Posts Tagged ‘fingerprint

Can a fingerprint image be reconstructed from the template?

We have ideas that minutiae information is personal and sufficient to identify an individual, and interoperable among different databases, this question becomes less important. However, since many proponents of biometric systems make a claim that a fingerprint image cannot be reconstructed from a minutiae template, we will address this issue.

Until recently, the view of non-reconstruction was dominant in the biometrics community. However, over the last few years, several scientific works were published that showed that a fingerprint can, in fact, be reconstructed from a minutiae template. The most advanced work was published in 2007 by Cappelli. The authors analyzed templates compatible with the ISO/IEC 19794-2 minutiae standard. In one test, they used basic minutiae information only (i.e. positions x, positions y, and directions). In another test, they also used optional information: minutiae types, Core and Delta data, and proprietary data (the ridge orientation field in this case). In all the tests, the authors were able to reconstruct a fingerprint image from the minutiae template. Very often, the reconstructed image had a striking resemblance with the original image. Even though this reconstruction was only approximate, the reconstructed image was sufficient to obtain a positive match in more than 90% of cases for most minutiae matchers.

The potential repercussions of this work for the security and privacy of fingerprint minutiae systems are as follows:

  1. The fingerprint image reconstructed from the minutiae template, known as a “masquerade” image since it is not an exact copy of the original image, will likely fool the system if it is submitted.
  2. A masquerade image can be submitted to the system by injecting it in a digital form after the fingerprint sensor.
  3. A malicious agent could also create a fake fingerprint and physically submit it to the sensor. The techniques of creating a fake fingerprint are inexpensive and well-known from the literature.
  4. The ability to create a masquerade image will increase the level of interoperability for the minutiae template. The masquerade image can be submitted to any other fingerprint system that requires an image (rather than a minutiae template) as an input. No format conversion of the minutiae template would be required. Moreover, the minutiae template can be made compatible even with a non-minutiae fingerprint system (these systems are rare, however).

Tags : , , , , ,

Nano strengthens barriers to counterfeiting

By providing non‐reproducible technological features, nanotechnology based developments are expected to offer a significant move forward in preventing illicit copying intellectual properties and products. Ultimately, the implementation of the novel techniques will considerably reduce tax revenue losses through counterfeiting and improve citizens’ safety and quality of life.

Holograms, tamper‐evident closures, tags and markings and RFID labels are the most widely known anti‐counterfeiting technologies. The key limitation of these methods is that they can be copied. Innovations exploiting the intrinsic nature of nano materials to give items complex and unique ‘fingerprints’ results both in the development of new approaches and improvement of existing techniques.

Holography ‐ easily identifiable holograms, for example, showing the manufacturer’s logo are primarily used as first level identification devices. Two dimensional nano scale gratings, photopolymers and luminescent nano particles can be utilized to provide an additional level of security for the holograms.

Laser surface authentication ‐ a laser is used to examine the surface roughness of an object. Complexity and uniqueness of the surface roughness code is similar to iris scans and fingerprints. The advantages of the technique is that surface roughness at nanoscale cannot be replicated. Therefore,a much higher level of security is offered to products as compared to holograms and watermarks.

Radio frequency identification (RFID) ‐ is a form of automatic identification and data capture technology where data stored on a tag is transferred via a radio frequency link. An RFID reader is used to extract this data from tags. New developments exploit nanoscale variations, naturally produced during the manufacturing process of RFIDs that are unique to individual integrated circuits , which can be verified during data transfer. This is known as the Physically Uncloneable Function (PUF).

Nano barcodes ‐ three dimensional polymer patterns on the order of tens of nanometres can be made on silicon substrates to provide 3D nanoscale data encryption key, similar to barcodes. The advantages over conventional barcode/marking are difficulty of detecting presence (covert marking)and duplication. These can be applied to banknotes,security papers, art, jewellery and gemstones.

SERS and quantum dots tags – metal nano particles produce unique electromagnetic spectra (known as surface enhanced raman scattering) while certain semiconductor nano particles (known as quantum dots) have different fluorescence based on size and chemical composition. Both can be exploited as identification tools. They offer difficulty in reproducing due to infinite combinations, covert security feature, non‐toxicity and multi functionality. These nano scaled tags can be applied in inks, adhesives, laminates, paper, packaging, textiles, glass, and others.

Nano composite tags – consist of a materials‐based pattern (with magnetic and/or optical features) that forms part of a label, tag or embedded portion of an item. The nanometre sized magnetic and optical features are generated randomly during manufacturing, constituting a unique ‘fingerprint’ that is read and stored in a central database . The result is a secure identity for an individual item that is prohibitively expensive and difficult to copy. This technology can be applied in the pharmaceutical, spare parts, fashion and food and beverage industries. Incorporating encapsulated and functionalized (e.g. thermochromic) nano particles in labels is another promising solution based on the use of nano composites.

