08 Newton Biometrics Presentation FINAL

7/25/2019 08 Newton Biometrics Presentation FINAL

1/17

Strength

of

uthentication

for iometrics:An

Evaluation

Framework

ElaineNewton,NISTColinSoutar,Deloitte&Touche LLP


2/17

BackgroundontheAdvancedIdentityWorkshop:

ApplyingMeasurement

Science

in

the

Identity

Ecosystem

Purpose&Scope

Approach:

ProblemStatement

SystemAttackAnalysis

ZeroInformationAttack

ConsideranAdditionalFactor:Effort

IncorporatingEffort

StrengthofFunctionforAuthenticators(SOFA)

UltimateGoal:Comparing&CombiningAuthenticationTechnologies

Agenda


3/17

Background

on

the

Advanced

Identity

Workshop:ApplyingMeasurementScienceIntheIdentityEcosystem

January1213th @Gaithersburg

Focusonquantifyingstrengthoffunctiontoenableriskbaseddecisions

Threefocusareas:1. StrengthofAuthentication

2. StrengthofProofing

3. AttributeConfidence

StrengthofAuthenticationwillfocusinitiallyonmeasuringthestrengthofBiometricAuthenticationSystems

Theoverallgoalofthisareaistoreachthepointwherethestrength

ofauthenticationmechanismscanbemeasured,compared,andeventuallycombined

Whystartwithbiometrics?Growingavailabilityanduse.


4/17

Purpose

&

Scope

Produceaframeworkformeasuringandevaluatingthestrengthofa

biometric

authentication

system

that

enables: Greaterunderstandingofhowmuchtrustcanbeplacedinsolutions

Betteralignmentofsolutionswithassessedrisks

Focusisonpositiveauthenticationandonetoonematching:

Doesnotaddresswatchlistapplications

Doesnotdealwithsituationswhereusersareavoidingidentification

Intendedtobemodalityagnostic

FrameworkwillbereleasedasareportfromNIST,butmaybeusedascontributiontoastandardsdevelopmenteffort

Frameworkwillbeopenforpubliccommentthroughoutitsdevelopment


5/17

Approach


6/17

Problem

Statement

Startingpoint:Whatgenerallyacceptedmeasurementsexistaround

strengthofauthenticators? Entropyandthestrengthofpasswords/keylength

StrengthofFunction:CommonCriteria

Howcanwecomparestrengthofbiometricauthentication

mechanisms

to

each

other,

and

to

other

types

of

mechanisms?

Canwecreateacomparablemeasureinbiometricstoentropyorstrengthoffunction?

Canweestablishageneralframeworkforcomparingdifferentmechanisms?

SOFA=StrengthofFunctionforAuthenticators


7/17

System

and

Attack

Analysis

Manyattackscanbemitigatedbycore

securitycontrols:e.g.,encryption,

mutualauthentication,limitingof

unsuccessfulattempts

Someareasrequire

specificfocusin

biometrics:e.g.,template

protection


8/17

System

and

Attack

Analysis:

Biometric

Specific

PAD

Error

Rate:Probability

of

a

successfulpresentationattack

FMR:Probabilityofa

falsematchoccurring

Matching

Performance

Twoaspectsstoodoutasuniqueto

biometricauthN:PresentationAttacks

andtheMatchingPerformance;each

carriespotentialmetricstocontribute

tostrength.


9/17

Approach

Isolatetheaspectsofbiometrictechnologiesthatcanbequantified

Assumeabaselineofcyberhygiene

Inherentbiometricstrength

Zeroinformationattacks,

i.e.,

the

attacker

doesnt

have

the

PIN

or

biometric

patternTargetedattacks

Additionalcontrols(e.g.,limitingfailedattempts)maybelayeredontopofthequantifiedstrengthtoimprovethe

overallsecurityofasystemWhataretherelevantfactorsfortheframework?


10/17

ZeroInformationAttack

Factors:

FMR

and

PADER

FalseMatchRate(FMR)

Proportionofimpostorattempt

samplesfalselydeclaredtomatchthecomparedtemplate

Empiricallydetermined

Combinationof

Inherentdiscrimination

signal

fidelity;

sensor

performance;

processingandmatchingcapabilities

PresentationAttackDetectionErrorRate(PADER)

Proportionofpresentationattacks

incorrectlyclassifiedasbonafidepresentationsatthePADsubsysteminaspecificscenario*

ErrorratesandtestingbeingdevelopedinISO/IEC301073andFIDOAlliance

Testingstandardsandproceduresmayaddress

Typeofattacksused

Numberofattempts

Typesoftests:verifyingvendorclaims,orfullstatisticalsignificance

trials?

