SecurePhone : a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly IST-2002-506883Secure contracts

SecurePhone: a mobile phone

with biometric authentication and e-signature support

for dealing secure transactions on the fly

IST-2002-506883

Secure contracts signed by mobile Phone

Jacques Koreman, ISK

2Dept. of Telematics, NTNU, 07.12.2006

What is a SecurePhone?

• Mobile communications device that enables exchange of text/audio documents during a phone call to draw legally valid transactions.

• Secure communication uses e-signing in a system using front-edge technologies (wireless networking, double-key cryptography).

• Biometric recogniser enables strong authentication by comparing live biometric features with models trained on enrolment data.

• Biometric authentication grants access to built-in e-signing facilities integrated on the PDA/SIM.


Presentation Outline

• SecurePhone concept and use

• Project aim 1: secure exchange

• Project aim 2: biometric recognition– on PDA, high performance– on SIMcard, proof-of-concept

• Conclusion

• Outlook


Project aim 1: secure exchangeProject aim 1: secure exchange

Secure PKI (personal key infrastructure)

• Public key encryption technology is used for e-signature, i.e. to enforce data integrity and non-repudiation

• Standard e-signature certificates and proce-dures are used for certificate verification and management, so documents e-signed by means of the SecurePhone have the same legal validity as documents e-signed by other means.


Secure architecture• SIM card used as a tamper-proof device for storage

of private key ("strong signature" if the correspond-ing digital certificate is issued by a valid CA).

• Storage of biometric templates and matching

>on a TTP server (ToS/MoS): not implemented

>on the PDA/host (ToH/MoH): implemented

>on the SIM card (ToC/M0C): proof-of-concept

• Only ToC+MoC meets requirements on

>security

>privacy and user acceptance


User scenario

• During a phone call, two SecurePhone end users (actors) agree on drawing a distance contract.

• One actor (proposer) sends an e-contract (text/audio file) to the other actor (endorser) .

• In case of text files, the e-contract can be interactively modified and transmitted back and forth until a formal agreement on its contents is reached

• To finalize the m-transaction, the endorser e-signs and sends the e-contract as evidence of formal acceptance of the terms contained therein.

• Depending on the e-contract type, the proposer may also be requested to e-sign the e-contract.


• Local authentication unlocks cryptographic functions by accessing the private key securely stored on the SIM card

• PIN- or password-based authentication admissible yet weak unsatisfactory for security-critical applications (e-commerce, e-health, e-government)

• Local authentication strengthened in order to increase user’s trust in the system by combining

>WYK: a token only the user knows (signature)

>WYH: a token the user holds (PDA with SIMcard)

>WYA: biometric identity

Project aim 2: biometric Project aim 2: biometric verificationverification


Password are not reliable enoughPassword are not reliable enough

"Open, Sesame!"

DET curve (detection error tradeoff)

Alvin Martin et al. (1997). The DET curve in assessment of detection task

performance, www.nist.gov/speech/publications/

false acceptance rate (%)false alarm probability (%)

mis

s p

robabili

ty (

%)

fals

e r

eje

ctio

n r

ate

(%

)

EER


Fusion of multiple modalitiesFusion of multiple modalities

The Incredibles


Two types of biometrics:

• physical

• behavioural

variation! (due to repetitions, sessions, channel, background noise)

Properties of biometricsProperties of biometrics


These biometrics have a high user acceptance:

• chosen biometrics are user-friendly

• very short enrolment session

• capture does not require special hardware

• difficult to impostorise all three modalities

• biometric profile remains local, guaranteeing privacy

• processing of the biometric data also local (privacy)

Why face, voice and signature?Why face, voice and signature?


User verification procedure

Press to start/stop speaking

7 9 8 5 1

start/stop

• User requests identity verification

• PDA requests user to

•read prompt: face + voice

•sign signature

• Feature processing applied to each modality

• Comparison to biometric profiles of client and impostors

• Verification decision: accept/reject


Multi-modal biometric verificationMulti-modal biometric verification

preprocessing

modellingmodellingmodelling

preprocessingpreprocessing

face voice signature

accept release private key

reject

fusion

client & impostor joint-score models


Voice verification• Fixed 5-digits prompt – conceptually neutral,

easily extendable

• 22 KHz sampling

• Online energy based non-speech frame removal

• MFCCs with online CMS and first-order time difference features (10-ms frames)

• Features modelled by 100-Gaussian GMM, with UBM for model initialisation and score normalisation

