Biometric Authentication in a
Biometric Authentication in a
Wireless Environment
Wireless Environment
7/16/2013 1
Wireless Environment
Wireless Environment
Dr. Mohammad Iqbal
Goals
Goals
Biometric protocols suitable for a
wireless networked environment
Secure system/network access via
7/16/2013 2
Secure system/network access via
biometric authentication
Secure wireless transmission of
Why Wireless Biometrics?
Why Wireless Biometrics?
Combination of two rapidly growing
technologies
1. Biometric systems for verification and
identification
7/16/2013 3
identification
•
Homeland Security
2. Wireless systems for mobility
•
Over 1 trillion wireless phone min. in US,
2004
Current Examples of Biometric
Current Examples of Biometric
Deployments
Deployments
Eastern Financial’s Boca Mission Bay branch
–
Handprint scan to unlock the door to safe deposit boxes
Statue of Liberty
–
Fingerprint scan to access lockers
7/16/2013 4
Nine Zero hotel in Boston
–
Iris scan for entrance to $3,000-a-night suite
Piggly-Wiggly grocery stores
–
Testing pay-by-fingerprint system
Bank of Tokyo-Mitsubishi
Human authentication
Human authentication
Types of human authentication
–
What you
know
(secret)
•
Password, PIN, mother’s maiden name
–
What you
have
(token)
7/16/2013 5
–
What you
have
(token)
•
ATM card, smart card
–
What you
are
(biometric)
•
Stable: fingerprint, face, iris
•
Alterable: voice, keystroke
–
Where
you are (authorization?)
Suitability of Biometrics
Suitability of Biometrics
Paradox of secure biometrics
–
A biometric is stable and distinctive. This is
good for identification.
–
However, something unique can never be
7/16/2013 6
–
However, something unique can never be
changed. This is not so good for verification if
the biometric is compromised.
–
Furthermore, a biometric is not a secret, so it
can be found and copied. This is bad.
–
So, are stability and uniqueness not good after
Keyspace
Keyspace
Number of possible codewords (CW)
–
Token
•
12-digit: CW = 10^12 CWs
–
Password
•
Full 62 ASCII alphanumeric chars used randomly in an
8-7/16/2013 7
•
Full 62 ASCII alphanumeric chars used randomly in an
8-char password = over 10^14 CWs
•
Most actual users selection ≈ 10^6 CWs, so in practice, the
12-digit token is more secure
–
Biometrics (2001 technology, may change)
•
≈ inverse of FAR
– Iris ≈ 10^6 CWs– Fingerprint ≈ 10^4 CWs
– Voice ≈ 10^3 CWs
Increasing Keyspace
Increasing Keyspace
Combined authentication to increase
keyspace
–
Multibiometric authentication
•
More than one biometric
7/16/2013 8
•
More than one biometric
–
Combine standard biometrics (e.g. face and fingerprint
(multimodal), or multiple fingerprints)
–
Combine standard biometric with “soft” biometric
•
Soft biometric = gender, height, race, eye color,
etc.
–
Multifactor authentication
•
More than one authentication type
7/16/2013 9
Biometric Advantages
Biometric Advantages
Convenience
–
Can’t be lost (in general)
–
Can’t be forgotten
Can’t be loaned
7/16/2013 10
Can’t be loaned
Mostly unique (matching may not be)
Perceived strong non-repudiation
Does not change significantly (in general)
(Ident.)
Both verification and identification
Biometric Disadvantages
Biometric Disadvantages
Ability to authenticate dependent on
technology (FAR, FRR)
Personal data, but not secret/secured data
Easy to copy raw data
7/16/2013 11
Easy to copy raw data
Cost of technology
Non-revocable
Cannot change if compromised (Ver.)
Biometric Authentication System
Biometric Authentication System
7/16/2013 12
Template Size
Template Size
Wireless Biometric System Security
Wireless Biometric System Security
Security issues
–
Biometric authentication to ensure secure
access to the system/network
•
In other words, wireless system access security
7/16/2013 14
•
In other words, wireless system access security
–
Wireless message authentication to ensure
secure transmission of biometric data
•
In other words, personal information security and
privacy across the wireless network
–
Physical security
Biometric Authentication Threats
Biometric Authentication Threats
Defense of Biometric System
Defense of Biometric System
Capture device presented with ‘false’
biometric
–
e.g. fake finger, short video, high-res
7/16/2013 16
–
e.g. fake finger, short video, high-res
color iris image, latent image
–
Use biometric ‘in addition’ not ‘instead
of’ (multi-verification)
Defense of Biometric System
Defense of Biometric System
(continued)
(continued)
Modification of capture device
–
Only a problem if capture and template
generation (and maybe matching) are done on
the device (trusted biometric device)
7/16/2013 17
the device (trusted biometric device)
–
Tightly integrate capture mechanism with
processing hardware
–
Ruggedize device
–
Display physical sign of tampering
–
Inactivate if tampered (TILT!)
