Abstract:

Distributing software and hardware components of a bio-metric authentication system over hosts linked by a network introduces additional challenges compared to developing a centralised system. Among these, fault tolerance and network transfer resilience are of particular importance. Specifically, transmission of data over IP networks is not without flaws: overflowing router queues, parallelised data streams, variability in traffic load, non-constant delay between packet arrivals, packet corruption, and many other causes can lead to data loss, packet reordering and transmission delays, depending on the transport layer protocol used.

It is thus crucial to the successful deployment of distributed biometric authentication systems that biometric data transmission problems be addressed and mechanisms for ensuring successful authentication in the event of transmission problems be built in. In this paper, a detailed analysis of iris based biometric user authentication under OFDM transmission is presented while taking into account of transmission impairments. It has been found that the OFDM parameters have deep impact on the overall recognition rate of Iris system.

Index Term: OFDM, Iris Recognition, Reversible Data Hiding, Encryption etc..

1. Introduction:

In past few years, the use of internet has increased tremendously. Now the use of internet is everywhere, from various applications to online authentication etc. On the internet, the implementation of biometrics is a function to perform in a number of disciplines. It includes methods of person authentication that works on signal processing, mathematical fusion and statistical modelling techniques. In addition, online data security, data communications, computer networks and communication protocols are also included in this list. The requirement for the latter discipline is because of the reason that an online robust biometric authentication technique would be of no value or may be practically very little worth if, for the case, hackers could reach personal identification data transmitted over the network or could manage the verification of their pretended identities by breaking into the individual identification server. It is also noticeable that the various transmission impairments also need to be considered, thus the quality of the transmitted and received image may differ significantly.

Generally, in order to minimize the delay in transmission and to regard bandwidth constraints, compression of the signal is necessary at this point. A number of issues could be faced with this sort of architecture, especially when the transmission is done through the Internet. In this paper, effect of OFDM transmission on iris recognition is detailed including reversible data hiding technique for the online security of the biometric image and steganography for key security.

This paper is organized into eight sections. Section 2, of the paper discusses the basic concept and limitations of the existing systems. In section 3, problem formulation is detailed. Reversible data hiding in encrypted image is detailed in section 4 of the paper. OFDM system is described in the section 5 of the paper. Iris recognition is discussed in section 6. The results of the various components is detailed and discussed in the section 7 of the paper. Finally, section 8 of the paper, presents the major conclusions.

2. Basic Concepts and Limitations

The term password could be used to define any PINs (personal identification numbers), single phrases and words that are used for authentication and hence must be closely kept secret. There are numerous studies demonstrating the vulnerabilities of secret key (password) based authentication methods [1-4]. Some of the primary issues related with passwords are briefly explained as: a memorable password can be easily guessed or find out by an attacker whereas a changing, long and random password is hard to recall now and then.

A physical device that helps or used in the process of authentication can be termed as a token, security token, access token or identity token. These types of tokens could be used as a secure and safe storage device that contains unique passwords like smart card, remote door opener and bankcard. Additionally, it can also perform as an active device that produces one-time passcodes, either time-synchronous (changing in synchrony with a master at the host) or challenge-response (responding to a onetime challenge). Security defences that are provided by the token incorporate tamper-resistant packaging along with a special hardware that discontinue the authenticity of the token if it is tampered with or if the attempts for the authentication failed above a chosen threshold number.

Just like password, a passcode is also a secret number. But the difference between the two is that passcode is machine-stored and machine-generated, hence it can be more random, longer and may be changing.

The term biometric refers to an element that is measured from the human body. The reason behind its usage for user authentication is its uniqueness. It includes features like: hand, face fingerprints, eye (iris and retina), voice, and signature. Additionally, biometric incorporates some other more futuristic or obscure biometrics [5-6] like gait and smell. A biometric refers to inextricably link the authenticator to its owner which is not possible with passwords and tokens, as they can be stolen or lent.

