A New Biometrics based Key Exchange and Deniable Authentication Protocol

Document Sample
A New Biometrics based Key Exchange and Deniable Authentication Protocol Powered By Docstoc
					                                                             (IJCSIS) International Journal of Computer Science and Information Security,
                                                             Vol. 8, No. 2, May 2010




            A New Biometrics based Key Exchange and
                Deniable Authentication Protocol
K. Saraswathi                                                                    Dr. R. Balasubramanian
Asst.Proffessor, Department of Computer Science                                  Dean Academic Affairs
Govt Arts College                                                                PPG Institute of Technology
Udumalpet, Tirupur, India                                                        Coimbatore, India
dharundharsan@rediffmail.com                                                     ramamurthybala2@gmail.com

                                                                               authentication system improves the network security. Some of
Abstract-Wireless Local Area Networks (WLANs) are gaining                      most widely used biometric are hand geometry, face,
recognition as they are fast, cost effective, supple and easy to use.          fingerprint, retina, iris, DNA, signature and voice.
The networks face a serious of issues and challenges in establishing
security to the users of the network. With users accessing networks               Biometrics is the science of measuring and statistically
remotely, transmitting data by means of the Internet and carrying              analyzing biological data can be used to recognize different
around laptops containing sensitive data, ensuring security is an
                                                                               body parts like the eyes, fingerprints, facial characteristics,
increasingly multifarious challenge. Therefore it is necessary to make
sure the security of the network users. In order to provide network
                                                                               voice etc. Thus, it takes security to the next level by not just
security many techniques and systems have been proposed earlier in             confining it to authenticating passwords, fingerprint matching
literature. Most of these traditional methods make use of password,            techniques [2]. Based on the individual's biometric
smart cards and so on to provide security to the network users.                characteristics a biometric system recognizes an individual.
Though these traditional methods are effective in ensuring security            The process of a biometric system can be described, in a
they posses some limitations too. The problem with these traditional           beginner's manner, by a three-step process. The foremost step
approaches is that there is possibility to forget the password.                in this process is collection of the biometric data which is
Moreover, compromised password lead to a fact, that unauthorized               formally known as user registration. This step uses different
user can have access to the accounts of the valid user. This paper
                                                                               sensors, to assist the user in the registration process. The
proposes an approach for network security using biometrics and
deniable authentication protocol. The human biometrics like hand
                                                                               second step converts and describes the observed data using a
geometry, face, fingerprint, retina, iris, DNA, signature and voice            digital representation called a template. This step varies
can be effectively used to ensure the network security. The diverse            between modalities and also between vendors. In the third
phases included in this proposed approach are user registration,               step, the newly acquired template is compared with one or
fingerprint enhancement, minutiae point extraction, mapping function           more previously generated templates stored in a database. The
and deniable authentication protocol. Furthermore, biometric                   result of this comparison is a “match” or a “non-match” and is
authentication systems can be more convenient for the users since it           used for actions such as permitting access, sounding an alarm,
involves no password that might be feared to be forgotten by the               etc [15].
network users or key to be lost and therefore a single biometric trait
(e.g., fingerprint) can be used to access several accounts without the
burden of remembering passwords. This proposed paper also
                                                                                  Declaring a match or non-match is based on the obtained
explains some of the fingerprint enhancement techniques to make the            template being analogous, but not one and the same, to the
biometric template noise free. Experiments are conducted to evaluate           stored template. A threshold determines the measure of
the performance measure of the proposed approach.                              similarity necessary to result in a match declaration. The
                                                                               acceptance or rejection of biometric data is completely
  Keywords-Biometrics, Cryptography, Data Security, Fingerprint,               dependent on the match score falling above or below the
Mapping Function, Minutiae Point, Network Security, User                       threshold. The threshold is adjustable so that the biometric
Registration.                                                                  system can be more or less stringent, depending on the
                                                                               requirements of any given biometric application [15]. Among
                   I.        INTRODUCTION                                      all the biometric techniques, today fingerprints are the most
   Accurate, automatic identification and authentication of                    widely used biometric features for personal identification
users is an elemental problem in network environments.                         because of their high acceptability, Immutability and
Shared secrets such as personal identification numbers or                      individuality.
passwords and key devices like smart cards are not just
enough in some cases. This authentication method has                              This paper proposes a technique to secure the network
traditionally been based on passwords. The problem with these                  communication using biometric characteristics obtained from
traditional approaches is that there is possibility to forget the              the individuals. The biometric characteristic used in this paper
password. Moreover, compromised password lead to a fact,                       is fingerprint. This proposed paper utilizes image processing
that unauthorized user can have access to the accounts of the                  technique to extract the biometric measurement called
valid user. The Biometric based user authentication systems                    minutiae from the user’s fingerprint. The user’s full finger
are highly secured and efficient to use and place total trust on               print image is converted and stored as encrypted binary
the authentication server where biometric verification data are                template, which is used for authentication by the server of the
stored in a central database [1]. This biometrics based user                   network. The user’s biometric verification data are first
                                                                               transformed into a strong secret and is then stored in the

