**2. Related work**

There are many studies that present power complexity efficiency methods in wireless sensor networks. These studies applied natural algorithms including genetic algorithm to find best method for transferring data [3–5].

The primary authentication mechanism is fingerprint whereas it is currently being pushed by the majority of smartphone/personal computer vendors. This solution is so simple due to the fact that our fingerprints could be obtained from everywhere that we were and touched before [6, 7]. Therefore, utilizing some individuals features are recommended to be used as a standalone authentication approach. Most of the smartphone vendors install an additional camera to obtain the fingerprint [8].

Key binding algorithm is used in [9, 10] for fingerprint matching system. Moreover, a cryptographic key will be bind with the user's fingerprint images at the time of enrolment.

**59**

*Digest: A Biometric Authentication Protocol in Wireless Sensor Network*

them directly in to generate a secret named helper data W.

representations with a threshold to determine the matching result.

considered. Also the Hamming distance compared the input and database template

Monrose et al. [14] combined passwords with keystroke biometrics in secure way. Their technique was inspired by password "salting." Disadvantage of this method is that it only adds about 15 bits of entropy to the passwords. This leads marginally security. In [15, 16] they made some minor modifications to their primary work. They applied voice biometrics instead of keystroke. Tuyls et al. in [17, 18] supposed that all template are noise-free of a biometric identifier. Thus, they used

Juels and Wattenberg Davida et al.'s methods [11, 12] to tolerate variance in "fuzzy commitment" scheme [19]. This provides more strong security. Juels and Sudan [20] showed the security of the fuzzy vault scheme in an information-theoretic sense. Clancy et al. [21] extended Juels and Sudan [20] work. Moreover, they used "fingerprint vault" for multiple (typically five) fingerprints

Michelin et al. [22] proposed the use of the smartphone's camera for facial and iris recognition by the decision-making using the cloud. Another work on biometric authentication for an Android device [23] showed an increased level of higher task efficiency achieved using various solution. In [24], authors studied the usability and practicality of biometric authentication in the workplace and concluded that the ease of technology utilization and its environmental context play a vital role while the integration and the adoption will always incur additional and unexpected

The gesture-related user experience research conducted in [25–28] showed that security and user experience do not necessarily need to contradict each other. This work also promoted pleasure as the best way for fast technology adoption. In [26], authors addressed the usability of the ECG solution for authentication and concluded that the application of ECG is not yet suitable for dynamic

Here, we explain the proposed biometric cryptosystem [4] based on Finite Composite order group as well as a figure that clears logical relationship between important parts of the system (**Figure 1**). The security degree of the system

For a high security level (with selection of very large factors), factoring N (if N = nm such that (n, m) are coprime numbers) is impossible. Disadvantage of this technique is that performing group operation for large composite groups is slow leading to complicated operations. This system is based on a special *generator* to resist many attacks making the system faster. Below, we explain steps of the pro-

Let d be a security parameter of the system. Let m, p and q denote very large random prime numbers in which *n* = *pq* and *N* = *nm* ∴ *n* < *m* & (*n,m*) = 1. We define *m* and *n* as modulus for biometric trait. Also we know that *φ*(*N*) *= φ*(*mn*) = *φ*(*m*)*φ*(*n*) = . Let *X* ≡ *a mod m* and *X* ≡ *b mod n*, (*m*,*n*) = 1, (*a*,*b*) ≥ 0, (∀*X* < α). According to the

*−1*

*b + nnm −1*

*a mod N* (1)

*DOI: http://dx.doi.org/10.5772/intechopen.83460*

of users.

resource costs.

real-life scenarios.

**3. The protocol**

**3.1 KeyGen(π)**

depends on a hard DLP [29].

posed biometric cryptosystem.

Chinese theorem [10, 11], we have:

*X* ≡ *N1 s1 r1 + N2 s2 r2 (mod N) = mmn*

Davida et al. [11, 12] proposed the iris based biometric for, authentication process. Moreover, binary representation of iris texture, called IrisCode [13] is

### *Digest: A Biometric Authentication Protocol in Wireless Sensor Network DOI: http://dx.doi.org/10.5772/intechopen.83460*

considered. Also the Hamming distance compared the input and database template representations with a threshold to determine the matching result.

Monrose et al. [14] combined passwords with keystroke biometrics in secure way. Their technique was inspired by password "salting." Disadvantage of this method is that it only adds about 15 bits of entropy to the passwords. This leads marginally security. In [15, 16] they made some minor modifications to their primary work. They applied voice biometrics instead of keystroke. Tuyls et al. in [17, 18] supposed that all template are noise-free of a biometric identifier. Thus, they used them directly in to generate a secret named helper data W.