Defense of Biometric System
Defense of Biometric System
(continued)
(continued)
Remainder are network security or
template database security issues
–
Wireless network security will be
7/16/2013 18
–
Wireless network security will be
discussed
–
Database security is beyond the scope
of this presentation
Biometric Cryptography
Biometric Cryptography
Use of biometric data for encryption
& decryption
“fuzzy” commitment, vault – Ari
7/16/2013 19
“fuzzy” commitment, vault – Ari
Biometric Cryptography (example)
Biometric Cryptography (example)
Template
(key)
Password
(hashed)
E(h(Pwd))
Enroll
(Encrypt)
00000 11111
01010 10101
01010 01010
“stored”
7/16/2013
Verify
(Decrypt)
20Template
(key)
compare
11010 11101
10000 10111
Hamming
Distance = 2
Within
Threshold?
Biometrics Standards
Biometrics Standards
Common Biometric Exchange File Format (CBEFF) ANSI-NIST-ITL-2000
– Data exchange & quality
– Criminal identification
American Association for Motor Vehicle Administration (AAMVA) DL/ID
2000
FBI
7/16/2013 21
FBI
– Wavelet Scalar Quantization (WSQ) – fingerprint image (de)compression
– Electronic Fingerprint Transmission Standard (EFTS)
Intel Common Data Security Architecture (CDSA) ANSI X9.84 – Biometric data security (life cycle)
– Originally developed for financial industry; uses CBEFF
APIs
– Open: BioAPI, Java Card Biometric API; uses CBEFF
– Proprietary: BAPI …what is Microsoft planning?
XCBF
– XML Common Biometric Format from OASIS; uses CBEFF
Biometric Standards
Biometric Standards
Recently from NIST…
–
Biometric Data Specification for Personal
Identity Verification (PIV)
•
January 24, 2005 (Draft)
•
New standards governing interoperable use of
7/16/2013 22
•
New standards governing interoperable use of
identity credentials to allow physical and logical
access to federal government locations and systems
–
Technical and formatting requirements for biometric
credentials
–
Restricts values and practices for fingerprints and
facial images
–
Geared toward FBI background checks and formatting
data for a PIV card
CBEFF
CBEFF -- Overview
Overview
Framework for sharing raw or template
data
Supports encryption & digital signature
for security
7/16/2013 23
for security
File = SBH (header) + BSMB (data) + SB
(signature)
Patrons identify the data format
Approved interchange formats
–
Finger Minutiae, Finger Pattern, Finger Image,
CBEFF Patron Formats
CBEFF Patron Formats
Format A – The CBEFF Data Structure
– Patron: CBEFF– Small embedded or legacy systems, limited storage
– No data exchange between systems
Format B – The BioAPI Specification Biometric Identification
7/16/2013 24
Format B – The BioAPI Specification Biometric Identification
Record (BIR) Format
– Patron: BioAPI Consortium
– BioAPI compliant systems
– Client / server data exchange
Format C – ANSI X9.84 Biometric Object
– Patron: ANSI Subcommittee X9, Working Group F4
– Large systems
– Data exchange in a secure manner with authentication
Wireless Advantages
Wireless Advantages
Mobility
Flexibility
–
Easier to relocate and configure
–
More scalable
Cost
7/16/2013 25
Cost
–
No cost due to physical barriers, private property.
