Academic paper: An Enhanced Authenticated Key Agreement Protocol ...

An Enhanced Authenticated Key Agreement Protocol with a Neural Network-based Model for Joining-Phase in Mobile Environments Pierre E. ABI-CHAR, Bachar EL-HASSAN, Abdallah MHAMED International Journal of Engineering and Industries Volume 2, Number 2, June 2011

An Enhanced Authenticated Key Agreement Protocol with a Neural Network-based Model for Joining-Phase in Mobile Environments Pierre E. ABI-CHAR1, Bachar EL-HASSAN2, Abdallah MHAMED3 Faculty of Applied Sciences, American University of Technology, Halat, Lebanon; 2Faculty of Engineering, LASTRE, Lebanese University, Tripoli, Lebanon; 3GET-Institut National des Telecommunications. 1 [email protected]; [email protected]; [email protected] 1

doi : 10.4156/ijei.vol2.issue2.11

Abstract Providing secure communication for mobile environment is very important. In such environments, it is envisaged that users (through one of their mobile devices and via some network access technologies) should be able to seamlessly discover, select, and access a rich offering of services from a range of service providers. Password-based and ID-based authentication schemes are widely used but they still have potential threats that the passwords and verification table may be read, or altered by intruder. Moreover, the user’s privacy is not achieved especially if a principal’s privacy is to be protected. On the other side, Neural Network has been attracting more and more researchers since the past decades. The properties such as parameter sensitivity, random similarity, learning ability, etc., make it very suitable for information protection and privacy preserving. In this paper we present a Neural based secure joining phase with a biometric based Authenticated Key Agreement (NB-EC-SAKA). Our proposed protocol provides privacy, biometric-based secure mutual authentication, key establishment and key confirmation over an untrusted network. Our protocol is a based on EC-SAKA protocol [16], on Elliptic Curve Cryptography, and on EC-digital signature. The new proposal relies on [16] to achieve many of the required security and performance properties including dictionary attacks, ManIn-The middle attack, perfect forward secrecy which protects past sessions and passwords against future compromise, etc. This paper presents a review on the biometric authentication and neural networks techniques and presents a new scheme where user’s security and privacy are preserved. The purpose of our scheme is to ensure that the rendered services are accessed only by a legitimate user and not anyone else and while privacy is preserved.

Keywords: Neural Networks, Security, Privacy, Authentication, Biometric, Elliptic Curve, Digital Signature

1. Introduction Information security is concerned with three main parameters including: confidentiality, integrity and availability of information in all forms. Biometric authentication has grown in popularity as a way to provide personal identification. Biometric Authentication works on some human characteristics such as finger print, voice, pattern of lines in the iris of eye or face. Biometric is used to identify the identity of an input sample when compared to a template, used in cases to identify specific people by certain characteristics. Key establishment refers to the situation where network users employ an inter-active protocol to construct a shared secret key called session key. This session key can then be used to achieve some cryptographic goal such as confidential communication channel between entities or data integrity. A key agreement protocol is said to provide implicit key authentication if entity A is assured that no other entity aside from a specifically identified second entity B can possibly learn the value of a particular secret key. A key agreement protocol which provides implicit key authentication to both entities is called an authenticated key agreement protocol. If both implicit key authentication and key confirmation are provided, then the key establishment protocol is said to provide explicit key authentication. A key agreement protocol which provides explicit key authentication to both entities is called an authenticated key agreement with key confirmation [1]. The security of Elliptic Curve

- 103 -


cryptography relies on the discrete logarithm problem over the points on an elliptic curve. The best known methods to solve the Elliptic Curve Discrete Logarithm Problem (ECDLP) are Pollard approach and Pohlig-Hellman method. They are fully exponential while the best known methods to solve the Integer Factorization Problem (IFP) and the Discrete Logarithm Problem (DLP), on which most of the non-ECC cryptosystems rely, are sub-exponential. In fact, ECC can significantly reduce the computation and storage overhead. Neural network is used to refer to biological neural network. The biological neural network is a network of biological neurons, which is in relation with nervous system. The artificial neural network is composed of artificial neurons, which is the simulation of biological neural network. According to the learning ability, artificial neural network has been used in artificial intelligence [2]. Additionally, neural network can be used to model non-linear statistical data, which can model complex relationships between inputs and outputs. Sometimes, it can generate chaos phenomenon [3]. According to this property, it has complex dynamic action, which can be used to protect data content. For example, the random sequence produced by neural network can be used to encrypt data [4], and the neural networks that generate chaos phenomenon can be used in secret communication [5]. The rest of the paper is arranged as follows. In Section 2, most relevant properties for key agreement protocol are presented. Some techniques based on biometric authentication are given in sections 3 and 4. In Section 5, some open issues in neural network based content protection are presented. Section 6 presents some of the related proposed work. In Section 7, a biometric authentication scheme based on neural network is proposed. And finally, section 8 concludes the paper with future work.

