Biometric Authentication in a Wireless Environment

1
Biometric Authentication in a Wireless Environment

• Alex Kotlarchyk
• Florida Atlantic University

2
Goals

• Biometric protocols suitable for a wireless
  networked environment
• Secure system/network access via biometric
  authentication
• Secure wireless transmission of biometric data

3
Why Wireless Biometrics?

• Combination of two rapidly growing technologies
• Biometric systems for verification and
  identification
• Homeland Security
• Wireless systems for mobility
• Over 1 trillion wireless phone min. in US, 2004
• Common advantage is convenience

4
Current Examples of Biometric Deployments

• Eastern Financials Boca Mission Bay branch
• Handprint scan to unlock the door to safe deposit
  boxes
• Statue of Liberty
• Fingerprint scan to access lockers
• Nine Zero hotel in Boston
• Iris scan for entrance to 3,000-a-night suite
• Piggly-Wiggly grocery stores
• Testing pay-by-fingerprint system
• Bank of Tokyo-Mitsubishi
• Credit cards w/ embedded vein-pattern information

5
Human authentication

• Types of human authentication
• What you know (secret)
• Password, PIN, mothers maiden name
• What you have (token)
• ATM card, smart card
• What you are (biometric)
• Stable fingerprint, face, iris
• Alterable voice, keystroke
• Where you are (authorization?)
• Wireless

6
Suitability of Biometrics

• Paradox of secure biometrics
• A biometric is stable and distinctive. This is
  good for identification.
• However, something unique can never be changed.
  This is not so good for verification if the
  biometric is compromised.
• Furthermore, a biometric is not a secret, so it
  can be found and copied. This is bad.
• So, are stability and uniqueness not good after
  all?

7
Keyspace

• Number of possible codewords (CW)
• Token
• 12-digit CW 1012 CWs
• Password
• Full 62 ASCII alphanumeric chars used randomly in
  an 8-char password over 1014 CWs
• Most actual users selection 106 CWs, so in
  practice, the 12-digit token is more secure
• Biometrics (2001 technology, may change)
• inverse of FAR
• Iris 106 CWs
• Fingerprint 104 CWs
• Voice 103 CWs
• Face 10 ? 100 CWs

8
Increasing Keyspace

• Combined authentication to increase keyspace
• Multibiometric authentication
• More than one biometric
• Combine standard biometrics (e.g. face and
  fingerprint (multimodal), or multiple
  fingerprints)
• Combine standard biometric with soft biometric
• Soft biometric gender, height, race, eye color,
  etc.
• Multifactor authentication
• More than one authentication type
• Combine biometric w/ password or token

9
Source Technology Review, June 2004
10
Biometric Advantages

• Convenience
• Cant be lost (in general)
• Cant be forgotten
• Cant be loaned
• Mostly unique (matching may not be)
• Perceived strong non-repudiation
• Does not change significantly (in general)
  (Ident.)
• Both verification and identification applications

11
Biometric Disadvantages

• Ability to authenticate dependent on technology
  (FAR, FRR)
• Personal data, but not secret/secured data
• Easy to copy raw data
• Cost of technology
• Non-revocable
• Cannot change if compromised (Ver.)
• Inexact matching (variable presentation)
• Social acceptance

12
Biometric Authentication System
Source Podio, NIST
13
Template Size
14
Wireless Biometric System Security

• Security issues
• Biometric authentication to ensure secure access
  to the system/network
• In other words, wireless system access security
• Wireless message authentication to ensure secure
  transmission of biometric data
• In other words, personal information security and
  privacy across the wireless network
• Physical security
• Devices, computers, transmitters/receivers, etc.

15
Biometric Authentication Threats
16
Defense of Biometric System

• Capture device presented with false biometric
• e.g. fake finger, short video, high-res color
  iris image, latent image
• Use biometric in addition not instead of
  (multi-verification)
• Vitality sensor, 3-D confirmation

17
Defense of Biometric System (continued)

• Modification of capture device
• Only a problem if capture and template generation
  (and maybe matching) are done on the device
  (trusted biometric device)
• Tightly integrate capture mechanism with
  processing hardware
• Ruggedize device
• Display physical sign of tampering
• Inactivate if tampered (TILT!)
• Encryption of template

