Embed Size (px)
DESCRIPTION
This report presents a study on how to improve the security of automated teller machine (ATM) banking systems. An embedded Crypto-Biometric authentication scheme for ATM banking applications, wherein cryptography and biometric techniques are joined together. They also utilize the advanced encryption standard (AES) algorithm in developing the scheme.
Citation preview
A SEMINAR REPORT ON A METHOD TO IMPROVE THE SECURITY LEVEL OF
ATM BANKING SYSTEMS USING AES ALGORITHM
BY
NWUCHEGBUO GILBERT CHIBUZOR
BAS/CSC/120169
SEMINAR WORK BEING PRESENTED TO THE DEPERTMENT OF
MATHEMATICS COMPUTER SCIENCE, FACULTY OF BASIC ANE APPLIED
SCIENCE IN PARTIAL FULLFILMENT OF THE REQUIREMENT OF THE AWARD
BACHELOR OF SICENCE DEGREE (B.Sc) IN COMPUTER SCIENCE AT BENSON
IDAHOSA UNIVERSITY, BENIN CITY, EDO STATE
NOVEMBER, 2015
CERTIFICATION
This is to certify that the seminar report entitled gesture recognition submitted by
NWUCHEGBUO GILBERT CHIBUZOR in partial fulfillment of the degree of Bachelor
of Science in Computer Science at Benson Idahosa University, Benin city, Edo state
during the academic year of 2015/2016
Mr Walter Date
Seminar Supervisor
Dr.K.O. Obahiagbon Date
Head of Department
DEDICATION
I dedicate this project work to God Almighty for His everlasting love, care, guidance and
protection throughout my stay in the University.
I also dedicate the project to my parents Mr & Mrs Nwuchgbuo Augustine and to my entire
family.
ACKNOWLEDEMENTS
I would like to thank God Almighty for His exceeding grace throughout the duration of my
academic program. I also wish to express my regards to my supervisor Mr Walter and special
thanks to my wonderful Course adviser Engr. O. Akhideno, Mr. O. Eguasa, for being so vitally
supportive.
To my lecturers in the department of Mathematics and Computer Science, Dr. K. O.
Obahiagbon, Mr. A. Odion, Elder T. Odiai, Engr. O. Akhideno, Mr. O. Eguasa, Mrs Okpah,
Mrs. A. Inyang, Rev. S. Obadan,Mrs. G. Iyare Mr. W. Osazuwa, Mr. Ogbomwan, Mr. Osato,
Mr. I.B Erakhuemen and others, your contribution towards the success of this project work is
highly appreciated.
A Method to Improve the Security Level of ATM Banking Systems Using AES
Algorithm
This report presents a study on how to improve the security of automated teller machine (ATM)
banking systems. An embedded Crypto-Biometric authentication scheme for ATM banking
applications, wherein cryptography and biometric techniques are joined together. They also
utilize the advanced encryption standard (AES) algorithm in developing the scheme.
INTRODUCTION
BACKGROUND OF STUDY
Biometrics based authentication is a potential candidate to replace password-based
authentication. Among all the biometrics, fingerprint based identification is one of the most
mature and proven technique. Cryptography provides the necessary tools for accomplishing
secure and authenticated transactions. It not only protects the data from theft or alteration, but
also can be used for user authentication. In a conventional cryptographic system, the user
authentication is possession based.
The weakness of such authentication systems is that it cannot assure the identity of the
maker of a transaction; it can only identify the maker’s belongings (cards) or what he remembers
(passwords, PINs etc.) Automatic biometric authentication is an emerging field to address this
problem. Fingerprint authentication is the most popular method among biometric authentication.
However, it is infeasible to encrypt such a large volume of image using conventional
cryptography for the purpose of centralized fingerprint matching. A strong interest in biometric
authentication is to integrate encryption key with biometrics.
The project aims at developing a novel crypto-biometric authentication scheme in ATM
banking systems. It mainly reduces the accessing time, when compared with manual based
banking system. ATMs are now a normal part of daily life, it explores the accessibility barriers
that ATMs present to people with a variety of disabilities, particularly examining the access
barriers experienced by the people who are blind, vision impaired or who have reading, learning
or intellectual disabilities. Together with the development of biometric authentication, integrated
biometrics and cryptosystems has also been addressed.
