Privacy Preserving Biometrics-Based and User Centric Authentication Protocol
- Cite this paper as:
- Gunasinghe H., Bertino E. (2014) Privacy Preserving Biometrics-Based and User Centric Authentication Protocol. In: Au M.H., Carminati B., Kuo CC.J. (eds) Network and System Security. NSS 2014. Lecture Notes in Computer Science, vol 8792. Springer, Cham
We propose a privacy preserving biometrics-based authentication protocol by which users can authenticate to different service providers from their own devices without involving identity providers in the transactions. Authentication is performed through a zero-knowledge proof of knowledge protocol which is based on a cryptographic identity token created using the unique, repeatable and revocable biometric identifier of the user and a secret provided by the user which enables two-factor authentication as well. Our approach for generating biometric identifiers from the user’s biometric image is based on the support vector machine classification technique in conjunction with a mechanism for feature extraction from the biometric image. The paper includes experimental results on a dataset of iris images and a security and privacy analysis of the protocol.
KeywordsPrivacy Security Biometrics Authentication
Unable to display preview. Download preview PDF.