Biometric Digital Signature Key Generation andCryptography Communication Based on

Fingerprint

Je-Gyeong Jo, Jong-Won Seo, and Hyung-Woo Lee

Div. Computer Information of Software, Hanshin University,411, Yangsan-dong, Osan, Gyunggi, 447-791, Korea

aiking@hs.ac.kr, seo0207@hs.ac.kr, hwlee@hs.ac.kr

Abstract. A digital signature is a term used to describe a data stringwhich associates a digital message with an assigned person only. There-fore, the main goal (or contribution) of this work is to study a simplemethod for generating digital signatures and cryptography communica-tion using biometrics. The digital signature should be generated in theway that it can be verified by the existing cryptographic algorithm suchas RSA/ElGamal without changing its own security requirement andinfrastructure. It is expected that the proposed mechanism will ensuresecurity on the binding of biometric information in the signature schemeon telecommunication environments.1

Keywords: Biometrics Digital Key, Fuzzy Vault, Secure Communica-tion, Digital Signature, Digital Key Generation.

1 Introduction

A digital signature has many applications in information security such as au-thentication, data integrity, and non-repudiation. One of the most significantadvances in digital signature technologies is the development of the first practi-cal cryptographic scheme called RSA[1], while it still remains as one of the mostpractical and versatile digital signature techniques available today[2].

It is often desirable to generate a digital signature by deriving a signature key(or a semantically equivalent value) from human source(biometrics) in today’scommunications environment rather than keeping the key in an external hard-ware device. Therefore, biometrics is the science of using digital technologies toidentify a human being based on the individual’s unique measurable biologicalcharacteristics[4,5].

This work proposes a general framework of biometric digital signature keygeneration from both technical and practical perspectives in order to establishsafe environment using telebiometric systems and protect individual privacy.1 This work was supported by the Korea Research Foundation Grant funded by the

Korean Government (MOEHRD, Basic Research Promotion Fund) (KRF-2006-311-D00857).

F.P. Preparata and Q. Fang (Eds.): FAW 2007, LNCS 4613, pp. 38–49, 2007.c© Springer-Verlag Berlin Heidelberg 2007

Biometric Digital Signature Key Generation 39

From the technical point of view, this work proposes several biometric dig-ital key and signature generation frameworks to ensure data integrity, mutualauthentication, and confidentiality. From the practical perspective, this work de-scribes overall framework that allow protection of biometric data as related totheir enrolment, signature generation and verification. This work also outlinesmeasures for protection of the biometric information as related to its generation,storage, and disposal.

Actually digital key generation from biometric has many applications suchas automatic identification, user authentication with message encryption, etc.Therefore, this work analysis the related schemes and proposes a simplified modelwhere a general signature scheme (including an RSA scheme that requires a largesignature key) can be applied without losing its security.

This work also can be applicable into authentication frameworks for protec-tion of biometric systems as related to their operational procedures, roles andresponsibilities of the personnel involved in system design. It is expected thatthe proposed countermeasures will ensure security and reliability on the flow ofbiometric information in the telecommunication environment.

2 Overview on Existing Scheme

2.1 Biometric Digital Key

Digital Signature Key Generation for Telebiometrics. Fig. 1 depicts thecommon component or modules on Telebiometrics system with proposed keygeneration module, which commonly includes a step to extract features throughsignal processing after acquiring biometric data from a biometric device suchas a sensor. The features are then compared or matched against the biometricdata, which were already obtained through the same processes and saved in adatabase, and the result is decided on decision step.

Based on existing Telebiometrics model, this work proposes digital signaturekeys (both private key and public key pair) generation framework from biometricinformation. Therefore, it is possible to combine existing public key infrastruc-ture such as RSA[1] or ElGamal[3] to generate digital signature key on biometricdata.

Therefore, the main goal (or contribution) of this work is to study a sim-ple method for generating digital signatures using biometrics by exploiting theexisting Fuzzy Vault[4] scheme.

Biometric Template. Biometric templates are processed measurement featurevectors. Biometrics of different individuals is independent realizations of a ran-dom process that is equal for all individuals. We assume that the processing ofbiometrics results in templates that can be described as a sequence of n indepen-dent identically distributed random variables. Noisy measurements of biometricsare modeled as observations through a memoryless noisy channel. It is assumedthat the enrollment measurements of the biometric templates are noise free.

