**3.3 Verification (UK, X′)**

*Wireless Mesh Networks - Security, Architectures and Protocols*

**60**

In Eq. (1) *mn*

*mmn* −1 ,*u* = *nnm*

**Figure 1.**

−1

*The biometric authentication cryptosystem.*

**3.2 Enrollment (UK, SK, X)**

−1 ∴ (*u*,*α*) = 1.

Also, *β* and so *ϕ*(*N*) should kept secret.

is the inverse of (*m* mod*n*) and *nm*

−1

We choose public system parameters as < *g*, *m*, *n*,*N*, *u*, *α* >*,* and master secret key as *MSK* = <*φ*(*N*) >. Where G be a cyclic group with generator *g* ∈ ℤℕ and *ord*(*g*) = *α*.

In this phase, we measure biometric trait (*X*) to obtain value R = [*X* − *bv*] *mod N*.

*D(X) = kclient = g<sup>R</sup><sup>β</sup> mod N* ∴ *β = φ(n)* (2)

Then system calculates *kclient* from Eq. (2), and saves this value to the memory.

is the inverse of (*n* mod *m*). Also *v* =

In authentication time, client calculates following equation:

$$h = \text{X} \land mod \text{ N} \to \text{D} = \text{g}^{h \cdot rn} \land mod \text{ N} \newline \text{...} \newline r \in \mathbb{Z}\_{\gg}^\* \newline \text{a} = \text{ $\varphi$  (m)} \tag{3}$$

In Eq. (3), *r* is a random number. Client sends *D* to the system for verification process. System receives *D* and verifies:

$$\mathbf{D}\_{\text{client}}^{\emptyset} \bmod \mathbf{N} \xrightarrow{\mathfrak{f}} \mathbf{k}\_{\text{client}} \tag{4}$$

Correctness: we now describe that how verification performs efficiently. From Eq. (4), we have:

$$D^{\beta} = \left[\text{g}^{h \star ra} \bmod \text{N}\right]^{\beta} = \left(\text{g}^{h\beta} \bmod \text{N}\right) \left(\text{g}^{ra\beta} \bmod \text{N}\right) \tag{5}$$

According to the Euler's totient function [10], the Eq. (5) equals to Eq. (6):

$$\rightarrow \left( \mathbf{g}^{h\beta} \bmod \mathbf{N} \right) \times \left( \mathcal{Q} \right) = \mathbf{g}^{h\beta} \bmod \mathbf{N} \xrightarrow{\mathfrak{F}} \mathbf{k}\_{\text{client}} \tag{6}$$

Homomorphic verification: the scheme turns out to be useful in homomorphic verification over an additive group, i.e., if *D*(*h*) be randomized biometric digest *X* ∈ **ℤ***N*, with respect to the public parameter *N*, we have Eq. (7):

$$\mathcal{D}(h\_1)\mathcal{D}(h\_2) = \mathcal{D}[(h\_1 + h\_2) \bmod N] \; : \; \forall h \in \mathbb{Z}\_N \tag{7}$$

HD measuring (M, D, M′, D′): the protocol check HD of parameter of Eq. (8), with all one in database along with their mask vectors. Note that:

In an one in a cartesian along with inner mass vectors. Note that:

$$HD\{M, D, M, \stackrel{\cdot}{D}, D\} = \frac{\|\left(D \oplus D\right), M, M\|}{\|M, M\|}\tag{8}$$

Matching (HD, ι): Now the protocol compare obtained value to make final output according to Eq. (9)

result <sup>=</sup> { matched HD≤ <sup>τ</sup> mismatched o.w. (9)

The protocol includes two main phases: enrolment and verification. Every user should be enrolled through entering his/her biometric features using available instruments in the enrolment phase [30]. These instruments capture images and then process them to output vectors of *feature* and *mask* to cover errors as possible and send them to the enrollment algorithm [4, 31].

The protocol does not save original information in database. Instead, the protocol keeps the information in cache for just some seconds in order to process it using mathematical one-way functions and convert it to different data with different formats and natures. The final processed data *Digest*; Digests are values that nobody even system itself can identify the owner and the biometric property of the corresponding digest. Different digests of client will be fused with homomorphic operation. Additionally, he/she cannot misused available digests, because at authentication request time or online mode, system accept just semi-digest data as input that needs one more processing step to output digest [4].

