perez - Cryptographic key generation using handwritten...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Cryptographic key generation using handwritten signature M. Freire-Santos a , J. Fierrez-Aguilar a , J. Ortega-Garcia a a ATVS-Biometrics Research Lab., Escuela Politecnica Superior, Universidad Autonoma de Madrid, E-28049 Madrid, Spain ABSTRACT Based on recent works showing the feasibility of key generation using biometrics, we study the application of handwritten signature to cryptography. Our signature-based key generation scheme implements the crypto- graphic construction named fuzzy vault. The use of distinctive signature features suited for the fuzzy vault is discussed and evaluated. Experimental results are reported, including error rates to unlock the secret data by using both random and skilled forgeries from the MCYT database. Keywords: Biometrics, on-line signature, cryptography, key generation 1. INTRODUCTION Cryptography is one of the fundamental building blocks of computer security. Unfortunately, cryptographic security is conditioned by an authentication step typically based on long pseudo-random keys (of at least 128 bits in symmetric encryption), which are almost impossible to remember. As a result, cryptosystems commonly rely on user-generated passwords, which are easy to memorize, in order to release the pseudo-random keys. This fact eases the work of an eventual attacker, remarkably decreasing the overall security of the data being protected. 1 On the other hand, biometric systems use physiological or behavioral traits such as Fngerprint, face, iris, speech or handwritten signature to authenticate users. 2 The use of biometrics enhances both the usability (e.g., avoiding the use of multiple passwords) and the security (e.g., non-repudiation) of password-based authentication systems. Biometric signals are also harder to copy or steal, and cannot be forgotten or lost. Biometric cryptosystems, or crypto-biometric systems, combine cryptographic security with biometric au- thentication. 1 The integration of biometrics with cryptography can be done broadly at two di±erent levels. In biometrics-based key release, a biometric matching between an input biometric signal and an enrolled template is used to release the secret key. In biometrics-based key generation, the biometric signals are monolithically bounded to the keys. Within biometrics, automatic signature veriFcation has been an intense research area because of the social and legal acceptance and widespread use of the written signature as a personal authentication method. 2 This work is focused on dynamic signature veriFcation, i.e., the time functions of the dynamic signing process are available (e.g., position trajectories, or pressure versus time). Di±erent approaches are considered in the literature in order to extract relevant information from on-line signature data; 3, 4 they can coarsely be divided into: i ) feature-based approaches, in which a holistic vector representation consisting of global features is derived from the acquired signature trajectories, 5 and ii ) function-based approaches, in which time sequences describing local properties
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 7

perez - Cryptographic key generation using handwritten...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online