2. Desirable Properties for key Agreement Protocol A number of desirable properties for key agreement protocols have been identified and nowadays most of the protocols are analyzed using these properties which are described below: -Known-key security: Each run of a key agreement protocol between two entities A and B should produce a unique shared secret key called session key Ks. A protocol should still achieve its goal in the face of an adversary who has learned some other session key. -Perfect forward secrecy: If long-term private keys of one or more entities are compromised, the secrecy of previous session keys established by honest entities is not affected. -Key-compromise impersonation: Suppose that A's long-term private key is disclosed. Clearly an adversary that knows this value can now impersonate A, since it is precisely this value that identifies A. However, it may be desirable that this loss does not enable an adversary to impersonate other entities to A. In addition, Identification protocols should have other properties which are related to performance. Because round trips and large blocks are critical factors in terms of communication load and because exponentiations and random numbers are to be critical factors in terms of computation load, such properties are listed below: -Computational efficiency: this includes the number of operations required to execute a protocol. In order to achieve this property, the protocol should have the minimum number of operation as possible. -Communication efficiency: This includes the number of passes (message exchanges) and the bandwidth required (total number of bits transmitted).

3. Biometric Authentication Biometrics (ancient Greek: bios ="life", metron ="measure") refers to two very different fields of study and application. The first, which is the older and is used in biological studies, including forestry, is the collection, synthesis, analysis and management of quantitative data on biological communities such as forests. Biometrics in reference to biological sciences has been studied and applied for several generations and is somewhat simply viewed as "biological statistics" [6].

- 104 -


European explorer Joao de Barros recorded the first known example of fingerprinting, which is a form of biometrics, in China during the 14th century. Chinese merchants used ink to take children's fingerprints for identification purposes. In 1890, Alphonse Bertillon studied body mechanics and measurements to help in identifying criminals. The police used his method, the Bertillonage method, until it falsely identified some subjects. The Bertillonage method was quickly abandoned in favor of fingerprinting, brought back into use by Richard Edward Henry of Scotland Yard. Karl Pearson, an applied mathematician studied biometric research early in the 20th century at University College of London. He made important discoveries in the field of biometrics through studying statistical history and correlation, which he applied to animal evolution. His historical work included the method of moments, the Pearson system of curves, correlation and the chi-squared test. In the 1960s and '70s, signature biometric authentication procedures were developed, but the biometric field remained fixed until the military and security agencies researched and developed biometric technology beyond fingerprinting. Biometrics authentication is a growing and controversial field in which civil liberties groups express concern over privacy and identity issues. Today, biometric laws and regulations are in process and biometric industry standards are being tested. Face recognition biometrics has not reached the prevalent level of fingerprinting, but with constant technological pushes and with the threat of terrorism, researchers and biometric developers will stimulate this security technology for the twenty-first century.

4. Techniques for Biometric Authentication A biometric system can provide two functions. One of which is verification and the other one is Authentication. Techniques for biometric authentication have been developed based on these characteristics. According to [6], we have seven techniques for biometric authentication process. Details of different techniques [6] are briefly discussed below:

