1. INTRODUCTION:

Today, more and more information is transmitted over the Internet. This information is not only text, but also audio, image, and other multimedia. Images are widely used in our daily life. However, the more extensively we use the images, the more important their security will be. For example, it is important to protect diagrams of army emplacements, diagrams of bank-building construction, and the important data captured by military satellites. In addition, the number of computer crimes has recently increased. For these reasons, image security has become an important topic in the current computer world. Most of the traditional or the modern cryptosystems have been designed to protect textual data.1–7 The original plain text is converted into cipher text, which is apparently random nonsense. Once the cipher text has been produced, it is stored or transmitted over a network. Upon reception, the cipher text can be transformed back into the original plain text by using a decryption algorithm. For the encryption of images using traditional cryptosystems, such as the Rivest Shamir Adleman _RSA_ or the data encryption standard cryptosystems, the images must first be converted into one-dimensional arrays.5 Cryptography aims at achieving three major requirements[3,4,5]: diffusion, confusion, and dependence on keys. These requirements are readily satisfied by chaotic functions because of their sensitive dependence on initial conditions, topological transitivity, and ergodicity.[8–12]

This makes chaos theory a strong candidate for the design of efficient image cryptosystems. Fridrich has proposed a general framework for the application of chaotic maps in image encryption.[10] In this framework, the analog chaotic map is first discretizied. Then, it is generalized by the introduction of some parameters. The parameters of the map constitute the key for the image cryptosystem[9,10,11].

2. BIOMETRIC OVERVIEW:

Over recent years there has been considerable growth in interest in the use of biometric systems for personal authentication. By using biometrics, authentication is directly linked to the person, rather than their token or password. On the basis of media hype, you might conclude that biometrics will provide 100 percent identification. But what if actual performance is far less impressive? How and where biometric systems are deployed will depend on their real-life performance, which must therefore be appropriately measured. The UK Biometrics Working Group (BWG) co-ordinates the Communications Electronics Security Group (CESG) Biometrics Programmer, the goal of which is to enable the use of biometric authentication in Information Age Government. To achieve this, the BWG is establishing the security credentials of biometric technology through the development of test standards and protocols, and providing security assurance through International Common Criteria Evaluate on and certification [12,13,14].

As part of this work, CESG sponsored the National Physical Laboratory to carry out a test programmer evaluating some of the leading biometric technologies. The first objective was to provide factual, vendor independent data on the performance of biometric devices. Such information on the general capability of biometric technology will help in the development of policy on how and where biometrics might be used within Government and elsewhere. Further objectives were to validate the BWG proposed methodology for biometric testing, to support the development of the methodology for use with Common Criteria evaluations of biometric products and systems, and to act as a stimulus to later evaluations. The systems selected for testing represented most of the common types of biometric technologies[15,16]:

