A Modern Mechanism for Formal Analysis of Biometric Authentication Security Protocol

Abstract

A Biometric Authentication Security (BAS) protocol is a method by which a person's unique physiological or behavioral characteristics are used to verify their identity. These characteristics can include fingerprints, facial features, voice patterns, and more. Biometric authentication has become increasingly popular in recent years due to its convenience and perceived security benefits. However, ensuring that the BAS protocols are secure and cannot be easily compromised. . Developing a highly secure biometric authentication protocol is challenging, and proving its correctness is another challenge. In this work, we present a modern mechanism for formally analyzing biometric authentication security protocol by taking a Aadhaar Level-0 Iris-based Authentication Protocol as a use case. The mechanism uses formal methods to formally verify the security of the Aadhaar Level-0 Iris-based Authentication protocol, and is based on the widely-used BAN logic (Buruccu, Abadi, and Needham). Using Scyther model checker we analyze the existing biometric authentication protocol and have shown its effectiveness in identifying potential security vulnerabilities. The proposed mechanism is based on a set of security requirements that must be met for the protocol to be considered secure. These requirements include the need for the protocol to be resistant to replay attacks, man-in-the-middle attacks, and impersonation attacks. The mechanism also considers the possibility of an attacker obtaining the biometric data of a legitimate user.