Biometric Authentication in a Wireless Environment

(1)

Biometric Authentication in a

Wireless Environment

7/16/2013 1

Wireless Environment

Dr. Mohammad Iqbal

(2)

Goals



Biometric protocols suitable for a

wireless networked environment



Secure system/network access via

7/16/2013 2



Secure system/network access via

biometric authentication



Secure wireless transmission of

(3)

Why Wireless Biometrics?



Combination of two rapidly growing

technologies

1. Biometric systems for verification and

identification

7/16/2013 3

identification

•

Homeland Security

2. Wireless systems for mobility

•

Over 1 trillion wireless phone min. in US,

2004

(4)

Current Examples of Biometric

Deployments



Eastern Financial’s Boca Mission Bay branch

–

Handprint scan to unlock the door to safe deposit boxes



Statue of Liberty

–

Fingerprint scan to access lockers

7/16/2013 4



Nine Zero hotel in Boston

–

Iris scan for entrance to $3,000-a-night suite



Piggly-Wiggly grocery stores

–

Testing pay-by-fingerprint system



Bank of Tokyo-Mitsubishi

(5)

Human authentication



Types of human authentication

–

What you

know

(secret)

•

Password, PIN, mother’s maiden name

–

What you

have

(token)

7/16/2013 5

–

What you

have

(token)

•

ATM card, smart card

–

What you

are

(biometric)

•

Stable: fingerprint, face, iris

•

Alterable: voice, keystroke

–

Where

you are (authorization?)

(6)

Suitability of Biometrics



Paradox of secure biometrics

–

A biometric is stable and distinctive. This is

good for identification.

–

However, something unique can never be

7/16/2013 6

–

However, something unique can never be

changed. This is not so good for verification if

the biometric is compromised.

–

Furthermore, a biometric is not a secret, so it

can be found and copied. This is bad.

–

So, are stability and uniqueness not good after

(7)

Keyspace



Number of possible codewords (CW)

–

Token

•

12-digit: CW = 10^12 CWs

–

Password

•

Full 62 ASCII alphanumeric chars used randomly in an

8-7/16/2013 7

•

Full 62 ASCII alphanumeric chars used randomly in an

8-char password = over 10^14 CWs

•

Most actual users selection ≈ 10^6 CWs, so in practice, the

12-digit token is more secure

–

Biometrics (2001 technology, may change)

•

≈ inverse of FAR

– Iris ≈ 10^6 CWs

– Fingerprint ≈ 10^4 CWs

– Voice ≈ 10^3 CWs

(8)

Increasing Keyspace



Combined authentication to increase

keyspace

–

Multibiometric authentication

•

More than one biometric

7/16/2013 8

•

More than one biometric

–

Combine standard biometrics (e.g. face and fingerprint

(multimodal), or multiple fingerprints)

–

Combine standard biometric with “soft” biometric

•

Soft biometric = gender, height, race, eye color,

etc.

–

Multifactor authentication

•

More than one authentication type

(9)

7/16/2013 9

(10)

Biometric Advantages



Convenience

–

Can’t be lost (in general)

–

Can’t be forgotten



Can’t be loaned

7/16/2013 10



Can’t be loaned



Mostly unique (matching may not be)



Perceived strong non-repudiation



Does not change significantly (in general)

(Ident.)



Both verification and identification

(11)

Biometric Disadvantages



Ability to authenticate dependent on

technology (FAR, FRR)



Personal data, but not secret/secured data



Easy to copy raw data

7/16/2013 11



Easy to copy raw data



Cost of technology



Non-revocable



Cannot change if compromised (Ver.)

(12)

Biometric Authentication System

7/16/2013 12

(13)

Template Size

(14)

Wireless Biometric System Security



Security issues

–

Biometric authentication to ensure secure

access to the system/network

•

In other words, wireless system access security

7/16/2013 14

•

In other words, wireless system access security

–

Wireless message authentication to ensure

secure transmission of biometric data

•

In other words, personal information security and

privacy across the wireless network

–

Physical security

(15)

Biometric Authentication Threats

(16)

Defense of Biometric System



Capture device presented with ‘false’

biometric

–

e.g. fake finger, short video, high-res

7/16/2013 16

–

e.g. fake finger, short video, high-res

color iris image, latent image

–

Use biometric ‘in addition’ not ‘instead

of’ (multi-verification)

(17)

(continued)



Modification of capture device

–

Only a problem if capture and template

generation (and maybe matching) are done on

the device (trusted biometric device)

7/16/2013 17

the device (trusted biometric device)

–

Tightly integrate capture mechanism with

processing hardware

–

Ruggedize device

–

Display physical sign of tampering

–

Inactivate if tampered (TILT!)