                                                                         188                               http://sites.google.com/site/ijcsis/
                                                                                                           ISSN 1947-5500
                                                        (IJCSIS) International Journal of Computer Science and Information Security,
                                                        Vol. 8, No. 2, May 2010



server’s database during registration. The proposed system is
evaluated to determine the performance measures.                            Network security issues are projected by Benavente et al. in
                                                                          [6]. The Internet is increasingly becoming a public vehicle for
  The remainder of this paper is organized as follows. Section            remote operations. Integrating biometric information in the
2 discusses some of the related work proposed earlier in                  authentication chain explores new problems. Remote virtual
association to biometric based network security. Section 3                identity is starting to play in the way towards an e-Europe, and
describes the proposed approach of providing network security             applications for e-government integrate biometrics. Remote
using the biometric characteristics obtained fingerprint.                 identity of subjects should be unambiguously stated. Several
Section 4 illustrates the performance measures and Section 5              features drive the spread of biometric authentication in
concludes the paper with directions to future work.                       network applications, in order to provide end-to-end security
                                                                          across the authentication chain aliveness detection and fake-
                   II.      RELATED WORK                                  resistive methods, network protocols, security infrastructure,
  A lot of research has been carried out in the field of                  integration of biometrics and public key infrastructure (PKI),
establishing network security based on biometric features                 etc. Their paper proposed a mid-layer interoperable
obtained from individual user [13] [14]. This section of the              architecture furnished with a set of generic interfaces and
paper discusses some of the related work proposed earlier in              protocol definitions. Their scheme enables a future
association to biometric based network security.                          introduction of new modules and applications with a minimal
                                                                          development effort.
  In their work [3] Rahman et al. proposed architecture for
secure access of computers inside an organization from a                     An intelligent fingerprint based security system was
remote location. They used biometrics features and a one-time             designed and developed by Suriza et al. in [7]. Traditionally,
password mechanism on top of secure socket layer (SSL) for                user authentication is meant to provide an identification
authentication. Moreover they also provided three layers of               number or a password that is unique and well protected to
security levels for network communication, and also a                     assure the overall system security. This type of security
mechanism for secure file accesses based on the security                  system is very fragile in an area where a higher level of
privileges assigned to various users was proposed. The files to           security system is required. Biometrics-based system offers a
be accessed from the server are categorized depending on their            new and better approach to user authentication. Biometrics
access privileges and encrypted using a key assigned to each              authentication is an automated method whereby an individual
category. The test results of their approach evaluated the                identity is confirmed by examining a unique physiological
performance of their proposed approach.                                   trait or behavioral characteristic, such as fingerprint, iris, or
                                                                          signature, since physiological traits have stable physical
   Chung et al. in [4] described a method for biometric based             characteristics. The design and development of a fingerprint-
secret key generation for protection mechanism. The binding               based security system, comprising the scanner, interface
of the user's identity and biometric feature data to an entity is         system, Boltzmann machine neural network and access control
provided by an authority through a digitally signed data                  system is discussed in this paper. The integration between the
structure called a biometric certificate. Therefore, the main             hardware and the software is completed by using Visual Basic
goal (or contribution) of their work is to propose a simple               6 programming language. The results obtained both for the
method for generating biometric digital key with biometric                simulation studies and testing of the integrated system with
certificate on fuzzy fingerprint vault mechanism. Biometric               real-life physical system have demonstrated the practicality of
digital key from biometric data has many applications such as             such system as well as its potential applications in many
automatic identification, user authentication with message                fields.
encryption, etc. Therefore, their work analyzed the related
existing scheme and proposed a simplified model where a                     Ronald in [8] put forth an alternative approach for password
general fuzzy fingerprint vault using biometric certificate with          in network security using biometrics. Passwords are the
security consideration.                                                   primary means of authenticating network users. However,
                                                                          network administrators are becoming concerned about the
  Dutta et al. in [5] presented a novel method for providing              limited security provided by password authentication. Many
network security using biometric and cryptography. They                   administrators are now concluding that their password-based
proposed         a        biometrics-based         (fingerprint)          security systems are not all that secure. User passwords are
Encryption/Decryption Scheme, in which unique key is                      routinely stolen, forgotten, shared, or intercepted by hackers.
generated using partial portion of combined sender's and                  Another serious problem is that computer users have become
receiver's fingerprints. From this unique key a random                    too trusting. They routinely use the same password to enter
sequence is generated, which is used as an asymmetric key for             both secure and insecure Web sites as well as their networks at
both Encryption and Decryption. Above unique Key is send                  work. In response to the proven lack of security provided by
by the sender after watermarking it in sender's fingerprint               password authentication, network administrators are replacing
along with Encrypted Message. The computational                           network passwords with smartcards, biometric authentication,
requirement and network security features are addressed.                  or a combination of the three. Smart cards are credit card-size
Proposed system has a advantage that for public key, it has not           devices that generate random numbers about every minute, in
to search from a database and security is maintained.                     sync with counterparts on each entry point in the network.
                                                                          Smart cards work well as long as the card isn't stolen. A better

