04/19/23 1

Biometric Authentication in a Biometric Authentication in a Wireless EnvironmentWireless Environment

Alex Kotlarchyk

Florida Atlantic University

04/19/23 2

GoalsGoals

Biometric protocols suitable for a wireless networked environment

Secure system/network access via biometric authentication

Secure wireless transmission of biometric data

04/19/23 3

Why Wireless Biometrics?Why Wireless Biometrics?

Combination of two rapidly growing technologies1. Biometric systems for verification and

identification• Homeland Security

2. Wireless systems for mobility• Over 1 trillion wireless phone min. in US,

2004

Common advantage is convenience

04/19/23 4

Current Examples of Biometric Current Examples of Biometric DeploymentsDeployments Eastern Financial’s Boca Mission Bay branch

– Handprint scan to unlock the door to safe deposit boxes Statue of Liberty

– Fingerprint scan to access lockers Nine Zero hotel in Boston

– Iris scan for entrance to $3,000-a-night suite Piggly-Wiggly grocery stores

– Testing pay-by-fingerprint system Bank of Tokyo-Mitsubishi

– Credit cards w/ embedded vein-pattern information

04/19/23 5

Human authenticationHuman authentication

Types of human authentication– What you know (secret)

• Password, PIN, mother’s maiden name

– What you have (token)• ATM card, smart card

– What you are (biometric)• Stable: fingerprint, face, iris• Alterable: voice, keystroke

– Where you are (authorization?)• Wireless

04/19/23 6

Suitability of BiometricsSuitability of Biometrics

Paradox of secure biometrics– A biometric is stable and distinctive. This is

good for identification.– However, something unique can never be

changed. This is not so good for verification if the biometric is compromised.

– Furthermore, a biometric is not a secret, so it can be found and copied. This is bad.

– So, are stability and uniqueness not good after all?

04/19/23 7

KeyspaceKeyspace

Number of possible codewords (CW)– Token

• 12-digit: CW = 10^12 CWs– Password

• Full 62 ASCII alphanumeric chars used randomly in an 8-char password = over 10^14 CWs

• Most actual users selection ≈ 10^6 CWs, so in practice, the 12-digit token is more secure

– Biometrics (2001 technology, may change)• ≈ inverse of FAR

– Iris ≈ 10^6 CWs– Fingerprint ≈ 10^4 CWs– Voice ≈ 10^3 CWs– Face ≈ 10 → 100 CWs

04/19/23 8

Increasing KeyspaceIncreasing Keyspace

Combined authentication to increase keyspace– Multibiometric authentication

• More than one biometric– Combine standard biometrics (e.g. face and fingerprint

(multimodal), or multiple fingerprints)– Combine standard biometric with “soft” biometric

• Soft biometric = gender, height, race, eye color, etc.

– Multifactor authentication• More than one authentication type

– Combine biometric w/ password or token

04/19/23 9

Source: Technology Review, June 2004

04/19/23 10

Biometric AdvantagesBiometric Advantages

Convenience– Can’t be lost (in general)– Can’t be forgotten

Can’t be loaned Mostly unique (matching may not be) Perceived strong non-repudiation Does not change significantly (in general)

(Ident.) Both verification and identification

applications

04/19/23 11

Biometric DisadvantagesBiometric Disadvantages

Ability to authenticate dependent on technology (FAR, FRR)

Personal data, but not secret/secured data Easy to copy raw data Cost of technology Non-revocable Cannot change if compromised (Ver.) Inexact matching (variable presentation) Social acceptance

04/19/23 12

Biometric Authentication SystemBiometric Authentication System

Source: Podio, NIST

04/19/23 13

Template SizeTemplate Size

04/19/23 14

Wireless Biometric System SecurityWireless Biometric System Security

Security issues– Biometric authentication to ensure secure

access to the system/network• In other words, wireless system access security

– Wireless message authentication to ensure secure transmission of biometric data• In other words, personal information security and

privacy across the wireless network

– Physical security• Devices, computers, transmitters/receivers, etc.