18
Defense of Biometric System (continued)

• Remainder are network security or template
  database security issues
• Wireless network security will be discussed
• Database security is beyond the scope of this
  presentation
• Dont forget OS security

19
Biometric Cryptography

• Use of biometric data for encryption decryption
• fuzzy commitment, vault Ari Juels, RSA Labs

20
Biometric Cryptography (example)
00000 11111
01010 10101
01010 01010
Enroll (Encrypt)
Password (hashed)
Template (key)
E(h(Pwd))
stored
compare
Within Threshold?
Template (key)
10000 10111
live
Hamming Distance 2
11010 11101
Verify (Decrypt)
21
Biometrics Standards

• Common Biometric Exchange File Format (CBEFF)
• ANSI-NIST-ITL-2000
• Data exchange quality
• Criminal identification
• American Association for Motor Vehicle
  Administration (AAMVA) DL/ID 2000
• FBI
• Wavelet Scalar Quantization (WSQ) fingerprint
  image (de)compression
• Electronic Fingerprint Transmission Standard
  (EFTS)
• Intel Common Data Security Architecture (CDSA)
• ANSI X9.84 Biometric data security (life cycle)
• Originally developed for financial industry uses
  CBEFF
• APIs
• Open BioAPI, Java Card Biometric API uses CBEFF
• Proprietary BAPI what is Microsoft planning?
• XCBF
• XML Common Biometric Format from OASIS uses
  CBEFF
• Mechanisms for secure transmission, storage,
  integrity, privacy of biometrics

22
Biometric Standards

• Recently from NIST
• Biometric Data Specification for Personal
  Identity Verification (PIV)
• January 24, 2005 (Draft)
• New standards governing interoperable use of
  identity credentials to allow physical and
  logical access to federal government locations
  and systems
• Technical and formatting requirements for
  biometric credentials
• Restricts values and practices for fingerprints
  and facial images
• Geared toward FBI background checks and
  formatting data for a PIV card
• CBEFF and BioAPI compliant

23
CBEFF - Overview

• Framework for sharing raw or template data
• Supports encryption digital signature for
  security
• File SBH (header) BSMB (data) SB
  (signature)
• Patrons identify the data format
• Approved interchange formats
• Finger Minutiae, Finger Pattern, Finger Image,
  Face Recognition, Iris, Signature/Sign, Hand
  Geometry

24
CBEFF Patron Formats

• Format A The CBEFF Data Structure
• Patron CBEFF
• Small embedded or legacy systems, limited storage
• No data exchange between systems
• Format B The BioAPI Specification Biometric
  Identification Record (BIR) Format
• Patron BioAPI Consortium
• BioAPI compliant systems
• Client / server data exchange
• Format C ANSI X9.84 Biometric Object
• Patron ANSI Subcommittee X9, Working Group F4
• Large systems
• Data exchange in a secure manner with
  authentication
• Format D Biometric Information Data Objects for
  Use Within Smart Cards or Other Tokens (recent)
  e.g. Java Card

25
Wireless Advantages

• Mobility
• Flexibility
• Easier to relocate and configure
• More scalable
• Cost
• No cost due to physical barriers, private
  property.
• Productivity
• More opportunity to connect
• Aesthetics
• No clutter from wires
• Robustness
• Less physical infrastructure to damage and repair

26
Wireless Disadvantages

• Lower channel capacity
• Limited spectrum available
• Power restrictions
• Noise levels
• Noise and interference
• Frequency allocation
• U.S. FCC
• Greater security concern
• Information traveling in free space

27
Wireless Protocols

• Network domains
• Broadband
• IEEE 802.16, Worldwide Interoperability for
  Microwave Access (WiMAX) framework, not single
  system or class of service
• Cellular networks
• Global System for Mobile communication (GSM)
• Universal Mobile Telecommunications System (UMTS
  WCDMA)
• Cordless systems
• Time Division Multiple Access (TDMA)
• Time Division Duplex (TDD)
• Mobile Internet Protocol (Mobile IP)
• Wireless Local Area Network (WLAN)
• IEEE 802.11 (Wi-Fi) a,b,g (n not yet ratified)
• Wireless Personal Area Network (WPAN)
• IrDA, Bluetooth, ultra wideband, wireless USB
• Home Automation (narrow band)
• Infineon, ZigBee, Z-Wave