                                                                    189                               http://sites.google.com/site/ijcsis/
                                                                                                      ISSN 1947-5500
                                                        (IJCSIS) International Journal of Computer Science and Information Security,
                                                        Vol. 8, No. 2, May 2010



choice to ensure network security is the use of biometrics.
Their paper investigated the different biometric techniques
available to determine a person's identity. Also described,                     Fingerprint Image                           Normalization
were the criteria for selecting a biometric security solution. In
conclusion, efforts to establish biometric industry standards
(including standard application program interfaces (APIs))                         Preprocessing                              Orientation
were discussed.                                                                                                               Estimation

                III.     PROPOSED APPROACH                                       Minutiae Feature
   Biometric cryptosystems [9] join together cryptography and                      Extraction
biometrics to promote from the strengths of both fields. In                                                                    Frequency
such systems, while cryptography provides high and                                                                             Estimation
adjustable security levels, biometrics brings in non-repudiation
and eliminates the must to remember passwords or to carry                       Mapping Function
tokens etc. In biometric cryptosystems, a cryptographic key is                                                                   Filtering
generated from the biometric template of a user stored in the
database in such a way that the key cannot be revealed without
a successful biometric authentication.                                                                                           Thinning
   The overall architecture of the biometric system to improve
network security is shown in figure 1. The Server maintains a                    Figure 2 Steps involved in Extracting Feature Point
database where the encrypted minutia template of the user’s               A.       User Registration
finger print is stored. In this setting, users communicate with             This step is popularly known as Enrolment phase. In all the
the server for the principle of user authentication, by rendering         security system to enroll as a legitimate user in a service, a
users fingerprint, which is transformed into a long secret                user must previously register with the service provider by
detained by the server in its database [1].                               ascertaining his/her identity with the provider. Therefore a
                                                                          scanner is used to scan the fingerprint of the user to reveal
                                                                          his/her identity for the first time. The finger print image thus
                                                                          obtained undergoes a series of enhancement steps. This is
                                                                          described in the following section of this proposed paper.

