Short Paper Proc. of Int. Colloquiums on Computer Electronics Electrical Mechanical and Civil 2011

An Improved Encryption Scheme with Fingerprint Image using Hashing Technique and Linear Congruential Method Asha Ali1, Liyamol Aliyar2 12

Information Technology Department, ICET, Muvattupuzha, India Email: ashaali2002@gmail.com liyanousheer@gmail.com

Abstract— This paper proposes an encryption method which can be used for multipurpose applications such as ATM, online transactions and other security measures. The method consists of four phases. The first phase consists of obtaining the fingerprint image and constructing an initial code block for that. The second phase is hashing the initial code block and generating a secure code block. Linear congruential method is applied to this code to generate a substitution array in the third phase. The encryption is done in the last phase where cipher text is obtained based on the substitution array and plain text.

A fingerprint is made of a series of ridges and furrows on the surface of the finger. The uniqueness of a fingerprint can be determined by the pattern of ridges and furrows as well as the minutiae points. Minutiae points are local ridge characteristics that occur at either a ridge bifurcation or a ridge ending. II. THEORY AND DEFENITIONS A. Linear Congruential Method Random numbers play an important role in the use of encryption for various network security applications [1]. Cryptographic applications typically make use of deterministic algorithmic techniques for random number generation, producing sequences of numbers that are not statistically random, but if the algorithm is good, the resulting sequences will pass many reasonable tests of randomness. Such numbers are referred to as pseudorandom numbers, created by “Pseudorandom Number Generators (PRNGs)”. A Linear Congruential Generator (LCG) represents one of the oldest and best-known pseudorandom number generator algorithms[4] The theory behind them is easy to understand, and they are easily implemented and fast. The generator is defined by the recurrence relation: X n+1 = (aX n + c) mod m where Xn is the sequence of pseudorandom values, and      Modulus: m, 0 < m       Multiplier: a, 0 < a < m       Increment: c, 0 d” c < m       Seed: X0, 0 d” X0 < m

Index Terms—Fingerprint Matching, MD5 Hashing, Linear Congruential Method, Encryption

I. INTRODUCTION Cryptography presents various methods for taking legible, readable data, and transforming it into unreadable data for the purpose of secure transmission, and then using a key to transform it back into readable data when it reaches its destination [1]. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Cryptographic security is conditioned by an authentication step typically based on long pseudo-random keys which are almost impossible to remember. As a result, cryptosystems commonly rely on user-generated and easy-to-remember passwords in order to generate the pseudo-random keys. This fact eases the work of an attacker, remarkably decreasing the overall security of the data being protected. Biometrics is automated methods of recognizing a person based on a physiological or behavioral characteristic. Among the features measured are; face fingerprints, hand geometry, handwriting, iris, retinal, vein, and voice [2]. Biometric technologies are becoming the foundation of an extensive array of highly secure identification and personal verification solutions. As the level of security breaches and transaction fraud increases, the need for highly secure identification and personal verification technologies is becoming apparent. As the Biometric features are harder to copy or steal, and cannot be forgotten or lost, the use of biometrics can enhances both the usability and the security of password-based authentication systems. Among all the biometric techniques, fingerprint-based identification [3] is the oldest method which has been successfully used in numerous applications. Everyone is known to have unique, immutable fingerprints. © 2011 ACEEE DOI: 02.CEMC.2011.01. 573

B MD5 Hashing Algorithm The MD5 Message-Digest Algorithm is a widely used cryptographic hash function that produces a 128-bit (16-byte) hash value. Specified in RFC 1321, MD5 has been employed in a wide variety of security applications, and is also commonly used to check data integrity. An MD5 hash is typically expressed as a 32-digit hexadecimal number [7]. MD5 processes a variable-length message into a fixed-length output of 128 bits. The input message is broken up into chunks of 512-bit; the message is padded so that its length is divisible by 512. The padding works as follows: first a single bit, 1, is appended to the end of the message. This is followed by as many zeros as are required to bring the length of the message up to 64 bits less than a multiple of 512. The remaining bits are filled up with a 64-bit little endian integer representing the 55

Short Paper Proc. of Int. Colloquiums on Computer Electronics Electrical Mechanical and Civil 2011 length of the original message, in bits. The main MD5 algorithm operates on a 128-bit state, divided into four 32-bit words, denoted A, B, C and D. These are initialized to certain fixed constants. The main algorithm then operates on each 512-bit message block in turn, each block modifying the state. The processing of a message block consists of four similar stages, termed rounds; each round is composed of 16 similar operations based on a non-linear function F, modular addition, and left rotation. Figure 1 illustrates one operation within a round.

decrypts all the 256 ASCII characters. This paper opens a new avenue of research in the fields of GA and cryptography. Paper [8] shows the possibility of exploiting the features of Genetic Algorithm with poly substitution methods in a linear way, to generate ASCII values of the given text and then applying conversion, transposition with the features of Cryptography. This new methodology for text encrypts and decrypt using genetic algorithm is definitely an effective method while compared with other cryptography systems. The paper [5] proposes a method for the generation of long and secure code that may be used for multi-purpose applications, such as ATM, coded door locks and other security measures. The method consists of two phases; the first phase is carried out using fingerprint image enhancement and thinning. The second phase consists of extracting minutia, ridge ending, bifurcation and all other features in order to produce initial pattern. Finally the multipurpose secure code is generated by applying the one-way MD5 hash function on that pattern. Based on the work done in [5] [6] and [8] we have proposed a method to encrypt data with finger print images using random number generators and one way hashing technique. IV. PROPOSED ALGORITHM

Fig 1: MD5 Hashing

This algorithm summarizes the proposed system to generate the cipher text. Step 1: Obtain the fingerprint image for which a secure code is needed Step 2: Extract the features of fingerprint image using image processing techniques and construct an initial code block [5]. Step 3: Apply hashing MD5 algorithm on the obtained initial code block of step 2 in order to find the secure code. Step4: Use this secure code to generate a substitution array using linear congruential method [4]. Step 5: Divide each number of this substitution array with ASCII values of the plain text. Store quotient and remainder in another array Step6: Encryption: Cipher text is the array containing this quotient and remainder. This method can be summarized into four blocks.

