International Journal of Computer Applications (0975 – 8887)
Volume 3 – No.6, June 2010
A Method to Improve the Security Level of ATM Banking
Systems Using AES Algorithm
N.Selvaraju
Lecturer
Department of Computer
Applications
Sri Ramakrishna Institute of
Technology
Coimbatore-641010
ABSTRACT
An embedded Crypto-Biometric authentication scheme for ATM
banking systems is proposed in our paper. In this scheme,
cryptography and biometric techniques are fused together for
person authentication to ameliorate the security level. The
fingerprint template including singular points, frequency of
ridges and minutiae are stored at the central banking server when
enrollment. At the time of transaction fingerprint image is
acquired at the ATM terminal using high resolution fingerprint
scanner. The fingerprint image is enhanced and then encrypted
using 128 bit private key algorithm. The encrypted image is
transmitted to the central server via secured channel. At the
banking terminal the image is decrypted using the same key.
Based on the decrypted image, minutiae extraction and matching
are performed to verify the presented fingerprint image belongs
to the claimed user. The authentication is signed if the minutiae
matching are successful. The proposed scheme is fast and more
secure. Computer simulations and statistical analysis are
presented.
Keywords: Biometrics, Fingerprint, Verification,
Cryptography, Encryption, Decryption and Symmetric key
algorithms.
1. INTRODUCTION
Biometrics based authentication is a potential candidate to
replace password-based authentication. Among all the
biometrics, fingerprint based identification is one of the most
mature and proven technique. Cryptography provides the
necessary tools for accomplishing secure and authenticated
transactions [3]. It not only protects the data from theft or
alteration, but also can be used for user authentication. In a
conventional cryptographic system, the user authentication is
possession based. The weakness of such authentication systems
is that it cannot assure the identity of the maker of a transaction;
it can only identify the maker’s belongings (cards) or what he
remembers (passwords, PINs etc.) Automatic biometric
authentication is an emerging field to address this problem.
Fingerprint authentication is the most popular method among
biometric authentication. However, it is infeasible to encrypt
such a large volume of image using conventional cryptography
for the purpose of centralized fingerprint matching [6]. A strong
G.Sekar
Lecturer
Department of ECE
Sri Ramakrishna Institute of
Technology
Coimbatore-641010
interest in biometric authentication is to integrate encryption key
with biometrics.
The project aims at developing a novel crypto-biometric
authentication scheme in ATM banking systems. It mainly
reduces the accessing time, when compared with manual based
banking system. ATMs are now a normal part of daily life, it
explores the accessibility barriers that ATMs present to people
with a variety of disabilities, particularly examining the access
barriers experienced by the people who are blind, vision
impaired or who have reading, learning or intellectual
disabilities.
Together with the development of biometric authentication,
integrated biometrics and cryptosystems has also been addressed.
Biometric authentication in our paper is image based. For remote
biometric authentication, the images need to be encrypted before
transmitted. Chaotic map used in image encryption has been
studied [12]. The permutation of pixels, the substitution of gray
level values, and the diffusion of the discretized map can encrypt
an image effectively.
In this paper, an embedded crypto-biometric authentication
protocol is proposed. The fingerprint image acquired from the
user is encrypted in the ATM terminal for authentication. The
encrypted image is then transmitted over the secured channel to
the central banking terminal. In the banking terminal fingerprint
image is decrypted. The decrypted image is compared with the
fingerprint templates. The authentication is valid if the minutiae
matching are successful.
The organization of the paper is given as follows: Section 2 deals
with description of the new embedded crypto-biometric
authentication protocol. Section 3 provides the concepts of
Encryption and Decryption algorithms. Generation of encryption
key [4] is studied in Section 4. Simulation and evaluation of the
encryption scheme is conducted in Section5. Conclusions are
presented in Section 6.
5
 International Journal of Computer Applications (0975 – 8887)
Volume 3 – No.6, June 2010

