Privacy preserving biometric‐based remote authentication with secure processing unit on untrusted server

Abstract

Biometric-based authentication systems offer undeniable benefits to users. However, biometric features are vulnerable to attacks, especially those happening over transmission network or at the stored biometric templates. In this work, we propose a novel biometric-based remote authentication framework to deal with malicious attacks over the transmission channel and at the untrusted server. More concretely, the proposed framework is not only resistant against attacks on the network but also protects biometric templates stored in the untrusted server's database, thanks to the combination of fuzzy commitment protocol and non-invertible transformation techniques. The notable feature as compared to previous biometric based remote authentication framework is its ability to defend the sensitive data against different kinds of insider attacks. The server's administrator is incapable of utilizing information saved in its database to impersonate the clients and deceive the whole system because secure computing in the server is guaranteed by employing a secure coprocessor embedded in the server. In addition, the system performance is maintained with the support of random orthonormal project, which reduces computational complexity while preserving its accuracy.