40

Key Generation Key Extraction and Digital Signature

Capture

Template Generation

Match

Yes/No

Capture

Template Generation

Transmission

Transmission

Input Device Digital Key Generation/Signature Procedure Input Device

Key Generation

Transmission

ApplicationDigital Signature

Key Extraction

BC

MatchTransmission

Transmission

CA

ProtectedData

Personal Secret

Personal Secret

Transmission

Transmission

Yes/No

Public Key

Private Key

Fig. 1. Biometric Digital Key Generation on Telebiometrics

We examine the existing biometrics-based digital signature scheme and analy-sis them on the fly. First this document can classify those schemes into key deriva-tion(generation) and signature generation and verification framework. The keyderivation schemes imply that the signature key is derived directly from bio-metrics while the key authentication schemes mean that the signature key isaccessed by biometric authentication.

Common Digital Signature Scheme. A cryptographic primitive that is fun-damental in authentication, authorization, and non-repudiation is the digitalsignature. The process of signing entails transforming the message and somesecret information held by the entity into a tag called a signature[5].

• M is the set of messages which can be signed.• S is a set of elements called signature, possibly binary strings of a fixed length.• SA is a transformation from the message set M to the signature set S, and is

called a signing transformation for communication entity A. The transfor-mation SA is kept secret by sender A, and will be used to create signaturesfor messages from M.

• VA is a transformation from the set S × M to the set {true; false}. VA iscalled a verification transformation for A’s signatures, is publicly known,and is used by other entities to verify signatures created by A.

Therefore, the transformations SA and VA provide a digital signature schemefor A. Occasionally the term digital signature mechanism is used. The size of thekey space is the number of encryption/decryption key pairs that are available inthe cipher system. A key is typically a compact way to specify the encryptiontransformation (from the set of all encryption transformations) to be used. Eachcan be simply described by a permutation procedure which is called the key. Itis a great temptation to relate the security of the encryption scheme to the sizeof the key space.

RSA is the first practical cryptographic scheme for digital signature and stillremains as one of the most practical and versatile techniques available today

J.-G. Jo, J.-W. Seo, and H.-W. Lee

Biometric Digital Signature Key Generation 41

[1]. This document supposes to use a simple hash-and-sign RSA primitive in aprobabilistic manner (with k -bit random numbers).

The public-private keys are respectively 〈e, N〉 and 〈d, N〉 where N is theproduct of two distinct large primes p and q, and ed ≡ 1 mod φ(N) for theEuler totient function φ(N) = (p − 1)(q − 1) [1]. The public key is postulated tobe certified by the CA. We assume signer S returns signature on a message m;〈s, r〉 where s ← H(m, r)d mod N and r ← R{0, 1}k.

The ElGamal public-key encryption scheme can be viewed as Diffie-Hellmankey agreement in key transfer mode[3]. Its security is based on the intractabilityof the discrete logarithm problem and the Diffie-Hellman problem. The ElGa-mal signature scheme is a randomized signature mechanism. It generates digitalsignatures with appendix on binary messages of arbitrary length, and requiresa hash function h: {0, 1}∗ → Zp where p is a large prime number. Each entitycreates a public key and corresponding private key.

Public Key Infrastructure and Biometric Certificate. For an authorizedassertion about a public key, we commonly use digital certificates issued by atrusted entity called the certificate authority (CA) in the existing public keyinfrastructure(PKI).

Biometric identification process is combined with digital certificates for elec-tronic authentication as biometric certificates. The biometric certificates aremanaged through the use of a biometric certificate management system. Bio-metric certificates may be used in any electronic transaction for requiring au-thentication of the participants.

Biometric data is pre-stored in a biometric database of the biometric certificatemanagement system by receiving data corresponding to physical characteristicsof registered users through a biometric input device. Subsequent transactions tobe conducted over a network have digital signatures generated from the physicalcharacteristics of a current user and from the electronic transaction. The electronictransaction is authenticated by comparison of hash values in the digital signaturewith re-created hash values. The user is authenticated by comparison against thepre-stored biometric certificates of the physical characteristics of users in the bio-metric database.