Biometric authentication in our paper is image based. For remote biometric
authentication, the images need to be encrypted before transmitted. Chaotic map used in image
encryption has been studied. The permutation of pixels, the substitution of gray level values, and
the diffusion of the discretized map can encrypt an image effectively. In this paper, an embedded
crypto-biometric authentication protocol is proposed. The fingerprint image acquired from the
user is encrypted in the ATM terminal for authentication. The encrypted image is then
transmitted over the secured channel to the central banking terminal. In the banking terminal
fingerprint image is decrypted. The decrypted image is compared with the fingerprint templates.
The authentication is valid if the minutiae matching are successful.
AIMS AND OBJECTIVE
The aim of this research work is to effectively discuss the method to improve the security level
of ATM banking systems using AES algorithm
1. The main reason for introducing biometric systems is to increase overall security.
SIGNIFICANCE OF THE STUDY
Biometrics-based authentication offers several advantages over other authentication. Fingerprint
technology in particular, can provide a much more accurate and reliable user authentication
method. Biometrics is a rapidly advancing field that is concerned with identifying a person based
on his or physiological or behavioral characteristics. As the Automated Teller Machines (ATM)
technology is advancing, fraudsters are devising different skills to beat the security of ATM
operations. Various forms of fraud are perpetuated, ranging from: ATM card theft, skimming,
pin theft, card reader techniques, pin pad techniques, force withdrawals and lot more. Managing
the risk associated with ATM fraud as well as diminishing its impact is an important issue that
faces financial institutions as fraud techniques have become more advanced with increased
occurrences. Considering the numerous security challenges encountered by Automated Teller
Machines (ATM) and users and given that the existing security in the
ATM system has not been able to address these challenges, there is the need to enhance the ATM
security system to overcome these challenges. This study focuses on how to enhance security of
transactions in ATM system using fingerprint. The aim of this study therefore is to develop ATM
simulator based fingerprint verification operations in order to reduce frauds associated with the
use of ATM.
LITRATURE REVIEW
FINGERPRINT: The patterns of friction ridges and valleys on an individual's fingertips are
unique to that individual. For decades, law enforcement has been classifying and determining
identity by matching key points of ridge endings and bifurcations. Fingerprints are unique for
each finger of a person including identical twins. One of the most commercially available
biometric technologies, fingerprint recognition devices for desktop and laptop access are now
widely available from many different vendors at a low cost. With these devices, users no longer
need to type passwords – instead, only a touch provides instant access
EMBEDDED CRYPTO-BIOMETRIC AUTHENTICATION PROTOCOL
Generally, there are two basic fingerprint authentication schemes, namely the local and the
centralized matching. In the central matching scheme, fingerprint image captured at the terminal
is sent to the central server via the network and then it is matched against the minutiae template
stored in the central server. There are three stages in the protocol namely registration, login and
authentication. In the registration phase, the fingerprints of ATM users are enrolled and the
derived fingerprint templates are stored in the central server. The login phase is performed at an
ATM terminal equipped with a fingerprint sensor. The proposed block schematic of embedded
crypto biometric authentication system is shown in Fig (1)
SOURCE: www.google.com
Fig. 1 Schematic of embedded crypto biometric authentication system.
In the authentication phase, the fingerprint image is then encrypted and transmitted to central
server via secured channel. At the banking terminal the image is decrypted using 128 bit private
key algorithm. The encrypted image is transmitted to the central server via secured channel. At
the banking terminal the image is decrypted using the same key. Based on the decrypted image,
minutiae extraction and matching are conducted to verify the presented fingerprint image
belongs to the claimed user. The authentication is signed if the minutiae matching are successful.
ENCRYPTION AND DECRYPTION ALGORITHMS
Encryption is the process of converting plain image into cipher image. Plain image in our paper
is the unsecured form of fingerprint image. By using the appropriate keys, plain image is
encrypted into cipher image before transmitting through the secured channel. Decryption is the
reverse process of encryption. Fingerprint image is recovered (plain image) by using the same
key. DES, Triple DES and AES algorithms are the commonly used symmetric key algorithms.
Shared key, less time consumption, easy operation and secret key are the merits of symmetric
key algorithms.
AES Algorithm
The advanced encryption standard (AES) is a replacement to Data encryption standard (DES) as
the federal standard. AES has already received widespread use because of its standard definition,
high security and freedom patent entanglements. In cryptography, the Advanced Encryption
Standard (AES) is also known as Rijndael algorithm.
