20-06-2014, 04:29 PM
A Method to Improve the Security Level of ATM Banking Systems Using AES Algorithm
[attachment=65121]
ABSTRACT
An embedded Crypto-Biometric authentication scheme for ATM
banking systems is proposed in our paper. In this scheme,
cryptography and biometric techniques are fused together for
person authentication to ameliorate the security level. The
fingerprint template including singular points, frequency of
ridges and minutiae are stored at the central banking server when
enrollment. At the time of transaction fingerprint image is
acquired at the ATM terminal using high resolution fingerprint
scanner. The fingerprint image is enhanced and then encrypted
using 128 bit private key algorithm. The encrypted image is
transmitted to the central server via secured channel. At the
banking terminal the image is decrypted using the same key.
Based on the decrypted image, minutiae extraction and matching
are performed to verify the presented fingerprint image belongs
to the claimed user. The authentication is signed if the minutiae
matching are successful. The proposed scheme is fast and more
secure. Computer simulations and statistical analysis are
presented.
INTRODUCTION
Biometrics based authentication is a potential candidate to
replace password-based authentication. Among all the
biometrics, fingerprint based identification is one of the most
mature and proven technique. Cryptography provides the
necessary tools for accomplishing secure and authenticated
transactions [3]. It not only protects the data from theft or
alteration, but also can be used for user authentication. In a
conventional cryptographic system, the user authentication is
possession based. The weakness of such authentication systems
is that it cannot assure the identity of the maker of a transaction;
it can only identify the maker’s belongings (cards) or what he
remembers (passwords, PINs etc.) Automatic biometric
authentication is an emerging field to address this problem.
Fingerprint authentication is the most popular method among
biometric authentication. However, it is infeasible to encrypt
such a large volume of image using conventional cryptography
for the purpose of centralized fingerprint matching
EMBEDDED CRYPTO-BIOMETRIC AUTHENTICATION PROTOCOL
Generally, there are two basic fingerprint authentication
schemes, namely the local and the centralized matching [11]. In
the central matching scheme, fingerprint image captured at the
terminal is sent to the central server via the network and then it
is matched against the minutiae template stored in the central
server.
There are three stages in the protocol namely registration, login
and authentication. In the registration phase, the fingerprints of
ATM users are enrolled and the derived fingerprint templates are
stored in the central server. The login phase is performed at an
ATM terminal equipped with a fingerprint sensor. The proposed
block schematic of embedded crypto biometric authentication
system is shown in Fig
AES Algorithm
The advanced encryption standard (AES) is a replacement to
DES as the federal standard. AES has already received
widespread use because of its standard definition, high security
and freedom patent entanglements. In cryptography, the
Advanced Encryption Standard (AES) is also known as Rijndael
algorithm [13].
Unlike its predecessor DES, Rijndael is an iterated block cipher
which supports variable block length and key length. Both
lengths can be independently specified as 128, 192 or 256 bits. It
has a variable number of iterations: 10, 12 and 14 for key lengths
of 128, 192 or 256 bits respectively. In this paper, a 128 bit block
[14] and key length are assumed, although the design could be
adopted without difficulty to other block and key lengths. AES is
fast in both software and hardware, relatively easy to implement,
and requires little memory. As a new encryption standard, it is
currently being deployed on a large scale.
CONCLUSION
An embedded Crypto-Biometric authentication scheme for ATM
banking systems has been proposed. The claimed user’s
fingerprint is required during a transaction. The fingerprint
image is encrypted via 3D chaotic map as soon as it is captured,
and then transmitted to the central server using symmetric key
algorithm [14]. The encryption keys are extracted from the
random pixel distribution in a raw image of fingerprint, some
stable global features of fingerprint and/or from pseudo random
number generator. Different rounds of iterations use different
keys.
At the banking terminal the image is decrypted using the same
key. Based on the decrypted image, minutiae extraction
and matching are performed to verify the presented
fingerprint image belongs to the claimed user. Future
work will focus on the study of stable features (as part
of encryption key) of fingerprint image, which may
help to set up a fingerprint matching dictionary so that
to narrow down the workload of fingerprint matching
in a large database.