Tags : , , , , , , , , , , , , , , , , , , , , , , , , ,

Authentication Primitives for Memory Authentication

Hash Functions: The first strategy (Figure 1.1-a) allowing to perform memory authentication consists in storing on-chip a hash value for each memory block stored off-chip(write operations). The integrity checking is done on read operations by re-computing a hash over the loaded block and by then comparing the resulting hash with the on-chip hash fingerprinting the off-chip memory location. The on-chip hash is stored on the tamper-resistant area, i.e., the processor chip and is thus inaccessible to adversaries.Therefore, spoofing, splicing and replay are detected if a mismatch occurs in the hash comparison. However, this solution has an unaffordable on-chip memory cost: by considering the common strategy of computing a fingerprint per cache line and assuming 128-bit hashes and 512-bit cache lines, the overhead is of 25% of the memory space to protect.

MAC Functions: In the second approach (Figure 1.1-b), the authentication engine embedded on-chip computes a MAC for every data block it writes in the physical memory.The key used in the MAC (Message Authentication Code) computation is securely stored on the trusted processor chip such that only the on-chip authentication engine itself is able to compute valid MACs. As a result, the MACs can be stored in untrusted memory because the attacker is unable to compute a valid MAC over a corrupted data block. In addition to the data contained by the block, the pre-image of the MAC function contains a nonce. This allows protection against splicing and replay attacks. The nonce precludes an attacker from passing a data block at address A, along with the associated MAC, as a valid (data block, MAC) pair for address B, where A 6= B. It also prevents the replay of a (data block, MAC) pair by distinguishing two pairs related to the same address, but written in memory at different points in time. On read operations, the processor loads the data to read and its corresponding MAC from physical memory. It checks the integrity of the loaded block by first re-computing a MAC over this block and a copy of the nonce used on write operation and by then comparing the result with the fetched MAC. However,to assure the resistance to replay and splicing, the nonce used for MAC re-computation must be genuine. A naive solution to assure this requirement is to store them on the trusted and tamper-evident area, the processor chip. The related on-chip memory overhead is 12.5% if we consider computing a MAC per 512-bit cache line and that we use 64-bit nonces.


H : Hash Function, D : Data, C : Ciphertext, N : Nonce

Figure 1.1: Authentication Primitives for Memory Integrity Checking

Tags : , , , , , , , , , , , ,

Wireless biometric verification

We designed our security protocols to operate on an embedded implementation. For example, the verification protocol in Figure 3 combines elements of challenge–response symmetric-key authentication and biometric verification. The protocol assumes that a shared key K exists between the device and the server. The device stores the template, while the server stores a hash of the template H(K, TEMPLATE). The device initiates a verification transaction by transmitting its ID to the server. After corroborating the device’s identity, the server sends two random numbers, RAND and RANDT, to the device (in the figure, | denotes concatenation). The device receives these values and begins the biometric-verification protocol. After obtaining the user’s fingerprint locally, the device extracts the candidate minutiae and compares them with the stored template. If the match is positive, the device loads the key K and generates the hash of the template H(K, TEMPLATE). If the match is negative, the device loads a dummy key, setting K = 0, and a dummy template, setting H(K, TEMPLATE) = 0.

Next, the device encrypts RAND to create a session key SK = E(K, RAND). It uses the session key to encrypt RANDT concatenated with H(K, TEMPLATE), producing an authentication token TOKEN = E(SK, RANDT | H(K,TEMPLATE)), which it forwards to the server. The server decrypts the token and the transmitted template hash H(K, TEMPLATE), and compares the template hash with the stored hash to check the device’s authenticity. The server then sends a final transaction result to the device and lets it access the system if all tests check.

Figure 3. Device-based verification protocol. The device interacts with the user and the server to perform a biometric authentication transaction where all biometrics are performed on the device. (Bold text signifies secure functions.)

A single-level security flaw at the protocol level could allow a server masquerade attack. Because the device never authenticates the RAND | RANDT values, a false server could easily send these values undetected. We can fix this at the protocol level by requiring the server to send an additional hash, say H(SK, RAND |RANDT | ID), to the device, where SK is a session hash/message authentication code (MAC) key. The device can then authenticate the server at each transaction. Other solutions at this level include using a MAC to protect token integrity, sequence numbers to prevent replay attacks, or a different key for token hashing. Figure 3 shows a software bypass attack, an example ofa translevel security flaw. In this attack, the adversary inserts malicious software into the device to bypass the biometric functions. Directly after receiving the random numbers, the hacked program loads the key K, falsely telling the device that a match has been made. This attack effectively breaks the biometric tie between the user and device, letting anyone use the hacked device without a correct fingerprint. The server assumes that the device is operating properly, so it allows unauthorized access to system resources. We can’t fix the software bypass attack at the protocol level because it modifies any protocol it encounters. Instead, we must take measures at the architecture and microarchitecture levels.

This protocol performs all biometrics on-device for maximum security. We can design a suite of protocols that variously partitions the biometric functions between the device and server, based on the limitations of embedded performance, latency, energy, and memory. Protection mechanisms similar to those used for the secret key should safeguard the template; in fact, greater protection mechanisms might be necessary because keys are replaceable, whereas biometrics are not. Future directions for template storage involve storing a transformation (hash) of the template and performing a match directly in the transformed space. Further considerations of biometric security are available elsewhere. Alternatives to embedded biometrics for authentication include smart cards, RFID tags, and secure authenticators such as RSA SecurID.


Tags : , , , , , , , , , , ,