2.2 Existing Biometric Key Mechanisms

Recently several methods have been proposed to use biometrics for generat-ing a digital signature. In 2001, P. Janbandhu and M. Siyal studied a methodfor generating biometric digital signatures for Internet based applications [12].Their scheme was actually focused on using a 512-byte iris code invented by J.Daugman [9,10], and deriving a singature key from the iris code.

In 2002, R. Nagpal and S. Nagpal proposed a similar method except that theyused a multi modal technique combining iris pattern, retina, and fingerprintin order to derive RSA parameters [7]. In 2002, P. Orvos proposed a methodfor deriving a signature key from a biometric sample and a master secret keptsecurely in a smart card [14]. In the commercial fields, several products that

42 J.-G. Jo, J.-W. Seo, and H.-W. Lee

generate a digital signature only by accessing the server or smart card throughbiometric authentication, are being announced [8].

We could observe that the first two schemes are far from practice due totheir inadequate assumption on acquiring deterministic biometrics [7,12], whilethe remaining results eventually use biometrics as only a means to access thesignature key stored in some hardware devices [8].

Recently in 2004, Y. Dodis, L. Reyzin, and A. Smith showed a method of usingbiometric data to securely derive cryptographic keys which could be used forauthentication by introducing a secure sketch which allows recovery of a sharedsecret and a fuzzy extractor which extracts a uniformly distributed string fromthe shared secret in an error-tolerant way [8].

In 2005, X. Boyen, Y. Dodis, J. Katz, R. Ostrovsky, and A. Smith improvedthis result in a way that resists an active adversary and provides mutual authen-tication and authenticated key exchange [9]. There is an approach of template-protecting biometric authentication proposed by P. Tuyls and J. Goseling in2004 [6], but it does not provide a method for deriving a cryptographic key.

2.3 Secret Hiding Function : Fuzzy Vault Scheme

Fuzzy vault is a simple and novel cryptographic construction. A player Alicemay place a secret value k in a fuzzy vault and ’lock’ it using a set A of elementsfrom some public universe U . If Bob tries to ’unlock’ the vault using a set B ofsimilar length, he obtains k only if B is close to A, i.e., only if A and B overlapsubstantially[4].

Thus, a fuzzy vault may be thought of as a form of error tolerant encryptionoperation where keys consist of sets. Fuzzy vault like error-tolerant cryptographicalgorithms are useful in many circumstances such as privacy protected matchingand enhancement, authentication with biometrics and in which security dependson human factors like fingerprint, etc[4].

Follow diagram(Fig. 2) shows the general Fuzzy Vault model for providingbiometric digital key generation and protection functions.

Key Generation

Fig. 2. Fuzzy Vault Scheme for Biometric Digital Key Protection

Biometric Digital Signature Key Generation 43

3 Proposed Telebiometrics Digital Key Generation

Biometric data can be input by using diverse application such as fingerprintreader, etc. Therefore, this work can use transformation module on input bio-metric data. In this section, the proposed key generation framework is describedin detail. For example, follow diagram(Fig. 3) shows the abstracted flow on bio-metric digital key pairs from the fingerprint data. On the Alice’s fingerprint data,key pairs can be generated by using existing common public key cryptosystemsuch as RSA or ElGamal.

LiveData Capturing

KeyExtracting

Matching

ProtectedTemplate

Private Key

Biometric Sample

Biometric Template

Y

DigitalSign

MessageSigned Message

Sent to Receiver

BioCert

Protected Data

PersonalSecret

BC

BiometricCertificate

Fig. 3. Biometric Digital Key Generation Framework

In the key generation framework, the identity of the user is verified by com-paring the captured biometric data with biometric certificate(BC) that is storedin BCA. Therefore, no one can act for the original user in key generation mech-anism. Only the user who has registered hisher own biometric template on BCAcan make public and private key pairs.

3.1 Biometric Digital Key Generation

Capturing Function. This function is a sensing and input module with featureenhancement function. In fingerprint, ridge regions in the image are identifiedand normalized. In detail ridge orientations are determined, local ridge frequen-cies calculated, and then contextual filters with the appropriate orientation andfrequency are applied.

