Vulnerabilities in Biometric Encryption Systems
نویسنده
چکیده
Biometric encryption systems embed a secret code within a biometric image in a way that it can be decrypted with an image from the enrolled individual. We describe a potential vulnerability in biometric encryption systems that allows a less than brute force regeneration of both the secret code and an estimate of the enrolled image. This vulnerability requires the biometric comparison to “leak” some information from which an analogue for a match score may be calculated. Using this match score value, a “hill-climbing” attack is performed against the algorithm to calculate an estimate of the enrolled image, which is then used to decrypt the code. Results are shown against a simplified implementation of the algorithm of Soutar et al. (1998). Possible extensions of this attack to other biometric encryption algorithms are discussed.
منابع مشابه
User-Centric Key Entropy: Study of Biometric Key Derivation Subject to Spoofing Attacks
Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing ...
متن کاملBiometric Encryption: A Positive-Sum Technology that Achieves Strong Authentication, Security AND Privacy
.................................................................................................................... 1 Background / Context ............................................................................................... 2 Growing Public Awareness and Interest .............................................................. 3 A Biometrics Primer .......................................
متن کاملAssessing Vulnerabilities of Biometric Readers Using an Applied Defeat Evaluation Methodology
Access control systems using biometric identification readers are becoming common within critical infrastructure and other high security applications. There is a perception that biometric, due to their ability to identify and validate the user, are more secure. However, biometric systems are vulnerable to many categories of attack vectors and there has been restricted research into such defeat ...
متن کاملGeneric Constructions of Biometric Identity Based Encryption Systems
In this paper, we present a novel framework for the generic construction of biometric Identity Based Encryption (IBE) schemes, which do not require bilinear pairings and result in more efficient schemes than existing fuzzy IBE systems implemented for biometric identities. Also, we analyze the security properties that are specific to biometric IBE namely anonymity and identity privacy. Consideri...
متن کاملEfficient software attack to multimodal biometric systems and its application to face and iris fusion
In certain applications based on multimodal interaction it may be crucial to determine not only what the user is doing (commands), but who is doing it, in order to prevent fraudulent use of the system. The biometric technology, and particularly the multimodal biometric systems, represent a highly efficient automatic recognition solution for this type of applications. Although multimodal biometr...
متن کامل