| With the rapid development of emerging internet technology such as cloud storage and big data, information security has aroused wide concern. As traditional cryptography depends entirely on the key matched to the encryption system and the encryption key has no necessary relation to its owner, it will be failing to assure the security of information and data when the key is stolen or lost. Fortunately, Biometric encryption technology can solve these problems. That is, the key extracted or protected by using this technology has a link to its owner, and it can be forgotten hardly. The features extracted from user's unique biologic characteristics can determine whether the very key is recovered or released. Therefore, biometric encryption can take the place of biometric identification and find a compromise between the accuracy of traditional cryptography and the vagueness of biometric information. So far, numerous researches on the field of fingerprint encryption have been proposed. Therefore, it is practical to apply fingerprint encryption to information security when compares with other biometrics.In this thesis, We proposes a more secure method of fingerprint encryption. Additionally, based on bilinear pairings, an identity-based encryption method which combines the fingerprint key released by the former fingerprint encryption method is presented. Our main work is as follows:1. Researching and analyzing the existing Fuzzy Vault, Fuzzy Commitment and dynamic key generating schemes and their imperfection, we present a threshold-based fingerprint encryption method under the situation of pre-alignment of finger images. In the key generation phase, the key is protected in a special polynomial. Firstly, the extracted fingerprint characteristics are quantized. Secondly, the quantized characteristics are projected by the polynomial. At last, the order of the special polynomial and the projected values of those quantized features are stored. In the key reconstruction phase, the extracted fingerprint characteristics are firstly quantized. Then permutation and combinations can be configured and each one is used to reconstruct the very key. Besides, the security of our scheme using brute force and cross match with multiple databases is discussed. Then, the deficiencies are presented in this thesis.2. For the insecurity of traditional identity-based encryption scheme, an identity-based encryption scheme which combines key extracted from finger characteristics with bilinear pairings is proposed. Unlike the Boneh and Franklin's encryption (BF-IBE) scheme whose private key and public key are both generated by a third authority (TA), our scheme treats the user's fingerprint key as his private key. Then he generates his own public key with his unique identity code (i.e. email address). Finally, the user publishes his public key and his identity code. This mechanism can avoid the overload and key escrow caused by BF-IBE.3. Parallel algorithms based on OpenCL about image preprocessing and key reconstruction in fingerprint encryption scheme are implemented for their possible high time complexity. |
PDF Full Text Request