Unlike its predecessor DES, Rijndael is an iterated block cipher which supports variable block
length and key length. Both lengths can be independently specified as 128, 192 or 256 bits. It has
a variable number of iterations: 10, 12 and 14 for key lengths of 128, 192 or 256 bits
respectively. In this paper, a 128 bit block and key length are assumed, although the design could
be adopted without difficulty to other block and key lengths. AES is fast in both software and
hardware, relatively easy to implement, and requires little memory. As a new encryption
standard, it is currently being deployed on a large scale.
Fig. 2 AES algorithm (a) Encryption Structure (b) Decryption Structure
AES consists of following steps
Key Generation
Initial Round
Rounds
KEY GENERATION
Encryption keys are vital to the security of the cipher, which can be derived in the following
three methods:
Randomly chosen values of pixels and their co-ordinates in raw image
Randomly choose 5-10 points in the raw fingerprint image. The vertical and horizontal position
of pixels, as well as the gray level values of each point is served as key. MOD operations are
performed. The key consists of the remainders and a supplementary digit that makes the sum of
key equals to N. For example, in a 256×256 gray level fingerprint image, there are five points
picked up, their coordinates and pixels values are: (32,21,240); (58,115,175); (135,174,189);
(216,172,194); (218,221,236). After conducting mod (40) and mod (10) operations for the
coordinates and the gray level values, respectively. The result is: (32,21,0); (18,35,5); (15,14,9);
(16,12,4);(18,21,6). The sum of above five groups numbers is
Sm=226. At last, a supplementary digit N – Sm =256-226=30 is the last digit of the key, where N
and Sm denote the size of the image and the sum of the co-ordinates and pixel vales respectively.
The encryption key is: {32, 21, 0, 18, 35, 5, 15,
14, 9, 16, 12, 4, 18, 21, 6, 30}
From the stable global features of fingerprint image
Some global features such as core and delta are highly stable points in a fingerprint, which have
the potential to be served as cryptography key. Some byproduct information in the processing of
fingerprint image can be used as the encryption key. For example, the Gabor filter bank
parameters[7] are: concentric bands is 7, the number of sectors considered in each band is 16,
each band is 20 pixels wide; there are 12 ridge between core and delta, the charges of the core
and delta point are 4.8138e-001 and 9.3928e-001, and the period at a domain is 16. Then the
key could be: {7, 16, 20, 12, 4, 8, 13, 8, 9, 39, 28, 27, 1, 16, 50, and 42}.
Pseudo random number generator based on chaotic map
One can use the pseudo-random number generator introduced in to produce the key. Chaotic
maps provide excellent security and have many desired cryptographic qualities. They are simple
to implement which results in high encryption rates. In chaos based encryption, the method for
developing a cipher consists of four steps.
Designing the basic map
Generalized map
Discretized version
Extension to three dimensions
Starting with M N image with L gray levels (for example, with the image consisting of a black
square) after performing k iterations, we obtain M N pseudo random integers in the range [0, L-
1]. Majority of traditional random number generators generate the next number in the sequence
by following certain deterministic rule, i.e., there is a deterministic relationship between xi and i
1 x. The random number generator based on three-dimensional maps is nontraditional because it
does not have this property. If more than M N random numbers are needed, we can perform
another k iteration of the chaotic map and get another set of M N random numbers. To encrypt a
fingerprint image, three to six iterations can hide the image perfectly where each iteration is
suggested to use different key.
The quality of stream ciphering based on mixing the plaintext with a sequence of pseudo random
numbers depends on the following factors:
The period of the pseudo random sequence.
Randomness properties of the generator.
It should be computationally hard to determine the key and the seed based on the
knowledge of a finite segment of pseudo-random numbers.
The structure of permutations of the pixels suggests that the period of the sequence is very high.
This statement needs to be quantified by an asymptotic estimate for the period. This topic is
currently under investigation. The third requirement is equivalent to breaking the cipher using
cipher text only type of attack. As described before, the complexity of a direct key search
increases exponentially as 0.9 1 2 N. The randomness properties of the proposed random number
generator were tested on a 256 256s image with 256 gray levels with the following tests for
randomness:
Uniformity of distribution test
Coupon collector’s test
Permutation test
Poker test
Serial pairs test
All five tests were satisfied by the sequence of pseudo random numbers obtained from an
encrypted image of a black square after nine iterations. The numbers were read in a row-by-row
manner. Computer experiments done with other scanning patterns suggest that the properties of
the pseudo random sequence do not depend on the scanning pattern.
SIMULATION, STATISTICAL AND STRENGTH ANALYSIS
The proposed encryption scheme is tested. Simulation results and its evaluation are presented.
