2.multibiometric cryptosystems based on
DESCRIPTION
Multibiometric crptosystems like iris scanning,finger print for authenticationTRANSCRIPT
![Page 1: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/1.jpg)
1
Multibiometric Cryptosystems Based onFeature-Level Fusion
INTRODUCTION
A biometric system is essentially a pattern recognition system that
operates by acquiring biometric data from an individual, extracting a feature
set from the acquired data, and comparing this feature set against the
template set in the database. Depending on the application context, a
biometric system may operate either in verification mode or identification
mode. multibiometric systems require storage of multiple biometric templates
(e.g., fingerprint, iris, and face) for each user, which results in increased risk to
user privacy and system security.
In the verification mode, the system validates a person’s identity by
comparing the captured biometric data with her own biometric template(s)
stored in the system database. In such a system, an individual who desires to
be recognized claims an identity, usually via a personal identification number
(PIN), a user name, or RFID NO, Identity verification is typically used for positive
recognition, where the aim is to prevent multiple people from using the same
identity.
![Page 2: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/2.jpg)
2
In the identification mode, the system recognizes an individual by
searching the templates of all the users in the database for a match. Therefore,
the system conducts a one-to-many comparison to establish an individual’s
identity (or fails if the subject is not enrolled in the system database) without
the subject having to claim an identity.
After matching the image, server will range a percentage value. If that
percentage value is above 100 means it will allow transaction directly
and below 100 means server will generate token number and send to the
client.
1.1Objective
The main objective of my project is to provide secure banking for the
client, by taking fingerprints as authorized identity at ATM banks.
1.2Scope
Biometric authentication systems are gaining wise-spread popularity
in recent years due to the advances in matching algorithm that make the
system both secure and cost-effective. They are ideally suited for both high
security and remote authentication application due to user convenience. Most
biometric system assume that the template in the system is secure due to
![Page 3: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/3.jpg)
3
human supervision(e.g. criminal database search) or physical protection(e.g.
mobile locks and door locks).However, a variety of applications of
authentication need to work over partially secure or insecure networks such as
ATM networks or the internet.
Authentication over insecure public networks or with un-trusted
servers raises more concerns in privacy and security. The primary concern is
related to the security of the plain biometric templates, which cannot be
replaced, once they compromised. Widespread use of biometric authentication
also raises concerns of tracking a person, as every activity that requires
authentication can be uniquely assigned to an individual.
3.1. SYSTEM ANALYSIS
3.1.1. Problem Definition
The problem is to design biometric features for authentication. The
finger print verification is to be performed by using Fuzzy concept and the
secret token number is generated by SHA-256(secure hash algorithm)
3.1.2. Existing System
Remote authentication is the most commonly used method to
determine the identity of a remote client. In general, there are three
authentication factors:
![Page 4: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/4.jpg)
4
1. Something the client knows: password.
2. Something the client has: smart card.
3. Something the client is: biometric characteristics
(e.g., fingerprint, voiceprint, and iris scan).
Most early authentication mechanisms are solely based on password.
While such protocols are relatively easy to implement, passwords have many
vulnerabilities. detailed analysis of the trade-off between matching accuracy
and security in the proposed multibiometric cryptosystems based on two
different databases (one real and one virtual multimodal database), each
containing the three most popular biometric modalities, namely, fingerprint,
iris, and face.By exploiting these vulnerabilities, simple dictionary attacks can
crack passwords in a short time Due to these concerns, hardware
authentication tokens are introduced to strengthen the security in user
authentication, and smart-card-based password authentication has become
one of the most common authentication mechanisms. While it provides
stronger security guarantees than password authentication, it could also fail if
both authentication factors are compromised.
Another authentication mechanism is biometric authentication,
where users are identified by their measurable human characteristics, such as
fingerprint, voiceprint, and iris scan. Biometric characteristics are believed to
be a reliable authentication factor since they provide a potential source of high-
![Page 5: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/5.jpg)
5
entropy information and cannot be easily lost or forgotten. Some biometric
characteristics (e.g., fingerprint) can be easily obtained without the awareness
of the owner. This motivates the three-factor authentication, which
incorporates the advantages of the authentication based on password, smart
card, and biometrics.
3.1.3. Proposed System
In Our Proposed System of Implementation, We consider Three
Factor Authentication using the following,
RFID
PIN Number
Biometrics (Finger Print).
Every User is provided with RFID Card for the initial Authentication
Scheme, then the user will be giving the PIN number is provided during the
Registration Period itself.
Then the user is permitted to give his / her Finger Print to the main
server. If the Finger Print is exactly matched, the user is allowed for the
transactions. If the Finger Print is doubtful and not exactly matched with the
registered Finger Print image then Server sends One Time Password as SMS
Alert to the User’s Mobile Number. This One Time Password which is generated
![Page 6: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/6.jpg)
6
as SMS is given by the User to the main server for authentication. In the normal
three factor Authentication Scheme, we use following Authentication
Procedures
User PIN number along with Keypad ID
RFID Tag
Finger Print Image
In the case of Fuzzy Concept, where the Finger Print is not matched
but matched to the maximum extent, and the server has suspicion, then the
following procedure is followed,
User PIN number along with Keypad ID
RFID reader
Finger Print Image
One Time Password (OTP) Generation to the user’s Mobile Number
OTP given by the user to the server.
All those are used together for authentication. For Finger print Fuzzy
Logic is applied for Exact Mapping and Proper Authentication.
![Page 7: 2.Multibiometric Cryptosystems Based On](https://reader035.vdocuments.net/reader035/viewer/2022081813/545a928db1af9fcf338b5e35/html5/thumbnails/7.jpg)
7