90 (IJCNS) International Journal of Computer and Network Security,

Vol. 2, No. 4, April 2010

Biometrics Based File Transmission Using RSA

Cryptosystem
Mr.P.Balakumar1, Dr.R.Venkatesan2
1
Assistant Professor, Department of Computer Science and Engineering,
Selvam College of Technology, Namakkal, Tamilnadu, India.
P_balakumar@yahoo.com
2
Professor & Head, Department of Information and Technology,
PSG College of Technology, Coimbatore, Tamilnadu, India.
ramanvenkatesan@yahoo.com

voice-identification. Uniqueness in human’s biometric is a

Abstract: Biometrics gives a lot of methods in high-secure scale of the variations or differences in the biometric model
applications while using natural, user-friendly and fast among the worldwide population. The high-level degree of
authentication. Most of the implementations of Public key uniqueness produces more unique identifier. A low-level
Cryptosystems widely use the RSA algorithm. The RSA degree of uniqueness indicates a biometric pattern that is
algorithm is one of the asymmetric algorithms in which we use
two keys private and public. The efforts in this paper merge the
found commonly in the general population. The iris and
biometric concept with the asymmetric cryptography to offer the
security for the document sending process in the distributed retina have higher levels of uniqueness than hand, voice and
network. For document sending the sender encrypts the message finger printing. The nature of an application helps in
using the receiver’s public key and for decryption the receiver determining the degree of strength and uniqueness needed.
uses his private key. This system uses the fingerprints as the Living persons distinguish the biometric verification from
security-providing medium. This system is developed under forensics, which does not involve real-time recognition of a
Graphical User Interface environment which is very easy to living human being.
operate by the users. This system is developed using the Java
language so that it can be executed on any platform. The design
of this system supports both the Internet and Intranet
environments. Dynamic key generation process is the main
contribution of this work.

