1,656 research outputs found
Pseudo Identities Based on Fingerprint Characteristics
This paper presents the integrated project TURBINE which is funded under the EU 7th research framework programme. This research is a multi-disciplinary effort on privacy enhancing technology, combining innovative developments in cryptography and fingerprint recognition. The objective of this project is to provide a breakthrough in electronic authentication for various applications in the physical world and on the Internet. On the one hand it will provide secure identity verification thanks to fingerprint recognition. On the other hand it will reliably protect the biometric data through advanced cryptography technology. In concrete terms, it will provide the assurance that (i) the data used for the authentication, generated from the fingerprint, cannot be used to restore the original fingerprint sample, (ii) the individual will be able to create different "pseudo-identities" for different applications with the same fingerprint, whilst ensuring that these different identities (and hence the related personal data) cannot be linked to each other, and (iii) the individual is enabled to revoke an biometric identifier (pseudo-identity) for a given application in case it should not be used anymore
Relations among Security Metrics for Template Protection Algorithms
Many biometric template protection algorithms have been proposed mainly in
two approaches: biometric feature transformation and biometric cryptosystem.
Security evaluation of the proposed algorithms are often conducted in various
inconsistent manner. Thus, it is strongly demanded to establish the common
evaluation metrics for easier comparison among many algorithms. Simoens et al.
and Nagar et al. proposed good metrics covering nearly all aspect of
requirements expected for biometric template protection algorithms. One
drawback of the two papers is that they are biased to experimental evaluation
of security of biometric template protection algorithms. Therefore, it was
still difficult mainly for algorithms in biometric cryptosystem to prove their
security according to the proposed metrics. This paper will give a formal
definitions for security metrics proposed by Simoens et al. and Nagar et al. so
that it can be used for the evaluation of both of the two approaches. Further,
this paper will discuss the relations among several notions of security
metrics
THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system
In this paper, we propose a new biometric verification and template
protection system which we call the THRIVE system. The system includes novel
enrollment and authentication protocols based on threshold homomorphic
cryptosystem where the private key is shared between a user and the verifier.
In the THRIVE system, only encrypted binary biometric templates are stored in
the database and verification is performed via homomorphically randomized
templates, thus, original templates are never revealed during the
authentication stage. The THRIVE system is designed for the malicious model
where the cheating party may arbitrarily deviate from the protocol
specification. Since threshold homomorphic encryption scheme is used, a
malicious database owner cannot perform decryption on encrypted templates of
the users in the database. Therefore, security of the THRIVE system is enhanced
using a two-factor authentication scheme involving the user's private key and
the biometric data. We prove security and privacy preservation capability of
the proposed system in the simulation-based model with no assumption. The
proposed system is suitable for applications where the user does not want to
reveal her biometrics to the verifier in plain form but she needs to proof her
physical presence by using biometrics. The system can be used with any
biometric modality and biometric feature extraction scheme whose output
templates can be binarized. The overall connection time for the proposed THRIVE
system is estimated to be 336 ms on average for 256-bit biohash vectors on a
desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link
connection speed. Consequently, the proposed system can be efficiently used in
real life applications
A Formal Study of the Privacy Concerns in Biometric-Based Remote Authentication Schemes
With their increasing popularity in cryptosystems, biometrics have attracted more and more attention from the information security community. However, how to handle the relevant privacy concerns remains to be troublesome. In this paper, we propose a novel security model to formalize the privacy concerns in biometric-based remote authentication schemes. Our security model covers a number of practical privacy concerns such as identity privacy and transaction anonymity, which have not been formally considered in the literature. In addition, we propose a general biometric-based remote authentication scheme and prove its security in our security model
An Overview on Privacy Preserving Biometrics
The Internet has consolidated itself as a very powerful platform that has changed the communication and business way. Nowadays, the number of users navigating through Internet is about 1,552 millions according to Internet World Stats. This large audience demands online commerce, e-government, knowledge sharing, social networks, online gaming . . . which grew exponentially over the past few years. The security of these transactions is very important considering the number of information that could be intercepted by an attacker. Within this context, authentication is one of the most important challenges in computer security. Indeed, the authentication step is often considered as the weakest link in the security of electronic transactions. In general, the protection of the message content is achieved by using cryptographic protocols that are well known and established. The well-known ID/password is far the most used authentication method, it is widely spread despite its obvious lack of security. This is mainly due to its implementation ease and to its ergonomic feature: the users are used to this system, which enhances its acceptance and deployment. Many more sophisticated solutions exist in the state of the art to secure logical access control (one time passwords tokens, certificates . . . ) but none of them are used by a large community of users for a lack of simplicity usage (O'Gorman, 2003)..
- …