· Face Visionics – FaceIt

· Fingerprint VeriTouch – vr-3(U), usin

· Infineon FingerTIP chip sensor

· Hand Recognition Systems – HandKey II

· Iris Iridian Technologies – IriScan system 2200

· Voice OTG – SecurPBX Demonstration System

Also tested were an optical sensor fingerprint system and a prototype vein pattern system. The results for these two systems were less representative of the technologies, and are not shown here. The evaluation scenario was ‘access control’ in a ‘normal office environment’. This is a fairly typical application for biometric systems, most of which should perform close to optimally in such conditions. Users were to be co-operative, though relatively unfamiliar with using the biometric systems, as would be the case with infrequent users, for example. The tests were conducted with 200 volunteers. These were drawn mainly from NPL staff, so there were no children, also women and older age groups were slightly under-represented. A further factor is that the volunteers generally had a positive outlook to technology; this might also influence performance. All subjects attempted enrolment on each device, with repeat enrolment attempts if required[17,18]. The only ‘failures to enrol’ were on the fingerprint system, where two people (1 percent) could not enrol due to the very poor condition of their fingerprints, and the iris system, where one person (0.5 percent) could not enrol a blind eye. Of course, in a larger and fully representative sample, we would encounter people with other Most biometric systems have an adjustable ‘decision threshold’ for a trade-off of usability, ie, false rejections against security, ie, false acceptances. The relationship between the false reject rate and false accept rate is best shown using ‘detection error trade-off’ curves as in figure 1. The lower and further left on the graph, the better the performance. It is seen that the iris system had the best accuracy, with 1.8 percent false rejections and no false matches in over two million comparisons. Of the other systems, fingerprint performs best for low false acceptance rates, while hand geometry can achieve low (below 1 percent) false rejection rates if false acceptance is not too critical. This illustrates that there is not a universally ‘best’ biometric system – the best system for high security may not be the best for high accessibility. In their normal mode of operation, many systems allow multiple attempts. Figure 2 shows that for most systems, allowing three attempts considerably improves performance. In the case of face recognition, the improvement in false reject rate was offset by the worsening in false accept rate and no change is shown. We also measured user throughput on each of the systems. This tends to be affected much more by system design, than by the performance of the image capture and matching algorithms. For example, the speed of voice verification is dictated by the user prompts[19,20]. For high-throughput applications, the hand geometry system and optical fingerprint sensor were the fastest to use, capable of verifying up to eight people per minute. The other systems were slightly slower handling up to six verifications per minute. When systems are used for identification, rather than verification, the input biometric must be compared against many enrolment templates, and throughput of the matching algorithm becomes important. The supplied algorithms processed from approximately one thousand comparisons per minute for voice and face recognition, up to 1.5 million comparisons per minute in the case of iris recognition. It is likely that each of the algorithms could be further optimised for one-tomany matching. We also looked at performance differences attributable to the category of user. Looking at all seven systems it appeared that men and younger users were generally more likely to be successfully verified than women or older age groups. In the case of fingerprints age seems more significant than gender. Our observations during the evaluation show that many of the false-rejections were due to user error caused by unfamiliarity with the system. Thus, were the systems being used on a daily basis as part of peoples’ jobs, performance would be noticeably better. However this level of system familiarity is unlikely to be the case for many envisaged public applications. With such applications our results show that a fallback system will be essential to deal with the small proportion of genuine verification attempts falsely rejected. The evaluation has provided factual, vendor independent data on the performance of biometric systems. The results are indicative of the general capabilities of current biometric systems in good conditions. With other environments, user population, types of application, or for systems other than those tested, performance figures are likely to be different. The testing methodology proposed by the BWG has been shown to be feasible for evaluating performance of biometric systems at their current level of accuracy. The results, and test report available at http://www.cesg.gov.uk/ biometrics have generated a lot of interest in the biometrics community, renewing interest in performance testing and encouraging other companies to consider Best Practice compliant performance evaluation

3. PROPOSED METHODOLOGY:

Figure 1: Proposed Approach

In this diagram we can see the biometric Aunthication system using fingerprint. In this case both fingerprint templates generate different key for encryption and decryption. In experimental result we can see the encryption and decryption of image.

4. EXPERIMENTAL RESULT:

Figure 2: Layout of System

Figure 3: Input Image

Figure 4: Input Image

Figure 5: Encrypted Image

Figure 6: Decrypted Image

In above results we can see the image encryption and decryption but the key we are using here simple random numbers which can be easily hacked thats why we are using the finer print templates for generating the key. In this case both sender and receiver use different fingerprint template to improve the security of our system.

5. CONCLUSION:

Biometrics-based authentication has many usability advantages over traditional systems such as passwords. Specifically, users can never lose their biometrics, and the biometric signal is difficult to steal or forge. We have shown that the intrinsic bit strength of a biometric signal can be quite good, especially for fingerprints, when compared to conventional passwords. Yet, any system, including a biometric system, is vulnerable when attacked by determined hackers. We suggested several ways to alleviate some of these security threats. Replay attacks have been addressed using data-hiding techniques to secretly embed a telltale mark directly in the compressed fingerprint image. A challenge/response method has been proposed to check the liveliness of the signal acquired from an intelligent sensor.

