.NET PROJECTS

Blind Authentication: A Secure Crypto- Biometric Verification Protocol

Posted on Author admin Comment(0)

Blind Authentication: A Secure Crypto- Biometric Verification Protocol

Abstract
Concerns about the widespread use of biometric authentication systems are primarily centered around template security, revocability, and privacy. The use of cryptographic primitives to bolster the authentication process can alleviate some of these concerns as shown by biometric cryptosystems. In this paper, we propose a provably secure and blind biometric authentication protocol, which addresses the concerns of user’s privacy, template protection, and trust issues. The protocol is blind in the sense that it reveals only the identity and no additional information about the user or the biometric to the authenticating server or vice-versa. As the protocol is based on asymmetric encryption of the biometric data, it captures the advantages of biometric authentication as well as the security of public key cryptography. The authentication protocol can run over public networks and provide nonrepudiable identity verification. The encryption also provides template protection, the ability to revoke enrolled templates, and alleviates the concerns on privacy in the widespread use of biometrics. The proposed approach makes no restrictive assumptions on the biometric data and is hence applicable to multiple biometrics. Such a protocol has significant advantages over existing biometric cryptosystems, which use a biometric to secure a secret key, which in turn is used for authentication. We analyze the security of the protocol under various attack scenarios. Experimental results on four biometric datasets (face, iris, hand geometry, and fingerprint) show that carrying out the authentication in the encrypted domain does not affect the accuracy, while the encryption key acts as an additional layer of security

SYSTEM SPECIFICATION

HARDWARE REQUIREMENTS:

The hardware used for the development of the project is:

PROCESSOR: PENTIUM III 766 MHz
RAM: 128 MD SD RAM
MONITOR: 15” COLOR
HARD DISK: 20 GB
FLOPPY DRIVE: 1.44 MB
CD DRIVE: LG 52X
KEYBOARD: STANDARD 102 KEYS
MOUSE : 3 BUTTONS

SOFTWARE REQUIREMENTS

The software used for the development of the project is:

OPERATING SYSTEM: Windows XP Professional
ENVIRONMENT: Visual Studio .NET 2008
.NET FRAMEWORK: Version 3.5
LANGUAGE: C#.NET
BACK END: SQL SERVER 2005

Existing System:
The previous work in the area of encryption-based security of biometric templates tends to model the problem as that of building a classification system that separates the genuine and impostor samples in the encrypted domain. However, a strong encryption mechanism destroys any pattern in the data, which adversely affects the accuracy of verification. Hence, any such matching mechanism necessarily makes a compromise between template security (strong encryption) and accuracy (retaining patterns in the data). The primary difference in our approach is that we are able to design the classifier in the plain feature space, which allows us to maintain the performance of the biometric itself while carrying out the authentication on data with strong encryption, which provides high security/ privacy. Over the years a number of attempts have been made to address the problem of template protection and privacy concerns and despite all efforts, puts it, “a template protection scheme with provable security and acceptable recognition performance has thus far remained elusive”. In this section, we will look at the existing work in light of this security-accuracy dilemma, and understand how this can be overcome by communication between the authenticating server and the client. Detailed reviews of the work on template protection can be found.

A disadvantage of the existing system:
1. The first class of feature transformation approaches known as Salting offers security using a transformation function seeded by a user-specific key. The strength of the approach lies in the strength of the key. A classifier is then designed in the encrypted feature space. Although the standard cryptographic encryption such as AES or RSA offers secure transformation functions.
2. The second category of approaches identified as noninvertible transform applies a trait specific noninvertible function on the biometric template so as to secure it. The parameters of the transformation function are defined by a key which must be available at the time of authentication to transform the query feature set.
3. The third and fourth classes are both variations of Biometric cryptosystems. They try to integrate the advantages of both biometrics and cryptography to enhance the overall security and privacy of an authentication system. Such systems are primarily aimed at using the biometric as a protection for a secret key (keybinding approach or use the biometric data to directly generate a secret key (key generation approach. The authentication is done using the key, which is unlocked/generated by the biometric.

Proposed System:

Blind authentication is able to achieve both strong encryption-based security as well as the accuracy of a powerful classifier such as support vector machines (SVMs) and neural networks. While the proposed approach has similarities to the blind vision scheme for image retrieval, it is far more efficient for the verification task. Blind Authentication addresses all the concerns mentioned
1) The ability to use strong encryption addresses template protection issues as well as privacy concerns.
2) Non-repudiable authentication can be carried out even between trusting client and server using a trusted third party solution.
3) It provides provable protection against replay and client-side attacks even if the keys of the user are compromised.
4) As the enrolled templates are encrypted using a key, one can replace any compromised template, providing revocability, while allaying concerns of being tracked.
The framework is generic in the sense that it can classify any feature vector, making it applicable to multiple biometrics. Moreover, as the authentication process requires someone to send an encrypted version of the biometric, the nonrefundable nature of the authentication is fully preserved, assuming that spoof attacks are prevented. The proposed approach does not fall into any of the categories. This work opens a new direction of research to look at privacy preserving biometric authentication.

Download: Blind Authentication

admin
http://freeprojectsforall.com

Related Projects

.NET MINI PROJECTS .NET PROJECTS

.NET Project On Resource Allocation for QoS Support in Wireless Mesh Network

Posted on Author

ABSTRACT: Many next-generation applications, (for example, video flows) are likely going to have related minimum data rate requirements in order to ensure satisfactory quality as perceived by end-users. In this project, we develop a system to address the issue of maximizing the aggregate utility of traffic flows in a multi-hop wireless network, with constrains imposed both […]

.NET MINI PROJECTS .NET PROJECTS

ASP Project On stationary management system

Posted on Author admin

ASP Project On stationary management system ABSTRACT: Stationary Store Management is a product application that is intended for the stores that arrangements in stationeries and other such shops. This framework additionally helps in the support and charging of stocks. This framework is intended to address the issues and give correct rules for the procedure of […]

.NET PROJECTS

Optimal Stochastic Location Updates In Mobile Ad Hoc Networks-Dotnet Project

Posted on Author admin

ABSTRACT: We consider the area benefit in a versatile specially appointed system (MANET), where every hub needs to keep up its area data by 1) much of the time refreshing its area data inside its neighboring locale, which is called neighborhood refresh (NU), and 2) incidentally refreshing its area data to certain appropriated area server in […]

Leave a Reply

Your email address will not be published. Required fields are marked *