Keywords: Cryptography, Biometrics, RSA, DSS, KDC

1. Introduction

A biometrics system is a standard method for the identity

verification of a human being based on the personal or
physical identification of characteristics. The functions of
biometric systems are determining, measuring and
codification of the unique characteristics of individual
persons with one already recorded. In recent years there has
been rapid growth in the use of biometrics for user
authentication applications because biometric based
authentication provides several benefits over knowledge and
possession-based methods. General biometric systems
consist of the four phases. They are, data collection which
includes sensing and pre-processing, signal analysing which
includes feature extraction and template generation, storage,
and decision making with a matcher as shown in Fig. 1.
A secured biometrics system does not change widely over a
long time, but a less secure biometrics system is likely to
change with time. For example, the iris-recognition does not
change over a human’s lifetime and it is more secure than
Figure 1 General Biometric System.
Information sharing is a necessary part of our life. Hence,
security of information from mishandling is need. A
cryptography mechanism provides a set of data
transformations called encryption and decryption to send the
data in a secured manner. Encryption is applied to the
normal message i.e. the data to be translated is used to
produce the code message (encrypted data) which is apart
from original data using encryption key. Decryption uses the
decryption key to convert code message to original message
(the original data). Now, if the Encryption key and the
 (IJCNS) International Journal of Computer and Network Security, 91
decryption key are same or one can be copied from the other
then it is said to be symmetric cryptography.
There is a drawback in symmetric cryptography. That is the
sender must send the same key to the receiver through
another secured channel. The attacker can capture it and he
could find the original secret key. This type of cryptography
system can be easily broken if the key used to encryption or
decryption is known.
To overcome the drawback present in the symmetric
cryptography we moved towards Public Key Cryptography
system that was found in 1976 by Whitfield Diffie and
Martin Hellman of Stanford University [22]. It uses a set of
associated keys one for encryption and another one for
decryption. One key, which is known as the private key, is
kept top secret by the user and another one key is public key
that is distributed to all other users.
2. Security of Biometrics
Regular biometrics can help to reduce the problems related
with the existing methods of user verification. The hackers
will find the weak points in the existing system and attack
the existing system accordingly. Unlike key systems, which
are able to find the message using brute-force attack,
biometric based systems are difficult to crack. The biometric
systems need considerably more attempts to breakthrough.
Although standard encryption techniques are helpful in
many ways to avoid breach of security, there are some new
types of attacks are possible. If biometric system is used as a
supervised verification tool, there may not be problems, but
in a distant unattended application, such as web oriented, e-
commerce applications, hackers may have sufficient time to
make frequent attempts before being noticed or may even be
able to actually break the remote client [8].
2.1 Comparison to Password
Real benefits of biometric systems are that they are much
longer in size than a password or phrase key. They vary
from hundred bytes to over a megabyte. Usually the message
content of such signals is relatively high. It is almost not
possible to keep in mind a 2K password and it would take an
tediously long time to type in such a password anyhow
(particularly with no errors). Fortunately, automated
biometrics can offer the security advantages of long
passwords while still retaining the speed and simplicity of
short passwords. Still, in general smaller amount of them are
typically covered, such as dissimilarity is that there is no
“fake password” input detector equivalent to the fake
biometric.(although perhaps if the password was in some
standard dictionary it could be deemed “fake”). Additionally,
in a password or token based verification system no effort is
made to prevent replay attacks (since there is no difference
of the “signal” from one presentation to another). However,
in an automated biometric-based verification system, one can
go to the extent of checking liveliness of the input signal.
Another significant difference concerns the matching
subsystems. A password based method always provides a
crispy result. If the password matches, it grants access and
Vol. 2, No. 4, April 2010
otherwise refuses access. However the performance of a
pattern detection system in general is dependent relative on
several factors such as the quality of input and enrols data
along with the basic characteristics of the underlying
algorithm. This is typically reflected in a graded overall
match “score” between the submitted biometric and a stored
reference. In a biometrics-based system, they can purposely
set a threshold on the score to directly control the false
acceptance and false rejection rates. Inverting this, given a
good matching score the system can guarantee that the
probability of signals coming from a genuine person is
significantly high. Such a calibrated confidence measure can
be used to tackle non-repudiation support – something that
passwords cannot provide [8].
3. RSA Algorithm
The Rivest, Shamir, Adelman (RSA) scheme is a block
cipher asymmetric cryptosystem, in which the Plaintext and
ciphertext are integers between 0 and n-1 for some n. A
typical size for n is 1024 bits or 309 decimal digits. In RSA
system all the users must generate their private key
KR={d,n} and kept it in secret and store their public key
KU={e,n} in Key Distribution Centre(KDC). The sender
receives the receiver’s public key from the KDC and
encrypts the message using the receiver’s public key. The
receiver uses his private key to decrypt the coded message.
The private key is known only to the receiver himself.
3.1 Finger Prints
The finger printing biometrics is an automatic digital
version of the old ink-and-paper method used for more than
a century for recognition, mainly by law enforcement
agencies. Some samples of fingerprint images are shown in
the Figure.2. The Biometric device involves users placing
their finger on a platen for the print to be read. The minutiae
are then extracted by the vendor’s algorithm, which also
makes a fingerprint pattern analysis. Fingerprint template
sizes are typically 50 to 1,000 bytes.
The Fingerprint biometrics currently has three main
application areas: Large-scale Automated Finger Imaging
Systems (AFIS) generally used for law enforcement
purposes, fraud prevention in entitlement programs, and
physical and computer access.
Figure 2. Sample Fingerprints
3.2 Characteristics of Biometrics
Table.1 compares the seven mainstream biometrics in terms
of a lot of properties, ranging from how robust and distinct
92 (IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 4, April 2010