Finger Print Technology: A fingerprint is an impression of the friction ridges of all or any part of the finger. These ridges are sometimes known as "dermal ridges" or "dermal ". Now in modern approach, live finger print readers are used. These are based on optical, thermal, silicon or ultrasonic principles [7, 8, and 9]. Optical finger print reader is the most common at present. Finger print matching techniques can be placed into two categories. One of them is Minutiae based and the other one is Correlation based. Minutiae based techniques find the minutiae points first and then map their relation placement on the finger. Face Recognition Technology: a facial recognition technique is an application of computer for automatically identifying or verifying a person from a digital image or a video frame from a video source. It is the most natural means of biometric identification [10]. IRIS Technology: This recognition method uses the iris of the eye which is colored area that surrounds the pupil. Iris patterns are obtained through video based image acquisition system. Hand Geometry Technology: IT is based on the fact that nearly every person’s hand is shaped differently and that the shape of a person’s hand does not change after certain age. These techniques include the estimation of length, width, thickness and surface area of the hand. Retina Geometry Technology: It is based on the blood vessel pattern in the retina of the eye as the blood vessels at the back of the eye have a unique pattern, from eye to eye and person to person. Speaker Recognition Technique: Voice recognition is mainly based on the study of the way a person speaks, commonly classified as behavioral. Speaker verification focuses on the vocal characteristics that produce speech and not on the sound or the pronunciation of speech itself. Signature Verification Technique: The signature dynamics recognition is based on the dynamics of making the signature, rather than a direct comparison of the signature itself afterwards. The dynamics is measured as a means of the pressure, direction, acceleration and the length of the strokes, dynamics number of strokes and their duration.

- 105 -


5. Neural Network’s Properties Neural network has several properties [6] including learning ability, one-way property, random similarity and parameter sensitivity. Neural network has the possibility of learning. Given a specific task to solve and a class of functions, neural network can use a set of observations to solve the task in an optimal sense. This property can be used to detect the intruders that enter a secret system without permission. According to the learning ability, neural network has been used in intrusion detection [7]. Intrusion detection is an important technology in network security, which can detect illegal intruders or illegal intrusions. Using neural network's supervised learning, the intrusive operations can be distinguished from normal operations [8]. Furthermore, if some classification information is provided before hand, the intrusive operations can even be classified [15]. The unsupervised learning and reinforcement learning can be used to detect new intrusive operations automatically. The one-way property makes neural network a suitable choice for hash function [11, and 12]. Hash function is a technique for data integrity authentication, which takes a message of arbitrary length as input and produces an output of fixed length. The hash value is often much shorter than the message, which makes it suitable for digital signature or data authentication. As a hash function, it should be easy to compute the hash value from the message, while difficult to compute the message from the hash value. This property is called one-way property. According to this case, neural network may be used to design hash function. Till now, some hash functions based on neural network have been presented [17, and 18], which were reported to have some advantages compared with existing schemes, such as high time-efficiency or flexible extension. For example, in [17], a hash function based on multi-layer neural network is presented which produces the hash value with the message as input. According to the properties of random similarity and parameter sensitivity, neural network has been used in data encryption [13]. Data encryption is the technology that converts a message into unintelligible form under the control of the key. Till now, two kinds of encryption algorithms have been reported, i.e., stream cipher and block cipher. Stream cipher uses neural network to generate a pseudorandom sequence that modulates a message and uses the parameter as the key. Block cipher makes use of neural networks’ properties to encrypt a message block by block. In this cipher, the initial value or control parameter acts as the key.

6. Related Work A lot of research has been carried out in the field of establishing an authentication scheme based on biometric features obtained from individual user. Other research has been carried out to establish an authentication scheme based on password. However, few research has been focused on establishing authentication scheme based on biometric features, password and neural network simultaneously. In this section, we will discuss some related proposed work. Ronald in [19] put an alternate approach for password in network security using biometrics. However, password are routinely stolen, forgotten, shared, or intercepted by hackers. Moreover, the verification table still has some shortcomings. An intruder is still able to append a forged pattern or replace someone encrypted password. In [20], Lin presents a neural network based authentication scheme. In this approach, a neural network is trained with back-propagation algorithm to store the user IDs and the corresponding encrypted password. This scheme offers more security compared to previous schemes, but still has minor weaknesses. The training time of its neural network is very long and the scheme is not based on biometric features where the password in use will be stolen, forgotten, or intercepted by hackers. In [21, 22], authors solve the training time of the neural network in [20] by introducing the Radial Basis Function and the Resilient Back-propagation algorithm consecutively, but still have a minor weaknesses. Their protocols are still based on passwords where they can be stolen, forgotten, or intercepted by hackers.