Simulations
The gray level fingerprint image is shown Fig.3 (a). The first 3D permutation is performed with
the key {32, 21, 0, 18, 35, 5, 15,
14, 9, 16, 12, 4, 18, 21, 6, 30}. After first round of 3D permutation, the encrypted fingerprint
image is shown in
Fig.3 (b). The second round permutation is performed with the key {7, 16, 20, 12, 4, 8, 13, 8, 9,
39, 28, 27, 1, 16, 50, 42}. After that, the image is shown in Fig.3 (c). The third round
permutation is finished with a key {1, 23, 8, 19, 32, 3, 25, 12, 75, 31, 4, 10, 14, 5, 25, 13}. After
this, the image is shown in Fig.3 (d), which is random looking.
SOURCES: www.google.com
Fig. 3 Fingerprint and the encrypted image. (a) Original image; (b) One round of iteration; (c)
Two rounds of iterations; (d) Three rounds of iterations.
Statistical and Cryptographic Strength Analysis
Statistical analysis
The histogram of original fingerprint image is shown in Fig.4 (a). After 2D chaotic mapping, the
pixels in fingerprint image can be permuted, but as the encrypted fingerprint image has the same
gray level distribution and same histogram as in Fig.4 (a). As introduced in Section 4, 3D chaotic
map can change the gray level of the image greatly. After one round and three rounds of 3D
substitution, the histograms are shown in Fig.4(b) and (c) respectively, which is uniform, and has
much better statistic character, so the fingerprint image can be well hidden.
SOURCES: www.google.com
Fig. 4 Histograms of fingerprint image and the encrypted image.
(a) Original fingerprint image; (b) One round of 3D iteration; (c) Three rounds of 3D iterations.
Strength analysis.
The cipher technique is secure with respect to a known plaintext type of attack. With the
diffusion methodology, the encryption technique is safe to cipher text type of attack. As the
scheme proposed in this paper use different keys in different rounds of iterations, and the length
is not constrained, it can be chosen according to the developer’s need
AES ALGORITHM
WHAT IS AES ALGORITHM
The advanced encryption standard (AES) is a replacement to data encryption standard (DES) as
the federal standard. AES has already received widespread use because of its standard definition,
high security and freedom patent entanglements. In cryptography, the Advanced Encryption
Standard (AES) is also known as Rijndael algorithm.
Unlike its predecessor DES, Rijndael is an iterated block cipher which supports variable block
length and key length. Both lengths can be independently specified as 128, 192 or 256 bits. It has
a variable number of iterations: 10, 12 and 14 for key lengths of 128, 192 or 256 bits
respectively. In this paper, a 128 bit block and key length are assumed, although the design could
be adopted without difficulty to other block and key lengths. AES is fast in both software and
hardware, relatively easy to implement, and requires little memory. As a new encryption
standard, it is currently being deployed on a large scale.
HOW AES ENCRYPTION WORKS
AES comprises three block ciphers, AES-128, AES-192 and AES-256. Each cipher encrypts and
decrypts data in blocks of 128 bits using cryptographic keys of 128-, 192- and 256-bits,
respectively. (Rijndael was designed to handle additional block sizes and key lengths, but the
functionality was not adopted in AES.) Symmetric or secret-key ciphers use the same key for
encrypting and decrypting, so both the sender and the receiver must know and use the
same secret key. All key lengths are deemed sufficient to protect classified information up to the
"Secret" level with "Top Secret" information requiring either 192- or 256-bit key lengths. There
are 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys a
round consists of several processing steps that include substitution, transposition and mixing of
the input plain text and transform it into the final output of ciphertext.
APPLICATION AREAS OF AES ALGORITHM
Application of AES algorithm on ATM
The fingerprint template including singular points, frequency of ridges and minutiae are
stored at the central banking server when enrollment. At the time of transaction
fingerprint image is acquired at the ATM terminal using high resolution fingerprint
scanner. The fingerprint image is enhanced and then encrypted using 128 bit private key
algorithm. The encrypted image is transmitted to the central server via secured channel.
At the banking terminal the image is decrypted using the same key. Based on the
decrypted image, minutiae extraction and matching are performed to verify the presented
fingerprint image belongs to the claimed user. The authentication is signed if the minutiae
matching are successful. The proposed scheme is fast and more secure.