2. EMBEDDED CRYPTO-BIOMETRIC
AUTHENTICATION PROTOCOL
Generally, there are two basic fingerprint authentication
schemes, namely the local and the centralized matching [11]. In
the central matching scheme, fingerprint image captured at the
terminal is sent to the central server via the network and then it
is matched against the minutiae template stored in the central
server.
There are three stages in the protocol namely registration, login
and authentication. In the registration phase, the fingerprints of
ATM users are enrolled and the derived fingerprint templates are
stored in the central server. The login phase is performed at an
ATM terminal equipped with a fingerprint sensor. The proposed
block schematic of embedded crypto biometric authentication
system is shown in Fig (1).
ENCRYPTION
KEY
IMAGE IMAGE
PRE-PROCESSING ENCRYPTION
Central Server
encrypted into cipher image before transmitting through the
secured channel.
Decryption is the reverse process of encryption. Fingerprint
image is recovered (plain image) by using the same key. DES,
Triple DES and AES algorithms are the commonly used
symmetric key algorithms. Shared key, less time consumption,
easy operation and secret key are the merits of symmetric key
algorithms.
3.1 AES Algorithm [13-14]
The advanced encryption standard (AES) is a replacement to
DES as the federal standard. AES has already received
widespread use because of its standard definition, high security
and freedom patent entanglements. In cryptography, the
Advanced Encryption Standard (AES) is also known as Rijndael
algorithm [13].
Unlike its predecessor DES, Rijndael is an iterated block cipher
which supports variable block length and key length. Both
lengths can be independently specified as 128, 192 or 256 bits. It
has a variable number of iterations: 10, 12 and 14 for key lengths
of 128, 192 or 256 bits respectively. In this paper, a 128 bit block
[14] and key length are assumed, although the design could be
adopted without difficulty to other block and key lengths. AES is
fast in both software and hardware, relatively easy to implement,
and requires little memory. As a new encryption standard, it is
currently being deployed on a large scale.

Fingerprint templates
Singularity Frequency Minutiae Plain text (128 bits)

YES
Rounkey (0)
IMAGE MINUTIAE ACCESS
MATCHING
DECRYPTION EXTRACTION GRANTED
Subbytes
DECRYPTION NO
ACCESS Shiftrows For i=1 to Nr-1
KEY
DENIED Mix columns

Rounkey (i)
Fig. 1 Schematic of embedded crypto biometric authentication
system.
Subbytes
In the authentication phase, the fingerprint image is then Final round
Shiftrows
encrypted and transmitted to central server via secured channel.
At the banking terminal the image is decrypted using 128 bit
private key algorithm [9]. The encrypted image is transmitted to Rounkey (Nr)
the central server via secured channel. At the banking terminal
the image is decrypted using the same key. Based on the Ciphertext (128 bits)
decrypted image, minutiae extraction and matching are
conducted to verify the presented fingerprint image belongs to (a)
the claimed user. The authentication is signed if the minutiae
matching are successful.

3.ENCRYPTION AND DECRYPTION

ALGORITHMS
Encryption is the process of converting plain image into cipher
image. Plain image in our paper is the unsecured form of
fingerprint image. By using the appropriate keys, plain image is

6
 International Journal of Computer Applications (0975 – 8887)
Volume 3 – No.6, June 2010

Ciphertext (128 bits) performed. The key consists of the remainders and a
supplementary digit that makes the sum of key equals to N. For
example, in a 256×256 gray level fingerprint image, there are
Rounkey (Nr)
five points picked up, their coordinates and pixels values are:
(32,21,240); (58,115,175); (135,174,189); (216,172,194);
Inv Subbytes
(218,221,236). After conducting mod (40) and mod (10)
Inv Shiftrows For i=1 to Nr-1 operations for the coordinates and the gray level values,
InvMix columns
respectively. The result is: (32,21,0); (18,35,5); (15,14,9);
(16,12,4);(18,21,6). The sum of above five groups numbers is
Sm=226. At last, a supplementary digit N – Sm =256-226=30 is
Rounkey (i)
the last digit of the key, where N and S m denote the size of the
image and the sum of the co-ordinates and pixel vales
Inv Subbytes
Final round
respectively. The encryption key is: {32, 21, 0, 18, 35, 5, 15,
Inv Shiftrows 14, 9, 16, 12, 4, 18, 21, 6, 30}

