Abstract
Biometric based remote authentication has been widely deployed. However, there exist security and privacy issues to be addressed since biometric data includes sensitive information. To alleviate these concerns, we design a privacy-preserving fingerprint authentication technique based on Diffie-Hellman (D-H) key exchange and secret sharing. We employ secret sharing scheme to securely distribute fragments of critical private information around a distributed network or group, which softens the burden of the template storage center (TSC) and the users. To ensure the security of template data, the user’s original fingerprint template is stored in ciphertext format in TSC. Furthermore, the D-H key exchange protocol allows TSC and the user to encrypt the fingerprint template in each query using a random one-time key, so as to protect the user’s data privacy. Security analysis indicates that our scheme enjoys indistinguishability against chosen-plaintext attacks and user anonymity. Through experimental analysis, we demonstrate that our scheme can provide secure and accurate remote fingerprint authentication.
Highlights
Biometric based authentication mainly depends on individual biological characteristics or behavioral traits, which is convenient, fast, and less likely to be forgotten, lost, or copied compared to traditional authentication methods like password/tokens [1]
We utilize the secret sharing technology to store keys to reduce the risk of key leakage and exploit the D-H key exchange to conceal the real identity of the users and generate various fingerprint templates to prevent crossmatching attack over bilinear groups
In order to protect privacy and confidentiality of all fingerprint templates, the matcher matches the templates in ciphertext format without destroying authentication accuracy. e designed framework maintains user anonymity, diversity, revocability, noninvertibility, and indistinguishability against chosen-plaintext attacks. rough security and experimental analysis, we demonstrate the security strength and the performance of the proposed system
Summary
Biometric based authentication mainly depends on individual biological characteristics (such as fingerprint, face, iris, and palm print, etc.) or behavioral traits (such as speech and signature, etc.), which is convenient, fast, and less likely to be forgotten, lost, or copied compared to traditional authentication methods like password/tokens [1]. A good biometric template protection system should have the following characteristics [11,12,13]:. (1) Diversity: the same biometric data should have different template representations in different databases to resist cross-matching attacks (2) Reusability/revocability: the damaged or stolen template should be able to be revoked and a new Security and Communication Networks template can be regenerated based on the same biometric data, which cannot be matched with the damaged or stolen one successfully (3) Noninvertibility: it is impossible to calculate or obtain a template with reasonable similarity to the original template from the protected template, so as to prevent the adversary’s biological fraud attack (4) Performance: the performance of the authentication system cannot be greatly reduced.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
