Two-factor-based RSA key generation from fingerprint biometrics and password for secure communication

In an asymmetric-key cryptosystem, the secure storage of private keys is a challenging task. This paper proposes a novel approach for generating the same public and private key pair on a need basis. Hence, the need for secure storage of the private key is done away with. The proposed approach for ge...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Complex & Intelligent Systems 2022-08, Vol.8 (4), p.3247-3261
Hauptverfasser: Suresh, K., Pal, Rajarshi, Balasundaram, S. R.
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In an asymmetric-key cryptosystem, the secure storage of private keys is a challenging task. This paper proposes a novel approach for generating the same public and private key pair on a need basis. Hence, the need for secure storage of the private key is done away with. The proposed approach for generating the key pair is based on two factors: fingerprint biometrics and password. A stable binary string is generated from the distances among pairs of minutiae points in a fingerprint using a gray code-based method. Experiments show that gray code representation significantly reduces the number of inconsistencies between the generated bit strings from two instances of the same fingerprint as against the binary code representation. Hence, the Reed–Solomon error correction code successfully corrects errors due to variations in multiple instances of the same fingerprint to induce stability in the generated string. Hash of the stable string generated from the fingerprint and the string generated from hashed password are XORed to derive a stable seed value. The proposed approach uses this seed value to generate two large prime numbers. These prime numbers are used to generate the public and private key pair using the RSA key generation method. This seed value ensures the generation of the same key pair every time. The experimental results show that the proposed approach can ensure a stable generation of the key. It is not required to store either the fingerprint template or the password. Moreover, the generated private key is also not stored. It can be regenerated on a need basis.
ISSN:2199-4536
2198-6053
DOI:10.1007/s40747-022-00663-3