Question

Will biometrics involved encryption? How are biometric technology dependent on the use of cryptography?what are the different types of biometric that you have seen available why are they an advantage and disadvantage of biometrics?

Answer 1

Yes, Biometric should definitely involve encryption as both are very useful for keeping the data safe. With the use of bio,etric and cryptography together the security system can be enhanced and made much more secure. The biometric technology and cryptography are very much interrelated to each other.

Biometric Encryption is a process that securely binds a PIN or a cryptographic key to a biometric, so that neither the key nor the biometric can be retrieved from the stored template. The key is re-created only if the correct live biometric sample is presented on verification.The digital key (password, PIN, etc.) is randomly generated on enrolment, so that the user (or anybody else) does not even know it. The key itself is completely independent of biometrics and, therefore, can always be changed or updated. After a biometric sample is acquired, the BE algorithm securely and consistently binds the key to the biometric to create a protected BE template, also called “private template.” In essence, the key is encrypted with the biometric. The BE template provides an excellent privacy protection and can be stored either in a database or locally (smart card, token, laptop, cell phone, etc.). At the end of the enrolment, both the keyand the biometric are discarded.On verification, the user presents her fresh biometric sample, which, when applied to the legitimate BE template, will let the BE algorithm retrieve the same key/password. In other words, the biometric serves as a decryption key. At the end of verification, the biometric sample is discarded once again. The BE algorithm is designed to account for acceptable variations in the input biometric. On the other hand, an attacker, whose biometric sample is different enough, will not be able to retrieve the password. This encryption/decryption scheme is fuzzy, as the biometric sample is different each time, unlike an encryption key in conventional cryptography. Of course, it is a big technological challenge to make the system work.After the digital key, password, PIN, etc., is retrieved, it can be used as the basis for any physical or logical application. The most obvious way lies in the conventional cryptosystem, such as a PKI, where the password will generate a pair of Public and Private keys.

Various biometric around us includes fingerprint scanner, iris scaanner, voice scanner. Their advantages and disadvantages are mentioned below :-

FINGERPRINT SCANNER:

Advantages:

• It can be used in a range of environment.
• It is a mature and proven core technology capable of high level accuracy.
• It employs ergonomic and easy-to-use devices.
• The ability to enrol multiple fingers can increase system accuracy and flexibility.

Disadvantages :

• Most devices are unable to enrol some small percentage of users.
• Performance can deteriorate over time.

IRIS SCANNER :

Advantages :

• It has the potential for exceptionally high levels of accuracy.
• It is capable of reliable verification as well as identification.
• It maintains stability of characteristics over a lifetime frame.

Disadvantages:

• It has a propensity for false rejection.
• Acquisition of the images requires moderate attentiveness and training.
• Some users exhibit a certain degree of discomfort with eye-based technology.
• A proprietary acquisition device is required for deployment.

VOICE SCANNER :

Advantages:

• It is capable of leveraging telephony infrastructure.
• It effectively layers with other processes such as speech recognition and verbal passwords.
• It generally lacks the negative perceptions associated with other biometrics.

Disadvantages:

• It is potentially more susceptible to replay attacks than other biometrics.
• Its accuracy is challenged by low-quality capture devices, ambient noise, etc.
• The success of voice-scan as a PC solution requires users to develop new habits.
• The large size of the template limits the number of potential applications.