D. Zhang and A.K. Jain (Eds.): ICB 2006, LNCS 3832, pp. 509 – 515, 2005. © Springer-Verlag Berlin Heidelberg 2005 Generation of Replaceable Cryptographic Keys from Dynamic Handwritten Signatures W.K. Yip 1,2 , A. Goh 2 , David Chek Ling Ngo 1,2 , and Andrew Beng Jin Teoh 1,2 1 Faculty of Information Science and Technology (FIST), Multimedia University, Jalan Ayer Keroh Lama, Bukit Beruang 75450, Melaka, Malaysia {yip.wai.kuan04, david.ngo, bjteoh}@mmu.edu.my 2 Corentix Technologies Sdn Bhd, B-S-06, Kelana Jaya, Petaling Jaya, 47301 Selangor, Malaysia alwyn@corentix.com Abstract. In this paper, we present a method for generating cryptographic keys that can be replaced if the keys are compromised and without requiring a tem- plate signature to be stored. The replaceability of keys is accomplished using iterative inner product of Goh-Ngo [1] Biohash method, which has the effect of re-projecting the biometric into another subspace defined by user token. We also utilized a modified Chang et al [2] Multi-state Discretization (MSD) method to translate the inner products into binary bit-strings. Our experiments indicate encouraging result especially for skilled and random forgery whereby the equal error rates are <6.7% and ~0% respectively, indicating that the keys generated are sufficiently distinguishable from impostor keys. 1 Introduction In authentication systems, it is well known that password and public-key systems do not physically associate the user hence, identity frauds can be easily carried out. Therefore, there is a need to incorporate biometric factor (what you are) for authenti- cation to provide better security. In this paper, we are interested in using dynamic hand-signatures as the biometric features because they are socially and generally well- accepted and are more cost effective in terms of capturing equipment (eg. PDAs, smartphones and mouse-pen). In particular, we are interested in deriving bit-strings from dynamic hand-signature data to be used as cryptographic keys in authentication protocols. The following issues are addressed in this paper: (1) biometrics is not exactly reproducible, (2) non-revocability of biometrics in that they are permanently associated with the users, and (3) non-secrecy nature of the biometric. Our solution to (1) is to use a modified MSD with Gray encoding to allow keys to be encoded as closely as possible within a permissible threshold bounded by the statistical deviation. Issue (2) is resolved using iterative inner product that causes the biometric feature to be projected into another random subspace dictated by the stored user random token which is an independent factor from the biometric. Lastly, the fact that our key statis- tics are linked to the mixed biometric with token randomness, and the inherent one- way transformation of the iterative inner product, guarantee the non-revelation the actual biometric even if the final keys are stolen.