                                                                          B.       Fingerprint Enhancement

                                                                             This is very important step in designing a security system
                                                                          for network security using biometrics. This step comprise of
                                                                          the subsequent processing on the obtained fingerprint image.
                                                                          As we all know a fingerprint is made of a series of ridges and
                                                                          furrows on the surface of the finger. This determines the
                   Figure 1.Biometric System                              uniqueness of the individuals fingerprint. No two fingerprints
   Figure 2 shows a common idea of obtaining the minutiae                 can have the same pattern of ridges and furrows. Minutiae
points from biometric feature obtained from the user. The key             points are local ridge characteristics that happen at either a
vector is formed based on minutiae points (ridge ending and               ridge bifurcation or a ridge ending. The ridges hold the
ridge bifurcation) are encountered in the given finger print              information of characteristic features obligatory for minutiae
image [10]. Figure 2 shows various steps involved in the                  extraction therefore the quality of the ridge structures in a
proposed system for network security using biometrics.                    fingerprint image turns out to be an important characteristic.
                                                                          The obtained image is then subjected to image enhancement
                                                                          techniques to reduce the noise [11]. The following are the
                                                                          widely used image improvement techniques, normalization,
                                                                          orientation estimation, local frequency estimation, Gabor
                                                                          filtering, and thinning.
                                                                          1          Normalization

                                                                             The process of standardizing the intensity values in an
                                                                          image by adjusting the range of gray-level values so that it lies
                                                                          within a desired range of values is termed as “normalization”.
                                                                          Moreover the ridge structures in the fingerprint are not
                                                                          affected as a result of this process. It is carried out to
                                                                          standardize the dynamic levels of variation in gray-level
                                                                          values that facilitates the processing of subsequent image

                                                                    190                               http://sites.google.com/site/ijcsis/
                                                                                                      ISSN 1947-5500
                                                        (IJCSIS) International Journal of Computer Science and Information Security,
                                                        Vol. 8, No. 2, May 2010



enhancement stages. Figure 3 shows a image of the fingerprint            4        Thinning
before and after normalization.
                                                                            The concluding image enhancement pace typically
                                                                         performed former to minutiae extraction is thinning. Thinning
                                                                         is a morphological operation that successively erodes away the
                                                                         foreground pixels until they are one pixel wide. The
                                                                         application of the thinning algorithm to a fingerprint image
                                                                         preserves the connectivity of the ridge structures while
                                                                         forming a skeleton version of the binary image. This skeleton
                                                                         image is then used in the subsequent extraction of minutiae.
                  (a)                     (b)                            Figure 6 shows the results of thinning to a fingerprint image.
         Figure 3. (a) Original Image (b) Image after
                        normalization
2        Orientation Estimation

   The orientation estimation is an essential step in the
enhancement process as the successive Gabor filtering stage
relies on the local orientation in order to successfully enhance
the fingerprint image. Figure 4 (a) and (b) illustrates the
results of orientation estimation and smoothed orientation                                Figure 6 Thinned Image
estimation of the fingerprint image respectively. In addition to
the orientation image, another important parameter that is used          C.       Minutiae Feature Extraction
in the construction of the Gabor filter is the local ridge
frequency.                                                                  The next step is to extract the minutiae from the enhanced
                                                                         image. The most generally engaged technique of minutiae
                                                                         extraction is the Crossing Number (CN) concept [12]. This
                                                                         method engrosses the use of the skeleton image where the
                                                                         ridge flow pattern is eight-connected. The minutiae are
                                                                         extracted by scanning the local neighborhood of each ridge
                                                                         pixel in the image using a 3x3 window. The CN value is then
                                                                         computed, which is defined as half the sum of the differences
                                                                         between pairs of adjacent pixels in the eight-neighborhood.
                                                                         Figure 7 represents the list of minutiae in a fingerprint image.
                 (a)                     (b)
             Figure 4. (a) Orientation Image (b)
              Smoothened Orientation Image
3        Gabor Filtering