(18)

(continued)



Remainder are network security or

template database security issues

–

Wireless network security will be

7/16/2013 18

–

Wireless network security will be

discussed

–

Database security is beyond the scope

of this presentation

(19)

Biometric Cryptography



Use of biometric data for encryption

& decryption



“fuzzy” commitment, vault – Ari

7/16/2013 19



“fuzzy” commitment, vault – Ari

(20)

Biometric Cryptography (example)

Template

(key)

Password

(hashed)

E(h(Pwd))

Enroll

(Encrypt)

00000 11111

01010 10101

01010 01010

“stored”

7/16/2013

Verify

(Decrypt)

20

Template

(key)

compare

11010 11101

10000 10111

Hamming

Distance = 2

Within

Threshold?

(21)

Biometrics Standards

 Common Biometric Exchange File Format (CBEFF)  ANSI-NIST-ITL-2000

– Data exchange & quality

– Criminal identification

 American Association for Motor Vehicle Administration (AAMVA) DL/ID

2000

 FBI

7/16/2013 21

 FBI

– Wavelet Scalar Quantization (WSQ) – fingerprint image (de)compression

– Electronic Fingerprint Transmission Standard (EFTS)

 Intel Common Data Security Architecture (CDSA)  ANSI X9.84 – Biometric data security (life cycle)

– Originally developed for financial industry; uses CBEFF

 APIs

– Open: BioAPI, Java Card Biometric API; uses CBEFF

– Proprietary: BAPI …what is Microsoft planning?

 XCBF

– XML Common Biometric Format from OASIS; uses CBEFF

(22)

Biometric Standards



Recently from NIST…

–

Biometric Data Specification for Personal

Identity Verification (PIV)

•

January 24, 2005 (Draft)

•

New standards governing interoperable use of

7/16/2013 22

•

New standards governing interoperable use of

identity credentials to allow physical and logical

access to federal government locations and systems

–

Technical and formatting requirements for biometric

credentials

–

Restricts values and practices for fingerprints and

facial images

–

Geared toward FBI background checks and formatting

data for a PIV card

(23)

CBEFF

CBEFF -- Overview

Overview



Framework for sharing raw or template

data



Supports encryption & digital signature

for security

7/16/2013 23

for security



File = SBH (header) + BSMB (data) + SB

(signature)



Patrons identify the data format



Approved interchange formats

–

Finger Minutiae, Finger Pattern, Finger Image,

(24)

CBEFF Patron Formats



Format A – The CBEFF Data Structure

– Patron: CBEFF

– Small embedded or legacy systems, limited storage

– No data exchange between systems



Format B – The BioAPI Specification Biometric Identification

7/16/2013 24



Format B – The BioAPI Specification Biometric Identification

Record (BIR) Format

– Patron: BioAPI Consortium

– BioAPI compliant systems

– Client / server data exchange



Format C – ANSI X9.84 Biometric Object

– Patron: ANSI Subcommittee X9, Working Group F4

– Large systems

– Data exchange in a secure manner with authentication

(25)

Wireless Advantages



Mobility



Flexibility

–

Easier to relocate and configure

–

More scalable



Cost

7/16/2013 25



Cost

–

No cost due to physical barriers, private property.



Productivity

–

More opportunity to connect



Aesthetics

–

No clutter from wires



Robustness

(26)

Wireless Disadvantages



Lower channel capacity

–

Limited spectrum available

–

Power restrictions

–

Noise levels

7/16/2013 26

–

Noise levels



Noise and interference



Frequency allocation

–

U.S. – FCC



Greater security concern

(27)

Wireless Protocols



Network domains

– Broadband

• IEEE 802.16, Worldwide Interoperability for Microwave Access (WiMAX) – framework, not single system or class of service

– Cellular networks

• Global System for Mobile communication (GSM)

• Universal Mobile Telecommunications System (UMTS =WCDMA)

7/16/2013 27

• Universal Mobile Telecommunications System (UMTS =WCDMA) – Cordless systems

• Time Division Multiple Access (TDMA)

• Time Division Duplex (TDD)

– Mobile Internet Protocol (Mobile IP)

– Wireless Local Area Network (WLAN)

• IEEE 802.11 (Wi-Fi) a,b,g (n … not yet ratified) – Wireless Personal Area Network (WPAN)

• IrDA, Bluetooth, ultra wideband, wireless USB – Home Automation (narrow band)