04/19/23 15

Biometric Authentication ThreatsBiometric Authentication Threats

04/19/23 16

Defense of Biometric SystemDefense of Biometric System

Capture device presented with ‘false’ biometric– e.g. fake finger, short video, high-res

color iris image, latent image– Use biometric ‘in addition’ not ‘instead

of’ (multi-verification)– Vitality sensor, 3-D confirmation

04/19/23 17

Defense of Biometric System Defense of Biometric System (continued)(continued) Modification of capture device– Only a problem if capture and template

generation (and maybe matching) are done on the device (trusted biometric device)

– Tightly integrate capture mechanism with processing hardware

– Ruggedize device– Display physical sign of tampering– Inactivate if tampered (TILT!)– Encryption of template

04/19/23 18

Defense of Biometric System Defense of Biometric System (continued)(continued)Remainder are network security or

template database security issues–Wireless network security will be

discussed– Database security is beyond the scope

of this presentation– Don’t forget OS security

04/19/23 19

Biometric CryptographyBiometric Cryptography

Use of biometric data for encryption & decryption

“fuzzy” commitment, vault – Ari Juels, RSA Labs

04/19/23 20

Biometric Cryptography (example)Biometric Cryptography (example)

Template(key)

Password(hashed) E(h(Pwd))

Enroll(Encrypt)

Verify(Decrypt)

Template(key)

compare

00000 1111101010 10101 01010 01010

11010 11101

10000 10111

HammingDistance = 2

WithinThreshold?

“stored”

“live”

04/19/23 21

Biometrics StandardsBiometrics Standards Common Biometric Exchange File Format (CBEFF) ANSI-NIST-ITL-2000

– Data exchange & quality– Criminal identification

American Association for Motor Vehicle Administration (AAMVA) DL/ID 2000

FBI – Wavelet Scalar Quantization (WSQ) – fingerprint image (de)compression– Electronic Fingerprint Transmission Standard (EFTS)

Intel Common Data Security Architecture (CDSA) ANSI X9.84 – Biometric data security (life cycle)

– Originally developed for financial industry; uses CBEFF APIs

– Open: BioAPI, Java Card Biometric API; uses CBEFF– Proprietary: BAPI …what is Microsoft planning?

XCBF– XML Common Biometric Format from OASIS; uses CBEFF– Mechanisms for secure transmission, storage, integrity, & privacy of biometrics

04/19/23 22

Biometric StandardsBiometric Standards

Recently from NIST…– Biometric Data Specification for Personal

Identity Verification (PIV)• January 24, 2005 (Draft)• New standards governing interoperable use of

identity credentials to allow physical and logical access to federal government locations and systems– Technical and formatting requirements for biometric

credentials– Restricts values and practices for fingerprints and

facial images– Geared toward FBI background checks and formatting

data for a PIV card– CBEFF and BioAPI compliant

04/19/23 23

CBEFF - OverviewCBEFF - Overview

Framework for sharing raw or template data

Supports encryption & digital signature for security

File = SBH (header) + BSMB (data) + SB (signature)

Patrons identify the data format Approved interchange formats– Finger Minutiae, Finger Pattern, Finger Image,

Face Recognition, Iris, Signature/Sign, Hand Geometry

04/19/23 24

CBEFF Patron FormatsCBEFF Patron Formats

Format A – The CBEFF Data Structure– Patron: CBEFF– Small embedded or legacy systems, limited storage– No data exchange between systems

Format B – The BioAPI Specification Biometric Identification Record (BIR) Format– Patron: BioAPI Consortium– BioAPI compliant systems– Client / server data exchange

Format C – ANSI X9.84 Biometric Object– Patron: ANSI Subcommittee X9, Working Group F4– Large systems– Data exchange in a secure manner with authentication

Format D – Biometric Information Data Objects for Use Within Smart Cards or Other Tokens (recent)… e.g. Java Card

04/19/23 25

Wireless AdvantagesWireless Advantages

Mobility Flexibility

– Easier to relocate and configure– More scalable

Cost– No cost due to physical barriers, private property.

Productivity– More opportunity to connect

Aesthetics– No clutter from wires

Robustness– Less physical infrastructure to damage and repair

04/19/23 26

Wireless DisadvantagesWireless Disadvantages

Lower channel capacity– Limited spectrum available– Power restrictions– Noise levels

Noise and interference Frequency allocation– U.S. – FCC

Greater security concern– Information traveling in free space

04/19/23 27

Wireless ProtocolsWireless Protocols Network domains

– Broadband• IEEE 802.16, Worldwide Interoperability for Microwave Access (WiMAX) –

framework, not single system or class of service– Cellular networks

• Global System for Mobile communication (GSM)• Universal Mobile Telecommunications System (UMTS =WCDMA)

– Cordless systems• Time Division Multiple Access (TDMA)• Time Division Duplex (TDD)

– Mobile Internet Protocol (Mobile IP) – Wireless Local Area Network (WLAN)

• IEEE 802.11 (Wi-Fi) a,b,g (n … not yet ratified)– Wireless Personal Area Network (WPAN)

• IrDA, Bluetooth, ultra wideband, wireless USB– Home Automation (narrow band)