Productivity
–
More opportunity to connect
Aesthetics
–
No clutter from wires
Robustness
Wireless Disadvantages
Wireless Disadvantages
Lower channel capacity
–
Limited spectrum available
–
Power restrictions
–
Noise levels
7/16/2013 26
–
Noise levels
Noise and interference
Frequency allocation
–
U.S. – FCC
Greater security concern
Wireless Protocols
Wireless Protocols
Network domains
– Broadband• IEEE 802.16, Worldwide Interoperability for Microwave Access (WiMAX) – framework, not single system or class of service
– Cellular networks
• Global System for Mobile communication (GSM)
• Universal Mobile Telecommunications System (UMTS =WCDMA)
7/16/2013 27
• Universal Mobile Telecommunications System (UMTS =WCDMA) – Cordless systems
• Time Division Multiple Access (TDMA)
• Time Division Duplex (TDD)
– Mobile Internet Protocol (Mobile IP)
– Wireless Local Area Network (WLAN)
• IEEE 802.11 (Wi-Fi) a,b,g (n … not yet ratified) – Wireless Personal Area Network (WPAN)
• IrDA, Bluetooth, ultra wideband, wireless USB – Home Automation (narrow band)
Wireless Protocol Comparison
Wireless Protocol Comparison
7/16/2013 28
Security and Protocols
Security and Protocols
Security domains
– Application security
• Wireless Application Protocol (WAP)
– Uses Wireless Transport Layer Security (WTLS)
• Current Class 2 devices based on IETF SSL/TLS
• Future Class 3 devices will use a WAP Identity Module (WIM)
• Web services
7/16/2013 29
• Web services
– Simple Object Access Protocol (SOAP) – toolkits available for Java & .NET
• Operating system security (Java run-time, Palm OS, Microsoft Windows CE) – Device security (PINs, pass-phrases, biometrics)
– Security of wireless protocols
• IEEE 802.11 (Wi-Fi)
– Wireless Encryption Protocol (WEP)… weak and flawed
– Wi-Fi Protected Access (WPA). Uses Temporal Key Integrity Protocol (TKIP)
• IEEE 802.11i – Wireless Security spec. (WPA, AES, FIPS 140-2 compliant) – Authentication security
• Remote Authentication Dial In User Service (RADIUS)
• Kerberos
Network Encryption
Network Encryption
Secure Shell (SSH)
–
Application Layer
–
Secure remote connection replacement for telnet, rlogin,
rsh
Secure Socket Layer (SSL)
7/16/2013 30
Secure Socket Layer (SSL)
–
Transport Layer Security (TLS)
–
Uses TCP & has specific port numbers
–
Main use is HTTPS (port 443)
Internet Protocol Security (IPSec)
–
Network Layer
–
Includes a key management protocol
Network System Architecture
Network System Architecture
Where does authentication happen?
–
Device
•
Data not externally transmitted
–
Local Computer
•
Data transmitted between device(s) and PC (WPAN)
7/16/2013 31
•
Data transmitted between device(s) and PC (WPAN)
–
LAN-Connected Computer
•
Data transmitted locally (WLAN)
–
Remote Computer
•
Data transmitted remotely (WWAN)
–
Application dependent
•
Data transmitted between capture device and database
Avenues of Attack
Avenues of Attack
Local Computer
LAN- connected Computer
LAN
= wireless
7/16/2013 32
Capture
Device
WAN
Wireless Security Issues
Wireless Security Issues
Denial of Service (DoS)
– Jamming…Use Spread Spectrum (DSSS, FHSS) technology
– As a device battery attack, i.e., more processing = more battery usage
Eavesdropping
– Signal is in the open air (war dialing)
Theft or loss of device
7/16/2013 33
Theft or loss of device
– Due to size, portability, and utility
Dependency on public-shared infrastructure
– What security is in place?
Masquerading
– Rogue clients pretend to be legitimate endpoint
– Rogue access points trick clients to logging in
Malware
– Worms (Cabir) and Viruses (Timfonica, Phage) on wireless devices
Wireless Security Paradox
Wireless Security Paradox
We use wireless devices for
convenience
Security measures often decrease
7/16/2013 34
Security measures often decrease
convenience and performance
Result: Security features are often
System Design Considerations
System Design Considerations
Verification
– Are you who you claim to be (or are supposed to be)?
– 1:1 matching
– Usually consensual
– Typically smaller template databases
– Authorization (computer, network, building)
7/16/2013 35
– Authorization (computer, network, building)
Identification
– Who are you?– 1:n matching
– Often no explicit consent or awareness
– Typically larger template databases
– Surveillance (homeland and border security), forensics, criminal investigation (AFIS)
Why not both?
Scenario: Biometrics at the Airport
Scenario: Biometrics at the Airport
Workforce security
– Biometric authentication
• Identify all employees who require restricted area access
• ID card encoded to protect data
• Biometric scanning devices networked at access control points to permit/deny access
Facility integrity
7/16/2013 36
Facility integrity
– Employees w/ vehicle access must be authenticated via biometrics
– Access control within aircraft
• Biometric devices for authorized personnel to access sensitive areas within aircraft
Communications infrastructure
– Networked biometric scanning stations
Passenger security
– Authenticate passengers with passports or ID cards containing encoded biometrics
Putting it Together
Putting it Together
How do we maximize advantages and
minimize disadvantages when a
biometric system is combined with a
7/16/2013 37
biometric system is combined with a
wireless system for an optimal
Future Research
Future Research
Pattern for “fuzzy” matching?
–
Biometrics, digital watermarks, IDS, search
engines
Biometric cryptography
7/16/2013 38
Biometric cryptography
–
Biometric key generation
•
Fuzzy matching methodologies
•
Embedding biometric keys within wireless protocols
–
X.509 certificates
–
Protocol payload area
–
Protocol header (authentication) area