Biometrics-based generation of Diffie-Hellman key exchange parameters

• Autorzy: Kovačević Aldin , Saračević Muzafer , Hasić Amor

Identyfikatory

DOI

10.7494/csci.2024.25.3.6082

• Języki publikacji: EN

Abstrakty

EN

When two parties need to securely communicate over an insecure channel, Diffie-Hellman is often employed as the key exchange algorithm. This paper presents two novel approaches to generating Diffie-Hellman parameters for key exchange based on user biometrics, namely their fingerprint data. Fingerprint templates are extracted as bit strings via a fingerprint scanner and later usedas inputs. In one approach, the whole fingerprint template is utilized as a user’s private key. In the second approach, fingerprint data is scrambled into smaller chunks and rearranged into two strings that serve as the user’s private key and the basis for prime p. Both approaches were implemented and tested experimentally. After analysis, the second approach that uses scrambled fingerprint data shows better execution times and improved security and usability considerations.

Słowa kluczowe

EN

biometrics; Diffie-Hellman; key exchange algorithm; fingerprint template; prime generation

• Wydawca: Wydawnictwa AGH
• Czasopismo: Computer Science
• Rocznik: 2024
• Tom: T. 25 (3)
• Strony: 421--434
• Opis fizyczny: Bibliogr. 20 poz., rys., tab., wykr.

Twórcy

autor

Kovačević Aldin

• International Burch University Ilidža, Department of Information Technologies, Bosnia and Herzegovina

autor

Saračević Muzafer

• University of Novi Pazar, Department of Computer Sciences Novi Pazar, Serbia

autor

Hasić Amor

• University of Novi Pazar

Bibliografia

• [1] Adrian D., Bhargavan K., Durumeric Z., Gaudry P., Green M., Halderman J.A., Heninger N., et al.: Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice. In: CCS’15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 5–17, ACM, New York, NY, USA, 2015. doi: 10.1145/2810103.2813707.
• [2] Alwen J.: The bit-security of cryptographic primitives, AWS Wickr. https:// wickr.com/the-bit-security-of-cryptographic-primitives-2/. Accessed September 2023.
• [3] Aumasson J.P.: Too Much Cryp, Real World Crypto, 2020.
• [4] Barker E., Barker W.C.: Recommendation for key management: Part 2 – Best Practices for Key Management Organizations, NIST: National Institute of Standards and Technology, 2019. doi: 10.6028/nist.sp.800-57pt2r1.
• [5] Barman S., Chattopadhyay S., Samanta D., Panchal G.: A novel secure key-exchange protocol using biometrics of the sender and receiver, Computers and Electrical Engineering, vol. 64, pp. 65–82, 2017. doi: 10.1016/ j.compeleceng.2016.11.017.
• [6] Barni M., Bianchi T., Catalano D., Di Raimondo M., Donida Labati R., Failla P., Fiore D., et al.: Privacy-preserving fingercode authentication. In: MM&Sec’10: Proceedings of the 12th ACM workshop on Multimedia and security, pp. 231–240, ACM, New York, NY, USA, 2010. doi: 10.1145/1854229.1854270.
• [7] Bringer J., Chabanne H., Izabachène M., Pointcheval D., Tang Q., Zimmer S.: An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication. In: J. Pieprzyk, H. Ghodosi, E. Dawson (eds.), Information Security and Privacy. 12th Australasian Conference, ACISP 2007, Townsville, Australia, July 2–4, 2007, Proceedings, vol. 7, pp. 96–106, Springer, Berlin Heidelberg, 2007. doi: 10.1007/978-3-540-73458-1_8.
• [8] Buhan I.: Cryptographic keys from noisy data: theory and applications, PS University Press, 2008.
• [9] Durairajan M.S., Saravanan R.: Biometrics Based Key Generation using Diffie Hellman Key Exchange for Enhanced Security Mechanism, Recent Trends in Biotechnology and Chemical Engineering, vol. 6(9), pp. 4359–4365, 2014.
• [10] Gillis A.S.: Diffie-Hellman key exchange (exponential key exchange). https:// www.techtarget.com/searchsecurity/definition/Diffie-Hellman-key-exchange.
• [11] Ha F., Anderson R., Daugman J.: Combining crypto with biometrics effectively, IEEE Transactions on Computers, vol. 55(9), pp. 1081–1088, 2006. doi: 10.1109/ tc.2006.138.
• [12] Juels A., Sudan M.: A fuzzy vault scheme, Designs, Codes and Cryptography, vol. 38(2), pp. 237–257, 2006. doi: 10.1007/s10623-005-6343-z.
• [13] Kivinen T., Kojo M.: RFC3526: More modular exponential (MODP) Diffie– Hellman groups for Internet Key Exchange (IKE), IETF Datatracker.
• [14] Lucas-Lehmer Test, Prime Wiki. https://www.rieselprime.de/ziki/Lucas-Lehmer _test. Accessed September 2023.
• [15] Primality tests. https://crypto.stanford.edu/pbc/notes/numbertheory/millerrabin.html. Accessed September 2023.
• [16] Sakre M.M.I.: Exchanging Biometric Keys in Secrecy, International Journal of Scientific and Engineering Research, vol. 6(9), pp. 1113–1120, 2015.
• [17] Socheat S., Wang T.: Fingerprint Enhancement, Minutiae Extraction and Matching Techniques, Journal of Computer and Communications, vol. 8(5), pp. 55–74, 2020. doi: 10.4236/jcc.2020.85003.
• [18] Ueshige Y., Sakurai K.: A Proposal of One-Time Biometric Authentication. In: H.R. Arabnia, S. Aissi (eds.), Proceedings of the 2006 International Conference on Security & Management, SAM 2006, Las Vegas, Nevada, USA, June 26–29, 2006, pp. 78–83, CSREA Press, 2006.
• [19] Upmanyu M., Namboodiri A.M., Srinathan K., Jawahar C.V.: Blind authentication: A secure crypto-biometric verification protocol, IEEE Transactions on Information Forensics and Security, vol. 5(2), pp. 255–268, 2010. doi: 10.1109/ TIFS.2010.2043188.
• [20] Wang H., Luo M., Ding Y.: Privacy-preserving fingerprint authentication using D-H key exchange and secret sharing, Security and Communication Networks, vol. 2021(1), 5344696, 2021. doi: 10.1155/2021/5344696.

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2024).