28
Wireless Protocol Comparison
Source PC Magazine, March 22, 2004
29
Security and Protocols

• Security domains
• Application security
• Wireless Application Protocol (WAP)
• Uses Wireless Transport Layer Security (WTLS)
• Current Class 2 devices based on IETF SSL/TLS
• Future Class 3 devices will use a WAP Identity
  Module (WIM)
• Web services
• Simple Object Access Protocol (SOAP) toolkits
  available for Java .NET
• Operating system security (Java run-time, Palm
  OS, Microsoft Windows CE)
• Device security (PINs, pass-phrases, biometrics)
• Security of wireless protocols
• IEEE 802.11 (Wi-Fi)
• Wireless Encryption Protocol (WEP) weak and
  flawed
• Wi-Fi Protected Access (WPA). Uses Temporal Key
  Integrity Protocol (TKIP)
• IEEE 802.11i Wireless Security spec. (WPA, AES,
  FIPS 140-2 compliant)
• Authentication security
• Remote Authentication Dial In User Service
  (RADIUS)
• Kerberos
• SSL

30
Network Encryption

• Secure Shell (SSH)
• Application Layer
• Secure remote connection replacement for telnet,
  rlogin, rsh
• Secure Socket Layer (SSL)
• Transport Layer Security (TLS)
• Uses TCP has specific port numbers
• Main use is HTTPS (port 443)
• Internet Protocol Security (IPSec)
• Network Layer
• Includes a key management protocol
• Included in IPv6

31
Network System Architecture

• Where does authentication happen?
• Device
• Data not externally transmitted
• Local Computer
• Data transmitted between device(s) and PC (WPAN)
• LAN-Connected Computer
• Data transmitted locally (WLAN)
• Remote Computer
• Data transmitted remotely (WWAN)
• Application dependent
• Data transmitted between capture device and
  database
• Database template storage requirement template
  size number of templates

32
Avenues of Attack
wireless
LAN- connected Computer
Local Computer
LAN
Remote Computer
Capture Device
WAN
33
Wireless Security Issues

• Denial of Service (DoS)
• JammingUse Spread Spectrum (DSSS, FHSS)
  technology
• As a device battery attack, i.e., more processing
  more battery usage
• Eavesdropping
• Signal is in the open air (war dialing)
• Theft or loss of device
• Due to size, portability, and utility
• Dependency on public-shared infrastructure
• What security is in place?
• Masquerading
• Rogue clients pretend to be legitimate endpoint
• Rogue access points trick clients to logging in
• Malware
• Worms (Cabir) and Viruses (Timfonica, Phage) on
  wireless devices
• Use Antivirus software

34
Wireless Security Paradox

• We use wireless devices for convenience
• Security measures often decrease convenience and
  performance
• Result Security features are often disabled or
  given lower priority

35
System Design Considerations

• Verification
• Are you who you claim to be (or are supposed to
  be)?
• 11 matching
• Usually consensual
• Typically smaller template databases
• Authorization (computer, network, building)
• Identification
• Who are you?
• 1n matching
• Often no explicit consent or awareness
• Typically larger template databases
• Surveillance (homeland and border security),
  forensics, criminal investigation (AFIS)
• Why not both?
• i.e. You are not who you say you are, so who are
  you?

36
Scenario Biometrics at the Airport

• Workforce security
• Biometric authentication
• Identify all employees who require restricted
  area access
• ID card encoded to protect data
• Biometric scanning devices networked at access
  control points to permit/deny access
• Facility integrity
• Employees w/ vehicle access must be authenticated
  via biometrics
• Access control within aircraft
• Biometric devices for authorized personnel to
  access sensitive areas within aircraft
• Communications infrastructure
• Networked biometric scanning stations
• Passenger security
• Authenticate passengers with passports or ID
  cards containing encoded biometrics
• Identify suspicious or unknown people with
  biometric surveillance

37
Putting it Together

• How do we maximize advantages and minimize
  disadvantages when a biometric system is combined
  with a wireless system for an optimal wireless
  biometric system?

38
Future Research

• Pattern for fuzzy matching?
• Biometrics, digital watermarks, IDS, search
  engines
• Biometric cryptography
• Biometric key generation
• Fuzzy matching methodologies
• Embedding biometric keys within wireless
  protocols
• X.509 certificates
• Protocol payload area
• Protocol header (authentication) area
• Use coefficients? (polynomial, elliptic curve)