• Infineon, ZigBee, Z-Wave

04/19/23 28

Wireless Protocol ComparisonWireless Protocol Comparison

Source: PC Magazine, March 22, 2004

04/19/23 29

Security and ProtocolsSecurity and Protocols Security domains

– Application security• Wireless Application Protocol (WAP)

– Uses Wireless Transport Layer Security (WTLS)• Current Class 2 devices based on IETF SSL/TLS• Future Class 3 devices will use a WAP Identity Module (WIM)

• Web services– Simple Object Access Protocol (SOAP) – toolkits available for Java & .NET

• Operating system security (Java run-time, Palm OS, Microsoft Windows CE)– Device security (PINs, pass-phrases, biometrics)– Security of wireless protocols

• IEEE 802.11 (Wi-Fi)– Wireless Encryption Protocol (WEP)… weak and flawed– Wi-Fi Protected Access (WPA). Uses Temporal Key Integrity Protocol (TKIP)

• IEEE 802.11i – Wireless Security spec. (WPA, AES, FIPS 140-2 compliant)– Authentication security

• Remote Authentication Dial In User Service (RADIUS)• Kerberos• SSL

04/19/23 30

Network EncryptionNetwork Encryption

Secure Shell (SSH)– Application Layer– Secure remote connection replacement for telnet, rlogin,

rsh Secure Socket Layer (SSL)

– Transport Layer Security (TLS)– Uses TCP & has specific port numbers– Main use is HTTPS (port 443)

Internet Protocol Security (IPSec)– Network Layer– Includes a key management protocol– Included in IPv6

04/19/23 31

Network System ArchitectureNetwork System Architecture

Where does authentication happen?– Device

• Data not externally transmitted– Local Computer

• Data transmitted between device(s) and PC (WPAN)– LAN-Connected Computer

• Data transmitted locally (WLAN)– Remote Computer

• Data transmitted remotely (WWAN)– Application dependent

• Data transmitted between capture device and database• Database template storage requirement = template size *

number of templates

04/19/23 32

Avenues of AttackAvenues of Attack

Capture Device

Local ComputerLAN- connected Computer

LAN

WAN

Remote Computer

= wireless

04/19/23 33

Wireless Security IssuesWireless Security Issues Denial of Service (DoS)

– Jamming…Use Spread Spectrum (DSSS, FHSS) technology– As a device battery attack, i.e., more processing = more battery usage

Eavesdropping– Signal is in the open air (war dialing)

Theft or loss of device– Due to size, portability, and utility

Dependency on public-shared infrastructure– What security is in place?

Masquerading– Rogue clients pretend to be legitimate endpoint– Rogue access points trick clients to logging in

Malware– Worms (Cabir) and Viruses (Timfonica, Phage) on wireless devices– Use Antivirus software

04/19/23 34

Wireless Security ParadoxWireless Security Paradox

We use wireless devices for convenience

Security measures often decrease convenience and performance

Result: Security features are often disabled or given lower priority

04/19/23 35

System Design ConsiderationsSystem Design Considerations Verification

– Are you who you claim to be (or are supposed to be)?– 1:1 matching– Usually consensual– Typically smaller template databases– Authorization (computer, network, building)

Identification– Who are you?– 1:n matching– Often no explicit consent or awareness– Typically larger template databases– Surveillance (homeland and border security), forensics, criminal

investigation (AFIS) Why not both?

– i.e. You are not who you say you are, so who are you?

04/19/23 36

Scenario: Biometrics at the AirportScenario: Biometrics at the Airport

Workforce security– Biometric authentication

• Identify all employees who require restricted area access• ID card encoded to protect data• Biometric scanning devices networked at access control points to

permit/deny access Facility integrity

– Employees w/ vehicle access must be authenticated via biometrics– Access control within aircraft

• Biometric devices for authorized personnel to access sensitive areas within aircraft

Communications infrastructure– Networked biometric scanning stations

Passenger security– Authenticate passengers with passports or ID cards containing

encoded biometrics– Identify suspicious or unknown people with biometric surveillance

04/19/23 37

Putting it TogetherPutting it Together

How do we maximize advantages and minimize disadvantages when a biometric system is combined with a wireless system for an optimal wireless biometric system?

04/19/23 38

Future ResearchFuture Research

Pattern for “fuzzy” matching?– Biometrics, digital watermarks, IDS, search

engines Biometric cryptography– Biometric key generation

• Fuzzy matching methodologies• Embedding biometric keys within wireless protocols

– X.509 certificates– Protocol payload area– Protocol header (authentication) area

• Use coefficients? (polynomial, elliptic curve)