6. REFERENCES:

1. Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38:97–139, 2008.

2. Y. Du, C. Belcher, and Z. Zhou. Scale invariant gabor descriptorbased noncooperative iris recognition. EURASIP J. Adv. Signal Process, 2010:37:1–37:10, February 2010.

3. C. Gentry, P. Mackenzie, and Z. Ramzan. Password authenticated key exchange using hidden smooth subgroups. In Proceedings of the 12th ACM conference on Computer and communications security (ACM CCS’05), pages 299–311, 2005.

4. V. Govindaraju, V. Chavan, and S. Chikkerur. Biometric convolution using multiple biometrics. Google Patents, 2005.

5. F. Hao, R. Anderson, and J. Daugman. Combining crypto with biometrics effectively. IEEE Transactions on Computers, 55(9):1081– 1088, 2006.

6. A. Jain, K. Nandakumar, and A. Nagar. Biometric template security. EURASIP Journal on Advances in Signal Processing, 2008:113:1– 113:17, 2008.

7. A. Jain, S. Pankanti, S. Prabhakar, L. Hong, A. Ross, and J. Wayman. Biometrics: a grand challenge. In Proceedings of the 17th International Conference on Pattern Recognition, pages 935–942, 2004.

8. A. Juels and M. Sudan. A fuzzy vault scheme. Designs, Codes and Cryptography, 38:237–257, 2006.

9. Y. Lee, K. Park, S. Lee, K. Bae, and J. Kim. A new method for generating an invariant iris private key based on the fuzzy vault system. IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics, 38(5):1302–1313, 2008.

10. Y. Lindell and B. Pinkas. An efficient protocol for secure two-party computation in the presence of malicious adversaries. In Advances in Cryptology - EUROCRYPT 2007, 4515:52–78, 2007.

11. E. Maiorana, P. Campisi, J. Fierrez, J. Ortega-Garcia, and A. Neri. Cancelable templates for sequence-based biometrics with application to on-line signature recognition. IEEE Transactions on Systems, Man and Cybernetics, Part A: Systems and Humans, 40(3):525–538, 2010.

12. N. Ratha, S. Chikkerur, J. Connell, and R. Bolle. Generating cancelable fingerprint templates. IEEE Transactions on Pattern Analysis and Machine Intelligence, 29(4):561–572, 2007.

13. N. Ratha, J. Connell, and R. Bolle. Enhancing security and privacy in biometrics-based authentication systems. IBM System Journal, 40:614– 634, 2001.

14. F.M. Reza. An Introduction to Information Theory. Dover, New York, 2010.

15. M. Savvides, B. Kumar, and P. Khosla. Cancelable biometric filters for face recognition. In Pattern Recognition, 2004. ICPR 2004. Proceedings of the 17th International Conference on, volume 3, pages 922–925, 2004.

16. Y. Sutcu, Q. Li, and N. Memon. Protecting biometric templates with sketch: Theory and practice. IEEE Transactions on Information Forensics and Security, 2(3):503–512, 2007.

17. Y. Sutcu, Q. Li, and N. Memon. Secure biometric templates from fingerprint-face features. Computer Vision and Pattern Recognition, IEEE Computer Society Conference on, 0:1–6, 2007.

18. K. Takahashi, S. Hirata, H. Hino, and M. Mimura. Method, system and program for authenticating a user by biometric information. Google Patents, 2007.

19. K. Takahashi and S. Hitachi. Generating provably secure cancelable fingerprint templates based on correlation-invariant random filtering. In Proceedings of IEEE 3rd International Conference on Biometrics: Theory, Applications, and Systems, pages 1–6, 2009.

20. A. Yao. Protocols for secure computations. In Proceedings of 23^rd Annual Symposium on Foundations of Computer Science, pages 160–164, 1982.

Received on 01.06.2012 Accepted on 10.06.2012

Int. J. Tech. 2(1): Jan.-June. 2012; Page 17-20