[attachment=65121]
ABSTRACT
An embedded Crypto-Biometric authentication scheme for ATM
banking systems is proposed in our paper. In this scheme,
cryptography and biometric techniques are fused together for
person authentication to ameliorate the security level. The
fingerprint template including singular points, frequency of
ridges and minutiae are stored at the central banking server when
enrollment. At the time of transaction fingerprint image is
acquired at the ATM terminal using high resolution fingerprint
scanner. The fingerprint image is enhanced and then encrypted
using 128 bit private key algorithm. The encrypted image is
transmitted to the central server via secured channel. At the
banking terminal the image is decrypted using the same key.
Based on the decrypted image, minutiae extraction and matching
are performed to verify the presented fingerprint image belongs
to the claimed user. The authentication is signed if the minutiae
matching are successful. The proposed scheme is fast and more
secure. Computer simulations and statistical analysis are
presented.
INTRODUCTION
Biometrics based authentication is a potential candidate to
replace password-based authentication. Among all the
biometrics, fingerprint based identification is one of the most
mature and proven technique. Cryptography provides the
necessary tools for accomplishing secure and authenticated
transactions [3]. It not only protects the data from theft or
alteration, but also can be used for user authentication. In a
conventional cryptographic system, the user authentication is
possession based. The weakness of such authentication systems
is that it cannot assure the identity of the maker of a transaction;
it can only identify the maker’s belongings (cards) or what he
remembers (passwords, PINs etc.) Automatic biometric
authentication is an emerging field to address this problem.
Fingerprint authentication is the most popular method among
biometric authentication. However, it is infeasible to encrypt
such a large volume of image using conventional cryptography
for the purpose of centralized fingerprint matching
EMBEDDED CRYPTO-BIOMETRIC AUTHENTICATION PROTOCOL
Generally, there are two basic fingerprint authentication
schemes, namely the local and the centralized matching [11]. In
the central matching scheme, fingerprint image captured at the
terminal is sent to the central server via the network and then it
is matched against the minutiae template stored in the central
server.
There are three stages in the protocol namely registration, login
and authentication. In the registration phase, the fingerprints of
ATM users are enrolled and the derived fingerprint templates are
stored in the central server. The login phase is performed at an
ATM terminal equipped with a fingerprint sensor. The proposed
block schematic of embedded crypto biometric authentication
system is shown in Fig
AES Algorithm
The advanced encryption standard (AES) is a replacement to
DES as the federal standard. AES has already received
widespread use because of its standard definition, high security
and freedom patent entanglements. In cryptography, the
Advanced Encryption Standard (AES) is also known as Rijndael
algorithm [13].
Unlike its predecessor DES, Rijndael is an iterated block cipher
which supports variable block length and key length. Both
lengths can be independently specified as 128, 192 or 256 bits. It
has a variable number of iterations: 10, 12 and 14 for key lengths
of 128, 192 or 256 bits respectively. In this paper, a 128 bit block
[14] and key length are assumed, although the design could be
adopted without difficulty to other block and key lengths. AES is
fast in both software and hardware, relatively easy to implement,
and requires little memory. As a new encryption standard, it is
currently being deployed on a large scale.
CONCLUSION
An embedded Crypto-Biometric authentication scheme for ATM
banking systems has been proposed. The claimed user’s
fingerprint is required during a transaction. The fingerprint
image is encrypted via 3D chaotic map as soon as it is captured,
and then transmitted to the central server using symmetric key
algorithm [14]. The encryption keys are extracted from the
random pixel distribution in a raw image of fingerprint, some
stable global features of fingerprint and/or from pseudo random
number generator. Different rounds of iterations use different
keys.
At the banking terminal the image is decrypted using the same
key. Based on the decrypted image, minutiae extraction
and matching are performed to verify the presented
fingerprint image belongs to the claimed user. Future
work will focus on the study of stable features (as part
of encryption key) of fingerprint image, which may
help to set up a fingerprint matching dictionary so that
to narrow down the workload of fingerprint matching
in a large database.