After generating all of fused digests, all of primary information is safely erased from the cache memory and the digest is transmitted to the system database. The database is set of all original digests whose owners and biometric properties are unknown. Hereafter, if an individual wants to enter the system, the system will be able to identify him/her correctly as an authorized/unauthorized client [4].

After completing the enrollment phase and enrolling clients' digests, the system runs verification process, i.e., it enters the verification time of the protocol. An individual who request for authentication, enters his/her biometric information and the system captures it, process it to make fused semi-digest [4].

From now one, the protocol starts comparing algorithms. It firstly combines semi-digest with the secret parameter of the system to generate the corresponding digest. This digest will be compared with available digests in the database. This matching will be carried out using computation of the Hamming Distance measure of four parameters: (1) the stored digest, (2) its mask vector, (3) the new digest, and (4) its mask vector. If the obtained HD is fewer than value of threshold *τ*, the client's identification has been matched [4].

## **4. The protocol analysis in WSNs**

In this section, we compare the scheme [4] with those of [9–12, 14, 17, 20, 21]. Moreover, we review properties of the protocol that were performed on a single core of an Intel®, Pentium® D, 3:2Ghz processor, using MATLAB R2016a. Also we used Miracle library in binary fields [32] for some mathematical operations.

In this case, we installed the Java Genetic Algorithm Package (JPAC) to test the algorithm in a manner consistent with prior studies. Next, we utilized OMNET++ to trace the movement of the nodes in a virtual environment.


**63**

**Author details**

provided the original work is properly cited.

Faezeh Sadat Babamir\* and Murvet Kirci Istanbul Technical University, Maslak, Turkey

\*Address all correspondence to: babamir@itu.edu.tr

© 2019 The Author(s). Licensee IntechOpen. This chapter is distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/ by/3.0), which permits unrestricted use, distribution, and reproduction in any medium,

*Digest: A Biometric Authentication Protocol in Wireless Sensor Network*

time as well as it is safe enough to customize for any application.

column shows the efficiency of algorithms in WSNs.

In **Table 1**, a comparison between various algorithms in WSNs: the proposed scheme in [4], Soutar et al. [9, 10], Davida et al. [11, 12], Monrose et al. [14], Linnartz and Tuyls [17], Juels and Sudan [20], and Clancy et al. [21] are given. The third column in **Table 1** indicates the key release (R) or key generation (G) classification. Column "Practicality" deals with the complexity of the algorithm. Last

The protocol operates based on new concept *digest* [4] that leads to reduce time complexity of the proposal compared to schemes that already used encryption and

This concept also improved efficiency of identification operation in cost and

Wireless sensor networks are flexible and useful networks for securing critical data through biometric authentications. However, they are powered by nodes equipped by the limited capacity batteries. On the other hand, biometric authentication brings greater convenience to users than other authentication systems. This method can perfectly protect legitimated users and data against internal malicious and external frauds. Moreover, this measures and analyzes user's unique information for automatically recognizing user's identification. The first five most common traits are fingerprint, hand, eye/Iris, face and voice that would be transmitted through WSN. In this study, we utilized Iris and fingerprint to make a strong biometric authentication system in WSN. The scheme proposed in [4] was the more efficient in terms of applicable efficiency in WSN in comparison with similar studies. As a future work, the system will be able to operate in any networks by applying property of "Boolean identification." Further, by studying other difficult problems, we will improve this study to gain linear time efficiency. These new properties help

networks to transmit data securely and efficiently in any sensitive network.

*DOI: http://dx.doi.org/10.5772/intechopen.83460*

decryption process.

**5. Conclusion**

### **Table 1.**

*Comparison between various algorithms.*

*Digest: A Biometric Authentication Protocol in Wireless Sensor Network DOI: http://dx.doi.org/10.5772/intechopen.83460*

In **Table 1**, a comparison between various algorithms in WSNs: the proposed scheme in [4], Soutar et al. [9, 10], Davida et al. [11, 12], Monrose et al. [14], Linnartz and Tuyls [17], Juels and Sudan [20], and Clancy et al. [21] are given. The third column in **Table 1** indicates the key release (R) or key generation (G) classification. Column "Practicality" deals with the complexity of the algorithm. Last column shows the efficiency of algorithms in WSNs.

The protocol operates based on new concept *digest* [4] that leads to reduce time complexity of the proposal compared to schemes that already used encryption and decryption process.

This concept also improved efficiency of identification operation in cost and time as well as it is safe enough to customize for any application.
