Logo des Repositoriums

Auflistung nach Autor:in "Pashalidis, Andreas"

1 - 2 von 2
  • Konferenzbeitrag
    Security considerations on extending PACE to a biometric-based connection establishment
    (BIOSIG 2013, 2013) Buchmann, Nicolas; Peeters, Roel; Baier, Harald; Pashalidis, Andreas
    The regulations of the European Union (EU) Council in 2004 are the basis of the deployment of electronic passports within the EU. Since then EU member states adopt the format and the access protocols to further electronic machine readable travel documents (eMRTD) like national electronic ID cards and electronic residence permits, respectively. The security protocols to communicate with an eMRTD are based on the paradigm of strong cohesion and loose coupling, i.e., each step is designed to ensure only a particular security goal like authorisation to access a certain data group, authenticity and integrity of the data, originality of the chip, or the linkage between the eMRTD and its holder. However, recently a discussion evolved to integrate the linkage security goal within the connection establishment, which currently only aims at limiting basic access of authorised terminals to the eMRTD. For instance, the BioPACE protocol proposes to replace the knowledge-based shared 'secret' of PACE by a biometric-based one. The goal of the paper at hand is twofold: First, we evaluate the BioPACE protocol and propose improvements to enhance its features. Second, we analyse the expediency of integrating our BioPACE version 2 into the eMRTD domain. Our initial evaluation shows that our BioPACE version 2 is expedient if the EAC protocols and the corresponding PKI are abandoned.
  • Konferenzbeitrag
    Simulated annealing attack on certain fingerprint authentication systems
    (BIOSIG 2013, 2013) Pashalidis, Andreas
    This paper describes a simple and generic attack against minutiae-based fingerprint authentication systems. The aim of the attack is to construct a fingerprint minutiae template, compliant to ISO/IEC standards, that matches a fixed but unknown target fingerprint. Our attack is expected to be most effective against systems that employ vicinity-based matching algorithms, i.e. systems that divide fingerprints into multiple regions and then compute similarity over these regions. The effectiveness of our attack is experimentally demonstrated against the recently proposed `Protected Minutiae Cylinder Code' (PMCC) scheme.