,,,,

CERTIFICATE
The seminar Report entitled ATM using for finger Print submitted by Rakesh
Paniya (11EARIT044) have been examined by us and is hereby approved for carrying
out the project leading to the award of Degree Bachelor of Technology in Information
Technology. By this approval the undersigned does not necessarily endorse or approve
any statement made, opinion expresses or conclusion withdrawn therein, but approve the
pursuance of seminar only for the mentioned purpose.

Head of Department

Seminar Coordinator:

Er. Akhil Pandey

Er. Sandeep Tomar

ACKNOWLEDGEMENT

I would like to express my sincere thanks to Mr. Anurag Agrawal, Chairman, Arya Group of
Colleges for providing us with an opportunity to take a minor seminar and helping me with all
the resources needed for effective development of the project.
I am grateful to Mr. Akhil Pandey, Head of Department (Information Technology), Arya College
of Engineering & I.T, Jaipur and all the faculty members for extending their valuable suggestions
and their encouragement and cooperation have been a source of great inspiration.
I am also very thankful to our project coordinator Mr. Sandeep Tomar for their constant guidance
right from the inception till the successful completion of seminar. I sincerely acknowledge them
for extending their valuable guidance, support of literature, critical reviews of project and the
report and above all the moral support they had provided us with all stages of this seminar.

RAKESH PANIYA

Table of Content
Sr. Number

Chapters

Page Number

Abstract

Chapter 1:

Introduction

2-3

Chapter 2:

Literature Survey

4-10

Chapter 3: Existing Work in this Field

11-19

Chapter 4:

20-29

Chapter 5: Conclusion & Future Work

Proposed Work

30 31

References

ABSTRACT
An embedded Crypto-Biometric authentication scheme for ATM banking
systems is proposed in our paper. In this scheme, cryptography and biometric
techniques are fused together for person authentication to ameliorate the
security level.
The fingerprint template including singular points, frequency of ridges and
minutiae are stored at the central banking server when enrollment. At the time
of transaction fingerprint image is acquired at the ATM terminal using high
resolution fingerprint scanner. The fingerprint image is enhanced and then
encrypted using 128 bit private key algorithm. The encrypted image is
transmitted to the central server via secured channel. At the banking terminal
the image is decrypted using the same key. Based on the decrypted image,
minutiae extraction and matching are performed to verify the presented
fingerprint image belongs to the claimed user. The authentication is signed if
the minutiae matching are successful.
The proposed scheme is fast and more secure. Computer simulations and
statistical analysis are presented.

CHAPTER 1. INTRODUCTION
Biometrics based authentication is a potential candidate to replace password-based
authentication. Among all the biometrics, fingerprint based identification is one of the
most mature and proven technique. Cryptography provides the necessary tools for
accomplishing secure and authenticated transactions [3]. It not only protects the data
from theft or alteration, but also can be used for user authentication. In a conventional
cryptographic system, the user authentication is possession based. The weakness of
such authentication systems is that it cannot assure the identity of the maker of a
transaction; it can only identify the makers belongings (cards) or what he remembers
(passwords, PINs etc.) Automatic biometric authentication is an emerging field to
address this problem. Fingerprint authentication is the most popular method among
biometric authentication. However, it is infeasible to encrypt such a large volume of
image using conventional cryptography for the purpose of centralized fingerprint
matching [6]. A strong interest in biometric authentication is to integrate encryption
key with biometrics.
The project aims at developing a novel crypto-biometric authentication scheme in
ATM banking systems. It mainly reduces the accessing time, when compared with
manual based banking system. ATMs are now a normal part of daily life, it explores
the accessibility barriers that ATMs present to people with a variety of disabilities,
particularly examining the access barriers experienced by the people who are blind,
vision impaired or who have reading, learning or intellectual disabilities.

Together with the development of biometric authentication, integrated

biometrics and cryptosystems has also been addressed. Biometric
authentication in our paper is image based. For remote biometric
authentication, the images need to be encrypted before transmitted. Chaotic
map used in image encryption has been studied. The permutation of pixels, the
substitution of gray level values, and the diffusion of the discretized map can
encrypt an image effectively.
In this paper, an embedded crypto-biometric authentication protocol is
proposed. The fingerprint image acquired from the user is encrypted in the
ATM terminal for authentication. The encrypted image is then transmitted over
the secured channel to the central banking terminal. In the banking terminal
fingerprint image is decrypted. The decrypted image is compared with the
fingerprint templates. The authentication is valid if the minutiae matching are
successful.

The organization of the paper is given as follows: Section 2 deals with

description of the new embedded crypto-biometric authentication protocol.
Section 3 provides the concepts of Encryption and Decryption algorithms.
Generation of encryption key is studied in Section 4. Simulation and evaluation
of the encryption scheme is conducted in Section5. Conclusions are presented
in Section 6.

Here in this project we are going provide the at most security since it is taking the
FINGER PRINTS as the authentication for our account. So whenever we want to
access our account first we have to press the finger on the finger print scanner.
Scanner is interfaced to the micro controller with the serial interfacing. The micro
controller reads the data from the scanner. The micro controller allows those users,
who are authorized to operate the account. If any unauthorized user tries to operate the
account the micro controller switches on the security alarm. The total information
about the account holders is stored in the EEPROM. Keypad is used to enter the
password to operate the account or Locker. In present days, computer becomes a main
part of human beings for storing information. This information is up to some extent is
a secured one. For example the details of employees and students etc... The authority
person may only change the details. For this protection we are going to provide a
PASSWORD for the PCs. This is secure up to some extent only because there may be
a chance of revealing the password or sometimes the authorized person may forgot the
password. So we have to provide security for PCs with a unique and simple to
remember identification. One of such identification is the FINGER PRINT.
Fingerprint Scanner is a device for computer Security featuring superior performance,
accuracy, durability based on unique NITGEN Fingerprint Biometric Technology.
Fingerprint Scanner can be plugged into a computer separately with your mouse.
Fingerprint Scanner is very safe and convenient device for security.

2. EMBEDDED CRYPTO-BIOMETRIC AUTHENTICATION

PROTOCOL

10

Generally, there are two basic fingerprint authentication schemes, namely

the local and the centralized matching [11]. In the central matching scheme,
fingerprint image captured at the terminal is sent to the central server via
the network and then it is matched against the minutiae template stored in
the central server.
There are three stages in the protocol namely registration, login and
authentication. In the registration phase, the fingerprints of ATM users are
enrolled and the derived fingerprint templates are stored in the central
server. The login phase is performed at an ATM terminal equipped with a
fingerprint sensor.
The embedded ATM client authentication system is based on fingerprint
recognition which is designed after analyzed existed ATM system. The
LPC2148 chip is used as the core of these embedded system which is
associated with the technologies of fingerprint recognition and current high
speed network communication. The primary functions are shown as
follows:

Fingerprint recognition: The masters' fingerprint information was used

as the standards of identification. It must certify the feature of the
human fingerprint before using ATM system.

Remote authentication: System can compare current client's fingerprint

information with remote fingerprint data server.

Message alarming: different 4-digit code as a message to the mobile of

the authorized customer without any noise, in order to access the
Terminal. Two discriminate analysis methods: Besides the fingerprint
recognition, the mode of password recognition can be also used for the
system.

11

The proposed block schematic of embedded crypto biometric authentication

system is shown in Fig.

Fig. Schematic of embedded crypto biometric authentication system.

12

In the authentication phase, the fingerprint image is then encrypted and

transmitted to central server via secured channel. At the banking terminal
the image is decrypted using 128 bit private key algorithm [9]. The
encrypted image is transmitted to the central server via secured channel. At
the banking terminal the image is decrypted using the same key. Based on
the decrypted image, minutiae extraction and matching are conducted to
verify the presented fingerprint image belongs to the claimed user. The
authentication is signed if the minutiae matching are successful.
Cryptography provides the necessary tools for accomplishing secure and
authenticated transactions [3]. It not only protects the data from theft or
alteration, but also can be used for user authentication. In a conventional
cryptographic system, the user authentication is possession based. The
weakness of such authentication systems is that it cannot assure the
identity of the maker of a transaction; it can only identify the makers
belongings (cards) or what he remembers (passwords, PINs etc.)
Automatic biometric authentication is an emerging field to address this
problem. Fingerprint authentication is the most popular method among
biometric authentication. However, it is infeasible to encrypt such a large
volume of image using conventional cryptography for the purpose of
centralized fingerprint matching [6]. A strong interest in biometric
authentication is to integrate encryption key with biometrics.
The project aims at developing a novel crypto-biometric authentication
scheme in ATM banking systems. It mainly reduces the accessing time,
when compared with manual based banking system. ATMs are now a
normal part of daily life, it explores the accessibility barriers that ATMs
present to people with a variety of disabilities, particularly examining the
access barriers experienced by the people who are blind, vision impaired or
who have reading, learning or intellectual disabilities.
Together with the development of biometric authentication, integrated
biometrics and cryptosystems has also been addressed. Biometric
authentication in our paper is image based. For remote biometric
authentication, the images need to be encrypted before transmitted. Chaotic
map used in image encryption has been studied [12]. The permutation of
pixels, the substitution of gray level values, and the diffusion of the
discretized map can encrypt an image effectively.
In this paper, an embedded crypto-biometric authentication protocol is
proposed. The fingerprint image acquired from the user is encrypted in the
ATM terminal for authentication. The encrypted image is then transmitted
over the secured channel to the central banking terminal. In the banking

13

terminal fingerprint image is decrypted. The decrypted image is compared

with the fingerprint templates. The authentication is valid if the minutiae
matching are successful.
The organization of the paper is given as follows: Section 2 deals with
description of the new embedded crypto-biometric authentication protocol.
Section 3 provides the concepts of Encryption and Decryption algorithms.
Generation of encryption key [4] is studied in Section 4. Simulation and
evaluation of the encryption scheme is conducted in Section5. Conclusions
are presented in Section 6.

Here in this project we are going provide the at most security since it is
taking the FINGER PRINTS as the authentication for our account. So
whenever we want to access our account first we have to press the finger
on the finger print scanner. Scanner is interfaced to the micro controller
with the serial interfacing. The micro controller reads the data from the
scanner. The micro controller allows those users, who are authorized to
operate the account. If any unauthorized user tries to operate the account
the micro controller switches on the security alarm. The total information
about the account holders is stored in the EEPROM. Keypad is used to
enter the password to operate the account or Locker. In present days,
computer becomes a main part of human beings for storing information.
This information is up to some extent is a secured one. For example the
details of employees and students etc... The authority person may only
change the details. For this protection we are going to provide a
PASSWORD for the PCs. This is secure up to some extent only because
there may be a chance of revealing the password or sometimes the
authorized person may forgot the password. So we have to provide security
for PCs with a unique and simple to remember identification. One of such

14

identification is the FINGER PRINT. Fingerprint Scanner is a device for

computer Security featuring superior performance, accuracy, durability
based on unique NITGEN Fingerprint Biometric Technology. Fingerprint
Scanner can be plugged into a computer separately with your mouse.
Fingerprint Scanner is very safe and convenient device for security.

3.ENCRYPTION AND DECRYPTION ALGORITHMS

Encryption is the process of converting plain image into cipher image. Plain
image in our paper is the unsecured form of fingerprint image. By using the
appropriate keys, plain image is encrypted into cipher image before
transmitting through the secured channel.
Decryption is the reverse process of encryption. Fingerprint image is recovered
(plain image) by using the same key. DES, Triple DES and AES algorithms are
the commonly used symmetric key algorithms. Shared key, less time
consumption, easy operation and secret key are the merits of symmetric key
algorithms.
The design of entire system consisted of two part which are hardware and
software. The hardware are designed by the rules of embedded system, and the
steps of software consisted of three parts. The more details are shown as
follows.
A. Hardware Design
The LPC2148 chip is used as the core of entire hardware. Furthermore, the
modules of LCD, keyboard, alarm, fingerprint recognition are connected with
the main chip (LPC2148).The EEPROM are also embodied in the system.
There are some modules consisted of the system as follows

LCD module: The 16X2 is used in this module as a LCD Display, it supported
5x7 matrix
keyboard module: It can be used for inputting passwords.
Fingerprint recognition module: Nitgen Company's be used as a fingerprint
recognition. It has a 100dpi resolution, anti-press, anti-static, anticorrosion.

15

Figure I. The block diagram of hardware

Software design
The design was component of three parts included the design of main program
flow chart, the initializing ones, and the algorithm of fingerprint recognition
flow chart. This system of software is implemented by the steps as follows:
first of all, the Linux kernel and the File system are loaded into the main chip.
The next, the system is initialized to implement specific task, such as checking
ATM system, GSM communication and so on, and then each module reset for
ready to run commands. Before using ATM terminal, the mobile number and
fingerprint of the customer is required.
what he remembers (passwords, PINs etc.) Automatic biometric authentication
is an emerging field to address this problem. Fingerprint authentication is the
most popular method among biometric authentication. However, it is infeasible
to encrypt such a large volume of image using conventional cryptography for
the purpose of centralized fingerprint matching [6]. A strong interest in
biometric authentication is to integrate encryption key with biometrics.
The project aims at developing a novel crypto-biometric authentication scheme
in ATM banking systems.
First the system is required the owner's fingerprint. If all the recognition is
right, the system would send password to the Account holder and he will enter
the same password in touch screen for accessing the ATM Terminal. If
Authentication Failure then it send the alert message to the Account holder and
Bank.

16

In the process of inputting fingerprint, the AT77CI04B which is a linear sensor

that captures fingerprint images by sweeping the finger over the sensing area,
will used for acquiring the image of fingerprint. This product embed true
hardware based 8-way navigation and click functions. The fingerprint
information will be temporarily stored in SRAM and upload to the remote
finger data server to compare through bank network. The result of process will
be controlled by main chip(LPC 2148).

3.1 AES Algorithm [13-14]

The advanced encryption standard (AES) is a replacement to DES as the
federal standard. AES has already received widespread use because of its
standard definition, high security and freedom patent entanglements. In
cryptography, the Advanced Encryption Standard (AES) is also known as
Rijndael algorithm [13].
Unlike its predecessor DES, Rijndael is an iterated block cipher which supports
variable block length and key length. Both lengths can be independently
specified as 128, 192 or 256 bits. It has a variable number of iterations: 10, 12
and 14 for key lengths of 128,
192 or 256 bits respectively. In this paper, a 128 bit block [14] and key length
are assumed, although the design could be adopted without difficulty to other
block and key lengths. AES is fast in both software and hardware, relatively
easy to implement, and requires little memory.
The advanced encryption standard (AES) is a replacement to DES as the
federal standard. AES has already received widespread use because of its
standard definition, high security and freedom patent entanglements. In
cryptography, the Advanced Encryption Standard (AES) is also known as
Rijndael algorithm [13].
Unlike its predecessor DES, Rijndael is an iterated block cipher which supports
variable block length and key length. Both lengths can be independently
specified as 128, 192 or 256 bits. It has a variable number of iterations: 10, 12
and 14 for key lengths of 128, 192 or 256 bits respectively. In this paper, a 128
bit block [14] and key length are assumed, although the design could be
adopted without difficulty to other block and key lengths. AES is fast in both
software and hardware, relatively easy to implement, and requires little
memory.

