2009-02-18
XIDIAN UNIV
View PDF0 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] 1. The integrity check of the bound key K adopts the cyclic redundancy check CRC16, and given a CRC16 check value, it is easy to construct multiple plaintext information that conforms to the check value, which may cause An increase in the FAR of the system;
[0009] 2. For the above-mentioned CRC16 check value, in the existing Fuzzy Vault system, it is used as the same secret as the key K for security protection, which causes the system to bear the security storage load of additional secret information. At the same time, It also leads to an increase in the computational complexity of the system;
[0010] 3. The existing Fuzzy Vault system is a one-time application and irrevocable. That is to say, for the same fingerprint, only one Fuzzy Vault application can be performed. If two or more Fuzzy Vault applications are performed, it will be easily exposed Details of the fingerprint information;
[0011] 4. The existing Fuzzy Vault system directly uses fingerprint minutiae information. When a real user successfully authenticates, the minutiae template will be temporarily exposed, and attackers may use this gap to attack
[0012] At present, in response to the above security issues, some people have proposed some modification methods: 1) Encrypt the Vault data generated by the existing FuzzyVault system by using an encryption algorithm, but this method needs to decrypt the Vault data during authentication, which also gives the attacker a gap to attack , and, since the Vault data itself is required to be given in plain text form during design, adding encryption and decryption operations will affect system performance; 2) segment the fingerprint image, and make different changes to each sub-region to increase the degree of confusion, so as to increase Attack complexity, however, this method will make points close to the edge of the block divided into different blocks, so that the false rejection rate FRR increases
[0013] In addition, these existing improvement methods do not consider the FAR increase problem caused by using CRC16 as the checksum
Therefore, the existing fingerprint Fuzzy Vault system is still very impractical, and both performance and security need to be improved, and a new, revocable, safe Fuzzy Vault scheme must be designed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for reinforcing fingerprint Fuzzy Vault system security
  • Method for reinforcing fingerprint Fuzzy Vault system security

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] A complete, secure and revocable Fuzzy Vault encryption and decryption process will be described in the specific implementation manner with reference to the accompanying drawings.

[0050] refer to figure 1 , the Fuzzy Vault encryption process of the present invention is as follows:

[0051] 1) Fuzzy Vault encryption process: users can bind the key K with their own fingerprint detail point information E and secret password PW to generate Vault data.

[0052] In this process, the input information is fingerprint minutiae information E, password PW and key K; the output information is Vault data and integrity check value MIC. The encryption process is as follows:

[0053] 1.1) According to the password PW, derive two keys K 1 and K 2 ;

[0054] 1.2) Further expand and divide the key K2 to generate a secret quadruple information (x, y, z, t);

[0055] 1.3) Use the secret quadruple information (x, y, z, t) to perform rotation and translation transformation on the fing...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for enhancing safety of a finger print Fuzzy Vault system. The method binds the unique minutia of a finger print, a secret password and a key. When the key is encrypted by the Fuzzy Vault system, the user needs to provide self finger print characteristic information as well as randomly to choose a secret password. The finger print characteristic information is converted through the secret password, thereby the finger print template is protected. When decryption the user also needs to provide self finger print and the chosen secret password, only when the two are all right, the protected key can be correctly calculated, or else the key is not correctly calculated at any conditions. Because the user can choose different passwords to protect the finger print characteristic information under different applications, the encryption and decryption of the Fuzzy Vault operates the finger print information after convention. Thus the method of the invention can effectively prevent the cross-validation security vulnerability inherent in the original Fuzzy Vault system and the safety and application value are improved.

Description

technical field [0001] The invention belongs to the technical field of information security and biological feature identification, and relates to a key management method based on fingerprint minutiae, in particular to a method for enhancing the security of a fingerprint Fuzzy Vault system, which can be applied to network and information security, and biometric authentication , biometric encryption and other fields. Background technique [0002] With the development of social networking and informatization, how to quickly and conveniently authenticate the real identity of users has become a common problem faced by people. At present, the most widely used identity authentication method is password authentication based on cryptographic technology, which can be divided into two types: single-factor authentication and multi-factor authentication: single-factor authentication is the well-known "username + password" method; On the basis of the factor mode, a token composed of a sm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/08
Inventor 庞辽军裴庆祺梁继民田捷刘而云谢敏李晖陈宏涛李慧贤范科峰张宏斌陈晨傅晓彤张志勇
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap