Abstract
Due to the ease of use, face authentication could be a promising way to replace hard-to-remember passwords to access web services. However, to make face authentication suitable for web services, there are still several critical security and privacy challenges unaddressed. First, the existing authentication servers typically collect the plaintext of users' facial images in order to conduct authentication. If the servers are compromised, the attackers would obtain the users' facial images and can easily impersonate the users in any other applications that use face authentication. Second, it is also hard to prevent attackers from using facial images published in social network sites to impersonate the true user. In this paper, we conquered these two issues by proposing a novel secure face authentication system, called UFace. UFace uses special close-up facial images (which cannot be found online) for authentication. To further ensure the confidentiality of these close-up images, UFace guarantees that these images are only stored at user side and the servers have not any plaintext of these images. The face authentication is conducted securely with two collaborative authentication servers. UFace was implemented through both an Android application and multiple server side programs which were then evaluated in a real setting. The experimental results demonstrate that the UFace system can accurately authenticate users within a few seconds.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