Rounkey (0)
Plain text (128 bits)
(b)
Fig. 2 AES algorithm (a) Encryption Structure (b) Decryption
Structure
AES [14] consists of following steps
Key Generation
Initial Round
Rounds
(i) Sub Bytes — a non-linear substitution step
where each byte is replaced with another according to a
lookup table.
(ii) Shift Rows — a transposition step where each row
of the state is shifted cyclically a certain number of
steps.
(iii) Mix Columns — a mixing operation which
operates on the columns of the state, combining the
four bytes in each column.
(iv) AddRoundKey — each byte of the state is
combined with the round key; each round key is
derived from the cipher key using a key schedule.
Final Round (no Mix Columns)
4. KEY GENERATION
Encryption keys are vital to the security of the cipher, which can
be derived in the following three methods:
4.1 Randomly chosen values of pixels and their co-ordinates
in raw image
Randomly choose 5-10 points in the raw fingerprint image. The
vertical and horizontal position of pixels, as well as the gray
level values of each point is served as key. MOD operations are
4.2 From the stable global features of fingerprint image
Some global features such as core and delta are highly stable
points in a fingerprint, which have the potential to be served as
cryptography key. Some byproduct information in the processing
of fingerprint image can be used as the encryption key. For
example, the Gabor filter bank parameters[7] are: concentric
bands is 7, the number of sectors considered in each band is 16,
each band is 20 pixels wide; there are 12 ridge between core and
delta, the charges of the core and delta point are 4.8138e-001 and
9.3928e-001, and the period at a domain is 16. Then the key
could be: {7, 16, 20, 12, 4, 8, 13, 8, 9, 39, 28, 27, 1, 16, 50, and
42}.
4.3 Pseudo random number generator based on chaotic map
[12] one can use the pseudo-random number generator
introduced in [5] to produce the key. Chaotic maps provide
excellent security and have many desired cryptographic qualities.
They are simple to implement which results in high encryption
rates. In chaos based encryption, the method for developing a
cipher consists of four steps.
 Designing the basic map
 Generalized map
 Discretized version
 Extension to three dimensions
Starting with M N image with L gray levels (for example, with
the image consisting of a black square) after performing k
iterations, we obtain M N pseudo random integers in the range
[0, L-1]. Majority of traditional random number generators
generate the next number in the sequence by following certain
deterministic rule, i.e., there is a deterministic relationship
between xi and xi 1 . The random number generator based on
three-dimensional maps is nontraditional because it does not
have this property. If more than M N random numbers are
needed, we can perform another k iteration of the chaotic map
and get another set of M N random numbers. To encrypt a
fingerprint image, three to six iterations can hide the image
perfectly where each iteration is suggested to use different key.
The quality of stream ciphering based on mixing the plaintext
with a sequence of pseudo random numbers depends on the
following factors:
The period of the pseudo random sequence [5].

7
 International Journal of Computer Applications (0975 – 8887)
Volume 3 – No.6, June 2010

Randomness properties of the generator.

It should be computationally hard to determine the key
and the seed based on the knowledge of a finite
segment of pseudo-random numbers.

The structure of permutations of the pixels suggests that the

period of the sequence is very high. This statement needs to be
quantified by an asymptotic estimate for the period. This topic is
currently under investigation. The third requirement is
equivalent to breaking the cipher using cipher text only type of
attack. As described before, the complexity of a direct key search
increases exponentially as 20.9 N 1 . The randomness properties of
the proposed random number generator were tested on a
256 256s image with 256 gray levels with the following tests for
randomness:
Uniformity of distribution test
Coupon collector’s test
Permutation test
Poker test
Serial pairs test
All five tests were satisfied by the sequence
of pseudo random numbers obtained from an encrypted image of
a black square after nine iterations. The numbers were read in a
row-by-row manner. Computer experiments done with other
scanning patterns suggest that the properties of the pseudo
random sequence do not depend on the scanning pattern.
(c) (d)
Fig. 3 Fingerprint and the encrypted image. (a) Original image;
(b) One round of iteration; (c) Two rounds of iterations; (d)
Three rounds of iterations.
5.2 Statistical and Cryptographic Strength Analysis
• Statistical analysis.
The histogram of original fingerprint image is shown in Fig.4 (a).
After 2D chaotic mapping, the pixels in fingerprint image can be
permuted, but as the encrypted fingerprint image has the same
gray level distribution and same histogram as in Fig.4 (a). As
introduced in Section 4, 3D chaotic map [11] can change the gray
level of the image greatly. After one round and three rounds of
3D substitution, the histograms are shown in Fig.4(b) and (c)
respectively, which is uniform, and has much better statistic
character, so the fingerprint image can be well hidden.

5.SIMULATION, STATISTICAL AND

STRENGTH ANALYSIS
In this section, the proposed encryption scheme is tested.
Simulation results and its evaluation are presented.
5.1 Simulations (a) (b)
The gray level fingerprint image is shown Fig.3(a). The first 3D
permutation is performed with the key {32, 21, 0, 18, 35, 5, 15,
14, 9, 16, 12, 4, 18, 21, 6, 30}. After first round of 3D
permutation, the encrypted fingerprint image is shown in
Fig.3(b). The second round permutation is performed with the
key {7, 16, 20, 12, 4, 8, 13, 8, 9, 39, 28, 27, 1, 16, 50, 42}. After
that, the image is shown in Fig.3(c). The third round permutation
is finished with a key {1, 23, 8, 19, 32, 3, 25, 12, 75, 31, 4, 10, (c)
14, 5, 25, 13}. After this, the image is shown in Fig.3(d), which Fig. 4 Histograms of fingerprint image and the encrypted image.
is random looking. (a) Original fingerprint image; (b) One round of 3D iteration; (c)
Three rounds of 3D iterations.
• Strength analysis.
The cipher technique is secure with respect to a known plaintext
type of attack. With the diffusion methodology, the encryption
technique is safe to cipher text type of attack. As the scheme
proposed in this paper use different keys in different rounds of
iterations, and the length is not constrained, it can be chosen
according to the developer’s need.

