Search results
1 – 10 of 25Naveed Riaz, Ayesha Riaz and Sajid Ali Khan
The security of the stored biometric template is itself a challenge. Feature transformation techniques and biometric cryptosystems are used to address the concerns and improve the…
Abstract
Purpose
The security of the stored biometric template is itself a challenge. Feature transformation techniques and biometric cryptosystems are used to address the concerns and improve the general acceptance of biometrics. The purpose of this paper is to provide an overview of different techniques and processes for securing the biometric templates. Furthermore, the paper explores current research trends in this area.
Design/methodology/approach
In this paper, the authors provide an overview and survey of different features transformation techniques and biometric cryptosystems.
Findings
Feature transformation techniques and biometric cryptosystems provide reliable biometric security at a high level. There are many techniques that provide provable security with practical viable recognition rates. However, there remain several issues and challenges that are being faced during the deployment of these technologies.
Originality/value
This paper provides an overview of currently used techniques for securing biometric templates and also outlines the related issues and challenges.
Details
Keywords
Ong Thian Song, Andrew Teoh Beng Jin and Tee Connie
This paper aims to address some of the practical and security problems when using fingerhash to secure biometric key for protecting digital contents.
Abstract
Purpose
This paper aims to address some of the practical and security problems when using fingerhash to secure biometric key for protecting digital contents.
Design/methodology/approach
Study the two existing directions of biometric‐based key generation approach based on the usability, security and accuracy aspects. Discuss the requisite unresolved issues related to this approach.
Findings
The proposed Fingerhashing approach transforms fingerprint into a binary discretized representation called Fingerhash. The Reed Solomon error correction method is used to stabilize the fluctuation in Fingerhash. The stabilized Fingerhash is then XORed with a biometric key. The key can only be released upon the XOR process with another Fingerhash derived from an authentic fingerprint. The proposed method could regenerate an error‐free biometric key based on an authentic fingerprint with up to 99.83 percent success rate, leading to promising result of FAR = 0 percent and FRR = 0.17 percent. Besides, the proposed method can produce biometric keys (1,150 bit length) which are longer in size than the other prevailing biometric key generation schemes to offer higher security protection to safeguard digital contents.
Originality/value
Outlines a novel solution to address the issues of usability, security and accuracy of biometric based key generation scheme.
Details
Keywords
Wilson Abel Alberto Torres, Nandita Bhattacharjee and Bala Srinivasan
The purpose of this paper is to determine the effectiveness of using fully homomorphic encryption (FHE) to preserve the privacy of biometric data in an authentication system…
Abstract
Purpose
The purpose of this paper is to determine the effectiveness of using fully homomorphic encryption (FHE) to preserve the privacy of biometric data in an authentication system. Biometrics offers higher accuracy for personal recognition than traditional methods because of its properties. Biometric data are permanently linked with an individual and cannot be revoked or cancelled, especially when biometric data are compromised, leading to privacy issues.
Design/methodology/approach
By reviewing current approaches, FHE is considered as a promising solution for the privacy issue because of its ability to perform computations in the encrypted domain. The authors studied the effectiveness of FHE in biometric authentication systems. In doing so, the authors undertake the study by implementing a protocol for biometric authentication system using iris.
Findings
The security analysis of the implementation scheme demonstrates the effectiveness of FHE to protect the privacy of biometric data, as unlimited operations can be performed in the encrypted domain, and the FHE secret key is not shared with any other party during the authentication protocol.
Research limitations/implications
The use of malicious model in the design of the authentication protocol to improve the privacy, packing methods and use of low-level programming language to enhance performance of the system needs to be further investigated.
Originality/value
The main contributions of this paper are the implementation of a privacy-preserving iris biometric authentication protocol adapted to lattice-based FHE and a sound security analysis of authentication and privacy.
Details
Keywords
Sajaad Ahmed Lone and Ajaz Hussain Mir
Because of the continued use of mobile, cloud and the internet of things, the possibility of data breaches is on the increase. A secure authentication and authorization strategy…
Abstract
Purpose
Because of the continued use of mobile, cloud and the internet of things, the possibility of data breaches is on the increase. A secure authentication and authorization strategy is a must for many of today’s applications. Authentication schemes based on knowledge and tokens, although widely used, lead to most security breaches. While providing various advantages, biometrics are also subject to security threats. Using multiple factors together for authentication provides more certainty about a user’s identity; thus, leading to a more reliable, effective and more difficult for an adversary to intrude. This study aims to propose a novel, secure and highly stable multi-factor one-time password (OTP) authentication solution for mobile environments, which uses all three authentication factors for user authentication.