This function makes the biometric template from the biometric raw data.The noise on the captured image is reduced through image processing. Then theset of minutiae are extracted from the enhanced image. Finally, the biometrictemplate is made from location and angle values of minutiae set.

Matching Function. The role of adjustment function is finding helper datathat is used for revising location and angle values of minutiae set. A user’sbiometric data is always different whenever the biometric data is captured fromthe device. Thus the adjustment function is needed to revise newly capturedbiometric data.

44 J.-G. Jo, J.-W. Seo, and H.-W. Lee

Biometric Digital Key Generation Function. The private key is generatedby hashing a user’s personal secret and a biometric template. If we use only thebiometric template for private key generation, we always get to generate samekey since the biometric data is unique. Moreover, if the private key is disclosed,the user’s biometric data can not be used any more. Therefore, in order tocancel and regenerate the private key, the user’s personal secret is also requiredin generation of the private key.

The private key is generated by hash function such as MD5 or SHA-1 onthe biometric template with the personal secret. If we use only the biometrictemplate for private key generation, we always get to generate same key sincethe biometric data is unique. Moreover, if the private key is disclosed, the user’sbiometric data can’t be used any more. Therefore, in order to cancel and regen-erate the private key, the user’s personal secret is also required in generation ofthe private key.

3.2 Biometric Digital Key Protection

Biometric template stores the subject’s biometric feature data, which is vitalto the overall system security and individual security. Once the biometric datais leaked out, the individual authentication is confronted with threat, and in-dividual biometric authentication in other applications may be confronted withsecurity vulnerability, too. So, it is most important to protect the biometrictemplate. Private secret data is stored as a protected form on protected storage.

The confidentiality of biometric private key can be assured by this mechanism.For biometric private key as well as biometric template is a kind of individualprivate data, the certificate user have right and must delete their biometricprivate key from certificate database when the biometric certificate is revoked.

For example, we can implement ’Shuffling’ module by using fuzzy-vault schemeas follows. Firstly, we generate fake minutiae set and insert them to the user’sbiometric template. Secondly, for hiding private key, polynomial for real minu-tiae set(original biometric template) and polynomial for fake minutiae set areconstructed. Then, the private key is projected to each polynomial. Finally, theprotected data(template) is made by combining these results. It consists of minu-tiae’s (location, angle, result) value set.

Key Shuffling Function. A key shuffling(secret locking) function is used tohide the private key to enforce security of it. Therefore, it is a simplified secretshuffling module on biometric data for hiding and securing the private key.

• Step 1: Generate fake minutiae set and insert them to the user’s biometrictemplate for protection of the template.

• Step 2: For hiding private key, polynomial for real minutiae set and polyno-mial for fake minutiae set are constructed. Then, we project private key intoeach polynomial and get results.

• Step 3: The protected template is made by combining results from step1 andstep 2. It consists of minutiae’s (location, angle, result) value set.

Biometric Digital Signature Key Generation 45

Follow diagram(Fig. 4) shows the abstracted model on the secret locking andprivate key hiding on the fingerprint data set based on Fuzzy Vault scheme.

Fig. 4. Biometric Digital Key Protection with Fuzzy Vault

3.3 Public Key Generation and Management

This work uses ElGamal signature scheme to simulate the digital signature gen-eration in our framework. The private key is generated and the public key y iscomputed as follows. Entity A generates a large random prime p and a gener-ator g of the multiplicative group Zp. And then A selects a random secret a,a ≤ a ≤ p − 2. A also computes y ≡ ga mod p. A’s public key is and privatekey is (p; g; y). It is computationally infeasible to solve discrete logarithms overGF(p). Generated public key (p; g; y) is stored on DB and certified by CA.

In order to combine biometric authentication with cryptographic techniques,the proposed framework uses adjustment function during the digital signaturephase. The adjustment function guarantees that a unique template can be de-rived from various biometrics of same person. In key generation framework, theprivate key is concealed in the protected template in order to prevent disclosureof the private key. In signature generation framework, the private key is derivedfrom the user’s biometric data and the protected template.

