Secure biometric authentication with improved accuracy

We propose a new hybrid protocol for cryptographically secure biometric authentication. The main advantages of the proposed protocol over previous solutions can be summarised as follows: (1) potential for much better accuracy using different types of biometric signals, including behavioural ones; and (2) improved user privacy, since user identities are not transmitted at any point in the protocol execution. The new protocol takes advantage of state-of-the-art identification classifiers, which provide not only better accuracy, but also the possibility to perform authentication without knowing who the user claims to be. Cryptographic security is based on the Paillier public key encryption scheme

Secure Biometric Authentication With Improved Accuracy

We propose a new hybrid protocol for cryptographically secure biometric authentication. The main advantages of the proposed protocol over previous solutions can be summarised as follows: (1) potential for much better accuracy using different types of biometric signals, including behavioural ones; and (2) improved user privacy, since user identities are not transmitted at any point in the protocol execution. The new protocol takes advantage of state-of-the-art identification classifiers, which provide not only better accuracy, but also the possibility to perform authentication without knowing who the user claims to be. Cryptographic security is based on the Paillier public key encryption scheme

Developing a New Algorithm to Detect Right Thumb Fingernail in Healthy Human

Due to significant challenges faced by traditional methods of personal identification like fingerprinting, eye scanning, and voice recognition, new techniques are needed. One such approach involves the use of human nail images for identification and access to personal identification programs and electronic patient files. A novel algorithm, which consists of three stages, has been proposed utilizing the HSV color space detection algorithm, grayscale contrast optimization algorithm, nail segmentation, and image smoothing with a Gaussian filter. This method reduces tested image data and preserves the primary image structure, and has the potential to surpass the accuracy of traditional methods, providing an additional layer of security in personal identification programs and electronic patient files. Nail image detection can be conducted remotely and accessed through standard cameras or smartphones, making it a more hygienic and convenient option than physical contact methods such as fingerprinting or eye scanning. Moreover, the use of nail images for personal identification has several other benefits, especially in situations where traditional methods are not feasible, such as in individuals with skin conditions that prevent fingerprinting. The success of the proposed algorithm in detecting nail images for personal identification has implications beyond individual security and can be applied in different fields, including healthcare and forensic science, to improve identification accuracy and prevent fraud. For example, the use of nail images could help prevent identity theft in healthcare settings, where sensitive information is stored and exchanged

Analysis of Biometric Authentication Protocols in the Blackbox Model

In this paper we analyze different biometric authentication protocols considering an internal adversary. Our contribution takes place at two levels. On the one hand, we introduce a new comprehensive framework that encompasses the various schemes we want to look at. On the other hand, we exhibit actual attacks on recent schemes such as those introduced at ACISP 2007, ACISP 2008, and SPIE 2010, and some others. We follow a blackbox approach in which we consider components that perform operations on the biometric data they contain and where only the input/output behavior of these components is analyzed.Comment: 10 pages, 1 figures, submitted to IEEE Transactions on Information Forensics and Securit

Secure Outsourced Biometric Authentication with Performance Evaluation on Smartphones

Abstract-We design privacy-preserving protocols for Scaled Manhattan and Scaled Euclidean verifiers, secure against malicious clients and honest-but-curious server. We then augment our protocols with principal component analysis (PCA), which can help improve authentication accuracy. We evaluate the performance of our protocols on an emerging application-namely, continuous authentication of smartphone users. We compare the performance of protocols secure under the malicious client model, with three protocols secure in the honest-but-curious model. We report tradeoffs between computation overhead, communication cost, and authentication accuracy. Our key observations are: 1) Scaled Manhattan without PCA gives the best tradeoff between security, accuracy, and overhead; and 2) with PCA, memory availability on current smartphones limits the number of features that can be used with Scaled Manhattan, and prevents the Scaled Euclidean protocol from running. Our extended evaluation on a laptop client shows that PCA with both Scaled Manhattan and Scaled Euclidean verifiers is feasible given sufficient memory

Be More and be Merry: Enhancing Data and User Authentication in Collaborative Settings

Cryptography is the science and art of keeping information secret to un-intended parties. But, how can we determine who is an intended party and who is not? Authentication is the branch of cryptography that aims at confirming the source of data or at proving the identity of a person. This Ph.D. thesis is a study of different ways to perform cryptographic authentication of data and users. The main contributions are contained in the six papers included in this thesis and cover the following research areas: (i) homomorphic authentication; (ii) server-aided verification of signatures; (iii) distance-bounding authentication; and (iv) biometric authentication. The investigation flow is towards collaborative settings, that is, application scenarios where different and mutually distrustful entities work jointly for a common goal. The results presented in this thesis allow for secure and efficient authentication when more entities are involved, thus the title “be more and be merry”. Concretely, the first two papers in the collection are on homomorphic authenticators and provide an in-depth study on how to enhance existing primitives with multi- key functionalities. In particular, the papers extend homomorphic signatures and homomorphic message authentication codes to support computations on data authenticated using different secret keys. The third paper explores signer anonymity in the area of server-aided verification and provides new secure constructions. The fourth paper is in the area of distance-bounding authentication and describes a generic method to make existing protocols not only authenticate direct-neighbors, but also entities located two-hop away. The last two papers investigate the leakage of information that affects a special family of biometric authentication systems and how to combine verifiable computation techniques with biometric authentication in order to mitigate known attacks