Juels and Wattenberg Davida et al.'s methods [11, 12] to tolerate variance in "fuzzy commitment" scheme [19]. This provides more strong security. Juels and Sudan [20] showed the security of the fuzzy vault scheme in an information-theoretic sense. Clancy et al. [21] extended Juels and Sudan [20] work. Moreover, they used "fingerprint vault" for multiple (typically five) fingerprints of users.

Michelin et al. [22] proposed the use of the smartphone's camera for facial and iris recognition by the decision-making using the cloud. Another work on biometric authentication for an Android device [23] showed an increased level of higher task efficiency achieved using various solution. In [24], authors studied the usability and practicality of biometric authentication in the workplace and concluded that the ease of technology utilization and its environmental context play a vital role while the integration and the adoption will always incur additional and unexpected resource costs.

The gesture-related user experience research conducted in [25–28] showed that security and user experience do not necessarily need to contradict each other. This work also promoted pleasure as the best way for fast technology adoption. In [26], authors addressed the usability of the ECG solution for authentication and concluded that the application of ECG is not yet suitable for dynamic real-life scenarios.

### **3. The protocol**

*Wireless Mesh Networks - Security, Architectures and Protocols*

biometric cryptography algorithms and WSNs [3].

available for sensors is limited [2].

and energy usage are the determining factors in the performance of critical applications. Consequently, methods of protecting and transferring data to the base station are very important because the sensor nodes run on battery power and the energy

In order to implement a flexible biometric security system, we need a favorite channel for transmitting information/data. This channel should be a safe and quick passage to transmit biological traits information/data. Since most of the time, accessing secure channel is costly or impossible, we would use a WSN channel for connecting capturing equipment such as scanner to DB. Obviously, this kind of network is not an enough safe passage for transferring highly secure information/ data, because an enemy may capture secure data being transmitted. Therefore, we should code or encrypt them such that it may be incomprehensible for others and enemies are not able to abuse them. This process could be done by integrating with a

Moreover, we use cryptographic algorithms for raw highly secure information to

Current authentication systems mostly are based on ID and password authentication system. Password is a combination of characters, numbers and letters that should be renewed in certain periods to prevent unauthorized people accesses. In order to provide an almost perfect secure system, a biometric security system can be implemented for authentication. But as mentioned above, the main problem is sending and receiving secure data/matching result through unsafe network. It means that network security should be considered as part of security performance

In this paper, we investigate a biometric security system proposed in [4] in WSNs. It saves a print of individual biometric traits through especial framework called "digest," which is output of a one-way function. This framework supplies perfect security without carrying out any encryption or decryption processes. Therefore, it would be a good selection for privacy preserving of users who wish to be authorized through a WSN. In order to make highly memory performance homomorphic property is utilized. This issue improves the algorithm energy consumption in WSN. Finally, Hamming distance measurement is used to compare stored data with newly created data to make decision of matched or mismatched in

There are many studies that present power complexity efficiency methods in wireless sensor networks. These studies applied natural algorithms including

The primary authentication mechanism is fingerprint whereas it is currently being pushed by the majority of smartphone/personal computer vendors. This solution is so simple due to the fact that our fingerprints could be obtained from everywhere that we were and touched before [6, 7]. Therefore, utilizing some individuals features are recommended to be used as a standalone authentication approach. Most of the smartphone vendors install an additional camera to obtain

Key binding algorithm is used in [9, 10] for fingerprint matching system. Moreover, a cryptographic key will be bind with the user's fingerprint images at the

Davida et al. [11, 12] proposed the iris based biometric for, authentication process. Moreover, binary representation of iris texture, called IrisCode [13] is

genetic algorithm to find best method for transferring data [3–5].

convert them to ciphertext. This task provides security as well as privacy.

for evaluation of security level of a biometric security system [3].

**58**

based node.

**2. Related work**

the fingerprint [8].

time of enrolment.

Here, we explain the proposed biometric cryptosystem [4] based on Finite Composite order group as well as a figure that clears logical relationship between important parts of the system (**Figure 1**). The security degree of the system depends on a hard DLP [29].

For a high security level (with selection of very large factors), factoring N (if N = nm such that (n, m) are coprime numbers) is impossible. Disadvantage of this technique is that performing group operation for large composite groups is slow leading to complicated operations. This system is based on a special *generator* to resist many attacks making the system faster. Below, we explain steps of the proposed biometric cryptosystem.

### **3.1 KeyGen(π)**

Let d be a security parameter of the system. Let m, p and q denote very large random prime numbers in which *n* = *pq* and *N* = *nm* ∴ *n* < *m* & (*n,m*) = 1. We define *m* and *n* as modulus for biometric trait. Also we know that *φ*(*N*) *= φ*(*mn*) = *φ*(*m*)*φ*(*n*) = .

