Information Technology Reference
In-Depth Information
of Q as above. Since the Q is 16 bit, the maximum of B is 16. So the maximum of
2
Bu
or 2
Bv
or 2
Bθ
is 2
13
. The maximum of N is 13. This computation is not difficult
to attacker.
7.
Therefore an attacker's authentication can be success.
3.4 Proposed Scheme
To solve the problem of K.Nandakumar's scheme, we use one-way hash function.
The original minutiae points are transformed by hashed password. In this way, an
attacker cannot obtain password when user's template and transformed template are
exposed. We describe 3 algorithms, template transformation, enrollment, and authen-
tication. In template transformation process, an authorized user offers his fingerprint
template to biometric sensor, and input password to keypad. Since the length of pass-
word is over 8 character, we protect password and biometric from an attack-brute
force attack, dictionary attack, hybrid attack-[10]. A user
s password p is transformed
by hash function H. minutiae points are extracted in user
'
s template, and then trans-
formed by H(p). We describe the algorithm template transformation. We denote F
'
S to represent the secret S as a polynomial such that the secret S to be the coefficients
of the polynomial. Also TR
H(p)
is a function to transform minutiae points using hash
function for password.
←
Public parameters:
A field
F
Input:
Parameter t, r such that t
≤
r. A secret S
F
k
,
A set A={a
i
}
t
i=1
, where a
i
∈
F
Output:
A set T of points {(x
i
, y
i
)
t
i=1
} such that x
i
, y
i
∈
F
Algorithm.
Template transformation
T ← ø;
F ← S;
TR
H(p)
← P;
for i = 1 to t do
TR
H(p)
(a
i
, F(a
i
))
← (a
i
, F(a
i
));
(x
i
, y
i
)
← TR
H(p)
(a
i
, F(a
i
));
T
← T
∪
(x
i
, y
i
);
Output T;
In enrollment process, The user sends transformed minutiae by H(p) to server. At this
time, we assume that all communication channels are secure using SSL(Secure Socket
Layer). So the communication between client and server is secure against blended
substitution attack. Blended substitution attack is prevented by hash function. A
server generates vault to add chaff points to transformed minutiae points, and then
stores it. We show detail enrollment process for proposed scheme. We denote
∈
U
uniformly random selection from a set.
Public parameters:
A field
F
Input:
Parameter t, r such that t
≤
r. A secret S
∈
F
k
,
A set A={a
i
}
t
i=1
, where a
i
∈
F
Output:
A set V of points {(x
i
, y
i
)
t
i=1
} such that x
i
, y
i
∈
F
Search WWH ::
Custom Search