(a) (b)

8
 International Journal of Computer Applications (0975 – 8887)
6. CONCLUSION
An embedded Crypto-Biometric authentication scheme for ATM
banking systems has been proposed. The claimed user’s
fingerprint is required during a transaction. The fingerprint
image is encrypted via 3D chaotic map as soon as it is captured,
and then transmitted to the central server using symmetric key
algorithm [14]. The encryption keys are extracted from the
random pixel distribution in a raw image of fingerprint, some
stable global features of fingerprint and/or from pseudo random
number generator. Different rounds of iterations use different
keys.
At the banking terminal the image is decrypted using the same
key. Based on the decrypted image, minutiae extraction
and matching are performed to verify the presented
fingerprint image belongs to the claimed user. Future
work will focus on the study of stable features (as part
of encryption key) of fingerprint image, which may
help to set up a fingerprint matching dictionary so that
to narrow down the workload of fingerprint matching
in a large database.
REFERENCES
[1] F.Han, J.Hu, X.Yu, Feng, Zhou: A novel hybrid crypto-
biometric authentication scheme for ATM based
banking applications, Springer-Verlag Berlin
Heidelberg, (2005) 675-681.
[2] F.Han, J.Hu, X.Yu, Feng, Zhou: A New Way of
Generating Grid-Scroll Chaos and its Application to
Biometric Authentication, IEEE, (2005) 61-66.
[3] U.Uludag, S.Pankanti, S.Prabhakar andA. K.Jain,
―Biometric cryptosystems: Issue and challenges,‖
Proceedings of the IEEE, vol.92, no.6, 2004, pp.948-
960.
[4] S. Hoque, M. Fairhurst, G. Howells and F. Deravi,
―Feasibility of generating biometric encryption keys,‖
Electronics Letters, vol. 41, no.6, 2005, pp.29-30.
Volume 3 – No.6, June 2010
[5] Fridrich, J.: Symmetric Ciphers Based on two-
dimensional chaotic maps, Int. J. Bifurcation and
Chaos, 8 (1998) 1259-1284
[6] Zhou, J., Gu, J.: A model-based method for the
computation of fingerprints’ orientation field, IEEE
Trans. on Image Processing, 13 (2004) 821-835
[7] Jain, A.K., Prabhakar, S., Hong, L., Pankanti,
S.:Filterbank-based fingerprint matching, IEEE Trans.
on Image Processing, 9 (2000) 846-859
[8] Jain, A.K., Prabhakar S., Hong, L.: A multichannel
approach to fingerprint classification, IEEE Trans. on
Pattern Anal. Machine Intell., 21 (1999) 348-359
[9] Chen, G., Mao, Y., Chui, C.: A symmetric encryption
scheme based on 3D chaotic cat map, Chaos, Solitons
& Fractals, 21 (2004) 749-761
[10] Uludag, U., Ross, A., Jain, A.K.: Biometric template
selection and update: a case study in fingerprints,
Pattern Recognit., 37 (2004) 1533-1542
[11] Kocarev, L. Jakimoski, G., Stojanovski T., Parlitz, U.:
From chaotic maps to encryption schemes, Proc. IEEE
Sym. Circuits and Syst., 514-517, Monterey,
California, June (1998)
[12] Ratha, N.K, Karu, K. Chen, S., Jain, A.K.: A real-time
matching system for large fingerprint databases, IEEE
Trans. on Pattern Anal. Machine Intell., 18 (1996) 799-
813
[13] J. Daemen, V. Rijmen, ``the Block Cipher Rijndael,''
Smart Card Research and Applications, LNCS 1820, J.-
J. Quisquater and B. Schneier, Eds., Springer-Verlag,
2000, pp. 277-284.
[14] J. Daemen and V. Rijmen, ``Rijndael, the advanced
encryption standard,'' Dr. Dobb's Journal, Vol.~26,
No.~3, March 2001, pp.~137--139.