Let *X* ≡ *a mod m* and *X* ≡ *b mod n*, (*m*,*n*) = 1, (*a*,*b*) ≥ 0, (∀*X* < α). According to the Chinese theorem [10, 11], we have:

$$X \equiv N\_1 \varepsilon\_1 r\_1 + N\_2 \varepsilon\_2 r\_2 \pmod{N} = m \, m\_n^{-1} b + n \, n\_m^{-1} a \bmod{N} \tag{1}$$

In Eq. (1) *mn* −1 is the inverse of (*m* mod*n*) and *nm* −1 is the inverse of (*n* mod *m*). Also *v* = *mmn* −1 ,*u* = *nnm* −1 ∴ (*u*,*α*) = 1.

We choose public system parameters as < *g*, *m*, *n*,*N*, *u*, *α* >*,* and master secret key as *MSK* = <*φ*(*N*) >. Where G be a cyclic group with generator *g* ∈ ℤℕ and *ord*(*g*) = *α*. Also, *β* and so *ϕ*(*N*) should kept secret.

### **3.2 Enrollment (UK, SK, X)**

In this phase, we measure biometric trait (*X*) to obtain value R = [*X* − *bv*] *mod N*. Then system calculates *kclient* from Eq. (2), and saves this value to the memory.

$$D(\mathbf{X}) = k\_{\text{client}} = \mathbf{g}^{R\beta} \bmod \mathbf{N} \; \text{'} \; \beta = q \nu(n) \tag{2}$$

**61**

*Digest: A Biometric Authentication Protocol in Wireless Sensor Network*

In authentication time, client calculates following equation:

*h= Xu mod N → D = gh+r<sup>α</sup> mod N* ∴ *r* ∈ *ℤℕ*

For every client and erases, all values except *kclient* of client, will kept in the memory of the system for verification process. If everyone access to *kclient*, she/he

In Eq. (3), *r* is a random number. Client sends *D* to the system for verification

Correctness: we now describe that how verification performs efficiently. From

*β*

According to the Euler's totient function [10], the Eq. (5) equals to Eq. (6):

Homomorphic verification: the scheme turns out to be useful in homomorphic verification over an additive group, i.e., if *D*(*h*) be randomized biometric digest *X* ∈ **ℤ***N*,

*<sup>→</sup> (g<sup>h</sup><sup>β</sup> mod N) <sup>×</sup> (1)* <sup>=</sup> *<sup>g</sup><sup>h</sup><sup>β</sup> mod <sup>N</sup>*⟶? *kclient* (6)

HD measuring (M, D, M′, D′): the protocol check HD of parameter of Eq. (8),

*)* <sup>=</sup> ‖(*<sup>D</sup>* <sup>⊕</sup> *<sup>D</sup>′*

*,D′*

Matching (HD, ι): Now the protocol compare obtained value to make final

result <sup>=</sup> { matched HD≤ <sup>τ</sup> mismatched o.w. (9)

The protocol includes two main phases: enrolment and verification. Every user should be enrolled through entering his/her biometric features using available instruments in the enrolment phase [30]. These instruments capture images and then process them to output vectors of *feature* and *mask* to cover errors as possible

The protocol does not save original information in database. Instead, the protocol keeps the information in cache for just some seconds in order to process it using mathematical one-way functions and convert it to different data with different formats and natures. The final processed data *Digest*; Digests are values that

*D(h1).D(h2) = D[(h1 + h2) mod N]* ∴ ∀*h* ∈ *ℤℕ* (7)

) .*M.M′* ‖ \_*\_\_\_\_\_\_\_*\_\_\_\_\_\_\_ ‖*M.M′*

‖ (8)

<sup>∗</sup> ,*α = φ(m)* (3)

<sup>β</sup> mod <sup>N</sup>⟶? kclient (4)

= ( *g<sup>h</sup> mod N*)( *g<sup>r</sup> mod N*) (5)

*DOI: http://dx.doi.org/10.5772/intechopen.83460*

cannot obtain no information about *X* or *R*.

process. System receives *D* and verifies:

Dclient

*D<sup>β</sup>* = [ *g<sup>h</sup>*+*r mod N*]

*HD(M,D,M′*

and send them to the enrollment algorithm [4, 31].

output according to Eq. (9)

with respect to the public parameter *N*, we have Eq. (7):

with all one in database along with their mask vectors. Note that:

**3.3 Verification (UK, X′)**

Eq. (4), we have:

*Digest: A Biometric Authentication Protocol in Wireless Sensor Network DOI: http://dx.doi.org/10.5772/intechopen.83460*

For every client and erases, all values except *kclient* of client, will kept in the memory of the system for verification process. If everyone access to *kclient*, she/he cannot obtain no information about *X* or *R*.