[10] they are to what they can be used for (i.e., identification changes or damages and distinctive because they are
or verification or verification alone). This table is an effort to randomly formed. At last dynamic signature verification and
lend a hand to reader in categorizing biometrics along keystroke dynamics are not robust or distinctive.
important dimensions. Because this industry is still
functioning to establish comprehensive standards and the 4. Problem Statement
technology is varying rapidly, however, it is difficult to make
assessments with which everyone would agree. The table Even though the RSA algorithm uses the finger printing
shows an assessment based on consideration with biometrics system to generate the public key and private key
technologists, vendors, and program managers. The table is generation there are some problems in that approach.
not proposed to be an aid to those in the market for
biometrics; rather it is a guide for the unskilled. They are:
1. Brute-force attack: The maximum size of the public key
and private key obtained by RSA algorithm is 155
Table.1 Comparison of Mainstream Biometrics digits. It can be captured by a brute force attacker using
thousands of machines and it requires three month of
Identify computation. {Ref: Journal of Telecommunications and
Biometric versus Robust Distincti Intrusive Information Technology. Volume 4/2002. Pages 08-
Verify ve
09}.
2. Increased key storage requirement: RSA key storage
Fingerprint Either Medium High Touching (private keys and public key) requires significant
amounts of memory. So, we have to store the public
Hand Verify Medium Low Touching key and private key in any equipment or in brain.{Ref:
Journal of Telecommunications and Information
Technology. Volume 4/2002. Pages 41-56}.
Facial Either Medium Medium 12+ 3. No Dynamic key generation: There is no dynamic key
inches generation in RSA algorithm. Therefore the user must
keep secretly his private key. There is a chance to lose
Voice Verify Medium Low Remote or stolen, forgotten the private key of the RSA
algorithm, hence he may lose the data.
Iris Scan Either High High 12+
inches 5. Proposed Scheme