- 106 -


7. Neural-Based Biometric Approach In [16], ABI-CHAR et al. introduce a secure authenticated key agreement protocol based on elliptic curve cryptography that provides mutual authentication and explicit key establishment. Their proposed protocol applies the ECDSA to the SKA protocol to enhance the safely level and to simplify the computational and communications load. This scheme offers more security compared to previous schemes, but still has two minor weaknesses. The proposed scheme is based on users’ password, where any password in use could be stolen, forgotten, or intercepted by hackers. Moreover, the proposed protocol [16] does not provide users’ privacy during joining phase. In the following, we will briefly describe the work done in [16], and we will present the needed adjustment to enhance the proposed protocol. The enhancement is based on the use of Neural Network and Biometric technologies. In the following section, we describe the EC-SAKA protocol in which two entities are both proving their identities to each other and establish a common session key in order to elaborate a secure connection. Alice and Bob represent a client and a server respectively. In addition, we will present EC-SAKA protocol’s security analysis and performance evaluation.

7.1. Description of the Proposed Protocol Before running the authentication procedure, the client, Alice, select an elliptic curve E(Zp) defined on Zp. Alice chooses a random point over the elliptic curve called P with order n. n is a large prime number. In addition, Alice chooses a password pw, computes x=h(pw) and calculates Q where Q = x.P. Finally, Alice generates strong number p and q where p = 2.q +1. Once the following parameters (E, Q, P, p, q, pw) are generated, Alice transfers the (E, Q, P, n) to the server (Bob) in a secure way. Once this step is done, the authentication and session key generation procedures will be executed as follow: Within the first flow: Bob chooses a random challenge b, where 1 ≤ b ≤ n-1, then he calculates the point B where B = b.P + Q. Finally he sends B to Alice. Within the second flow: Alice chooses a random challenge a, where 1 ≤ a ≤ n-1, then computes A where A = a.P = (xA, yA) and calculates α where α = a(B - Q) and K = Q+α. In addition, Alice calculates r = xAmod(n) and computes i = a-1(h(α) + x.r)mod(n). Finally (A, i) becomes the signatures pair and Alice transfers A and i to the server. Within the third flow: Bob computes β = b.A. Computes K = Q+β, computes w = i-1mod(n) and calculates u1 = (h(β).w)mod(n) and u2 = (xA.w)mod(n). In addition, Bob calculates u1.P + u2.Q = (xo, yo) and calculates v = xomod(n). Bob checks if (v == xo), so Bob authenticates Alice and Bob can be confirmed that Alice has actually established the same shared session key. Then Bob computes: \be YB = h(β) and finally he sends YB to Alice. In order to authenticate Bob, Alice will compute: YA = h(α) and then Alice will verify the value of YA by checking that (YA == YB), if so, if they match, then Alice authenticates Bob and Alice can be confirmed that Bob has actually established the same shared session key with her. Finally, Alice and Bob agree on the common session key Ks where Ks = h(ID(Alice)||ID(Bob)||K). Both sides will agree on the session Key Ks if all steps are executed correctly. Once the protocol run completes successfully, both parties may use Ks to encrypt subsequent session traffic in order to create a confidential communication channel. 7.1.1. Security Analysis Computation cost and communication costs are the most important aspects of password authentication protocols which affect the overall performance. They include number of steps, exponentiations, large blocks, symmetric encryption and decryption, hash functions and random numbers. In this section, we compare the EC-SAKA protocol with the following protocols: LeakageResilient Authenticated Key Exchange (LR-AKE) protocol, Simple Key Agreement (SKA) protocol,

- 107 -


Secure Remote Password (SRP) protocol, EC-SRP, Simple Password Exponential Key Exchange (BSPEKE) protocol, Password-Authenticated Key Exchange (PAK-X and PAK-RY) protocols and Authentication Memorable Password (AMP) protocol. The comparison is done in terms of number of steps, random numbers, exponentiations and hash functions. Table 1 shows the compared result for number of steps and exponentiation. Table 2 shows the compared result for random and hash functions numbers. It is clear from Table 1 that the EC-SAKA protocol has the minimal cost in terms of number of steps and exponentiations compared with other protocols. We can easily notice that B-SPEKE, SRP, AKEECC and AMP require 4 rounds while PAK-RY, PAK-X, SKA, LR-AKE and EC-SAKA require 3 rounds. In addition, the computational load was clearly improved using EC-SAKA protocol because, as noted in table 1, EC-SAKA requires two exponentiations, one for the client and one for the server, while the other protocols, including SKA, LR-AKE, AKEECC and EC-SRP require at least 4 exponentiations. Table 1. Comparison of Performance -1Protocol