3.4 Biometric Digital Signature Generation and Verification

At first, user authentication is performed by comparing the signer’s capturedbiometric image with his(her) own biometric template in BCA. Due to the prop-erty of the proposed key extraction mechanism, the signer can not make othersigners do signing a message. The signer gets the private key which is extractedfrom the key extraction mechanism. Then, the signer generates his(her) owndigital signature on the message with the private key and sends it to the verifier.

The verifier gets the signer’s public key from CA(Certificate Authority) andverifies the signature on the message with the public key. Signature verificationmechanism is as same as that of ordinary digital signature verification scheme.Entity at the receiver(server) can verify the digital signature by using the signer’spublic key and biometric certificate.

46 J.-G. Jo, J.-W. Seo, and H.-W. Lee

We can generate the digital signature on the message using the private keyobtained from the input device. Entity A signs a binary message m of arbitrarylength. Any entity B can verify this signature by using A’s public key.

Biometric Digital Key Extraction. Follow diagram(Fig. 5) shows the digitalkey extraction model. User authentication is performed at first as same as in keygeneration mechanism. The user cannot disguise himself(herself) as a other forextracting the private key stored by a protected data. This requirement shouldbe considered in key extraction mechanism based on biometric data. The privatekey is extracted from protected data by using ’Key Extracting’ function withbiometric template and personal secret value. Cryptographic function such asfuzzy vault can be applicable into this mechanism.

LiveData Capturing

KeyExtracting

Matching

ProtectedTemplate

Private Key

Biometric Sample

Biometric Template

Y

DigitalSign

MessageSigned Message

Sent to Receiver

BioCert

Protected Data

PersonalSecret

BC

BiometricCertificate

Fig. 5. Biometric Digital Key Extraction Framework with Fuzzy Vault

Digital Signature Generation and Verification. Digital signatures are fastemerging as a viable information security solution, satisfying the objectives ofdata integrity, entity authentication, privacy, non-repudiation and certification.In this section, digital signature generation mechanism is described using theproposed key generation/extraction mechanisms in telebiometric environment.

The private key extracted from the previous module is used to sign the mes-sage. The message and the signature on it are sent to the verifier. For example,we can generate digital signature (r, s) on the message m from the input privatekey.

Entity A generates a large random prime p and a generator g of the mul-tiplicative group Zp. And then A selects a random integer α, 1 ≤ α ≤ p − 2.A also computes y ≡ gα mod p. A’s public key is (p; q; y) and private keyis α. And then entity A signs a binary message m of arbitrary length. Anyentity B can verify this signature by using A’s public key. In detail entity Aselects a random secret integer k , with gcd(k, p − 1) = 1. And then A computesr ≡ gk mod p and K−1 mod (p−1). Finally entity A can generates and computess ≡ k−1{h(m)− αr} mod (p − 1) and then A’s signature for m is the pair (r; s).

To verify A’s signature (r; s) on m, B should do the following: B obtains A’sauthentic public key (p : α; y) and verifies that 1 ≤ r ≤ p − 1; if not, then reject

Biometric Digital Signature Key Generation 47

the signature. If satisfied, B computes v1 ≡ yrrs mod p and v2 ≡ gh(m) mod p.B accepts the signature if and only if v1 = v2.

4 Cryptography Communication with Fingerprint

4.1 Message Encrypt with Digital Key

The main objective of biometric encryption is to provide privacy and confiden-tiality using biometric digital key(a private and a public key pairs). In biometricencryption systems each client receives public key from DB. Any entity wishingto securely send a message to the receiver obtains an authentic copy of publickey and then uses the encryption transformation. To decrypt, the receiver ap-plies decryption transformation to obtain the original message after biometricauthentication process. Common biometric encryption mechanism with digitalkey is also possible as follow Fig. 6.

Receiver : Server

BC

MessageDB

Encryption

Public key

Biometric Template

Biometric Cert.

Encrypted Message

Sender : Client

LiveData

Capturing

Signal Processing

Decryption

Matching Secret

Message

Key Mgmt.

Key ExtractingPrivate key

Fig. 6. Biometric Encryption for Cryptography Communication with Fingerprint

For message encryption, private key is extracted from the protected datastored by fuzzy vault scheme. And then we can generate encrypted ciphertextby using public key.