Design/methodology/approach
The proposed authentication scheme is implemented as a challenge-response authentication where three factors (username, device number and fingerprint) are used as a secret key between the client and the server. The current scheme adopts application-based authentication and guarantees data confidentiality and improved security because of the integration of biometrics with other factors and each time new challenge value by the server to client for OTP generation.
Findings
The proposed authentication scheme is implemented on real android-based mobile devices, tested on real users; experimental results show that the proposed authentication scheme attains improved performance. Furthermore, usability evaluation proves that proposed authentication is effective, efficient and convenient for users in mobile environments.
Originality/value
The proposed authentication scheme can be adapted as an effective authentication scheme to accessing critical information using android smartphones.
Details
Keywords
Anil Kumar Gona and Subramoniam M.
Biometric scans using fingerprints are widely used for security purposes. Eventually, for authentication purposes, fingerprint scans are not very reliable because they can be…
Abstract
Purpose
Biometric scans using fingerprints are widely used for security purposes. Eventually, for authentication purposes, fingerprint scans are not very reliable because they can be faked by obtaining a sample of the fingerprint of the person. There are a few spoof detection techniques available to reduce the incidence of spoofing of the biometric system. Among them, the most commonly used is the binary classification technique that detects real or fake fingerprints based on the fingerprint samples provided during training. However, this technique fails when it is provided with samples formed using other spoofing techniques that are different from the spoofing techniques covered in the training samples. This paper aims to improve the liveness detection accuracy by fusing electrocardiogram (ECG) and fingerprint.
Design/methodology/approach
In this paper, to avoid this limitation, an efficient liveness detection algorithm is developed using the fusion of ECG signals captured from the fingertips and fingerprint data in Internet of Things (IoT) environment. The ECG signal will ensure the detection of real fingerprint samples from fake ones.
Findings
Single model fingerprint methods have some disadvantages, such as noisy data and position of the fingerprint. To overcome this, fusion of both ECG and fingerprint is done so that the combined data improves the detection accuracy.
Originality/value
System security is improved in this approach, and the fingerprint recognition rate is also improved. IoT-based approach is used in this work to reduce the computation burden of data processing systems.
Details
Keywords
Weiguo Sheng, Gareth Howells, Michael Fairhurst, Farzin Deravi and Shengyong Chen
Biometric authentication, which requires storage of biometric templates and/or encryption keys, raises a matter of serious concern, since the compromise of templates or keys…
Abstract
Purpose
Biometric authentication, which requires storage of biometric templates and/or encryption keys, raises a matter of serious concern, since the compromise of templates or keys necessarily compromises the information secured by those keys. To address such concerns, efforts based on dynamic key generation directly from the biometrics have recently emerged. However, previous methods often have quite unacceptable authentication performance and/or small key spaces and therefore are not viable in practice. The purpose of this paper is to propose a novel method which can reliably generate long keys while requires storage of neither biometric templates nor encryption keys.
Design/methodology/approach
This proposition is achieved by devising the use of fingerprint orientation fields for key generation. Additionally, the keys produced are not permanently linked to the orientation fields, hence, allowing them to be replaced in the event of key compromise.
Findings
The evaluation demonstrates that the proposed method for dynamic key generation can offer both good reliability and security in practice, and outperforms other related methods.
Originality/value
In this paper, the authors propose a novel method which can reliably generate long keys while requires storage of neither biometric templates nor encryption keys. This is achieved by devising the use of fingerprint orientation fields for key generation. Additionally, the keys produced are not permanently linked to the orientation fields, hence, allowing them to be replaced in the event of key compromise.
Details
Keywords
n recent years, public key infrastructure (PKI) has emerged as co‐existent with the increasing demand for digital security. A digital signature is created using existing public…
Abstract
n recent years, public key infrastructure (PKI) has emerged as co‐existent with the increasing demand for digital security. A digital signature is created using existing public key cryptography technology. This technology will permit commercial transactions to be carried out across insecure networks without fear of tampering or forgery. The relative strength of digital signatures relies on the access control over the individual’s private key. The private key storage, which is usually password‐protected, has long been a weak link in the security chain. In this paper, we describe a novel and feasible system – BioPKI cryptosystem – that dynamically generates private keys from users’ on‐line handwritten signatures. The BioPKI cryptosystem eliminates the need of private key storage. The system is secure, reliable, convenient and non‐invasive. In addition, it ensures non‐repudiation to be addressed on the maker of the transaction instead of the computer where the transaction occurs.
Details
Keywords
To devise a biometric‐based mechanism for enhancing security of private keys used in cryptographic applications.
Abstract
Purpose
To devise a biometric‐based mechanism for enhancing security of private keys used in cryptographic applications.