Rounds

Clients

Exponentiations Server

Total

B-SPEKE SRP AMP PAK-RY PAK-X SKA LR-AKE AKEECC EC-SRP

4 4 4 3 3 3 3 4 3

3 3 2 5 5 2 3 2 2

4 3 3 4 4 3 2 2 2

7 6 5 9 9 5 5 4 4

EC-SAKE

3

1

1

2

Table 2. Comparison of Performance -2Protocol

Random N.

Hash Function N.

SRP AMP PAK-RY PAK-X SKA LR-AKE AKEECC EC-SRP

2 2 3 3 2 2/4 2 3

6 9 8 10 7 6 6 5

EC-SAKE

2

5

From Table 2, we can easily notice that the EC-SAKA protocol requires 2 random numbers and 5 hash functions while all the other protocols require more. In addition, for the EC-SRP and AKEECC protocols, we can easily notice that our protocol is better than these two protocols in terms of hash functions numbers. For the EC-SRP protocol, EC-SRP protocol was proposed for a one way authentication while our proposed protocol, EC-SAKA, provides mutual authentication. 7.1.2. Performance Evaluation The EC-SAKA protocol is considered to be a secure authenticated key establishment protocol, if it satisfies the following properties:

- 108 -


Passive attack: Suppose that Oscar the attacker perform a passive attack, and then the session will terminate with both parties accepting. That is, Bob and Alice successfully identify themselves to each other, and they both compute the session key. So, Oscar, the adversary, cannot compute any information about the common shared session key Ks by assuming the intractability of the elliptic curve discrete algorithms problem. Therefore the EC-SAKA protocol resists against the passive attack. Man in the middle attack (or active attack): Suppose that an attacker, Oscar, intercepts B and replaces it with B', Oscar then receives A and i from Alice. He would like to replace i by i', as before. However, this means that he must calculates α where α = a.(B'-Q) but unfortunately for Oscar, he cannot compute the value of α because he does not know the value of Q neither the value of a. So, Oscar will not be able to compute K neither Ks. Therefore the EC-SAKA protocol thwarts the man inthe-middle attack. Dictionary attack: In dictionary attack, the attacker finds the real password by repeating a process of guessing the password of legal client and applying the passwords. The dictionary could be performed in offline or online mode. In our proposed protocol, it is impossible to get the real password since a one way hash function is applied to the password and during the protocol process, the shared Key K used in the calculation of Ks is calculated from b and a which are generated every new session; and by assuming the intractability of elliptic curve discrete logarithm problem Therefore the EC-SAKA protocol thwarts the offline and online dictionary attack. Known-key attack: In this attack, an adversary will capture the session key from an eavesdropped session. In our proposed protocol, the client and the server both generates new b and a every new session, and in addition the shared key K is generated with every new session also. Thus our proposed protocol is secure against known key attacks assuming that the elliptic discrete problem is intractable. Perfect forward secrecy: The perfect forward secrecy is that an exposed password does not enable an attacker to derive session keys of past communication sessions. In our protocol, the security of perfect forward secrecy is based upon the assumption that the elliptic curve discrete problem is intractable and on the value of the key K. Even if the attacker knew the correct password, the attacker still cannot compute the previous session keys because Ks is derived from the shared key K which is generated from the value of a and b. Therefore, the EC-SAKA protocol satisfies the property of perfect forward secrecy. Resilience to server compromised: if the host's password file is compromised, an adversary cannot use it to impersonate legitimate user since the server does not store the file of the password, instead the value of Q (Q = x.P) is stored. Thus, Oscar has to solve the elliptic curve discrete logarithm problem in order to retrieve the value of password. The EC-SAKA protocol provides resilience to server compromise.

