Current challenges for biometric security, with focus on fingerprints
Banach Center Publications
In this paper we discuss some imminent vulnerabilities of biometric systems, which have been potentially known for a longer time, yet they have not been sufficiently taken into account. In particular, we explain why comparing lower bounds of security of biometric systems with the state of the art lower bounds known from cryptography is a logical necessity and not a far reached goal: insufficient security in complex hybrid systems easily may compromise the stronger components in the complex.
... in the complex.  c Instytut Matematyczny PAN, 2016 2. Trends and challenges in information security. In the last three decades, cryptology has become a major field of research, together with its Janus-faced duality: cryptography, for the design of algorithms and protection principles and cryptanalysis for investigation of possible attacks against these algorithms. The core algorithms, also called 'primitives', are divided into: A. Secret key Algorithms B. Public Key Algorithms C. One way functions, hashes D. Key management. 120 P. MIHĂILESCU AND B. TAMS We have discussed briefly the first two. One way functions or hashes have the paradoxical property of being highly non-injective maps, since they map the realm of all possible messages to fixed-length blocks, of, say, 192 bits. Such a hash would be a map χ : N → Z/(192 · Z). However, the size of the image set is large enough to ensure that it is not computationally feasible to find even one single collision, i.e. x = y with χ(x) = χ(y). Little to say about a match, which would require to find, for a given hash of an unknown value, say h = χ(x) a value y ∈ N with χ(y) = h. The collision problem is easier, since it only requires two random hashes to match; in the second case one hash value is already fixed. One way functions must fulfill certain properties related to the conditions discussed. If they do, they are used for two purposes: saving passwords in a protected way, without use of encryption -just substitute a password by its hash value, so the stored data will reveal no information about the initial password. The second application of hashes is in connection with digital signatures: Messages to bind to a digital signature are sometimes very large, so one prefers to replace them by their unique hash value and place a digital signature on this hash value. Key management is less of a cryptographic primitive and more of a set of requirements for the privacy and reliability of keys and passwords used in secure communication. Key management draws on standards of key authentication, as well as hardware tokens such as chip cards or other devices, carrying sensitive keys, etc. It is the task of key management to provide not only for secure key storage -either on encrypted memory or chip cards or similar devices -but also for trust diffusion. By this we mean that two peers, Alice and Bob, who start communication by exchanging public keys, should be provided with means to trust that the received public key does indeed belong to either Alice or Bob. Avoiding attacks by masquerading false keys is thus an important task of key management. The provisions for this task are a mixture of cryptography and protocol administration. It is probably the most important achievement of modern cryptography that the problems of secure information exchange have been reduced to primitives, endowed with well-defined properties, and security is asserted on base of such properties, which can be verified by the cryptologist in the whole world. Hence, the possibility of attacks to a cryptographically secured environment can be also grouped in types of attacks based on well-defined attack-scenarios. It is the presence of these attack-scenarios which help establish the trust into cryptographic solutions, which end up being standardized and used world-wide. A typical, very important standard in this context is the TLS/SSL standard, which is the cryptographic standard of the world wide web and provides secure communication facilities based on variable tool-kit primitives. One may conclude that the first decades of public key cryptography provided a reliable system of well scrutinized primitives for addressing each of the problems A-D. The algorithms for public key encryption, hashes and secret key algorithms as well as the protocols for key management of the last decades are resistant to direct attacks, beyond reasonable doubt. 2