Retinal Either High High 1–2 The architecture of the proposed scheme is shown in
inches Figure.3. The client generates the public key and sends to
the KDC. On document send process it retrieve the
Keystroke Verify Low Low Touching receiver’s public key from KDC and encode the data with
Dynamics aid of generated public key. Then it sends the encoded data
to the receiver. While viewing the document it dynamically
generates the private key which is used to decode the
When comparing ways of using biometrics, half can be used
encoded data.
for both the identification and verification, and the
remaining can only be used for authentication. In specific,
The proposed digital signature algorithm is a version of the
hand geometry has only been used for confirmation
RSA algorithm that overcomes the problems in the RSA
applications, such as physical access control and time and
system. A brute force attacker can able to hack the private
attendance verification. Adding to this, voice detection
key by using every possible combination of the key (i.e.
because of the need for staffing and matching using a pass-
Numeric key). In our system, we use alpha numeric
phrase, is used for verification only.
(combination of alphabets and numeric) keys, hence the
attacker can not able to obtained the key values easily.
There is considerable changeability in terms of robustness
and individuality. Fingerprinting is sort of robust, and, even
The second problem in the existing RSA algorithm is key
though it is distinctive, a small proportion of the population
storage requirement. In our proposed system we generate the
has unusable prints, always because of age, genetics, injury,
private key dynamically. Hence there is no need for key
career, spotlight to chemicals, or other occupational hazards.
storage requirement. The third problem in the existing
Hand/finger geometry is moderate on the distinctiveness
system is no dynamic key generation. Normally, by using
scale, but it is not very robust, while facial recognition is
RSA algorithm they have to generate their public key and
either highly robust or distinctive.
private key. Then they have to send the public key to the key
distribution centre and keep their private keys secretly with
In voice recognition, assuming the voice and not the
themselves.
pronunciation is being measured; this biometric is
moderately robust and distinctive. Iris scans are both highly
In our proposed algorithm we generate the public key using
robust because they are not highly vulnerable to routine
the finger print and send that public key to the key
 (IJCNS) International Journal of Computer and Network Security, 93
distribution centre. While encrypting the data the sender get
the public key of the receiver from the key distribution centre
and encrypt the data with that public key.
To decrypt the ciphertext the receiver requires his private
key. At that time of decryption only the receiver will be able
to know his private key. This process is called ‘Dynamic
private key generation’.
Key Update
Client
Pub Key
Generation
Document
Send Key KDC
Retrieval
Encode Send
Document
View Decode
Private Key
Generation
Display
Figure 3. Architecture of Proposed Scheme
6. Key Distribution Centre
KDC has a very significant role in the asymmetric key
cryptosystem. It receives public key values from the clients
and stores in its locale. It is the only authoritative system to
distribute the public key values to the requesting users. The
KDC application is a server application. The KDC
application has two modules. One is key management
module and another one is key distribution module. The key
management module is mainly for receiving and
maintaining the key values. On other hand the key
distribution module distribute the public key value based on
the client requests.
6.1 Key Management Process
The key management module is created to perform the key
maintenance process. It has two main tasks. They are the key
receive process and key expiry management process. The
key receive process is run as a separate thread. The KDC
listen all the key value and send a key for the client request.
For the receiving process, it needs UDP socket. It does not
make any connection with the client application. This
module maintains the entire received public key values. The
key expiry management module keeps the validity of the key
values. KDC automatically removes the key values from the
key list if the client application process is terminated. The
clients can change their key value and update. So the
existing key value is replaced from the list and the new key
value is added into the list.
6.2 Client
The client application is designed to hold the document
transfer process and the key generation process. The client
Vol. 2, No. 4, April 2010
application is divided into four modules. They are the Key
generation module, the sender module, the receiver module
and the document view module. The key generation module
generates the key from the finger print data. The sender
module is used to encode and send the document. The
receiver module receives the decoded documents that are
sent by the other clients. The document view module
maintains received documents after the decoding process the
user can view the document.
6.3 Key Generation Module
The key generation process is shown in Figure.4. This
module is to generate the public key by using the finger print
data. The input data is given as an image to the system. This
value is to create the key base value that is used to generate
the public key value.
Capture the finger print data
Dot matrix Conversion
Generate key Base
Generate public key
Send the key to KDC
Figure 4. Key Generation
The public key value in KDC is stored with its client details.
The system supports the JPEG and the GIF image formats.
The pixel matrix is constructed using image data. The key
base is generated by using the image data matrix values. The
