THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

Machine Learning-Enhanced Advancements in Quantum Cryptography: A Comprehensive Review and Future Prospects

Quantum cryptography has emerged as a promising paradigm for secure communication, leveraging the fundamental principles of quantum mechanics to guarantee information confidentiality and integrity. In recent years, the field of quantum cryptography has witnessed remarkable advancements, and the integration of machine learning techniques has further accelerated its progress. This research paper presents a comprehensive review of the latest developments in quantum cryptography, with a specific focus on the utilization of machine learning algorithms to enhance its capabilities. The paper begins by providing an overview of the principles underlying quantum cryptography, such as quantum key distribution (QKD) and quantum secure direct communication (QSDC). Subsequently, it highlights the limitations of traditional quantum cryptographic schemes and introduces how machine learning approaches address these challenges, leading to improved performance and security. To illustrate the synergy between quantum cryptography and machine learning, several case studies are presented, showcasing successful applications of machine learning in optimizing key aspects of quantum cryptographic protocols. These applicatiocns encompass various tasks, including error correction, key rate optimization, protocol efficiency enhancement, and adaptive protocol selection. Furthermore, the paper delves into the potential risks and vulnerabilities introduced by integrating machine learning with quantum cryptography. The discussion revolves around adversarial attacks, model vulnerabilities, and potential countermeasures to bolster the robustness of machine learning-based quantum cryptographic systems. The future prospects of this combined field are also examined, highlighting potential avenues for further research and development. These include exploring novel machine learning architectures tailored for quantum cryptographic applications, investigating the interplay between quantum computing and machine learning in cryptographic protocols, and devising hybrid approaches that synergistically harness the strengths of both fields. In conclusion, this research paper emphasizes the significance of machine learning-enhanced advancements in quantum cryptography as a transformative force in securing future communication systems. The paper serves as a valuable resource for researchers, practitioners, and policymakers interested in understanding the state-of-the-art in this multidisciplinary domain and charting the course for its future advancements

Binary Biometrics: An Analytic Framework to Estimate the Performance Curves Under Gaussian Assumption

In recent years, the protection of biometric data has gained increased interest from the scientific community. Methods such as the fuzzy commitment scheme, helper-data system, fuzzy extractors, fuzzy vault, and cancelable biometrics have been proposed for protecting biometric data. Most of these methods use cryptographic primitives or error-correcting codes (ECCs) and use a binary representation of the real-valued biometric data. Hence, the difference between two biometric samples is given by the Hamming distance (HD) or bit errors between the binary vectors obtained from the enrollment and verification phases, respectively. If the HD is smaller (larger) than the decision threshold, then the subject is accepted (rejected) as genuine. Because of the use of ECCs, this decision threshold is limited to the maximum error-correcting capacity of the code, consequently limiting the false rejection rate (FRR) and false acceptance rate tradeoff. A method to improve the FRR consists of using multiple biometric samples in either the enrollment or verification phase. The noise is suppressed, hence reducing the number of bit errors and decreasing the HD. In practice, the number of samples is empirically chosen without fully considering its fundamental impact. In this paper, we present a Gaussian analytical framework for estimating the performance of a binary biometric system given the number of samples being used in the enrollment and the verification phase. The error-detection tradeoff curve that combines the false acceptance and false rejection rates is estimated to assess the system performance. The analytic expressions are validated using the Face Recognition Grand Challenge v2 and Fingerprint Verification Competition 2000 biometric databases

An Outline of Security in Wireless Sensor Networks: Threats, Countermeasures and Implementations

With the expansion of wireless sensor networks (WSNs), the need for securing the data flow through these networks is increasing. These sensor networks allow for easy-to-apply and flexible installations which have enabled them to be used for numerous applications. Due to these properties, they face distinct information security threats. Security of the data flowing through across networks provides the researchers with an interesting and intriguing potential for research. Design of these networks to ensure the protection of data faces the constraints of limited power and processing resources. We provide the basics of wireless sensor network security to help the researchers and engineers in better understanding of this applications field. In this chapter, we will provide the basics of information security with special emphasis on WSNs. The chapter will also give an overview of the information security requirements in these networks. Threats to the security of data in WSNs and some of their counter measures are also presented

Envisioning the Future of Cyber Security in Post-Quantum Era: A Survey on PQ Standardization, Applications, Challenges and Opportunities

The rise of quantum computers exposes vulnerabilities in current public key cryptographic protocols, necessitating the development of secure post-quantum (PQ) schemes. Hence, we conduct a comprehensive study on various PQ approaches, covering the constructional design, structural vulnerabilities, and offer security assessments, implementation evaluations, and a particular focus on side-channel attacks. We analyze global standardization processes, evaluate their metrics in relation to real-world applications, and primarily focus on standardized PQ schemes, selected additional signature competition candidates, and PQ-secure cutting-edge schemes beyond standardization. Finally, we present visions and potential future directions for a seamless transition to the PQ era