(28)

Wireless Protocol Comparison

7/16/2013 28

(29)

Security and Protocols



Security domains

– Application security

• Wireless Application Protocol (WAP)

– Uses Wireless Transport Layer Security (WTLS)

• Current Class 2 devices based on IETF SSL/TLS

• Future Class 3 devices will use a WAP Identity Module (WIM)

• Web services

7/16/2013 29

• Web services

– Simple Object Access Protocol (SOAP) – toolkits available for Java & .NET

• Operating system security (Java run-time, Palm OS, Microsoft Windows CE) – Device security (PINs, pass-phrases, biometrics)

– Security of wireless protocols

• IEEE 802.11 (Wi-Fi)

– Wireless Encryption Protocol (WEP)… weak and flawed

– Wi-Fi Protected Access (WPA). Uses Temporal Key Integrity Protocol (TKIP)

• IEEE 802.11i – Wireless Security spec. (WPA, AES, FIPS 140-2 compliant) – Authentication security

• Remote Authentication Dial In User Service (RADIUS)

• Kerberos

(30)

Network Encryption



Secure Shell (SSH)

–

Application Layer

–

Secure remote connection replacement for telnet, rlogin,

rsh



Secure Socket Layer (SSL)

7/16/2013 30



Secure Socket Layer (SSL)

–

Transport Layer Security (TLS)

–

Uses TCP & has specific port numbers

–

Main use is HTTPS (port 443)



Internet Protocol Security (IPSec)

–

Network Layer

–

Includes a key management protocol

(31)

Network System Architecture



Where does authentication happen?

–

Device

•

Data not externally transmitted

–

Local Computer

•

Data transmitted between device(s) and PC (WPAN)

7/16/2013 31

•

Data transmitted between device(s) and PC (WPAN)

–

LAN-Connected Computer

•

Data transmitted locally (WLAN)

–

Remote Computer

•

Data transmitted remotely (WWAN)

–

Application dependent

•

Data transmitted between capture device and database

(32)

Avenues of Attack

Local Computer

LAN- connected Computer

LAN

= wireless

7/16/2013 32

Capture

Device

WAN

(33)

Wireless Security Issues



Denial of Service (DoS)

– Jamming…Use Spread Spectrum (DSSS, FHSS) technology

– As a device battery attack, i.e., more processing = more battery usage



Eavesdropping

– Signal is in the open air (war dialing)



Theft or loss of device

7/16/2013 33



Theft or loss of device

– Due to size, portability, and utility



Dependency on public-shared infrastructure

– What security is in place?



Masquerading

– Rogue clients pretend to be legitimate endpoint

– Rogue access points trick clients to logging in



Malware

– Worms (Cabir) and Viruses (Timfonica, Phage) on wireless devices

(34)

Wireless Security Paradox



We use wireless devices for

convenience



Security measures often decrease

7/16/2013 34



Security measures often decrease

convenience and performance



Result: Security features are often

(35)

System Design Considerations



Verification

– Are you who you claim to be (or are supposed to be)?

– 1:1 matching

– Usually consensual

– Typically smaller template databases

– Authorization (computer, network, building)

7/16/2013 35

– Authorization (computer, network, building)



Identification

– Who are you?

– 1:n matching

– Often no explicit consent or awareness

– Typically larger template databases

– Surveillance (homeland and border security), forensics, criminal investigation (AFIS)



Why not both?

(36)

Scenario: Biometrics at the Airport



Workforce security

– Biometric authentication

• Identify all employees who require restricted area access

• ID card encoded to protect data

• Biometric scanning devices networked at access control points to permit/deny access



Facility integrity

7/16/2013 36



Facility integrity

– Employees w/ vehicle access must be authenticated via biometrics

– Access control within aircraft

• Biometric devices for authorized personnel to access sensitive areas within aircraft



Communications infrastructure

– Networked biometric scanning stations



Passenger security

– Authenticate passengers with passports or ID cards containing encoded biometrics

(37)

Putting it Together



How do we maximize advantages and

minimize disadvantages when a

biometric system is combined with a

7/16/2013 37

biometric system is combined with a

wireless system for an optimal

(38)

Future Research



Pattern for “fuzzy” matching?

–

Biometrics, digital watermarks, IDS, search

engines



Biometric cryptography

7/16/2013 38



Biometric cryptography

–

Biometric key generation

•

Fuzzy matching methodologies

•

Embedding biometric keys within wireless protocols

–

X.509 certificates

–

Protocol payload area

–

Protocol header (authentication) area