   Once the ridge orientation and ridge frequency information
has been single-minded, these parameters are used to construct
the even-symmetric Gabor filter. Gabor filters are employed
because they have frequency-selective and orientation
selective properties. These properties allow the filter to be
tuned to give maximal response to ridges at a specific                                    Figure 7. Minutiae
orientation and frequency in the fingerprint image. Therefore,                            extraction     on  a
a properly tuned Gabor filter can be used to effectively                                  fingerprint image.
preserve the ridge structures while reducing noise. Figure 5             D.       Mapping Function
illustrates the results of using Gabor filter to a fingerprint
image.                                                                      The coordinate system used to articulate the minutiae point
                                                                         locations of a fingerprint is a Cartesian coordinate system. The
                                                                         X and Y coordinate of the minutiae points are in pixel units.
                                                                         Angles are expressed in standard mathematical format, with
                                                                         zero degrees to the right and angles increasing in the counter-
                                                                         clockwise direction. Every minutia can be stored as a binary
                                                                         string. Each minutiae point can be recorded in 27 bits: 1 bit for
                                                                         the minutiae type, 9 bits each for minutiae X coordinate and Y
                                                                         coordinate, and 8 bits for the minutia angle. Thus, the binary
                                                                         representation of minutiae point is obtained. Suppose Mi = (ti,
                    Figure    5    Filtered                              xi, yi, θi) (i = 1 . . . n) are the all extracted minutiae for a
                    Image                                                fingerprint image. Then these minutiae points can be arranged

                                                                   191                               http://sites.google.com/site/ijcsis/
                                                                                                     ISSN 1947-5500
                                                        (IJCSIS) International Journal of Computer Science and Information Security,
                                                        Vol. 8, No. 2, May 2010



in a list from left to right by ascending X-co-ordinate, if equal         MATLAB 7. Some of the minutiae extracted from a sample
by ascending Y-co-ordinate (first X, then Y) as follows:                  finger print are shown in table 1. In the context of modern
                                                                          biometrics, these features, called fingerprint minutiae, can be
                        Mi1Mi2 · · ·Min                                   captured, analyzed, and compared electronically, with
                                                                          correlations drawn between a live sample and a reference
  The result of the feature extraction stage is what is called a          sample, as with other biometric technologies. There are two
minutia template (FP). An approximate range on the number                 requirements for registration using Finger Print. The user
of minutiae found at this stage is from 10 to 80. These are the           should obtain the biometric feature from his finger print using
different steps involved in designing a fingerprint based                 appropriate image processing techniques as one mentioned in
biometric authentication system for network security.                     the previous section. The second is that the minutia template
                                                                          should be encrypted with AES 128 bit symmetric cipher and is
E.       The Finger Print Hardening Protocol                              then transmitted to the server for storage in the database, so
                                                                          that it should not be possible for an outside attacker to
There are two necessities for registration using Finger Print.            determine the biometric feature by an exhaustive search either
1. The user should obtain the biometric feature from his finger           at the server side or by meet in the middle attack.
print using suitable image processing techniques as one
mentioned in the previous section.                                             Type              X                 Y                Direction
2. The minutia template should be encrypted with AES 128 bit                    1                35               117                  2.93
symmetric cipher and is then transmitted to the server for                      1                50                83                  2.95
storage in the database, so that it should not be possible for an
                                                                                0                19                57                  2.80
outside attacker to determine the biometric feature by an
exhaustive search either at the server side or by meet in the                   0                23               135                  0.27
middle attack.                                                                                  Table 1.List of Minutiae