17

(a)

(b)

Fig. AES algorithm (a) Encryption Structure (b) Decryption Structure

AES [14] consists of following

steps Key Generation

(i)

Initial Round
Rounds
Sub Bytes a non-linear substitution step
replaced with another according to a lookup table.

where each byte is

(ii)

Shift Rows a transposition step where each row of the state is shifted
cyclically a certain number of steps.

(iii)

Mix Columns a mixing operation which operates on the columns of

the state, combining the four bytes in each column.

(iv)

AddRoundKey each byte of the state is combined with the round

key; each round key is derived from the cipher key using a key schedule.

18

Final Round (no Mix Columns)

The design of entire system consisted of two part which are hardware and
software. The hardware are designed by the rules of embedded system, and the
steps of software consisted of three parts. The more details are shown as
follows.
A. Hardware Design
The LPC2148 chip is used as the core of entire hardware. Furthermore, the
modules of LCD, keyboard, alarm, fingerprint recognition are connected with
the main chip (LPC2148).The EEPROM are also embodied in the system.
There are some modules consisted of the system as follows
LCD module: The 16X2 is used in this module as a LCD Display, it
supported
5x7 matrix keyboard module: It can be used for
inputting passwords.
Fingerprint recognition module: Nitgen Company's be used as a fingerprint
recognition. It has a 100dpi resolution, anti-press, anti-static, anticorrosion.
Software design
The design was component of three parts included the design of main program
flow chart, the initializing ones, and the algorithm of fingerprint recognition
flow chart. This system of software is implemented by the steps as follows:
first of all, the Linux kernel and the File system are loaded into the main chip.
The next, the system is initialized to implement specific task, such as checking
ATM system, GSM communication and so on, and then each module reset for
ready to run commands. Before using ATM terminal, the mobile number and
fingerprint of the customer is required.
what he remembers (passwords, PINs etc.) Automatic biometric authentication
is an emerging field to address this problem. Fingerprint authentication is the
most popular method among biometric authentication. However, it is infeasible
to encrypt such a large volume of image using conventional cryptography for
the purpose of centralized fingerprint matching [6]. A strong interest in
biometric authentication is to integrate encryption key with biometrics.
The project aims at developing a novel crypto-biometric authentication scheme
in ATM banking systems.
First the system is required the owner's fingerprint. If all the recognition is
right, the system would send password to the Account holder and he will enter

19

the same password in touch screen for accessing the ATM Terminal. If
Authentication Failure then it send the alert message to the Account holder and
Bank.
The design of fingerprint recognition
Fingerprints are one of many forms of biometrics, used to identify individuals
and verify their identity. This article touches on two major classes of
algorithms and four sensor designs (optical, ultrasonic, passive capacitance,
and active capacitance) The analysis of fingerprints for matching purposes
generally requires the comparison of several features of the print pattern. These
include patterns, which are aggregate characteristics of ridges, and minutia
points, which are unique features found within the patterns It is also necessary
to know the structure and properties of human skin in order to successfully
employ some of the imaging technologies

The three basic patterns of fingerprint ridges are the arch, loop, and whorl:
arch: The ridges enter from one side of the finger, rise in the center forming an
arc, and then exit the other side of the finger.
loop: The ridges enter from one side of a finger, form a curve, and then exit on
that same side.
whorl: Ridges form circularly around a central point on the finger.
The first step was the acquisition of fingerprint image by above device
mentioned in the algorithm, and the results could be sent to the following
process. secondly, preprocessing the images acquired. After obtain the
fingerprint image, it must be preprocessing. Generally, pre-processing of one's
is filtering, histogram computing, image enhancement and image binarization.
Lastly, the characteristic value was extracted, and the results of the above
measures would be compared with the information of owner's fingerprint in the
database so as to verify whether the character is matched, and then the system
returned the results matched or not.
Fingerprint recognition identifies people by using the impressions made bythe
minute ridge formations or patterns found on the fingertips. Finger
printingtakes an image of a person's fingertips and records its characteristics whorls,arches, and loops are recorded along with patterns of ridges, furrows,
and minutiae.Information is processed as an image and further encoded as a
computer algorithm.Fingerprint based biometrics has primarily been used to
secure entry devices forbuilding door locks and computer network access. A
small number of banks usefingerprint readers for authorization at ATMs.
Grocery stores are experimentingwith a fingerprint scan checkout that
automatically recognizes and bills a registereduser's credit card or debit

