Abstract
We study a protocol, called BIO3G, which provides biometric-based user authentication and key establishment in Third Generation (3G) mobile environments. BIO3G provides end-to-end user authentication to the mobile operator, requiring no storing or transferring of biometric data and, eliminating the need for biometric enrolment and administration, which is time-consuming for the user and expensive for the mobile operator. We model BIO3G using process algebra Communicating Sequential Processes (CSP) and verify it using Schneider’s rank functions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Neimi, V., Nyberg, K.: UMTS Security. John Wiley & Sons, Chichester (2003)
Benoit, O., Dabbous, N., Gauteron, L., Girard, P., Handschuh, H., Naccache, D., Socile, S., Whelan, C.: Mobile Terminal Security. Cryptology ePrint Archive Report 2004/158
ISO/IEC JTC1, SC37/SG1: Biometric vocabulary corpus (2004)
Dimitriadis, C., Polemi, D.: Biometrics –Risks and Controls. Information Systems Control Journal (ISACA) 4, 41–43 (2004)
Dimitriadis, C., Polemi, D.: A protocol for incorporating biometrics in 3G with respect to privacy. In: Fernandez-Medina, E., Hernandez, J., Garcia, J. (eds.) Proceedings of the 3rd International Workshop on Security in Information Systems (WOSIS 2005), pp. 123–135 (2005)
3rd Generation Partnership Project: TS 33.102 - 3G Security; Security architecture (2004)
Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall International, Englewood Cliffs (1985)
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy Extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)
3rd Generation Partnership Project: TS 22.022 - Personalisation of Mobile Equipment (ME); Mobile functionality specification (2005)
Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice-Hall, Englewood Cliffs (1997)
Schneider, S.: Concurrent and Real-time Systems: the CSP Approach. Addison-Wesley, Reading (1999)
Ryan, P., Schneider, S., Goldsmith, M., Lowe, G., Roscoe, B.: Modelling and Analysis of Security Protocols. Addison-Wesley, Reading (2001)
Schneider, S.: Verifying Authentication Protocols in CSP. IEEE Transactions on Software Engineering 24(9), 741–758 (1998)
Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. on Information Theory 29(2), 198–208 (1983)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Shaikh, S.A., Dimitriadis, C.K. (2006). Analysing a Biometric Authentication Protocol for 3G Mobile Systems Using CSP and Rank Functions. In: Clark, J.A., Paige, R.F., Polack, F.A.C., Brooke, P.J. (eds) Security in Pervasive Computing. SPC 2006. Lecture Notes in Computer Science, vol 3934. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11734666_16
Download citation
DOI: https://doi.org/10.1007/11734666_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33376-0
Online ISBN: 978-3-540-33377-7
eBook Packages: Computer ScienceComputer Science (R0)