F.       The Finger authentication Protocol                               where 1 represent ridge ending point and 0 represent isolated
                                                                          point in a fingerprint image. Thus, the minutia can be
To initiate a request for service, user computes his FP1 =                expressed as a 4-vector with its elements in order, the type t,
EAES(FP), then the user sends the user ID along with FP1 to               the X and Y coordinates (x, y), and the direction θ (Angle
the server. In Lee et al.[16]’s protocol, the authority selects           value is a non-negative value between 0 and 179, in units of
two large prime numbers p and q, where q|p-1. Let g be an                 degree) as shown in table 1. If each minutia is stored with type
element of order q in GF(p). Assume H(...) is a collision-free            (1 bit), location (9 bits each for x and y), and direction (8 bits),
hash function with an output of q bits. The secret key of the             then each will require 27 bits and the template will require up
sender S is XS ∈ Zq* and YS =gXs mod p is the corresponding               to 270 bytes. Then this binary representation is mapped on to a
public key. Similarly, (XR, YR) is the key pair of the receiver           finger print hardening protocol for the generation of strong
R, where XR∈Zq* and YR ∈gXR mod p. The symbol “||” is the                 secret. The performance measures obtained revealed that the
concatenate operator of strings. In this work, Li Gang's[17]              proposed method effectively provides network security.
protocol is adopted to implement the authentication protocol.             Therefore it can be directly applied to fortify existing standard
 Let t1 and t2 be the minutiae template of FP1 and FP2,                   single-server biometric based security applications. The
 Step 1. S chooses t, t1 ∈RZq* and computes r=gt mod p, r1=g              analysis for the security of the protocol is based on the
t1
   mod p and σ1=H(r||T)XS+t1r1 mod q, where T is a time                   following assumptions (i) For a cyclic group G, generated by
stamp, and then he sends (r, T, r1,σ1) to R;                              g, we are given g and gn, n∈N, the challenge is to compute n.
 Step 2. R checks whether gσ1 ≡Ys H(r||T) r1 mod p. If not, R             (ii) Given g, ga, gb, it is hard to compute gab. Clearly if these
stops. Otherwise, R chooses t2∈RZq* and computes r2 = gt2                 assumptions are not satisfied then C, an adversary, can gain
mod p and σ2 H(r||T) XR+t2r2 mod q, and then he sends(r,T,r2,             access to the key gab. A compromised session secret does not
σ2) to S;                                                                 affect the security of the proposed deniable authentication
 Step 3. S verifies whether gσ2 ≡YR H(r||T) r2 mod p.                     protocol.
If not, S stops. Otherwise, S computes                                       The session secret can be derived from k' ≡ YR XsH (M||T)+tr
          σ=H(M||T)XS+tr mod q,                                           mod p, where a random t is chosen independently from each
          k=(YR)σ mod p                                                   session. If an attacker wants to forge the deniable information
and MAC=H(k||M||T||r1||σ1||r2||σ2). Finally, S sends MAC with             with the forged message M’ by using the compromised session
M to R;                                                                   k, the receiver will derive a different session secret from the
 Step 4. R computes k'=(YsH(M||T)rr mod p and verifies whether            forged information. This is because that the message and its
H(k’||M||T||r1||σ1|| r2||σ2)=MAC.                                         corresponding session secret are interdependent. Thereby, a
If the above equation holds, R accepts it. Otherwise, R rejects           compromised session secret does not affect the security of
it and authentication becomes fail.                                       other sessions.

