nach oben

International Journal of Information Security

Erschienen in:

01.11.2015 | Regular Contribution

Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme

verfasst von: Thang Hoang, Deokjai Choi, Thuc Nguyen

Erschienen in: International Journal of Information Security | Ausgabe 6/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Authentication systems using gait captured from inertial sensors have been recently developed to enhance the limitation of existing mechanisms on mobile devices and achieved promising results. However, most these systems employed pattern recognition and machine learning techniques in which biometric templates are stored insecurely, which could leave critical security and user privacy issues. Specifically, a compromise of original gait templates could result in everlasting forfeiture. In this paper, two main results will be presented. Firstly, we propose a novel gait authentication system on mobile devices in which the security and privacy are preserved by employing a fuzzy commitment scheme. Instead of storing original gait templates for user verification like in conventional approaches, we verify the user via a stored key which is biometrically encrypted by gait templates collected from a mobile accelerometer. Secondly, the discriminability of sensor-based gait templates are investigated to determine appropriate parameter values to construct an effective gait-based biometric cryptosystem. The performance of our proposed system is evaluated on the dataset including gait signals of 34 volunteers. We achieved the zeroFAR and the False Rejection Rate of approximately 16.18 % corresponding to the key length, as well as the system security level of 139 bits. The results from our experiment show that accelerometer-based gait could be further investigated to construct a biometric cryptosystem, as effective as other biometric traits such as iris, fingerprint, voice, and signature.

Vorheriger Artikel Secure floating point arithmetic and private satellite collision analysis

Nächster Artikel URL query string anomaly sensor designed with the bidimensional Haar wavelet transform

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Gait cycle is defined as the time interval between two successive occurrences of one of the repetitive events during walking, as illustrated in Fig. 2b

Jain, A.K., Flynn, P.J., Ross, A.A. (eds.): Handbook of Biometrics. Springer, Berlin (2008). doi:10.1007/978-0-387-71041-9

Galbally, J., Cappelli, R., Lumini, A., Gonzalez-de-Rivera, G., Maltoni, D., Fierrez, J., Ortega-Garcia, J., Maio, D.: An evaluation of direct attacks using fake fingers generated from ISO templates. Pattern Recognit. Lett. 31(8), 725–732 (2010). doi:10.1016/j.patrec.2009.09.032 CrossRef

Ngo, T.T., Makihara, Y., Nagahara, H., Mukaigawa, Y., Yagi, Y.: The largest inertial sensor-based gait database and performance evaluation of gait-based personal authentication. Pattern Recognit. 47(1), 228–237 (2014). doi:10.1016/j.patcog.2013.06.028 CrossRef

Yun, J.: User identification using gait patterns on UbiFloorII. Sensors 11(3), 2611–2639 (2011). doi:10.1007/11596448_141 CrossRef

Tam, L., Glassman, M., Vandenwauver, M.: The psychology of password management: a tradeoff between security and convenience. Behav. Inf. Technol. 29(3), 233–244 (2010). doi:10.1080/01449290903121386 CrossRef

Frank, J., Mannor, S., Precup, D.: Activity and gait recognition with time-delay embeddings. In: AAAI, pp 1581–1586 (2010)

Hoang, T., Choi, D., Vo, V., Nguyen, A., Nguyen, T.: A lightweight gait authentication on mobile phone regardless of installation error. In: Security and Privacy Protection in Information Processing Systems, pp. 83–101. Springer, Berlin (2013). doi:10.1007/978-3-642-39218-4_7

Lu, H., Huang, J., Saha, T., Nachman, L.: Unobtrusive gait verification for mobile phones. In: Proceedings of the 2014 ACM International Symposium on Wearable Computers, pp. 91–98. ACM (2014). doi:10.1145/2634317.2642868

Derawi, M., Bours, P.: Gait and activity recognition using commercial phones. Comput. Secur. 39, 137–144 (2013). doi:10.1016/j.cose.2013.07.004 CrossRef

10.

Mjaaland, B. B., Bours, P., Gligoroski, D.: Walk the walk: attacking gait biometrics by imitation. In: Information Security (pp. 361–380). Springer, Berlin, Heidelberg (2011). doi:10.1007/978-3-642-18178-8_31

11.

Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 28–36. ACM (1999). doi:10.1145/319709.319714

12.

