In security domain there are two basics techniques for encrypting information, Symmetric encryption and Asymmetric encryption. But the existing asymmetric technique has a drawback, the stored key used in this technique is often protected by poorly selected passwords which can be guessed or obtained through brute force. This can be threat to the integrity of the sensitive data. Combining Biometrics with cryptography is seen as a possible solution. Biometrics is a science of observing and measuring relevant attributes of living individuals or populations to identify unique and permanent characteristics [3]. Iris recognition, Palm vein recognition, Fingerprint recognition, Face recognition are some biometrics identification techniques. This paper analyzes the benefits of combining biometrics techniques with cryptography using Face authentication. The technique is evaluated using Reed-Solomon error correcting codes, Zernike moments, Keypoints detection and Support vector machines to produce keys of suitable length for 128 bit Advance Encryption Standard (AES) [1,2].
1. Introduction
Due to more technology advances, use of internet, social networking etc. there has been rise in digital data travelling through publicly shared media [1]. The U.S Federal Trade Commission also finds the needs to setup some policies to protect the privacy of the user and his data [3]. To protect this data, there have been many developments in the cryptographic techniques such as Advance Encryption Standard, and public key encryption techniques such as Rivest, Shamir and Adelman i.e. (RSA algorithm). These techniques are reliable until the stored key by the user is kept secure. Although the keys have sufficient length to oppose the brute force, they suffer from the weakness due to insecure key protection by the user selected passwords. The limitations of some passwords are that they can be easily guessed or obtained using some key generation techniques. Sometimes it is shared between the users hence cannot proved a guarantee of non-repudiability.
In recent research works, the researchers are planning to combine biometrics with cryptography techniques which can improve the security performance and thus avoid the need for key storage using passwords. Biometrics is the recent trends in technology, where different physiological or behavioral characteristics of an individual are useful to identify and authenticate in a system. The main advantage of implementing with biometrics is that the input cannot be forgotten, difficult to copy or forge and impossible to share with other members. Currently we can use biometrics data such as biological analysis, behavioral analysis and morphological analysis for the authentication of an individual [2]. In this research we are using the morphological analysis because the pattern recognition algorithms are well known and the recognition time is too short.
The pie-chart shows the distribution of various biometrics modalities over entire market in various fields in year 2007.
Figure 1. Copyright © 2006-2007 International Biometric group [2]
The biometric concept has a few drawbacks. Inherent changes in pose and expression of faces or some environmental condition causes some changes in each sample of the same biometric. The other drawback is that; consider finger prints or iris, It remains unchanged throughout the person's lifetime. This is a weakness in cryptography because cryptographic keys need to change often in order to maintain the security measures.
This paper discusses various techniques of face recognition such as Zernike moments, Keypoints detection and Learning and recognition. Later shows how a biometric key based binary key sequence is generated by selecting the binary representation of the output of the bispectral transform applied to the input image.
2. Related Work
There has been a research on biometric authentication in e-commerce transaction using iris authentication techniques [18]. In this method an iris image is captured and it is encrypted using RSA algorithm. These algorithms are "public key cryptography" methods used to encrypt message which are to be transmitted over insecure internet channel [12]. Both the users using this algorithm have both the keys, public key and private key to perform encryption and decryption operations. But the storage of these keys is a main issue because some systems can be easily hacked by a brute force or sometimes illegal transaction may be performed. There were other research combining biometrics techniques such as finger print detection, face detection etc. and polynomial interpolation techniques to completely reproduce a new polynomial with same set of coordinates [1]. Biometric hashing scheme was one of the methods for face detection but its accuracy was very low.
Figure 2. Biometric Hashing scheme [13]
"This technique provided 60 bits of security" [1, 5]. An error-tolerant encryption operation which uses keys as a set was used in other research experiments. This operation was known as Fuzzy Vaults scheme and uses polynomial interpolation similar to Shamir's secret share scheme [14, 10].
Implementation of these operations and application had to compromise with FRR (False Reject Ratio). FRR is a measurement of the probability that process will fail to give a positive result of the computation. Some of these techniques produced short keys which were not suitable for modern cryptography protocols. Secondly there was hardly any solution if a biometric technique was compromised [1]. A method which gives high FAR (False Accept Ratio) i.e. a maximum probability that a system or process gives a positive result is to be implemented taking consistency into consideration.
3. Proposed method
The transform which we are implementing here is an iterative, chaotic, bispectral one way transform [18] which accepts one dimensional vector input and is used to produce magnitude and angle pair iteration. The output is then converted to binary format and represented in matrix form to analyze and locate feature bits that can be suitable as part of the bio-key. The flowchart is given in Figure 2. The first step face recognition using image processing techniques such as Zernike moments or Keypoints detection as explained in [2].
Figure 3. Biometric cryptosystem flowcharts [1]
Then we perform radon transform, which is an integral transform over straight line. Iterating procedure is useful because more iterations gives a sizeable outputs, hence enlarges the potential pool of bits. Error Correction is performed using Reed-Solomon Encoding. A lookup table is created using the bio-key and the cryptographic key and this lookup table is used at the receiver side with decrypt using Reed-Solomon decoding to give the original cryptographic key.
The steps performed in figure 2 are explained below in details.