4.2 Implementation Results

We implemented a biometric encryption system with fingerprint in MATLAB.First step is a fingerprint enhancement proceedure for extracting a feature setof fingerprint minutiae. After this fingerprint enhancement function, a digitizedfeature set of minutiae is generated and it is used for generating private keywith personal secret from template registration and key generation step. FollowFig. 7 show the fuzzy vault set after locking someone’s secret(private key) withinhis/her own biometric template. Developed module provides and generates pro-tected template from input fingerprint template.

Fig. 8 shows the implementation and experimental results on the encryp-tion/decryption mechanism based on ElGamal type of biometric digital key.Using biometric key pairs, we can encrypt and decrypt plaintext message.

48 J.-G. Jo, J.-W. Seo, and H.-W. Lee

Fig. 7. Fuzzy Vault Result After Locking Private Key within Fingerprint Feature Set

Fig. 8. Fuzzy Vault based Biometric Encryption and Decryption in MATLAB

5 Conclusions

We propose biometric digital key generation/extraction mechanisms for crypto-graphic secure communication, which are essential both for authentication anddigital signature protocols on open network environments. The proposed sys-tem uses biometric template in Biometric Certificate for user authenticationin key generation/extraction mechanisms. This work shows how to generationkey from biometrics and message encryption. We can use user authenticationand cryptography communication. So we can protect biometrics and commu-nications that using Fuzzy Vault and ElGamal encryption scheme. Somedaythis work will be used Internet banking system or society that use biometricsmainly.

Acknowledgments. This work was also supported by the University IT Re-search Center(ITRC) Project(IITA-2006-(C1090-0603-0016)).

Biometric Digital Signature Key Generation 49

References

1. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures andpublic-key cryptosystems. Communications of the ACM 21, 120–126 (1978)

2. Boneh, D.: Twenty years of attacks on the RSA cryptosystem. Notices of the Amer-ican Mathematical Society (AMS) 46(2), 203–213 (1999)

3. ElGamal, T., Public, A.: Key Cryptosystem and a Signature Scheme based onDiscrete Logarithms. IEEE Transactions on Information Theory IT-30(4), 469–472 (1985)

4. Juels, A., Sudan, M.: A Fuzzy Vault Scheme, also available athttp://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/fuzzy-vault/fuzzy vault.pdf

5. Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography,pp.287-291, pp.312-315. CRC Press, Boca Raton, USA (1997)

6. Tuyls, P., Goseling, J.: Capacity and examples of template-protecting biometricauthentication systems. In: Maltoni, D., Jain, A.K. (eds.) BioAW 2004. LNCS,vol. 3087, pp. 158–170. Springer, Heidelberg (2004)

7. Nagpal, R., Nagpal, S.: Biometric based digital signature scheme. Internet-Draft,draft-nagpal-biometric-digital-signature-00.txt (May 2002)

8. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy Extractors: How to generate strong keysfrom biometric identification. In: Proceedings of the Security and Privacy, IEEEComputer Society Press, Los Alamitos (1998)

9. Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., Smith, A.: Secure remote authen-tication using biometrics. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS,vol. 3494, pp. 147–163. Springer, Heidelberg (2005)

10. Soutar, C.: Biometric system performance and security (2002), Manuscript avail-able at http://www.bioscrypt.com/assets/biopaper.pdf

11. Jain, A., Hong, L., Pankanti, S.: Biometric identification. Communications of theACM (February 2000)

12. Janbandhu, P., Siyal, M.: Novel biometric digital signatures for Internet-basedapplications. Information Man-agement & Computer Security 9(5), 205–212 (2001)

13. Kwon, T., Lee, J.: Practical digital signature generation using biometrics. In: La-gana, A., Gavrilova, M., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.)ICCSA 2004. LNCS, vol. 3043, Springer, Heidelberg (2004)

14. Orvos, P.: Towards biometric digital signatures. Networkshop, pp. 26–28. Eszter-hazy College, Eger (March 2002)

15. Tuyls, P., Goseling, J.: Capacity and examples of template-protecting biometricauthentication systems. In: Maltoni, D., Jain, A.K. (eds.) BioAW 2004. LNCS,vol. 3087, pp. 158–170. Springer, Heidelberg (2004)