• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Information Forensics and Security, IEEE Transactions on >Blind Authentication: A Secure Crypto-Biometric Verification Protocol
【24h】

Blind Authentication: A Secure Crypto-Biometric Verification Protocol

机译:盲认证:一种安全的加密生物特征验证协议

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Concerns on widespread use of biometric authentication systems are primarily centered around template security, revocability, and privacy. The use of cryptographic primitives to bolster the authentication process can alleviate some of these concerns as shown by biometric cryptosystems. In this paper, we propose a provably secure and blind biometric authentication protocol, which addresses the concerns of user's privacy, template protection, and trust issues. The protocol is blind in the sense that it reveals only the identity, and no additional information about the user or the biometric to the authenticating server or vice-versa. As the protocol is based on asymmetric encryption of the biometric data, it captures the advantages of biometric authentication as well as the security of public key cryptography. The authentication protocol can run over public networks and provide nonrepudiable identity verification. The encryption also provides template protection, the ability to revoke enrolled templates, and alleviates the concerns on privacy in widespread use of biometrics. The proposed approach makes no restrictive assumptions on the biometric data and is hence applicable to multiple biometrics. Such a protocol has significant advantages over existing biometric cryptosystems, which use a biometric to secure a secret key, which in turn is used for authentication. We analyze the security of the protocol under various attack scenarios. Experimental results on four biometric datasets (face, iris, hand geometry, and fingerprint) show that carrying out the authentication in the encrypted domain does not affect the accuracy, while the encryption key acts as an additional layer of security.
机译:对生物识别系统广泛使用的关注主要集中在模板安全性,可撤销性和隐私性上。如生物特征密码系统所示,使用密码原语来支持身份验证过程可以减轻其中的一些担忧。在本文中,我们提出了一种可证明是安全的,盲目的生物特征认证协议,该协议解决了用户隐私,模板保护和信任问题。该协议是盲目的,因为它仅向身份服务器公开身份,而没有向身份验证服务器显示有关用户或生物特征的其他信息,反之亦然。由于该协议基于生物特征数据的非对称加密,因此它捕获了生物特征认证的优势以及公钥加密的安全性。身份验证协议可以在公共网络上运行,并提供不可否认的身份验证。加密还提供了模板保护,撤销已注册模板的能力,并减轻了生物识别技术广泛使用中对隐私的担忧。所提出的方法对生物特征数据没有限制性假设,因此适用于多种生物特征。这样的协议相对于现有的生物特征密码系统具有显着的优势,现有的生物特征密码系统使用生物特征来保护秘密密钥,该秘密密钥又用于认证。我们分析了各种攻击情形下协议的安全性。在四个生物统计数据集(面部,虹膜,手部几何形状和指纹)上的实验结果表明,在加密域中执行身份验证不会影响准确性,而加密密钥则充当了额外的安全保护层。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号