system has been implemented as a GUI based application
developed in Java. The main menu has three options. They
are the key preparation, document list and send process. The
key generation windows receive the input for the finger print
image file. The generate button is used to initiate the key
generation process. The send button is used to start the key
transfer process. The key distribution centre is designed to
receive and maintain all the public key values. The message
sending process is used to transfer a file from one client to
other. The message file is encoded before the sending
process. All the received messages are listed in the inbox.
The user can select the file and perform the view process.
The documents are decoded before the view process. The
private key value is generated at the time of the decoding
process. The decoded documents are stored in the specified
folder
7. Testing and Implementation
Testing is the important phase in the system development
process. The system is developed as a GUI based application.
94
The system is tested before the implementation process. The
system is tested with different testing methods. They are unit
test, integration test, system test, validation test and stress
test. The system is tested with different network and
platform environments. The system uses the image scanner
to capture finger print image data. The system is tested in
the Intranet environment. In this system each and every
modules is tested separately for the unit test. For example
the RSA algorithms processes key generation, encode and
decode operations are tested with the corresponding
modules.
The Client application and the Key distribution applications
are tested separately. The integration test is performed after
all the modules are connected with the main menu. The
entire system is tested with all the operations by using a set
of finger print values. The stress test is conducted to test the
load management strength of the client application and the
key distribution centre application. Connecting multiple
clients with the KDC tests the key distribution centre stress.
In the client application sending a large file to the other
client tests the strength. The validation test is performed for
all input values. The finger print image availability is
checked before the key base generation process.
The system is developed to distribute document with security
using the biometrics. The system is tested and the results are
very good. The implementation of the system is conducted
as direct change over mechanism. The new system is directly
installed and activated into the action for usage. The system
can be implemented in any network environment. The
system supports all type of file transfer operations. The
system has developed as two applications the key
distribution centre and the client application. The key
distribution centre application is loaded into a separate
machine. The client application can be loaded into all other
client machines.
All the client application should be configured for the key
distribution centre IP address for the key updating and
request process. The system now designed to get the
fingerprints images from the image file. So the system must
be connected with an image scanner. The system can also be
connected with the fingerprint image scanner devices. The
client application and the key distribution applications can
be continuously executed to maintain the connection and
message receive process. All the messages are directly
received by the client applications. The system requires a
lesser amount of hard disk space to store the received and
decoded documents. The key distribution centre should be
connected with all the client applications. The system can be
run with one or more network environments.
7.1 Software Selection
Using Java language under windows platform develops the
simulation tool. Java supports multiple platforms, GUI
design and network operations. Using the Java language
develops the system. Image processing, cryptographic
operations, network transmissions and file processing are the
major are in the system. Java provides a variety of packages
and classes to support all these tasks. The user interface is
(IJCNS) International Journal of Computer and Network Security,
Vol. 2, No. 4, April 2010
designed with GUI support. The application is designed to
run under any platform. The finger print values are
retrieved from image files. The image file data are extracted
and converted into pixel matrix. Using the classes such as
Image, MediaTracker and PixelGrabber in Java the system
does these processing. The Image class is used to convert an
image into an object. The Media Tracker and the Pixel
Grabber classes are used to support the data extraction and
pixel conversion process. These classes are available in the
java.awt package.
Java provides a separate package JCE for the cryptography
process. But the JCE requires the Service Providers for the
implementation. In Java cryptography can be implemented
in two ways. They are using the JCE with service providers
and the other one write the code for the cryptographic
algorithms. In this work the second method is applied. The
RSA algorithm is implemented by using the java.math
package support. RSA requires high bit length data type
support. Java provides a class Big Integer to process values
in 128 bits. All RSA key generation, encoding and decoding
operations are done by using the Big Integer class.
The file process and the data transmission process are
implemented with the support of java.io and java.net
package. All the files are processed using the byte stream
classes. The data transmission tasks are done using the
TCP/IP support classes in the java.net package. The key
distribution centre application is designed using the UDP.
The client application transfers the files using the Server
Socket and Socket classes. Data gram Socket and Data gram
Packet classes are used in KDC process.
