Infoscience

Thesis

Biometrics & [and] Security: Combining Fingerprints, Smart Cards and Cryptography

Since the beginning of this brand new century, and especially since the 2001 Sept 11 events in the U.S, several biometric technologies are considered mature enough to be a new tool for security. Generally associated to a personal device for privacy protection, biometric references are stored in secured electronic devices such as smart cards, and systems are using cryptographic tools to communicate with the smart card and securely exchange biometric data. After a general introduction about biometrics, smart cards and cryptography, a second part will introduce our work with fake finger attacks on fingerprint sensors and tests done with different materials. The third part will present our approach for a lightweight fingerprint recognition algorithm for smart cards. The fourth part will detail security protocols used in different applications such as Personal Identity Verification cards. We will discuss our implementation such as the one we developed for the NIST to be used in PIV smart cards. Finally, a fifth part will address Cryptography-Biometrics interaction. We will highlight the antagonism between Cryptography – determinism, stable data – and Biometrics – statistical, error-prone –. Then we will present our application of challenge-response protocol to biometric data for easing the fingerprint recognition process.

Keywords: Biometrics ; Smart Cards ; Cryptography ; Fingerprint Recognition ; Match-On-Card ; Light Weight Algorithms ; Embedded Electronics ; Cryptography-Biometrics Interaction ; Secure Biometric Identity Verification Protocol ; Biométrie ; Cartes à Puce ; Cryptographie ; Reconnaissance d'Empreinte Digitale ; Match-On-Card ; Algorithmes Légers ; Électronique Embarquée ; Protocole Sécurisé de Vérification d'Identité par Biométrie ; Cryptographie-Biométrie Interaction

Thèse École polytechnique fédérale de Lausanne EPFL, n° 4748 (2010)
Programme doctoral Informatique, Communications et Information
Faculté informatique et communications
Institut de systèmes de communication
Laboratoire de sécurité et de cryptographie

Reference

Record created on 2010-05-06, modified on 2013-10-02

Related material