              IV.      PERFORMANCE MEASURES                                                    V.        CONCLUSION
  This section of the paper explains the performance measures               This paper proposes an approach for network security using
of our approach. The fingerprint processing has been done in              biometrics. Biometric systems are commonly used to control

                                                                    192                                http://sites.google.com/site/ijcsis/
                                                                                                       ISSN 1947-5500
                                                                     (IJCSIS) International Journal of Computer Science and Information Security,
                                                                     Vol. 8, No. 2, May 2010



access to physical assets (laboratories, buildings, cash from                           [14] Alexander P. Pons , and Peter Polak, “Understanding user perspectives
                                                                                             on biometric technology,” Communications of the ACM, vol. 51, no. 9,
ATMs, etc.) or logical information (personal computer                                        pp. 115-118, September 2008.
accounts, secure electronic documents, etc). The human                                  [15] “Biometrics Security Considerations,” Systems and Network Analysis
biometrics like hand geometry, face, fingerprint, retina, iris,                              Center Information Assurance Directorate, www.nsa.gov/snac.
DNA, signature and voice can be effectively used to ensure                              [16] W. B. Lee, C. C. Wu, and W. J. Tsaur, “A Novel Authentication
                                                                                             Protocol Using Generalized ElGamal Signature Scheme”, Information
the network security. In biometric cryptosystems, a                                          Sciences, 177, 2007, pp.1376-1381.
cryptographic key is generated from the biometric template of                           [17] Li Gang1, Xin Xiangjun, Li Wei, "An Enhanced Deniable
a user stored in the database in such a way that the key cannot                              Authentication Protocol," International Conference on Computational
be revealed without a successful biometric authentication. In                                Intelligence and Security, Jan 2008
this system, the ideas in the areas of image processing
technique are reused to extract the minutiae from biometric                                                        K. Saraswathi received her B.Sc., and M.C.A.,
                                                                                                                   from Avinashilingam University, Coimbatore,
image. The preprocessing techniques mentioned in this paper                                                        TamilNadu, in 1993 and 1996 respectively. She
play an important role in improving the performance of the                                                         obtained her M.Phil degree from Bharathiar
proposed biometric based network security system. The                                                              University, Coimbatore, TamilNadu, in the year
performance measures obtained revealed that the proposed                                                           2003. Currently she is working as Assistant
                                                                                                                   Professor, Department of Computer Science,
method effectively provides network security. Therefore it can                                                     Government Arts College, Udumalpet. She has the
be directly applied to fortify existing standard single-server                               long experience of teaching Post graduate and Graduate Students. She is
biometric based security applications. The future works rely                                 currently pursuing her Research in the area of Crypto Systems under
on improving the network security by making use of                                           Mother Teresa University, Kodaikanal, TamilNadu. Her area of interest
                                                                                             includes Biometrics, Cryptography, Network Security, Machine
cancelable biometrics and multimodal biometrics in the                                       Learning and Artificial Intelligence. She has Co-authored a text book on
proposed authentication system.                                                              ‘C’ published by Keerthi Publications. She has presented her
                                                                                             publications in various national conferences. She is a member of various
                                REFERENCES                                                   professional bodies.