20

account. More recent applications of finger recognitioninclude use of

fingerprints for voter registration
The design was component of three parts included the design of main program
flow chart, the initializing ones, and the algorithm of fingerprint recognition
flow chart. This system of software is implemented by the steps as follows:
first of all, the Linux kernel and the File system are loaded into the main chip.
The next, the system is initialized to implement specific task, such as checking
ATM system, GSM communication and so on, and then each module reset for
ready to run commands. Before using ATM terminal, the mobile number and
fingerprint of the customer is required.
First the system is required the owner's fingerprint. If all the recognition is
right, the system would send password to the Account holder and he will enter
the same password in touch screen for accessing the ATM Terminal. If
Authentication Failure then it send the alert message to the Account holder and
Bank.
Global System for Mobile Communication (GSM) is a set of ETSI standards
specifying the infrastructure for a digital cellular service. The standard is used
in approx. 85 countries in the world including such locations as Europe, Japan
and Australia. GSM security issues such as theft of service, privacy, and legal
interception continue to raise significant interest in the GSM community. The
purpose of this portal is to raise awareness of these issues with GSM security.
The mobile communications has become one of the driving forces of the digital
revolution. Every day, millions of people are making phone calls by pressing a
few buttons. Little is known about how one person's voice reaches the other
person's phone that is thousands of miles away. Even less is known about the
security measures and protection behind the system. The complexity of the cell
phone is increasing as people begin sending text messages and digital pictures
to their friends and family. The cell phone is slowly turning into a handheld
computer. All the features and advancements in cell phone technology require a
backbone to support it. The system has to provide security and the capability
for growth to accommodate future enhancements. General System for Mobile
Communications, GSM, is one of the many solutions out there. GSM has been
dubbed the "Wireless Revolution" and it doesn't take much to realize why GSM
provides a secure and confidential method of communication.

21

4. KEY GENERATION

Encryption keys are vital to the security of the cipher, which can be derived in
the following three methods:
4.1 Randomly chosen values of pixels and their co-ordinates in raw image

Randomly choose 5-10 points in the raw fingerprint image. The vertical and
horizontal position of pixels, as well as the gray level values of each point is
served as key. MOD operations are performed. The key consists of the
remainders and a supplementary digit that makes the sum of key equals to N.
For example, in a 256256 gray level fingerprint image, there are five points
picked up, their coordinates and pixels values are: (32,21,240); (58,115,175);
(135,174,189); (216,172,194); (218,221,236). After conducting mod (40) and
mod (10) operations for the coordinates and the gray level values,
respectively. The result is: (32,21,0); (18,35,5); (15,14,9); (16,12,4);
(18,21,6). The sum of above five groups numbers is Sm=226. At last, a
supplementary digit N Sm =256-226=30 is the last digit of the key, where N
and Sm denote the size of the image and the sum of the co-ordinates and pixel
vales respectively. The encryption key is: {32, 21, 0, 18, 35, 5, 15, 14, 9, 16,
12, 4, 18, 21, 6, 30}

Fingerprints:
The patterns of friction ridges and valleys on an individual's fingertips are
unique to that individual. For decades, law enforcement has been classifying
and determining identity by
matching key points of ridge endings and bifurcations. Fingerprints are unique
for each finger of a person including identical twins. One of the most
commercially available biometric technologies, fingerprint recognition devices
for desktop and laptop access are now widely
available from many different vendors at a low cost. With these devices, users
no longer need to type passwords instead, only a touch provides instant
access.
The identification of a person by their facial image can be done in a number of
different ways such as by capturing an image of the face in the visible spectrum
using an

22

inexpensive camera or by using the infrared patterns of facial heat emission.

Facial recognition in visible light typically model key features from the central
portion of a facial image. Using a wide assortment of cameras, the visible light
systems extract features from the captured image(s) that do not change over
time while avoiding superficial features such as facial expressions or hair.
Speaker recognition uses the acoustic features of speech that have been
found to differ between individuals. These acoustic patterns reflect both
anatomy and learned
behavioral patterns . This incorporation of learned patterns into the voice
templates has earned
speaker recognition its classification as a "behavioral biometric." Speaker
recognition systems employ three styles of spoken input: text-dependent, textprompted and text independent.
Most speaker verification applications use text-dependent input, which involves
selection and
enrollment of one or more voice passwords. Text-prompted input is used
whenever there is
concern of imposters. The various technologies used to process and store
voiceprints include
hidden Markov models, pattern matching algorithms, neural networks, matrix
representation and decision trees.
This technology uses the dynamic analysis of a signature to authenticate
a person. The technology is based on measuring speed, pressure and angle used
by the person
when a signature is produced. One focus for this technology has been ebusiness applications
and other applications where signature is an accepted method of personal
authentication.

4.2 From the stable global features of fingerprint image

Some global features such as core and delta are highly stable points in a
fingerprint, which have the potential to be served as cryptography key. Some
byproduct information in the processing of fingerprint image can be used as the
encryption key. For example, the Gabor filter bank parameters[7] are:
concentric bands is 7, the number of sectors considered in each band is 16,
each band is 20 pixels wide; there are 12 ridge between core and delta, the
charges of the core and delta point are 4.8138e-001 and 9.3928e001, and the
period at a domain is 16. Then the key could be: {7, 16, 20, 12, 4, 8, 13, 8, 9,
39, 28, 27, 1, 16, 50, and 42}.