7.2. The Neural-Based Biometric Process As discussed earlier, the main requirements for enhancing the authentication system [16] are users’ privacy during users’ dynamic discovery, and biometric based authentication. These two objectives can be fulfilled by means of applying neural network and biometric features. The purpose of the joining phase is to automatically support users’ access during the dynamic discovery through a provision process. In [16], Alice chooses a password pw, computes x=h(pw) and calculates Q where Q = x.P. However, our new proposal is based on fingerprint techniques and on a neural network algorithm (trainer). Alice will use her/his fingerprint minutia template to calculate x with x = h(Encoded-FPM). By using the fingerprint techniques, our new proposed protocol will be based on biometric techniques and thus eliminating the use of passwords. Our new architecture contains a server (Database) where a neural network process is used to train the minutia template of the user’s finger print with his/her username (ID). Users will communicate with this database server in order to gain access during the joining phase. We assume that the calculation for the user’s fingerprint minutia template (FPM) is already done. Therefore, the FPM will be calculated and sent to the server with his/her ID for the neural training process. Finally, our proposed architecture involves three phases: Registration Phase, Joining Phase and authentication phase. The authentication phase will be applied after users gain access through the joining phase. For the authentication phase, we will be adopting the

- 109 -


protocol described in [16] with one modification concerning the use of biometric FPM technique instead of passwords. In the following, we will be discussing each of these first two phases. Registration-Phase: In this phase, the system server (Database) obtains the training patterns (username/ID and EncodedFPM) to train the neural network. Each user chooses its proper username/ID and then its Encoded-FPM will be calculated. The system administrator will use these training patterns for training the network. The neural network algorithm is used to train, generate and memorize the required weights for the system structure. After the training process is done, the system administrator will store the weights in the system database. The training pattern consisting of ((hashed username)XOR(Encoded-FPM)) are used as the input of the neural network, and the corresponding hashed Encoded-FPM are used as the desired output of the neural network. Joining Phase: During the Joining Phase, the server will train the neural network algorithm to allow users’ gain access. After the server (Neural based database) receives the user hash ID and the encoded FPM, The joining process is described as follow:  Whenever, the combination ((H(ID))XOR(H(E-FPM))) is received, the server (database) produce an output (output1) through the trained neural network algorithm. The Radial Basis Function or the Resilient Back-propagation algorithm will be used to reduce training time [14, 21].  The server will search his database for an output (Output2) similar to (Output1):  If an output2 similar to output1 was found, the user will be allowed to gain access during the joining phase. Moreover, the corresponding value Q [16] will be retrieved and the Biometric based scheme will take place to provide authenticated key agreement communication between the user and the server.  Otherwise, the user will be rejected. The following scheme (Figure 1) represents the process to be done by the authentication phase. Neural Network Training Process

((H(ID))XOR(H(E-FPM)))

Server Database For H(E-FPM)

Check?

User Accepted

User Rejected

Figure 1.

8. Conclusion and Future Work In this paper, properties and related work in neural network are firstly introduced. Then a neural based joining phase approach is proposed which provides users’ privacy and biometric based authentication. Our protocol has several advantages over other previous work. First, our protocol will be using the biometric fingerprint techniques instead of using a password, thus reducing the risk of using normal passwords which can be stolen, forgotten, or intercepted by hackers. Moreover, our architecture will provide users’ privacy for users carrying mobile embedded devices. This privacy is

- 110 -


achieved by using neural network trainer algorithm. For the simulation phase, we are using the neural network algorithms used by [14, 21, 22] and we are using MATLAB software with a database of more than 100 users. As future work, a new neural network algorithm needs to be developed in order to reduce training time. Moreover, we will propose a trust model based on user past and present behavior. The aim of this trust model is to enable entities to establish a trust level before the authentication phase will take place.

