Biometric based passwords or keys are useful for information security over networks with much reduced burden for legitimate users. A crucial tool needed for biometric security is the so called non-invertible continuous functions – used to transform a private biometric feature (such as a fingerprint) into a secure password. Prior designs of these functions can be inverted within a time that is a polynomial function of the dimension of the biometric feature. In other words, if some of the previously used passwords based on a common biometric feature are known, the attacker can recover the biometric feature and hence knows all future passwords based on this feature. Prior designs have also ignored the need to prevent an attacker from finding a surrogate feature that yields the same passwords as the original biometric feature.
Prof. Yingbo Hua at UCR has designed a novel, patent pending Continuous Encryption Function (CEF) that is non-invertible – non-invertible within a polynomial time. The ready to implement CEFs are all related to singular value decomposition (SVD), eigen value decomposition (EVD) or some other 3 factor factorization of a matrix consisting of random modulations of the input vector. The CEFs also enable new system level designs. The encrypted identifications can be used to securely exchange information between two users.
Bit error rates (BER) of SVD-CEF in comparison with the current best in class – index of max hashing method
The significant features and benefits of this invention are:
- The input or surrogate input of the CEF cannot be determined from its output regardless of the amount of output exposed.
- The CEF is non-invertible within polynomial time.
- No part of the CEF’s output can be predicted from other parts of its output without knowing the input.
- Relieves users of the burden of remembering long and secure passwords for their online tasks.
- The SVD-CEF is also less sensitive to noise.
Applications that could benefit from this invention are:
- Information security over the internet
- Password and biometric-based password security
- Physical layer security of wireless networks
- End-to-end cybersecurity
Name: Venkata Krishnamurty