Van Der Veen, M., Kevenaar, T., Schrijen, G. J., Akkermans, T. H., Zuo, F.: Face biometrics with renewable templates. In: Proceedings of SPIE (vol. 6072, No. 1, p. 60720J) (2006). doi:10.1117/12.643176

13.

Morelos-Zaragoza, R.H.: The Art of Error Correcting Coding. Wiley, New York (2006)CrossRef

14.

Feng, Y.C., Yuen, P.C.: Binary discriminant analysis for generating binary face template. IEEE Trans. Inf. Forensics Secur. 7(2), 613–624 (2012). doi:10.1109/TIFS.2011.2170422 CrossRef

15.

Li, P., Yang, X., Qiao, H., Cao, K., Liu, E., Tian, J.: An effective biometric cryptosystem combining fingerprints with error correction codes. Expert Syst. Appl. 39(7), 6562–6574 (2012). doi:10.1016/j.eswa.2011.12.048 CrossRef

16.

lvarez Mario, R., Hernndez lvarez, F., Hernndez Encinas, L.: A crypto-biometric scheme based on iris-templates with fuzzy extractors. Inf. Sci. 195, 91–102 (2012). doi:10.1016/j.ins.2012.01.042 CrossRef

17.

Hao, F., Anderson, R., Daugman, J.: Combining crypto with biometrics effectively. IEEE Trans. Comput. 55(9), 1081–1088 (2006). doi:10.1109/TC.2006.138 CrossRef

18.

Maiorana, E.: Biometric cryptosystem using function based on-line signature recognition. Expert Syst. Appl. 37(4), 3454–3461 (2010). doi:10.1016/j.eswa.2009.10.043 CrossRef

19.

Carrara, B., Adams, C.: You are the key: generating cryptographic keys from voice biometrics. In: 2010 Eighth Annual International Conference on Privacy Security and Trust (PST) (pp. 213–222). IEEE (2010). doi:10.1109/PST.2010.5593251

20.

Inthavisas, K., Lopresti, D.: Secure speech biometric templates for user authentication. IET Biom. 1(1), 46–54 (2012). doi:10.1049/iet-bmt.2011.0008 CrossRef

21.

Argyropoulos, S., Tzovaras, D., Ioannidis, D., Strintzis, M.G.: A channel coding approach for human authentication from gait sequences. IEEE Trans. Inf. Forensics Secur. 4(3), 428–440 (2009). doi:10.1109/TIFS.2009.2025858 CrossRef

22.

Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Washington (2010)

23.

Rathgeb, C., Uhl, A.: A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Inf. Secur. 2011(1), 1–25 (2011). doi:10.1186/1687-417X-2011-3 CrossRef

24.

Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypt. 38(2), 237–257 (2006). doi:10.1007/s10623-005-6343-z MATHMathSciNetCrossRef

25.

Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in Cryptology-Eurocrypt 2004, pp. 523–540. Springer, Berlin, Heidelberg (2004). doi:10.1007/978-3-540-24676-3_31

26.

Li, Q., Sutcu, Y., Memon, N.: Secure sketch for biometric templates. In: Advances in CryptologyASIACRYPT 2006, pp. 99–113. Springer, Berlin, Heidelberg (2006). doi:10.1007/11935230_7

27.

Chin, Y.J., Ong, T.S., Teoh, A.B.J., Goh, K.O.M.: Integrated biometrics template protection technique based on fingerprint and palmprint feature-level fusion. Inf. Fusion 18, 161–174 (2014). doi:10.1016/j.inffus.2013.09.001 CrossRef

28.

Nagar, A., Nandakumar, K., Jain, A.K.: Multibiometric cryptosystems based on feature-level fusion. IEEE Trans. Inf. Forensics Secur. 7(1), 255–268 (2012). doi:10.1109/TIFS.2011.2166545 CrossRef

Titel: Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme
verfasst von: Thang Hoang
Deokjai Choi
Thuc Nguyen
Publikationsdatum: 01.11.2015
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 6/2015
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-015-0273-1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 6/2015

Flexible attribute-based encryption applicable to secure e-healthcare records

Security and privacy of electronic health information systems

Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation

Security and searchability in secret sharing-based data outsourcing

URL query string anomaly sensor designed with the bidimensional Haar wavelet transform

Secure floating point arithmetic and private satellite collision analysis