Implementation of this scheme produces a good result and it is not likely to fail from use. But, it does have some demerits. For example, a password is not strictly known; it is memorized.

Biometric techniques have advanced over the past years to a reliable means of authentication, which are increasingly deployed in various application domains [7-12]. The widespread use of biometrics raises crucial privacy concerns, in particular if the biometric matching process is performed at a central or untrusted server, and calls for the implementation of Privacy-Enhancing Technologies. To protect biometric identifier from intrusive actions various security methods are proposed, most of these methods are based on the steganography, watermarking and cryptography. Reversible data hiding using room before and after encryption is also proposed where hidden data can be recovered without any loss. However, to best of our knowledge no study has been done which considers the effect of network packet loss on the overall performance of the biometric system. In this work, OFDM based wireless network is considered. This paper carries out the detailed analysis for complete process. Here, steganography is used for advance key transfer, recently proposed RDH [13] for the encrypted iris image transfer, OFDM as wireless network where encrypted image is transmitted and received and at the receiving end from decrypted image, iris image is extracted and iris authentication process commences.

3. Problem Formulation

The online security can be enhanced by using biometrics, in addition to login and password based system. A three-factor authentication combines biometrics information with user password and smart card to provide security-enhanced user authentication [14]. But it is also noticeable that, if login and password is stolen, then they can be changed, but biometric cannot be changed. Therefore, encryption of biometric information is necessary before transmission. Moreover, when information is transmitted over network, some bits are lost and few of them become corrupted. Thus, in any real time system it is necessary to include these factors for accurate analysis.

In this work, we present a twofold security system, where a password (key) is transmitted in prior by using text stenography. Then, a watermarked image (RDH) is sent that comprise of embedded image or message. Initially, watermarked image is encrypted in prior to its transmission in the network. Image can be decrypted on the receiver end to regain original image, although the recovery of hidden data will be possible only when key is given to the system send in advance. The overall problem can be formulated as

where

is protected by a cryptic algorithm with as the key, and the transmitted data as .

The secret information can be obtained using stenographic image and key

Considering that whole content is protected, namely is encrypted, to decrypt from the key will be needed. In our case is obtained from a separate channel.

Figure 1: Schematic of proposed work

4. Reversible Data Hiding In Encrypted Image

In online authentication applications, it is critical to reverse the marked media back to the original cover media after the hidden data are retrieved for some legal considerations. The marking techniques satisfying this requirement are referred to as reversible, lossless, distortion-free, or invertible data hiding techniques. Reversible data hiding facilitates immense possibility of applications to link two sets of data in such a way that the cover media can be losslessly recovered after the hidden data have been extracted out, thus providing an additional avenue of handling two different sets of data.

Reversible data hiding (RDH) in images is a technique, by which the original cover can be losslessly recovered after the embedded message is extracted [15-17].

Figure 2: Schematic of RDH encryption and decryption process

In the present paper, a novel method for RDH in encrypted images is considered for analysis.

In this method, room is empty out by embedding LSBs of a few pixels into some other pixels with a RDH method and then image is encrypted, thus the positions of these LSBs in the encrypted image can be used to embed data. The advantages of the process are as under [17]:

• Real reversibility is realized, that is, data extraction and image recovery are free of any error.

• For given embedding rates, the PSNRs of decrypted image containing the embedded data are significantly improved; and for the acceptable PSNR, the range of embedding rates is enhanced significantly.

5. OFDM Network

In figure 3, it is depicted that how image will be encrypted, transmitted over network and decrypted at the receiver. In this work, OFDM is used for the encrypted biometric transfer over the network. In digital communications, information is transmitted in the form of bits and collection of bits is known as symbol.