23

4.3 Pseudo random number generator based on chaotic map [12]

one can use the pseudo-random number generator introduced in [5] to produce
the key. Chaotic maps provide excellent security and have many desired
cryptographic qualities. They are simple to implement which results in high
encryption rates. In chaos based encryption, the method for developing a cipher
consists of four steps.

Designing the basic map

Generalized map
Discretized version
Extension to three dimensions
Starting with M N image with L gray levels (for example, with the image
consisting of a black square) after performing k iterations, we obtain M N
pseudo random integers in the range [0, L-1]. Majority of traditional random
number generators generate the next number in the sequence by following
certain deterministic rule, i.e., there is a deterministic relationship between xi
and xi 1. The random number generator based on three-dimensional maps is
nontraditional because it does not have this property. If more than M N random
numbers are needed, we can perform another k iteration of the chaotic map and
get another set of M N random numbers. To encrypt a fingerprint image, three
to six iterations can hide the image perfectly where each iteration is suggested
to use different key.
The quality of stream ciphering based on mixing the plaintext with a sequence
of pseudo random numbers depends on the following factors:
The period of the pseudo random sequence [5].
Randomness properties of the generator. It should be computationally
hard to determine the key and the seed based on the knowledge of a
finite segment of
pseudo-random numbers.
Global System for Mobile Communication (GSM) is a set of ETSI standards
specifying the infrastructure for a digital cellular service. The standard is used
in approx. 85 countries in the world including such locations as Europe, Japan
and Australia. GSM security issues such as theft of service, privacy, and legal
interception continue to raise significant interest in the GSM community. The
purpose of this portal is to raise awareness of these issues with GSM security.
The mobile communications has become one of the driving forces of the digital
revolution. Every day, millions of people are making phone calls by pressing a

24

few buttons. Little is known about how one person's voice reaches the other
person's phone that is thousands of miles away. Even less is known about the
security measures and protection behind the system. The complexity of the cell
phone is increasing as people begin sending text messages and digital pictures
to their friends and family. The cell phone is slowly turning into a handheld
computer. All the features and advancements in cell phone technology require a
backbone to support it. The system has to provide security and the capability
for growth to accommodate future enhancements. General System for Mobile
Communications, GSM, is one of the many solutions out there. GSM has been
dubbed the "Wireless Revolution" and it doesn't take much to realize why GSM
provides a secure and confidential method of communication.
The structure of permutations of the pixels suggests that the period of the
sequence is very high. This statement needs to be quantified by an asymptotic
estimate for the period. This topic is currently under investigation. The third
requirement is equivalent to breaking the cipher using cipher text only type of
attack. As described before, the complexity of a direct key search increases
exponentially as 20.9 N 1. The randomness properties of the proposed random
number generator were tested on a 256 256s image with 256 gray levels with
the following tests for randomness:
Uniformity of distribution test
Coupon collectors test
Permutation test
Poker test
Serial pairs test All five tests were satisfied by the sequence of pseudo random
numbers obtained from an encrypted image of a black square after nine
iterations. The numbers were read in a row-by-row manner. Computer
experiments done with other scanning patterns suggest that the properties of the
pseudo random sequence do not depend on the scanning pattern.
Fingerprint
recognition or
fingerprint
authentication
refers tothe automated method of verifying a match between twohuman
fingerprints.Fingerprints are a distinctive feature and remain invariant over
thelifetime of a subject, except for cuts and bruises. A fingerprint impression
isacquired, typically using an inkless scanner. The digital image of
thefingerprint includes several unique features in terms of ridge bifurcationsand
ridge endings, collectively referred to as minutiae.A fingerprint sensor is an

25

electronic device used to capture a digitalimage of the fingerprint pattern. The

analysis of fingerprints for matchingpurposes generally requires the
comparison of several features of the printpattern. These include patterns,
which are aggregate characteristics of ridges,and minutia points, which are
unique features found within the patterns.
Advantages
_ It is an internal organ that is well protected against damage by a highly
transparent and sensitive membrane. This feature makes it advantageous
from finger print. _ Flat , geometrical configuration controlled by 2
complementary muscles control the diameter of the pupil makes the iris
shape more predictable .
_ An iris scan is similar to taking a photograph and can be performed from about
10 cm to a
few meters
away.
_ Encoding and decision-making are tractable .
_ Genetic independence no two eyes are the same.
DISADVANTAGES
_ The accuracy of iris scanners can be affected by changes in lightning.
_ Obscured by eyelashes, lenses, reflections.
_ Deforms non-elastically as pupil changes size.
_ Iris scanners are significantly more expensive than some other form of
biometrics.
_ As with other photographic biometric technologies, iris recognition is
susceptible to poor image
quality, with associated failure to enroll rates
_ As with other identification infrastructure (national residents
databases, ID cards, etc.), civil rights
activists have voiced concerns that iris-recognition technology might
help governments to track individuals beyond their will.

26

5.SIMULATION, STATISTICAL AND STRENGTH ANALYSIS

In this section, the proposed encryption scheme is tested. Simulation results
and its evaluation are presented.