Design/methodology/approach
To enhance security of a private key, we propose a scheme that regenerates a user's private key by taking a genuine user's password, fingerprint and a valid smart card. Our scheme uses features extracted from fingerprint along with public key cryptography, cryptographic hash functions and Shamir secret sharing scheme in a novel way to achieve our desired objectives.
Findings
Despite changes in the fingerprint pattern each time it is presented, our scheme is sufficiently robust to regenerate a constant private key. As compared to conventional methods of storing a private key merely by password‐based encryption, our scheme offers more security as it requires a genuine user's password, fingerprint and a valid smart card. Key lengths up to 1024‐bit or even higher can be regenerated making the scheme compatible with the current security requirements of public key cryptosystems.
Research limitations/implications
Minutia points used for image alignment can be incorporated in the key regeneration algorithm for stronger user authentication. In this case, some alternative technique will be required for image alignment.
Practical implications
The robustness of our scheme depicts its use in practical systems where there are variations in fingerprint patterns because of sensor noise and alignment issues.
Originality/value
In this paper, we have demonstrated a novel idea of regenerating the private key of a user by using fingerprint, password and a smart card. The basic aim is to provide more security to key storage as compared to traditional methods that uses password‐based encryption for secure storage of private keys.
Details
Keywords
Shefali Arora, Ruchi Mittal, Avinash K. Shrivastava and Shivani Bali
Deep learning (DL) is on the rise because it can make predictions and judgments based on data that is unseen. Blockchain technologies are being combined with DL frameworks in…
Abstract
Purpose
Deep learning (DL) is on the rise because it can make predictions and judgments based on data that is unseen. Blockchain technologies are being combined with DL frameworks in various industries to provide a safe and effective infrastructure. The review comprises literature that lists the most recent techniques used in the aforementioned application sectors. We examine the current research trends across several fields and evaluate the literature in terms of its advantages and disadvantages.
Design/methodology/approach
The integration of blockchain and DL has been explored in several application domains for the past five years (2018–2023). Our research is guided by five research questions, and based on these questions, we concentrate on key application domains such as the usage of Internet of Things (IoT) in several applications, healthcare and cryptocurrency price prediction. We have analyzed the main challenges and possibilities concerning blockchain technologies. We have discussed the methodologies used in the pertinent publications in these areas and contrasted the research trends during the previous five years. Additionally, we provide a comparison of the widely used blockchain frameworks that are used to create blockchain-based DL frameworks.
Findings
By responding to five research objectives, the study highlights and assesses the effectiveness of already published works using blockchain and DL. Our findings indicate that IoT applications, such as their use in smart cities and cars, healthcare and cryptocurrency, are the key areas of research. The primary focus of current research is the enhancement of existing systems, with data analysis, storage and sharing via decentralized systems being the main motivation for this integration. Amongst the various frameworks employed, Ethereum and Hyperledger are popular among researchers in the domain of IoT and healthcare, whereas Bitcoin is popular for research on cryptocurrency.
Originality/value
There is a lack of literature that summarizes the state-of-the-art methods incorporating blockchain and DL in popular domains such as healthcare, IoT and cryptocurrency price prediction. We analyze the existing research done in the past five years (2018–2023) to review the issues and emerging trends.
Details
Keywords
Aruna Kumari Koppaka and Vadlamani Naga Lakshmi
In the cloud-computing environment, privacy preservation and enabling security to the cloud data is a crucial and demanding task. In both the commercial and academic world, the…
Abstract
Purpose
In the cloud-computing environment, privacy preservation and enabling security to the cloud data is a crucial and demanding task. In both the commercial and academic world, the privacy of important and sensitive data needs to be safeguarded from unauthorized users to improve its security. Therefore, several key generations, encryption and decryption algorithms are developed for data privacy preservation in the cloud environment. Still, the outsourced data remains with the problems like minimum data security, time consumption and increased computational complexity. The purpose of this research study is to develop an effective cryptosystem algorithm to secure the outsourced data with minimum computational complexity.
Design/methodology/approach
A new cryptosystem algorithm is proposed in this paper to address the above-mentioned concerns. The introduced cryptosystem algorithm has combined the ElGamal algorithm and hyperchaotic sequence, which effectively encrypts the outsourced data and diminishes the computational complexity of the system.
Findings
In the resulting section, the proposed improved ElGamal cryptosystem (IEC) algorithm performance is validated using the performance metrics like encryption time, execution time, decryption time and key generation comparison time. The IEC algorithm approximately reduced 0.08–1.786 ms of encryption and decryption time compared to the existing model: secure data deletion and verification.
Originality/value
The IEC algorithm significantly enhances the data security in cloud environments by increasing the power of key pairs. In this manuscript, the conventional ElGamal algorithm is integrated with the pseudorandom sequences for a pseudorandom key generation for improving the outsourced cloud data security.
Details