Figure 3: Schematic of OFDM transmission system

OFDM data are created by taking symbols in the spectral space into consideration by making use of QAM, M-PSK, etc, and making the conversion of the spectra to time domain by taking the Inverse Discrete Fourier Transform (IDFT). Due to the fact that Inverse Fast Fourier Transform (IFFT) is more effective to implement in terms of cost, it is usually used instead [18]. Once the OFDM data are modulated to time signal, all carriers transmit in parallel to fully occupy the available frequency bandwidth [19]. OFDM symbols, at the time of modulation, are generally separated into frames, so that the modulation of the data will be done frame by frame in order for the received signal be in sync with the receiver. Long symbol periods diminish the probability of having inter-symbol interference, but could not eliminate it. To make ISI nearly eliminated, a cyclic extension (or cyclic prefix) is added to each symbol period. An exact copy of a fraction of the cycle, generally 25% of the cycle, taken from the end is added to the front. This permits the demodulator to catch the symbol period with an uncertainty of up to the length of a cyclic extension and still obtain the accurate information for the whole symbol period.

Orthogonality

Controlling orthogonality of the carriers is crucial to OFDM. Over a time period, if the integral of the product of two signals is zero, then these two signals are said to be orthogonal to each other. Two sinusoids with frequencies that are integer multiples of a common frequency can satisfy this criterion. Therefore, orthogonality is defined by:

(1)

where n and m are two unequal integers; is the fundamental frequency; T is the period over which the integration is taken. For OFDM, T is one symbol period and set to to 1/T for optimal effectiveness [18].

Figure 4: Schematic of OFDM transmitter system

The procedure of a normal FFT-based OFDM system is shown by Fig. 4. Firstly, the incoming serial data is converted to parallel from serial and grouped into x bits each to form a complex number. The signal constellation of the corresponding subcarrier is determined by the number x like16 QAM or 32QAM. The inverse FFT (IFFT) modulates the complex numbers are in a baseband fashion and converts back to serial data for transmission. A guard interval is inserted between symbols to avoid intersymbol interference (ISI) caused by multipath distortion. The discrete symbols are converted to analog and low-pass filtered for RF upconversion. The receiver carries out the inverse process of the transmitter. One-tap equalizer is used to correct channel distortion. The tap-coefficients of the filter are calculated based on the channel information. At the receiver, complete process is reversed (Fig. 5).

Figure 5: Schematic of OFDM reception system

Mathematical Formulation:

Assume an OFDM system with N subcarriers, a bandwidth of Hz and a symbol length of seconds, the transmitter uses a following waveform

(2)

where and is the length of cyclic prefix in seconds. The waveforms , used in modulation and transmitted baseband signal for OFDM symbol number q, are

(3)

Figure 6: Schematic of modulator and demodulator

Where, are complex numbers from a set of signal constellation

points, { }. Combining equations (2) and(3), the actual expression for the OFDM symbol

q, { }, can be rewritten as

(4)

Ignoring the length of the cyclic prefix, { }, equation (4) reduces to the formal

expression for IFFT i.e. Ignoring the cyclic prefix,

(5)

where are carrier amplitudes associated with OFDM symbol. An

equivalent OFDM modulator can be depicted as shown in figure 6(a). When an infinite

sequence of OFDM symbols is transmitted, the output is

(6)

If the impulse response of the channel is within , then, the OFDM signal received is

(7)

where is additive, white and complex Gaussian noise.

The OFDM receiver (figure 6b) can be considered to be consisted of a filter bank, matched to the last part [ , ] of the transmitted waveform , i.e.

(8)

Effectively this means that cyclic prefix is removed. Since cyclic prefix contains all the ISI from the previous symbols, the sampled output from the receiver’s filter bank contains no ISI. The sampled output of the p’ -th matched filter in the q-th interval can be derived using equations (6) (7) and (8)

(9)

where is AWGN. The integration intervals and implies

.Consider the inner integral

(10)

Now equation (9) can be rewritten as

Since and are orthogonal to each other, the received OFDM symbol simplifies

to

(10)

The transmitted energy per subcarrier is

(11)

Here an interesting point is to be noted. The transmitted energy increases as the length of the cyclic prefix increases but the expression for received signal (equation (10)) remains the same.

