A significant problem facing cybersecurity is that most client/server identity authentication schemes depend on computational complexity which is recently challenged by the super exponential computational abilities of quantum computers. Quantum cryptography with its quantum mechanics principles solves this problem and provides mathematically un-hackable secure communication for the quantum computers epoch. Biometric authentication has a big challenge related to its protection as it has to be submitted and stored in encrypted form. Unfortunately, most existing biometric cryptosystems rely on classical cryptography, so they are insecure in quantum era. This problem is solved in this paper by introducing a novel three-factor biometric quantum identity authentication scheme combining something you know (password), something you produce (client’s voice), and something you are (client’s face image) is proposed. The scheme consists of two phases: client enrollment and client login/authentication. The methodology is to use in the enrollment phase, two layers of quantum encryption for the client’s voice signal. Each layer consists of two simple quantum circuits of SWAP and C-NOT quantum gates respectively using a different pseudorandom key obtained from a cellular automata (CA) pseudorandom generator. The proposed scheme has many merits. Firstly, it introduces a new design of muti-factors quantum biometric authentication scheme as the biometric voice data is processed, transmitted, and stored at the server database in an encrypted unconditionally secure quantum form which provides parallel processing, real-time communications, inherent level of security against attacks, tamper-proof security and exponential powerful storage capability due to the quantum properties. Secondly, the proposed scheme achieves double-layers security by combing quantum voice encryption and quantum secure direct communication in one process such that the quantum channel eavesdropper cannot obtain any valuable information in case of information leakage. Thirdly, the distribution and management of encryption key problem is solved as there is no need for key exchange prior to communication. Fourthly, it achieves high communication efficiency as although it is a three-factor biometric identity authentication, only one biometric data is sent in quantum encrypted form to the server. Fifthly, the numerical simulations showed that the proposed scheme has large key space, high key sensitivity and more robust performance against different types of attacks compared to other existing classical and quantum voice encryption schemes. Finally, as an identity authentication method, the proposed scheme achieves identification accuracy of 100% with zero False Rejection Rate (FRR) and zero False acceptance rate (FAR) which is perfect.
Read full abstract