• Training on data from 2 indoor and 2 outdoor recordings from one session, testing on similar data from another session


Face verification• Static face recognition using 10 grey-scale images

selected at random, 160x192 pixels

• Histogram equalisation and z-score normalisation of features

• Haar LL4 (or LH4) wavelet features – fast to compute (esp. compared to facial definition parameters)

• Features modelled by 4-Gaussian GMM, with UBM for model initialisation and score normalisation

• Training on data from 2 indoor and 2 outdoor recordings from one session, testing on similar data from another session


Signature verification

• Shift normalisation, but no rotation or scaling

• 2D coordinates (100 Hz) augmented by time difference features, curvature, etc. – total 19 featuresNote: no pressure or angles available, since obtained from PDA’s touch screen, not from writing pad

• Fast to compute

• Features modelled by 100 Gaussian GMM pdf – UBM used for model initialisation and score normalisation

• Training and testing on data from one session

Fusion

• For each modality S(i) = log p(Xi|C) - log p(Xi|I),

latter for casual impostors, only signatures

impostorised by experts

• Best LLR score fusion was obtained for

GMM scores modelling, i.e. modelling both

client and impostor joint score pdf’s by

diagonal covariance GMMs:

Fused-score = log p(S|C) - log p(S|I)

SHOW

DEMO

Tests on PDAtabase• Database recorded on Qtek2020 PDA for realistic

conditions (sensors, environment)

• 60 English subjects: 24 for UBM, 18 for g1, 18 for g2.Accept/reject threshold optimised on g1, then evaluated on g2, and vice versa

• Video (voice + face): 6 x 5-digit, 10-digit and phrase prompts; 2 sessions, with 2 inside and 2 outside recordings per session

• Signatures in one session, 20 expert impostorisations each

• Virtual couplings of audio-visual with signature data

• Automatic test script to test many possible configuration

• User just provides executables for feature modelling, scores generation and scores fusion


Performance on PDA

DET curves for prompts T1 (5 digits, left), T2 (10 digits, middle) and T3 (short phrases, right) in PDAtabase


Performance on PDA

Fusion results (% WER, FAR and FRR) for 3 prompt types T1 = 5 digits, T2 = 10 digits, T3 = short

phrases) in the PDAtabase, at three critical points in the DET curve

EER

R=1WER (FAR/FRR)

R=0.1WER (FAR/FRR)

R=10WER (FAR/FRR)

T1 2.392.40

(1.57/3.24)

1.87

(4.97/1.56)

1.02

(0.43/6.95)

T2 1.54 1.60

(0.89/3.32)

1.37

(3.05/1.20)

0.63

(0.25/4.37)

T3 2.30 2.37

(1.61/3.14)

2.03

(4.54/1.78)

0.92

(0.38/6.34)


Implementation constraints

• PDA main processor allows speech preprocessing in real time for 22 kHz signalsNote: signal directly from mic, therefore > 8 kHz

• Only data on the SIM card is secure, so all biometric models must be stored and processed on the SIM, which has very limited computational resources

• SIM model storage limited to 40K: text-dependent promptsNote: text-independent prompts or varied text-dependent prompts are more secure, but would require 200-400K

• Enrolment can use only one short indoor session


Performance on SIMcard• SIM processor very slow: single verification 53

min.!

• Most time goes to voice and signature processing: large #frames and models with many Gaussians.

• Drastic measures needed: global processing.

• By using means and standard deviations across all frames in the utterance/signature, the number of frames is reduced to one.

• Simpler data require few mixtures for GMM modelling

• Single verification now under 1 second, but performance for T1 is now 10.5% EER

proof-of-concept, but performance must be improved!


ConclusionConclusion

• secure: PKI with private key stored on SIM card

• dependable: multi-modal: voice, face, signature

• user-friendly: familiar, intuitive, non-intrusive

• flexible: legally binding text/audio transactions

• low-cost: no special hardware needed

• dynamic: mobile (anytime, anywhere)

Deal secure m-contracts during a mobile phone call


Outlook

• In FP7, many opportunities for security and trust projects

• Security and trust do not only depend on the communication channel

• but also on the identity of the communication partner

• for which biometric recognition can be used

If you see a role for biometric recognition in your proposal, do not hesitate to contact me!


Secure contracts signed by mobile PhoneIST-2002-506883

http://www.secure-phone.info

Please take my business card or e-mail me at [email protected]

Documents

SecurePhone : a mobile phone with biometric authentication and e-signature support for dealing secure transactions on the fly IST-2002-506883Secure contracts