3.1 Face Recognition
Face recognition is one of the difficult challenges in biometrics techniques. A face-recognition system requires good quality input images; hence even though the acceptability is high, it has low accuracy. This is because of low capability of representing features in space class and variation [13, u]. There can many problems such as illumination changes or face orientation variation while recognizing the image. Further there can be individual changes such as haircut, spectacles, attire etc. There has been a lot of research done to improve the robustness of algorithms [3, 9].
Here the paper [2] has proposed three methods of face recognition.
3.1.1 Zernike moments
Zernike moments are projection of the image function on the orthogonal set over the interior of the unit circle i.e. x2+y≤1. These are the set of complex polynomials which are given by,
ZP = {V(x, y)| x2+y2≤1|} where,
V(x, y) = V (Ï, θ) = R (Ï) exp (j m θ)
To compute Zernike moments of the image, the center of the image is taken as the origin and the pixel coordinates are mapped to the range of unit circle, i.e. x2+y2≤1. The pixels which are used outside this unit circle are not used in the calculating the moments.
3.1.2 Keypoints detections
Figure 4. Keypoints detection of same person [2]
Local points makes easier in face detection because it recognizes dissimilar features of face. These local points are known as key points for e.g. there are two images of a same person, first one wearing shades and the other wearing spectacles, this doesn't make any difference in face detection. In this article we have used Harris detector [6] in which the Keypoints are detected by computation on gray-level images. The process is to compute the statistics of image and relate the changes in the auto-correlation.
3.1.3 Learning and recognition
In learning and recognition we describe a classification block based on Support Vector Machine [1]. Support Vector Machine classifies and separates the data into two categories by constructing an N-dimensional hyper plane[o]. It operates by finding a hyper surface within a specified plane and chooses the largest distance to the nearest of positive and negative example.
3.2 Transform
1-Dimensional input vector is required to perform image transformation. The input image is 2-Dimensional image, Radon transform is applied to convert 2-Dimensional image to 1-Dimensional projections [1]. This 1-Dimensional vector is rotated at a certain angle and normalized by the magnitude of the largest vector by removing the mean using bispectral transform. This normalized vector is i-th iteration. More the number of iteration, larger the bit sequences are created [9]. "The normalization step applied guarantees the system will be bounded-input bounded-output stable, no matter the number of iteration taken" [1].
The difference is take on complex valued inner products with the present and previous outputs and a complex variable D is calculated, which can represented as magnitude and phase pair [1].
3.3 Binary Feature Extraction
Binarisation is performed on the matrices of Magnitude and Phase for entropy calculation. A quantitative process is developed to identify the useful features and determine the useful bits. The desirability of bit feature and its bio-key can be represented by the table given below.
Low Intra Class Entropy
High Intra Class Entropy
High Extra Class Entropy
Desirable
Undesirable
Low Extra Class Entropy
Undesirable
Undesirable
Table 1. Bit properties and their value for key generation [1]
From the above table we can deduce that the Intra Class Entropy should be low and the bits should have high weighting and the Extra Class Entropy should be high.
Performing radon transform combining with iterations of the bispectral transform and the binary extraction method produce many different N-bit bio-keys by varying the number of iterations. These parameters can be used as passcode and stored on smartcards using embedded electronics.
3.4 Error correction
Reed-Solomon codes are used for error correction by creating a lookup table. A k-bit cryptographic key is encoded with the RS encoding scheme and combined with the N-bit bio-key which is generated from the image. The further keys are produced by iterations and checked the earlier produced keys. The rectification is made if the number of errors between the sequences of k-bit keys is similar to the sequence of N-bit bio-keys [1].
To hack the system, the attacker will require User biometric or the image, lookup table and the transform parameters for bio-key. This error correction method maps the input biometric into large matrix of binary bits, which is not possible in other methods [1, 5]. The bits should show correlations and dependencies and a systematic and quantitative method of entropy based analysis should be used to group them.
4. Results
The table 1 explains the False accept and False reject performance for varying lengths without applying Reed-Solomon codes. These were the results obtained after performing the experiment on 1-dimensional vectors which are rotated at 90 degrees and binarised to form a matrix having 288,00 bits and generate a bio-key of different length with a certain number of iterations [1].
N
False Accept
False Reject
Mean bit error
Imposter Mean bit error
64
0.26%
66%
4.6
31.6
128
0.08%
76%
8.2
62
256
0.01%
88%
15.5
118
512
0.0006%
95%
30
219
Table 2. Performance of bio-keys of varying length [1]
The results shows that the false reject rates are quite high and it's not possible for any application or method to solve this. In next experiment 240 bits of bio-keys were chosen with Reed-Solomon encoding scheme to vary the length of k-bit keys. This experiment showed low FAR and low FRR [0]. To improve the overall performance Hadamard coding or Huffman coding can be implemented and the results can be compared for the best results of FR performance.
5. Conclusion
Although the research topic in [3] suggest a method which is effective and robust in terms of implementation, when collaborated and implemented with the processes and transformation explained here we can make significant improvement in the security domain. This paper suggest a secured cryptographic key of arbitrary length for a given biometric. Here we have implemented a method for face detection and recognition, but for future enhancements we can implement other biometric techniques such as finger print recognition, iris recognition etc. using their identification techniques. This method is flexible because the bio-key generated can be changed and revoked [1]. The complexity of the bio-key can be increased by performing more iterations of the bispectral transform and by changing the Reed-Solomon encoding scheme [8].