[1]    Rajeswari Mukesh, A. Damodaram, and V. Subbiah Bharathi, “Finger                                            Dr. R. Balasubramanian was born in 1947 in
       Print Based Authentication and Key Exchange System Secure Against                                           India. He obtained his B.Sc., and M.Sc., degree in
       Dictionary Attack,” IJCSNS International Journal of Computer Science                                        Mathematics from Government Arts College,
       and Network Security, Vol. 8, no. 10, pp. 14-20, 2008.                                                      Coimbatore, TamilNadu, in 1967 and PSG Arts
[2]    T. Gunasekaran, and C. Parthasarathy, “Biometrics in Network                                                College, Coimbatore, TamilNadu, in 1969
       Security,” International Journal of Computer Network and Security                                           respectively. He received his Ph.D., from PSG
       (IJCNS), vol. 1, no. 1, pp. 36-42, 2006.                                                                    College of Technology, Coimbatore, TamilNadu,
[3]    Mahfuzur Rahman, and Prabir Bhattacharya, “Secure Network                                                   in the year 1990. He has published more than 15
       Communication Using Biometrics,” IEEE International Conference on                     research papers in national and international journals. He has been
       Multimedia and Expo (ICME'01), p. 52, 2001.                                           serving engineering educational service for the past four decades. He
[4]    Yunsu Chung, Kiyoung Moon, and Hyung-Woo Lee, “Biometric                              was formerly in PSG College of Technology, Coimbatore as Assistant
       Certificate Based Biometric Digital Key Generation with Protection                    Professor in the Department of Mathematics and Computer
       Mechanism,” Frontiers in the Convergence of Bioscience and                            Applications. He served as Associate Dean of the Department of
       Information Technologies, pp. 709-714, 2007.                                          Computer Applications of Sri Krishna College of Engineering and
[5]    Sandip Dutta, Avijit Kar, N. C. Mahanti, and B. N. Chatterji, “Network                Technology, Coimbatore. Currently taken charge as Dean Academic
       Security Using Biometric and Cryptography,” Proceedings of the 10th                   Affairs at PPG Institute of Technology, Coimbatore, before which he
       International Conference on Advanced Concepts for Intelligent Vision                  was a Dean Basic Sciences at Velammal Engineering College, Chennai.
       Systems, pp. 38-44, 2008.                                                             He has supervised one PhD thesis in Mathematics and supervising four
[6]    O. S. Benavente, and R. Piccio-Marchetti, “Authentication services and                doctoral works in Computer Applications. His mission is to impart
       biometrics: network security issues,” 39th Annual 2005 International                  quality, concept oriented education and mould younger generation.
       Carnahan Conference on Security Technology, 2005. CCST '05, pp.
       333-3336, 2005.                                                                        He is member of the board of studies of many autonomous institutions
[7]    Suriza Ahmad Zabidi, and Momoh-Jimoh E. Salami, “Design and                           and universities. He was the principal investigator of UGC sponsored
       Development of Intelligent Fingerprint-Based Security System,”                        research project. He is a referee of an international journal on
       Knowledge-Based Intelligent Information and Engineering Systems,                      mathematical modeling. He has authored a series of books on
       Book Chapter on Springer link, vol. 3214, pp. 312-318, 2004.                          Engineering Mathematics and Computer Science. He is a life member of
[8]    Ronald G. Wolak, “Network Security: Biometrics - The Password                         many professional bodies like ISTE, ISTAM and CSI.
       Alternative,” School of Computer and Information Sciences, 1998.
[9]    Umut Uludag, Sharath Pankanti, Salil Prabhakar, and Anil K. Jain
       “Biometric Cryptosystems Issues and Challenges” Proceedings of the
       IEEE 2004.
[10]   P. Arul, and Dr. A. Shanmugam, “Generate A Key for AES Using
       Biometric for VOIP Network Security,” Journal of Theoretical and
       Applied Information Technology, pp. 107-112, 2009.
[11]   L. Hong, Y. Wan, and A. Jain, “Fingerprint Image Enhancement:
       Algorithm and Performance Evaluation,” IEEE Trans. Pattern Analysis
       and Machine Intelligence, vol. 20, no.8, pp.777-789, 1998.
[12]   S. Kasaei, and B. Boashash, “Fingerprint feature extraction using block-
       direction on reconstructed images,” In IEEE region TEN Conference on
       digital signal Processing applications, TENCON, pp. 303– 306, 1997.
[13]   N. K. Ratha, J. H. Connell, and R. M. Bolle “Enhancing security and
       privacy in biometrics based authentication systems”, IBM Systems
       Journal, vol. 40, pp. 614-634, 2001.




                                                                                  193                                    http://sites.google.com/site/ijcsis/
                                                                                                                         ISSN 1947-5500