Revisiting Yasuda et al.’s Biometric Authentication Protocol: Are you Private Enough?
Paper in proceedings, 2018
Biometric Authentication Protocols (BAPs) have increasingly been employed to guarantee reliable access control to places and services. However, it is well-known that biometric traits contain sensitive information of individuals and if compromised could lead to serious security and privacy breaches. Yasuda et al.  proposed a distributed privacy-preserving BAP which Abidin et al.  have shown to be vulnerable to biometric template recovery attacks under the presence of a malicious computational server. In this paper, we fix the weaknesses of Yasuda et al.’s BAP and present a detailed instantiation of a distributed privacy-preserving BAP which is resilient against the attack presented in . Our solution employs Backes et al.’s  verifiable computation scheme to limit the possible misbehaviours of a malicious computational server.
Privacy- Preserving Authentication.