6. Iris Recognition

In present days, one of the basic and important requirements of many applications is security and the person authentication. Unlike few years back, this applications is not restricted to only banking applications. It is now also used in many applications such as secure access of building etc. Biometric identification is not only emerged as an effective and valid option for traditional authentication systems like passwords and ID cards but also overcame a number of deficits of these techniques; it is now conceivable to recognize a person in the view of \\who they are” instead of \\what they possess” or \\what is remembered by them ” [20].

Recognition of Iris is a specific kind of biometric system. This system can be used very effectively to identify an individual by making analysis of the patterns possessed by the iris. Due to the uniqueness of its pattern, the reliability factor of iris as a form of identification is very high. Despite the fact that there is a genetic inuence, especially on the colour of iris, the development of iris is possible through bending of the tissue membrane and afterward degeneration (to make the opening of pupil) which brings about a random and unique iris [21].

Due to all above mentioned facts, it has emerged out to be as a very good alternative method for the efficient visual recognition of individuals in the case when imaging can be performed at distances of less than a meter. It is very useful especially at the situation when there is a requirement to discover quite large databases eliminating any false matches regardless of a great number of possibilities. Albeit small (11 mm) and in some cases problematic to image, the iris has the great mathematical advantage because of its variations in pattern among different persons is huge.

Moreover, another favourable factor with the iris is that it is quite safe from the environmental factors and stable over time being an internal organ of the eye (yet externally visible). Its image is generally insensitive as a planar object to angle of illumination, and viewing angle variations cause just affine transformations; even the nonaffine pattern distortion formed by pupillary dilation is promptly reversible. Ultimately with the factors such as the unique annular shape of the iris and the simplicity in locating the eyes in faces this feature encourage precise and reliable isolation and the formation of a size-invariant representation.

An integro-differential operator is used by Daugman in order to locate the pupil regions and circular iris in addition to the arcs of the upper and lower eyelids. The Daugman framework fits the circular contours by means of gradient ascent on the parameters in order to increase up to maximum.

(12)

Where,

where I(x,y) is the eye image, r is the radius to search for, Gσ(r) is a Gaussian smoothing function, and s is the contour of the circle given by r, x0, y0. The operator looks for the circular path where there is maximum variation in pixel values, by changing the radius and centre x and y position of the circular contour. In order to accomplish precise localisation, the operator is applied iteratively with the measure of smoothing progressively lessened. Eyelids are localised in a similar way, with the path of outline integration changed to an arc from circular.

In the similar way like Hough transform, the integro-differential also uses first derivatives of the image and carries out a search to discover geometric parameters. Due to these reasons, it seems to be a variation of the Hough transform. As it works with raw derivative information, it doesn’t experience the thresholding issues of the Hough transform.

Pattern Matching

The final job after locating the zone of an acquired image that corresponds to the iris is of making decision whether this pattern matches an iris pattern that is previously stored. This affair of pattern matching can be separated into following four sections:

1) taking the recently gained iris pattern into spatial alignment with a candidate data base entry;

2) picking a representation of the aligned iris patterns that brings their distinctive patterns obvious;

3) making the evaluation of the positive factors(goodness) of match between the recently obtained and data base representations; reaching at the conclusion whether the newly obtained data and the data base entry were originated from the same iris on the basis of the goodness of match.

Alignment: It is worthwhile to set up an exact correspondence between characteristic structures across the pair to make a comprehensive comparison between two images.

Both of the frameworks under discussion make up for scaling, rotation and image shift. Provided the systems’ capacity to help operators in precise self-positioning, these have turned out to be the key degrees of freedom that needed compensation.

Shift represents the eye offsets in the plane parallel to the camera’s sensor array. Also, scale speaks for offsets along the camera’s optical axis. Rotation represents for angular position deviation around the optical axis. Ostensibly, pupil dilation is not an important issue for the present frameworks as their steady controlled illumination should fetch the pupil of a person to the same size across trials (barring illness, etc.). Iris localization is charged for both systems with isolating an iris in a bigger gained image and thereby basically succeed in doing alignment for image shift.

