PERFORMANCE AND SECURITY ANALYSIS Clause Samples

PERFORMANCE AND SECURITY ANALYSIS. Σ Our proposed protocol is tested with 30 subjects from Verifinger Sample Database [17], which includes fingerprints scanned using Cross Match Verifier 300 at 500 ppi [18]. Each subject has 8 fingerprint images. These fingerprint im- ages are aligned using their intensity values in MATLAB R2014b. The minutiae of each fingerprint is extracted using the Neurotechnology Biometric SDK 5.0 Verifinger [17]. First 3 fingerprint images are used to generate the template on the server side, while the remaining 5 fingerprint images are used as combinations of 3 at the user side. Hence, each subject is tested 5 = 10 times. In addition to the genuine tests, impostor tests are also carried out. In these impostor tests, each subject’s template is tested against all other subjects’ queries. The hash function used in the protocol is SHA-256 [19]; hence all of the generated keys are 256 bits long. H2(gu) ∀gu ∈ Gu H2(c) ∀c ∈ C Qu = mix(H2(gu) ∪ H2(c)) userID || Qu Gt = Qu ∩ Gs S = |Gt |2/(nu × ns) | tG | IF S < Tsim → REJECT ELSE Ksu |Gt | || HMAC (msg) K = H1( fs H1(gt )) ∀gt ∈ Gt RETRY FOREACH Gt ⊂ Gu : |Gt | = |Gt | ACCEPT |Gt | K = H1( fs H1(gt )) ∀gt ∈ Gt IF HMACKsu (msg) == HMACKus (msg) → ACCEPT and BREAK IF NOT ACCEPTED → RETRY S = (|Gt | − 1)2/(nu × ns) s,1 s s,1 su su s s,1 u,1 u u,1 s us k=1 su u,k u u,1 IF HMACKi (msg) == HMACKus (msg) → ACCEPT and BREAK IF NOT ACCEPTED → RETRY RETRY S = (|Gt | − j)2/(nu × ns) IF S < Tsim → REJECT ELSE sf FOREACH Gtt ⊂ Gt : |Gtt | = |Gt | − j HMACKi (msg) Ki = H1( |Gt |−j H1(gtt )) ∀gtt ∈ Gtt FOREACH Gtt ⊂ Gt : |Gtt | = |Gt | − j ACCEPT || i f |Gt |−j K = H1( H1(gtt )) ∀gtt ∈ Gtt k=1 su