8. Conclusion
The System is developed to provide security for the file
transfer process in distributed environment. Document
transmission between the systems that are in the distributed
environment is a usual task. The same environment is also
shared by a lot of members. So the system should ensure the
security of the documents that are transferred. Different
cryptographic techniques are used to secure the data. In the
recent days, biometrics is used to recognize the users. This
work combines the biometrics and cryptography to provide
the security for the document transmission process in the
distributed environment. Generally passwords and smart
cards are used for the security systems.
The system uses the biometrics technology as the security-
providing medium. This system uses the fingerprints for the
security system. Password can be hacked by trial and error
basis. But it is not possible to break the biometrics based
security system. The system is developed as two applications.
They are the key distribution centre application and the
client application. The KDC supplies the public key values
to the required clients. The client application is designed to
handle all the data transfer and security operations.
The system uses a designed key base generation algorithm
and RSA algorithm. The system is tested with various
samples and clients. The performance of the system is very
 (IJCNS) International Journal of Computer and Network Security, 95
good. The system is tested with different type of file formats.
The result shows that the system supports all types of file
format. The system stores and distributes the public key
values for all clients in the key distribution centre. The
system does not require any key storage process for the
secret key. In this work using the fingerprint values, the
system can generate both the public key and private key.
Damages that occurred in the finger print may impact the
recovery of the documents.
In future the system can be implemented for all type of
authentication process such as capillary patterns in the
retina, hand geometry, facial characteristics, signature
dynamics, voice pattern, and timing of keystrokes. Data
compression technique can be used to reduce the content
size, process time and transmission time. In future the
system will include noise detection and filtering facility for
the input process.
References
[1] Bruce Schneier, “Applied Cryptography Protocols,
Algorithms” 2nd Edition, Wiley publication.
[2] Naughton.P and H.Schildt, “Java 2: The Complete
Reference” , McGraw-Hill,1999
[3] William Stallings, “Cryptography and Network
Security Principles and practice”, 2nd Edition,
Prentice Hall, Upper Saddle River.
[4] Anil Jain, Lin Hong, Sharath Pankanti, and Ruud
Bolle, “ An Identity Authentication System Using
Fingerprints” Department of Computer Science,
Michigan State University East Lansing.
[5] James L. Wayman, “ Biometrics Identification” ,
Communications of the ACM, February 2000.
[6] Katrin Franke, Javier Ruiz-del-Solar, Mario, “ Soft-
Biometrics: Soft-Computing for Biometric-
Applications” Dept of Pattern Recognition,
Fraunhofer IPK, Berlin, Germany.
[7] Nalini K. Ratha, Jonathan H. Connell, and Ruud
M. Bolle J, “ An Analysis of Minutiae Matching
Strength” Watson Research Center.
[8] Rowley. T, “ Silicon Fingerprint Readers: A solid
state approach to biometrics” , Proc. of the Card
Tech / Secure Tech, Orlando, Florida, May 97.
[9] Schneier.B, “ The uses and abuses of biometrics” .
Communications of the ACM, August 1999.
[10] Schneir.B, “ Security pitfalls in cryptography” ,
Proc. of Card Tech /Secure Tech, Washington D.C.,
April 98.
[11] Wong C K and Lam S S, “Digital Signatures for
flows and multicasts”, IEEE/ACM Transaction and
Networking”, August 1999.
[12] www.rand.org/publications/MR/MR1237/MR1237.
appa.pdf
[13] www.mit.bme.hu/events/minisy2003/papers/orvos.p
df
[14] http://rpmfreelancer.no
ip.com:8080/duncan21/biometrics/finger.html
[15] www.cost275.gts.tsc.uvigo.es/presentations/COST2
75_Jain.pdf
Vol. 2, No. 4, April 2010
[16] www.research.ibm.com/ecvg/pubs/sharat-
proc.pdfM. Wegmuller, J. P. von der Weid, P.
Oberson, and N. Gisin, “High resolution fiber
distributed measurements with coherent OFDR,” in
Proc. ECOC’00, 2000, paper 11.3.4, p. 109.
[17] R. E. Sorace, V. S. Reinhardt, and S. A. Vaughn,
“High-speed digital-to-RF converter,” U.S. Patent 5
668 842, Sept. 16, 1997.
[18] The IEEE website. (2002) [Online]. Available:
http://www.ieee.org/
[19] M. Shell. (2002) IEEE Transaction homepage on
CTAN. [Online]. Available:
http://www.ctan.org/tex-
archive/macros/latex/contrib/supported/IEEEtran/
[20] W.Diffie and M.Hellman.” New Directions in
Cryptography”. IEEE Transaction on Information
Theory.IT-22(1978).472-492.
Authors Profile
Mr.P.Balakumar received the B.E. and
M.E. degrees in Computer
Science and Engineering from PSG
College of Technology, Coimbatore, in
1997 and Anna University, Chennai in 2004
respectively. During 1999-2001, he worked
as Lecturer in PSG College of Technology in
Coimbatore. Later during 2003-2008, he worked as Lecturer &
Assistant Professor in AMS Engineering College, Namakkal. He
now with Selvam College of Technology, Namakkal, Tamilnadu,
India as Assistant Professor in Department of Computer Science
and Engineering.
Dr.R.Venkatesan was born in Tamilnadu,
India, in 1958. He received his B.E (Hons)
degree from Madras University in 1980. He
completed his Masters degree in Industrial
Engineering from Madras University in
1982. He obtained his second Masters
degree MS in Computer and Information
Science from University of Michigan, USA
in 1999. He was awarded with PhD from Anna University, Chennai
in 2007. He is currently Professor and Head in the
Department of Information Technology PSG College of
Technology, Coimbatore, India. His research interests are in
Simulation and Modeling, Software Engineering, Algorithm
Design, Software Process Management.