9. References [1] Alfred Menezes, Paul Oorschot, and Scott Vanstone, “Handbook of Applied Cryptography”, CRC Press, 2nd edition, 1996. [2] James Bezdek, “On the Relationship between Neural Networks, Pattern Recognition and Intelligence”, International Journal of Approximate Reasoning, Vol. 6, No. 2, pp. 85-107, 1992 [3] Gabriele Manganaro, Paolo Arena, Luigi Fortuna, “Cellular Neural Networks: Chaos, Complexity and VLSI Processing”, in the Proceeding of the Springer Series in Advanced Microelectronics, 1999. [4] Toru Ohira, “Neural network model with delay toward encryption”, in the Proceedings of the IEEEINNS ENNS International Joint Conference on Neural Networks (IJCNN), Vol.5, pp. 417-421, 2000. [5] Tao Yang, Lin-Bao Yang, and Chun-Mei Yang, “Application of neural networks to unmasking chaotic secure communication”, Journals of PHYSICAD 124 (1-3): 248-257 DEC 1 1998. Tern Recognition, Vol. 32, No. 4, pp. 691-702, April 1999. [6]Bhattacharyya Debnath, Ranjan Rahul, Alisherov Farkhod, Choi Minkyu, “Biometric Authentication: A review”, in Proceeding of the international journal of U- and E-Services, Sciences and Technology, vol. 2, No. 3, September, 2009. [7] Arun Ross, Sharath Dass, and Anil Jain, “A deformable model for fingerprint matching”, Journal of Pattern Recognition, Elsevier, Volume 38, No. 1, pp. 95–103, Jan. 2005. [8] Tsutomu Matsumoto, Hiroyuki Hoshino, Koji Yamada, and Satochi Hasino, “Impact of artificial gummy fingers on fingerprint systems”, In Proc. of SPIE, Volume 4677, pp. 275–289, Feb. 2002. [9] Anil Jain, Arun Ross, and Sharath Pankanti, “Biometric: A Tool for Information Security”, IEEE Trans. Information Forensics and Security, Volume 1, No. 2, pp. 125–144, Jun. 2006. [10] MA Dabbah, WL Woo, and SS Dlay, "Secure Authentication for Face Recognition," In Proc. of IEEE Symposium on Computational Intelligence in Image and Signal Processing, USA, pp. 121 – 126, Apr. 2007. [11] Alfred Weaver, “Biometric Authentication”, IEEE Computer Society, Volume 39, No. 2, pp. 9697, Feb. 2006. [12] Chih-Lung Lin and Kuo-Chin Fan, “Biometric Verification Using Thermal Images of Palm-Dorsa Vein Patterns”, IEEE Transactions on Circuits and systems for Video Technology Volume 14, No. 2, pp. 191- 213, Feb. 2004. [13] Ajay Kumar, David Wong, Helen Shen and Anil Jain, “Personal Verification using Palmprint and Hand Geometry Biometric”, In Proc. of 4th International Conference on Audio- and Video-based Biometric Person Authentication, Guildford, UK, pp. 668 – 678, Jun. 2003. [14] Byoung-Ho Song, Kyoung-Woo Park, Tae-Yeun Kim, "U-health Expert System with Statistical Neural Network", AISS, Vol. 3, No. 1, pp. 54 ~ 61, 2011. [15] Ling Hong and Anil Jain, “Integrating faces and fingerprints for personal identification”, IEEE Transaction on Pattern Analysis and Machine Intelligence, Volume 20, No. 12, pp. 1295–1307, Dec. 1998. [16] Pierre ABI-CHAR, Abdallah Mhamed, Bachar EL-Hassan, “A Secure Authenticated Key Agreement Protocol Based on Elliptic Curve Cryptography”, in Proc. of the Third International Symposium on Information Assurance and Security IAS2007, Manchester, United Kingdom, IEEE Computer Society Press, 29-31, pp. 89-94, August 2007. [17] Arun Ross and Rohin Govindarajan, “Feature level fusion using hand and face biometrics”, In Proc. of SPIE Conf. Biometric Technology for Human Identification II, pp. 196–204, Mar. 2005.

- 111 -


[18] Rahib Abiyev and Koray Altunkaya, “Neural Network Based Biometric Personal Identification”, Frontiers in the Convergence of Bioscience and Information Technologies, Jeju, pp. 682 – 687, October 2007. [19] Ronald Wolak, “Network Security: Biometrics- The Password Alternative,” School of Computer and Information Sciences, 1998. [20] Iuon-Chang Lin, Hsia-Hung Ou, Min-Shiang Hwang, “An Authentication system using backpropagation network,” Neural Computational & Application 14, pp. 243-249, 2005. [21] Joseph, A. Bong, D.B.L., Mat, D.A.A, “Application of Neural Network in User Authentication for Smart Home System”, in Proceeding of the World Academy of Sciences, Engineering and Technology 53-2009. [22] Shahbaz Zahr Reyhani, and Mehregan Mahdavi, “User Authentication using Neural Networks in Smart Home Networks,” in Proceeding of the International Journal of Smart Home, vol. 1, No. 2, July 2007.

- 112 -