5.1 Simulations
The gray level fingerprint image is shown Fig.3(a). The first 3D permutation is
performed with the key {32, 21, 0, 18, 35, 5, 15, 14, 9, 16, 12, 4, 18, 21, 6, 30}.
After first round of 3D permutation, the encrypted fingerprint image is shown
in Fig.3(b). The second round permutation is performed with the key {7, 16,
20, 12, 4, 8, 13, 8, 9, 39, 28, 27, 1, 16, 50, 42}. After that, the image is shown
in Fig.3(c). The third round permutation is finished with a key {1, 23, 8, 19, 32,
3, 25, 12, 75, 31, 4, 10, 14, 5, 25, 13}. After this, the image is shown in
Fig.3(d), which is random looking.

(a)

(b)

27

(c)

(d)

Fig. 3 Fingerprint and the encrypted image.

(a) Original image; (b) One round of iteration; (c) Two rounds of iterations; (d)
Three rounds of iterations. 5.2 Statistical and Cryptographic Strength

Analysis
Statistical

analysis.
The histogram of original fingerprint image is shown in Fig.4 (a). After 2D
chaotic mapping, the pixels in fingerprint image can be permuted, but as the
encrypted fingerprint image has the same gray level distribution and same
histogram as in Fig.4 (a). As introduced in Section 4, 3D chaotic map [11] can
change the gray level of the image greatly. After one round and three rounds of
3D substitution, the histograms are shown in Fig.4(b) and (c) respectively,
which is uniform, and has much better statistic character, so the fingerprint
image can be well hidden.

28

(a)

(b)

(c)
Fig. 4 Histograms of fingerprint image and the encrypted image. (a) Original
fingerprint image; (b) One round of 3D iteration; (c) Three rounds of 3D
iterations.

29

The cipher technique is secure with respect to a known plaintext type of attack.
With the diffusion methodology, the encryption technique is safe to cipher text
type of attack. As the scheme proposed in this paper use different keys in
different rounds of iterations, and the length is not constrained, it can be chosen
according to the developers need.
Some global features such as core and delta are highly stable points in a
fingerprint, which have the potential to be served as cryptography key. Some
byproduct information in the processing of fingerprint image can be used as the
encryption key. For example, the Gabor filter bank parameters[7] are:
concentric bands is 7, the number of sectors considered in each band is 16,
each band is 20 pixels wide; there are 12 ridge between core and delta, the
charges of the core and delta point are 4.8138e-001 and 9.3928e001, and the
period at a domain is 16.
Although there are hundreds of reported techniques for fingerprint detection,
many of these are only of academic interest and there are only around 20 really
effective methods which are currently in use in the more advanced fingerprint
laboratories around the world. Some of these techniques, such as ninhydrin,
diazafluorenone and vacuum metal deposition, show great sensitivity and are
used operationally. Some fingerprint reagents are specific, for example
ninhydrin or diazafluorenone reacting with amino acids. Others such as ethyl
cyanoacrylate polymerisation, work apparently by water-based catalysis and
polymer growth. Vacuum metal deposition using gold and zinc has been shown
to be non-specific, but can detect fat layers as thin as one molecule. More
mundane methods, such as the application of fine powders, work by adhesion
to sebaceous deposits and possibly aqueous deposits in the case of fresh
fingerprints. The aqueous component of a fingerprint, whilst initially
sometimes making up over 90% of the weight of the fingerprint, can evaporate
quite quickly and may have mostly gone after 24 hours. Following work on the
use of argon ion lasers for fingerprint detection,[24] a wide range of
fluorescence techniques have been introduced, primarily for the enhancement
of chemically-developed fingerprints; the inherent fluorescence of some latent
fingerprints may also be detected. The most comprehensive manual of the
operational methods of fingerprint enhancement is published by the UK Home
Office Scientific Development Branch and is used widely around the world.
[25]
Research
The International Fingerprint Research Group (IFRG) which meets biennially,
consists of members of the leading fingerprint research groups from Europe,
the US, Canada, Australia and Israel and leads the way in the development,

30

assessment and implementation of new techniques for operational fingerprint

detection.
One problem for the early twenty-first century is the fact that the organic
component of any deposited material is readily destroyed by heat, such as
occurs when a gun is fired or a bomb is detonated, when the temperature may
reach as high as 500 C. Encouragingly, however, the non-volatile inorganic
component of eccrine secretion has been shown to remain intact even when
exposed to temperatures as high as 600 C.
A technique has been developed that enables fingerprints to be visualised on
metallic and electrically conductive surfaces without the need to develop the
prints first.[26] This technique involves the use of an instrument called a
scanning Kelvin probe (SKP), which measures the voltage, or electrical
potential, at pre-set intervals over the surface of an object on which a
fingerprint may have been deposited. These measurements can then be mapped
to produce an image of the fingerprint. A higher resolution image can be
obtained by increasing the number of points sampled, but at the expense of the
time taken for the process. A sampling frequency of 20 points per mm is high
enough to visualise a fingerprint in sufficient detail for identification purposes
and produces a voltage map in 23 hours. As of 2010, this technique had been
shown to work effectively on a wide range of forensically important metal
surfaces including iron, steel and aluminium. While initial experiments were
performed on flat surfaces, the technique has been further developed to cope
with irregular or curved surfaces, such as the warped cylindrical surface of
fired cartridge cases. Research during 2010 at Swansea University has found
that physically removing a fingerprint from a metal surface, for example by
rubbing with a tissue, does not necessarily result in the loss of all fingerprint
information from that surface. The reason for this is that the differences in
potential that are the basis of the visualisation are caused by the interaction of
inorganic salts in the fingerprint deposit and the metal surface and begin to
occur as
soon as the finger comes into contact with the metal, resulting in the formation
of metalion complexes that cannot easily be removed.