Radial scaling is used by Daugman’s system to make up for overall size along with a simple pupil variation model on the basis of the linear stretching. This scaling helps to guide Cartesian image coordinates to dimensionless polar image coordinates as per mentioned below

(13)

where I(x,y) is the iris region image, (x,y) are the original Cartesian coordinates, (r,θ) are the corresponding normalised polar coordinates, and are the pupil coordinates and iris boundaries along the θ direction. where lies on and is cyclic over , while and are the coordinates of the pupillary and limbic boundaries in the direction . Rotation is compensated for by explicitly shifting an iris representation in by different amounts during matching.

The Wildes et al. system implements an image registration method, which geometrically warps a recently gained image, into alignment with a chosen database image [4]. At the time of making the selection of a mapping function for the purpose of making transformation of the original coordinates, the image intensity values of the new image are brought to be near to those of corresponding points in the reference image. We must select the mapping function with the end goal to minimise

(14)

On the process of being constrained to notice a similarity transformation of image coordinates to , that is

(15)

Representation: The different and unique spatial features of iris of humans are evident at a variety of scales. To make it clear, we can take example of recognizing structures range from the overall shape of the iris to the distribution of tiny crypts and point to point texture. It is beneficial to use a multiscale representation to capture this range of spatial detail.

Bandpass image decompositions is used by both of the iris-recognition systems that are being discussed in order to benefit themselves of multiscale information. The Daugman system uses a decomposition originated from application of a two dimensional version of Gabor filters [21] to the data of the image. Due to the reason that the Daugman system transforms to polar coordinates at the time of alignment, it is appropriate to provide the filters in a corresponding form as where and covary in inverse proportion to create an arrangement of quadrature pair frequency-selective filters with center locations determined by . These filters are especially outstanding for their capacity to accomplish great joint localization in the spatial and frequency domains.

Moreover, owing to their quadrature nature, information about local phase could be captured by these filters. Daugman’s framework compresses its representation, following the Gabor decomposition, by quantizing the local phase angle depending upon if imaginary and the real filter results are positive or negative. For a filter provided with location and bandpass parameters, a pair of bits is produced as per

(16)

(17)

Goodness of Match: Given the frameworks’ controlled image acquisitions and capacities to fetch data base entry and recently obtained data into exact alignment, a suitable match metric can be founded on direct point-wise correlations between primitives in the corresponding representations.

This matter is evaluated by the Daugman system by making the computation of the percentage of mismatched bits between a pair of iris representations, i.e., the normalized Hamming distance [30]. Letting and be two iris representations to be compared, this measure can be figured as

(18)

7. Results

For Iris recognition, CASIA Iris Image Database (CASIA-Iris) has been used. This database contains more than 3,000 users from 70 countries. First the captured iris image is encrypted using RDH process. The encrypted image is an 8-bit grayscale (256 gray levels) image with intensity varying from 0 to 255. The image data will then be converted to the symbol size (bits/symbol) determined by the choice of MPSK. The converted data will then be separated into multiple frames by the OFDM transmitter. The OFDM modulator modulates the data frame by frame. Before the exit of the transmitter, the modulated frames of time signal are cascaded together along with frame guards inserted in between as well as a pair of identical headers added to the beginning and end of the data stream. The communication channel is modeled by adding Gaussian white noise and amplitude clipping effect.

The start and end of each frame in the received signal is detected using envelope detector. The received data is then converted back to 8-bit word size to generate an output image file. The output image is decrypted using the key already received, and iris image is received and at the receiver side authentication takes place. The quality of the received image is measured in terms of PSNR. The PSNR is effecting by the embedding rates and on the quality of the received image, as some error is also introduced during network transmission.

It is defined as:

(19)

MSE = mean square error;

which is given as:

(20)

**...(download the rest of the essay above)**