基于模糊保险库方法的生物识别密码系统:安全性分析

Second International Conference on the Innovative Computing Technology (INTECH 2012) Pub Date : 2012-09-01 DOI:10.1109/INTECH.2012.6457803

M. Lafkih, M. Mikram, S. Ghouzali, M. Haziti, D. Aboutajdine

{"title":"基于模糊保险库方法的生物识别密码系统:安全性分析","authors":"M. Lafkih, M. Mikram, S. Ghouzali, M. Haziti, D. Aboutajdine","doi":"10.1109/INTECH.2012.6457803","DOIUrl":null,"url":null,"abstract":"Unlike traditional authentication based on passwords, biometric authentication is seen as an alternative solution because it offers facility, comfort and more security to users. However, biometric systems based on the storage of user model in a database are vulnerable to attacks because the stored model can be stolen or illegitimately used by an attacker to impersonate the user. To protect the users templates from attacks, two broad categories of methods are proposed in the literature: Transformation Biometric Characteristics, and Biometric Cryptosystems. Although biometric cryptosystems are used in several applications (e.g. smart cards), their major challenge is the lack of a security analysis and the limitation of the work on attacks against this type of methods. Hence the aim of this paper is to present criteria for security analysis and to demonstrate the vulnerability of Fuzzy Vault method; a famous approach in biometric cryptosystems.","PeriodicalId":369113,"journal":{"name":"Second International Conference on the Innovative Computing Technology (INTECH 2012)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Biometric cryptosystems based Fuzzy Vault approach: Security analysis\",\"authors\":\"M. Lafkih, M. Mikram, S. Ghouzali, M. Haziti, D. Aboutajdine\",\"doi\":\"10.1109/INTECH.2012.6457803\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Unlike traditional authentication based on passwords, biometric authentication is seen as an alternative solution because it offers facility, comfort and more security to users. However, biometric systems based on the storage of user model in a database are vulnerable to attacks because the stored model can be stolen or illegitimately used by an attacker to impersonate the user. To protect the users templates from attacks, two broad categories of methods are proposed in the literature: Transformation Biometric Characteristics, and Biometric Cryptosystems. Although biometric cryptosystems are used in several applications (e.g. smart cards), their major challenge is the lack of a security analysis and the limitation of the work on attacks against this type of methods. Hence the aim of this paper is to present criteria for security analysis and to demonstrate the vulnerability of Fuzzy Vault method; a famous approach in biometric cryptosystems.\",\"PeriodicalId\":369113,\"journal\":{\"name\":\"Second International Conference on the Innovative Computing Technology (INTECH 2012)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Second International Conference on the Innovative Computing Technology (INTECH 2012)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INTECH.2012.6457803\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Second International Conference on the Innovative Computing Technology (INTECH 2012)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INTECH.2012.6457803","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

摘要

与基于密码的传统身份验证不同，生物识别身份验证被视为一种替代解决方案，因为它为用户提供了便利、舒适和更高的安全性。然而，基于在数据库中存储用户模型的生物识别系统容易受到攻击，因为存储的模型可能被攻击者窃取或非法使用来冒充用户。为了保护用户模板免受攻击，文献中提出了两大类方法:转换生物特征和生物特征密码系统。虽然生物识别密码系统在许多应用中使用(例如智能卡)，但它们的主要挑战是缺乏安全分析以及针对此类方法的攻击工作的限制。因此，本文的目的是提出安全分析的标准，并论证模糊保险库方法的脆弱性;生物识别密码系统中的一种著名方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Biometric cryptosystems based Fuzzy Vault approach: Security analysis

Unlike traditional authentication based on passwords, biometric authentication is seen as an alternative solution because it offers facility, comfort and more security to users. However, biometric systems based on the storage of user model in a database are vulnerable to attacks because the stored model can be stolen or illegitimately used by an attacker to impersonate the user. To protect the users templates from attacks, two broad categories of methods are proposed in the literature: Transformation Biometric Characteristics, and Biometric Cryptosystems. Although biometric cryptosystems are used in several applications (e.g. smart cards), their major challenge is the lack of a security analysis and the limitation of the work on attacks against this type of methods. Hence the aim of this paper is to present criteria for security analysis and to demonstrate the vulnerability of Fuzzy Vault method; a famous approach in biometric cryptosystems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Second International Conference on the Innovative Computing Technology (INTECH 2012)

自引率

0.00%

发文量