31

6. CONCLUSION
An embedded Crypto-Biometric authentication scheme for ATM banking
systems has been proposed. The claimed users fingerprint is required during a
transaction. The fingerprint image is encrypted via 3D chaotic map as soon as it
is captured, and then transmitted to the central server using symmetric key
algorithm [14]. The encryption keys are extracted from the random pixel
distribution in a raw image of fingerprint, some stable global features of
fingerprint and/or from pseudo random number generator. Different rounds of
iterations use different keys.
At the banking terminal the image is decrypted using the same key. Based on
the decrypted image, minutiae extraction and matching are performed to verify
the presented fingerprint image belongs to the claimed user. Future work will
focus on the study of stable features (as part of encryption key) of fingerprint
image, which may help to set up a fingerprint matching dictionary so that to
narrow down the workload of fingerprint matching in a large database.
The design of ATM terminal system based on finger print recognition took
advantages of the stability and reliability of fingerprint characteristics, a new
biological technology based on the image enhancement algorithm of Gabor and
direction filter. Additional, the system also contains the original verifying
methods which was inputting owner's password. The security features were
The design of ATM terminal system based on finger print recognition took
advantages of the stability and reliability of finger print characteristics, a new
biological technology based on the image enhancement algorithm of Gabor and
direction filter. Additional, the system also contains the original verifying
methods which was inputting owner's password. The security features were

32

REFERENCES
[1]

[2]
[3]

[4]

[6]

[7]
[8]

[9]
[10]

[12]

[13]

[14]

F.Han, J.Hu, X.Yu, Feng, Zhou: A novel hybrid cryptobiometric authentication

scheme for ATM based banking applications, Springer-Verlag Berlin
Heidelberg, (2005) 675-681.
F.Han, J.Hu, X.Yu, Feng, Zhou: A New Way of Generating Grid-Scroll Chaos
and its Application to Biometric Authentication, IEEE, (2005) 61-66.
U.Uludag, S.Pankanti, S.Prabhakar andA. K.Jain, Biometric cryptosystems:
Issue and challenges, Proceedings of the IEEE, vol.92, no.6, 2004,
pp.948960.
S. Hoque, M. Fairhurst, G. Howells and F. Deravi, Feasibility of generating
biometric encryption keys, Electronics Letters, vol. 41, no.6, 2005, pp.29-30.
[5] Fridrich, J.: Symmetric Ciphers Based on twodimensional chaotic maps, Int.
J. Bifurcation and Chaos, 8 (1998) 1259-1284
Zhou, J., Gu, J.: A model-based method for the computation of fingerprints
orientation field, IEEE
Trans. on Image Processing, 13 (2004) 821-835
Jain, A.K., Prabhakar, S., Hong, L., Pankanti, S.:Filterbank-based fingerprint
matching, IEEE Trans. on Image Processing, 9 (2000) 846-859
Jain, A.K., Prabhakar S., Hong, L.: A multichannel approach to fingerprint
classification, IEEE Trans. on
Pattern Anal. Machine Intell., 21 (1999) 348-359
Chen, G., Mao, Y., Chui, C.: A symmetric encryption scheme based on 3D
chaotic cat map, Chaos, Solitons & Fractals, 21 (2004) 749-761
Uludag, U., Ross, A., Jain, A.K.: Biometric template selection and update: a
case study in fingerprints, Pattern Recognit., 37 (2004) 1533-1542 [11]
Kocarev, L. Jakimoski, G., Stojanovski T., Parlitz, U.:
From chaotic maps to encryption schemes, Proc. IEEE Sym. Circuits
and Syst., 514-517, Monterey,
California, June (1998)
Ratha, N.K, Karu, K. Chen, S., Jain, A.K.: A real-time matching system for
large fingerprint databases, IEEE
Trans. on Pattern Anal. Machine Intell., 18 (1996)
799- 813
J. Daemen, V. Rijmen, ``the Block Cipher Rijndael,''
Smart Card Research and Applications, LNCS 1820, J.J. Quisquater
and B. Schneier, Eds., Springer-Verlag, 2000, pp. 277-284.
J. Daemen and V. Rijmen, ``Rijndael, the advanced encryption standard,'' Dr.
Dobb's Journal, Vol.~26, No.~3, March 2001, pp.~137--139.

33