Privacy Preserving Biometrics-Based and User Centric Authentication Protocol

  • Hasini Gunasinghe
  • Elisa Bertino
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8792)

Abstract

We propose a privacy preserving biometrics-based authentication protocol by which users can authenticate to different service providers from their own devices without involving identity providers in the transactions. Authentication is performed through a zero-knowledge proof of knowledge protocol which is based on a cryptographic identity token created using the unique, repeatable and revocable biometric identifier of the user and a secret provided by the user which enables two-factor authentication as well. Our approach for generating biometric identifiers from the user’s biometric image is based on the support vector machine classification technique in conjunction with a mechanism for feature extraction from the biometric image. The paper includes experimental results on a dataset of iris images and a security and privacy analysis of the protocol.

Keywords

Privacy Security Biometrics Authentication 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    IdentityX | World-Class Mobile Biometric Authentication, http://www.identityx.com
  2. 2.
  3. 3.
    Bhargav-Spantzel, A., Squicciarini, A.C., Bertino, E., Kong, X., Zhang, W.: Biometrics-based identifiers for digital identity management. In: IDtrust 2010 Conference Proceedings. ACM (April 2010)Google Scholar
  4. 4.
    California State University, East Bay: Coding theory - hadamard codes, http://www.mcs.csueastbay.edu/~malek/TeX/Hadamard.pdf
  5. 5.
    Chang, C.C., Lin, C.J.: LIBSVM: A library for support vector machines. ACM Transactions on Intelligent Systems and Technology 2, 27:1–27:27 (2011), software available at http://www.csie.ntu.edu.tw/~cjlin/libsvm
  6. 6.
    Kande, S., Dorizzi, B.: Cancelable iris biometrics and using error correcting codes to reduce variability in biometric data. In: Computer Vision and Pattern Recognition. IEEE (April 2009)Google Scholar
  7. 7.
    Klinger, E., Starkweather, D.: phash.org: Home of pHash, the open source perceptual hash library (2008-2010), http://www.phash.org/
  8. 8.
    Kostiainen, K., Ekberg, J., Asokan, N., Rantala, A.: On-board credentials with open provisioning. In: Proceedings of ASIACCS 2009 (2009)Google Scholar
  9. 9.
    Paci, F., Bertino, E., Kerr, S., Lint, A., Squicciarini, A.C., Woo, J.: VeryIDX - A digital identity management system for pervasive computing environments. In: Brinkschulte, U., Givargis, T., Russo, S. (eds.) SEUS 2008. LNCS, vol. 5287, pp. 268–279. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  10. 10.
    Pedersen, T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  11. 11.
    Proença, H.: The UBIRIS.v2: A database of visible wavelength images captured on-the-move and at-a-distance. IEEE Trans. PAMI 32(8), 1529–1535 (2010)CrossRefGoogle Scholar
  12. 12.
    Proença, H., Alexandre, L.A.: UBIRIS: A noisy iris image database. In: Roli, F., Vitulano, S. (eds.) ICIAP 2005. LNCS, vol. 3617, pp. 970–977. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Schneier, B.: Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd edn. Wiley (1996)Google Scholar
  14. 14.
    Zauner, C.: Implementation and Benchmarking of Perceptual Image Hash Functions. Master’s thesis, Upper Austria University of Applied Sciences, Hagenberg Campus (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Hasini Gunasinghe
    • 1
  • Elisa Bertino
    • 1
  1. 1.Purdue UniversityWest LafayetteUSA

Personalised recommendations