For Data Encryption and Decryption
Due to increasing use of computers, now a day security of digital information is most
important issue. Intruder is an unwanted person who reads and changes the information
while transmission occurs. This activity of intruder is called intrusion attack. To avoid
such attack data may be encrypted to some formats that is unreadable by an unauthorized
person, when the data gets to the authorized person it will be decrypted with AES. AES is
mainly advance version of data encryption standard (DES).
FEATURES OF AES ENCRYPTION ALGORITHM
Advanced Encryption Standard (AES) algorithm works on the principle of Substitution
Permutation network.
AES doesn’t use a feistily network and is fast in both software and hardware.
AES operates on a 4×4 matrix of bytes termed as a state
The Advanced Encryption Standard cipher is specified as a number of repetitions of
transformation sounds that convert the input plaintext into the final output of cipher text.
Each round consists of several processing steps, including one that depends on the
Encryption key.
A set of reverse rounds are applied to transform cipher text back into the original
plaintext using the same encryption key.
CONCLUTION
An embedded Crypto-Biometric authentication scheme for ATM banking systems has been
proposed. The claimed user’s fingerprint is required during a transaction. The fingerprint image
is encrypted via 3D chaotic map as soon as it is captured, and then transmitted to the central
server using symmetric key algorithm. The encryption keys are extracted from the random pixel
distribution in a raw image of fingerprint, some stable global features of fingerprint and/or from
pseudo random number generator. Different rounds of iterations use different keys. At the
banking terminal the image is decrypted using the same key. Based on the decrypted image,
minutiae extraction and matching are performed to verify the presented fingerprint image
belongs to the claimed user. Future work will focus on the study of stable features (as part of
encryption key) of fingerprint image, which may help to set up a fingerprint matching dictionary
so that to narrow down the workload of fingerprint matching in a large database.
REFERENCES[1] F.Han, J.Hu, X.Yu, Feng, Zhou: A novel hybrid cryptobiometric authentication scheme for ATM based banking applications, Springer-Verlag Berlin Heidelberg, (2005) 675-681.
[2] F.Han, J.Hu, X.Yu, Feng, Zhou: A New Way of Generating Grid-Scroll Chaos and its Application to Biometric Authentication, IEEE, (2005) 61-66.
[3] U.Uludag, S.Pankanti, S.Prabhakar andA. K.Jain, ―Biometric cryptosystems: Issue and challenges,‖ Proceedings of the IEEE, vol.92, no.6, 2004, pp.948-960.
[4] S. Hoque, M. Fairhurst, G. Howells and F. Deravi,―Feasibility of generating biometric encryption keys,‖ Electronics Letters, vol. 41, no.6, 2005, pp.29-30.
[5] Fridrich, J.: Symmetric Ciphers Based on two dimensional chaotic maps, Int. J. Bifurcation and Chaos, 8 (1998) 1259-1284
[6] Zhou, J., Gu, J.: A model-based method for the computation of fingerprints’ orientation field, IEEE Trans. on Image Processing, 13 (2004) 821-835
[7] Jain, A.K., Prabhakar, S., Hong, L., Pankanti, S: Filterbank-based fingerprint matching, IEEE Trans. on Image Processing, 9 (2000) 846-859
[8] Jain, A.K., Prabhakar S., Hong, L.: A multichannel approach to fingerprint classification, IEEE Trans. On Pattern Anal. Machine Intell. 21 (1999) 348-359
[9] Chen, G., Mao, Y., Chui, C.: A symmetric encryption scheme based on 3D chaotic cat map, Chaos, Solitons & Fractals, 21 (2004) 749-761
[10] Uludag, U., Ross, A., Jain, A.K.: Biometric template selection and update: a case study in fingerprints, Pattern Recognit., 37 (2004) 1533-1542
[11] Kocarev, L. Jakimoski, G., Stojanovski T., Parlitz, U.: From chaotic maps to encryption schemes, Proc. IEEE Sym. Circuits and Syst., 514-517, Monterey, California, June (1998)
[12] Ratha, N.K, Karu, K. Chen, S., Jain, A.K.: A real-time matching system for large fingerprint databases, IEEE Trans. on Pattern Anal. Machine Intell., 18 (1996) 799- 813
[13] J. Daemen, V. Rijmen, ``the Block Cipher Rijndael,'' Smart Card Research and Applications, LNCS 1820, J.- J. Quisquater and B. Schneier, Eds., Springer-Verlag, 2000, pp. 277-284.
[14] J. Daemen and V. Rijmen, ``Rijndael, the advanced encryption standard,'' Dr. Dobb's Journal, Vol.~26, No.~3, March 2001, pp.~137--139.
