Security of a Privacy-Preserving Biometric Authentication Protocol Revisited
Paper in proceeding, 2014
Biometric authentication establishes the identity of an individual based on biometric templates (e.g. fingerprints, retina scans etc.). Although biometric authentication has important advantages and many applications, it also raises serious security and privacy concerns. Here, we investigate a biometric authentication protocol that has been proposed by Bringer et al. and adopts a distributed architecture (i.e. multiple entities are involved in the authentication process). This protocol was proven to be secure and privacy-preserving in the honest-but-curious (or passive) attack model. We present an attack algorithm that can be employed to mount a number of attacks on the protocol under investigation. We then propose an improved version of the Bringer et al. protocol that is secure in the malicious (or active) insider attack model and has forward security.
forward security
Biometrics
active attack
privacy-preserving biometric authentication
homomorphic encryption
Author
Aysajan Abidin
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Kanta Matsuura
Aikaterini Mitrokotsa
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
03029743 (ISSN) 16113349 (eISSN)
Vol. 8813 290-304978-3-319-12280-9 (ISBN)
Areas of Advance
Information and Communication Technology
Subject Categories
Computer Science
DOI
10.1007/978-3-319-12280-9_19
ISBN
978-3-319-12280-9