AssumptionFMRandPADERareindependentofoneanother.*ThisisverysimilartotheAPCERmeasureusedinthedraftofISO/IECCD301073

HypothesisFMRandPADERcanbecombinedtoproduceameasurethatcan

becomparedtoapasswordsentropy.


11/17

Consider

an

Additional

Factor:

EffortTounderstandtheinherentstrengthofabiometricsystem,more

thanPADERandFMRarerequiredeffortshouldalsobeconsidered

Password/Pin Biometrics

Samplesizeandcomplexity

Accesstosensor/device

Computationalcomplexityofmatching

Lengthandcomplexity

Zero

Info.

Targeted Shouldersurf Retrievebiometric

CreateartefactNotepads


12/17

Incorporating

Effort

Effort=Levelofeffortrequiredtoattackspecificcomponentsofan

authenticationsystem. Focusesonthepointofinputorsensor

Requiresqualitativeassessmentandcomparisonofattacksextendingacross

systems Thetime,knowledge,andresources

requiredforanattackmaycontributetotheeffort

Consequencesmayalsobeconsidered

Manyfactorscouldbeincorporatedintoeffort:furtherexplorationrequired

EffortScale

Difficult

Easy

Coercion

Artefact

Brute

Force

(PIN/PW

orPassive

Imposter)


13/17

Strength

of

Function

for

Authenticators

(SOFA)InherentStrength

IncorporatingtheFMR,PAD,andeffortintoasinglemeasureof

strengthcouldlooksomethinglikethis:

Inthecaseoftargetedattacks,themeasureofstrengthmaylooklike:

EffortSOFAZero Info(Biometrics)

FMRxPADER

EffortSOFATargeted (Biometrics)(1 FNMR)xPADER


14/17

Ultimate

Goal:

Comparing

&

Combining

AuthenticationTechnologies

Goalistomovetowardsdevelopingmetricsthatcanbecompared

andcombinedtobetterunderstandauthenticationsystemsUltimately,wewouldbeabletodeterminethesametypeofmeasure

formostauthenticationsystems

SOFAZero Info(Biometrics)FMRxPADER

Effort

SOFAZero Info(PIN/PW) NL

Effort x

ForPIN/PW,NisthenumberofpossiblesymbolsandListhe

lengthofthestringofthesetofNsymbols.


15/17

Next

Steps

NISTwillproduceaninitialdraftdocument

Usingshort,openpubliccommentperiodsthedocumentwillbeiterativelyreviewedandupdatedbasedoncommunityfeedback

NIST

will

finalize

the

document

and

identify

the

most

appropriatevenuetoforwardadditionalwork

Yourfeedbackiswelcomedandencouragedthroughtheentireprocess!Pleasesendcommentsto([email protected])or

throughthecommentmechanismduringtheiterativepublicreviewperiods


16/17

References

M1.4AHGBEAStudyReportonBiometricsinEAuthentication

OASISAnalysisofMethodsofTrustElevationVersion1.0(2013)and

ElectronicIdentity

Credential

Trust

Elevation

Framework

Version

1.0

(2014)

ISO19092:2008 FinancialservicesBiometricsSecurityframework

ISO/IEC301071:2016 InformationtechnologyBiometricpresentationattackdetectionPart1:Framework

CommitteeDraftofISO/IEC301073 Informationtechnology

Biometric

presentationattackdetectionPart3:TestingandReporting

ISO/IEC24745:2011 InformationtechnologySecuritytechniquesBiometricinformationprotection

ISO/IEC

19792:2009

Information

technology

Security

techniques

Securityevaluationofbiometrics

MeasuringStrengthofAuthentication Workshop:ApplyingMeasurementScienceintheIdentityEcosystem

http://www.commoncriteriaportal.org/


17/17

RyanGalluzzo

Deloitte&Touche LLPCyberRiskServices

[email protected]

ElaineNewton,PhD

NationalInstituteofStandardsandTechnology

[email protected]

PaulGrassi


[email protected]

KevinMangold


[email protected]

ColinSoutar,PhD


[email protected]

RajDinh


[email protected]

ContractsupporttoNIST

CathyTilton

CSRAInc.

[email protected]

SpecialguestcontributionstoNIST

NIST

Contributors

08 Newton Biometrics Presentation FINAL

Documents

Transcript of 08 Newton Biometrics Presentation FINAL