A method for generating a secure code from fingerprint image is proposed in [5]. This code is converted into a substitution array using linear congruential method. Then an encryption scheme based on this array is applied to plain text to generate cipher text. This encryption scheme is proposed in [6]. The encryption and decryption algorithms will be made public. But the nine parameters of the key give secure strength to the algorithm making the intruders effort to break the cipher a failure one. The algorithm proceeds with both the parties (sender and receiver) knowing the values of the nine parameters of the key. Namely, KEY= {Xn, a, c, m, Final_Array_Size, Starting_Number, Ending_Number, Modulus, Remainder} Where I. Xn, a, c, and m are the parameters of the Linear Congruential Method whose values are known only to the sender and the receiver. 2. Final_Array_Size is size of the array until l which the random numbers are generated. 3. Starting_Number is the number to start with in the Final_ Array_size numbers. 4. Ending_Number is the number to end with in the Final_ Array_Size numbers. 5. Modulus is the number used to extract only those numbers to be used for substitution which give the remainder 6. Remainder when the numbers between staring_ Number and Ending_ Number are divided by Modulus.

A. Generation of Code Block The fingerprints image of any person can be utilized to generate unique code. The fingerprint image passes through a sequence of operations that includes lightening, smoothing, edge detection and binarization, then proceeds to thinning process and then an initial code is generated, prior to final secure code achievement[5]. B. Hashing The obtained code block pattern is then hashed using the widely known one way hash function (MD5 algorithm) [6] in order to achieve the final secure code.

III. RELATED WORKS Generation of pseudo random numbers (PRN) using LCM and genetic algorithms is proposed in [6]. A new method of encryption and decryption using these PRNâ&#x20AC;&#x2122;s is introduced in this work. This algorithm successfully encrypts and ÂŠ 2011 ACEEE DOI: 02.CEMC.2011.01. 573

C. Substitution Array Generation Using Linear Congruential method 5000 numbers are generated. Choose subset of numbers from this using 56

Short Paper Proc. of Int. Colloquiums on Computer Electronics Electrical Mechanical and Civil 2011 starting_ number and ending_ number values. Out of this choose only those numbers which give remainder Remainder when divided by Modulus. Let us call this array of numbers as SUBSTITUTION_ARRAY [6].

CONCLUSIONS This algorithm is simple and light weight. Experiments show that this is a secure algorithm. The personal fingerprint features can not be retrieved or generated back from secure code because MD5 is a one way hash function. This algorithm can be used to encrypt and decrypt all the 256 ASCII characters. This new methodology for encryption using fingerprint image, hashing and LCG is definitely an effective method while comparing with other cryptographic systems. A novel encryption scheme that uses finger print biometrics has been demonstrated. Experiments show that this is a secure method as personal finger print features cannot be generated back from the secure code.

D. Encryption Divide ASCII values of the plaintext characters with the corresponding number chosen from the substitution array and store the quotient and the remainder in an array. Cipher text is the array containing quotient and remainder [6]. V.

SIMULATION RESULTS

In this section, the proposed method is tested. Simulation results are presented. The finger print image is shown in Fig.2 (a). Generated hash code is shown in Fig.2(b). The substitution array is shown in Fig 2.(c). Input plaintext and the generated cipher text are shown in Fig.2 (d) and Fig.2 (e) respectively. The input message is “SECRET MISSION”. First the user’s finger print image is captured and corresponding hash code is generated. Then substitution array as proposed in the algorithm is generated. This substitution array is then used for encrypting the plain text and the corresponding cipher text is generated.

© 2011 ACEEE DOI: 02.CEMC.2011.01. 573

REFERENCES [1] Cryptography and network security- Principles and practices ;”William Stallings” Pearson Education Third Edition [2] A. K. Jain, A. Ross, and S. Prabhakar, “An introduction to biometric recognition,” IEEE Trans. Circuits Syst. Video Techn. 14(1), pp. 4–20, 2004. [3] http://www.biometricsinfo.org/fingerprintrecognition.htm. [4] http://en.wikipedia.org/wiki/Linear_congruential_generator [5] Bashar Ne’ma and Hamza Ali , “Multi Purpose Code Generation Using Fingerprint Images”, The International Arab Journal of Information Technology, Vol. 6, No. 4, October 2009. [6] Nalini. N, Dr.G.Raghavendra Rao, “A New Encryption And Decryption Algorithm Combining the Features of Genetic Algorithm and Cryptography “, www.niitcrcs.com/iccs/iccs2004/Papers/ 290%20Nalini%20Niranjan.pdf [7] The MD5 Message Digest Algorithm, ftp: //ftp .rfc-editor .org/ in-notes /rfc1321.txt, 1992. [8] R. Venkateswaran Dr. V. Sundaram, Information Security: Text Encryption and Decryption with Poly Substitution Method and Combining the Features of Cryptography”, International Journal of Computer Applications (0975 – 8887) Volume 3 – No.7, June 2010 .

57

573