SlideShare a Scribd company logo

Privacy Preserving Biometrics-Based and User Centric Authentication Protocol

H
HasiniG

This document summarizes a research presentation on privacy-preserving biometrics-based authentication. It outlines the challenges with traditional biometrics schemes, including security and privacy concerns when biometric templates and identifiers are stored. The proposed approach generates unique, repeatable and revocable biometric identifiers (BIDs) using image hashing, classification and error correction. It also describes a user-centric, privacy-preserving authentication protocol using these BIDs and zero-knowledge proofs to authenticate users without revealing sensitive biometric data. Performance analysis shows the approach can generate commitments and run the authentication protocol efficiently. The work aims to address privacy and security issues while enabling convenient biometric authentication.

Science
1 of 26
Department of Computer Science Privacy Preserving Biometrics-Based and User Centric Authentication Protocol Hasini Gunasinghe and Elisa Bertino NSS 2014
Department of Computer Science Agenda  Problem Overview  Challenges in biometrics based authentication schemes  Our approach  Generating unique, repeatable and revocable BID  Securing the BID with cryptographic commitment  Privacy preserving authentication protocol  Security and performance analysis  Future work NSS 2014
Department of Computer Science Problem Overview NSS 2014 What You Know What You Have  Commonly used authentication factors  Stolen passwords/tokens lead to identity theft  Multiple passwords/tokens  Inconvenient to users
Department of Computer Science Problem Overview NSS 2014
Department of Computer Science Problem Overview NSS 2014 Strong Authentication Factor: Biometrics  Represents who you are.  Unique, Universal, Permanent and Collectable.  First known use in criminal division of the police department in Paris – introduced by A. Bertillon.  Since then, many applications in commercial, government and forensic.  Convenient and secure for users. Still, it is not widely adapted in critical applications such as online banking. Why?
Department of Computer Science Challenges in biometrics based authentication:  Inherited characteristics of biometrics  Security concerns  Privacy concerns Problem Overview NSS 2014
Department of Computer Science Inherited Characteristics of Biometrics Desired Characteristics of Biometrics Based Identifier Uniqueness & Unforgeability Uniqueness & Unforgeability Non-Repeatability Repeatability Non-Revocability Revocability Challenges in biometrics based authentication:  Inherited vs desired characteristics: Problem Overview NSS 2014
Department of Computer Science Challenges in biometrics based authentication:  Security Concerns:  Biometric templates are stored at the server during enrollment.  Extracted biometric features are stored in smart cards to be used during authentication. e.g: In the Schiphol Privium scheme at the Amsterdam airport, Iris code stored is in the smart card.  Breach of security of template databases/smart cards/user- devices can cause permanent loss of one’s biometric identity. Problem Overview NSS 2014
Department of Computer Science Challenges in biometrics based authentication:  Privacy Concerns of authentication protocols: Problem Overview NSS 2014  Biometric identity stored at multiple service providers.  Different proprietary protocols. verifies biometric at login SP2 SP3 SPspecificprotocols IDP-centricprotocol 4) verifies biometric 3/5).verification req/resp 1) enrolls biometric SP1 IDP SP2  IDP learns user’s interaction patterns with different SPs.  Revealing BID during authentication. enrolls biometric at signup SP1
Department of Computer Science Addresses each of the above issues and provides better solutions. 1. Generates unique, repeatable and revocable BIDs. 2. Defines privacy preserving identity management protocol:  Involves zero-knowledge-proof-of-knowledge.  User-centric. Our Approach NSS 2014
Department of Computer Science Overview: Our Approach NSS 2014 authenticate using biometric identity token enrolls biometric obtains Identity Token SP1 SP2 SP3 User-centricprotocol  No interaction between IDP and SP(s).  Biometric template is not stored anywhere.
Department of Computer Science 1. Generating BID: Our Approach NSS 2014 Image Hashing Algorithm Trained SVM Classifier Biometric image Hash vector Predicted class label (32 bits) + Password based key generation User-provided password Key 1 (128 bits) BID Key steps: 1. Feature extraction, image hashing mechanism 2. Training SVM classifier 3. Obtaining classification output 4. Password based key generation (160 bits)
Department of Computer Science Our Approach NSS 2014 1. Generating BID: Results  P-Hash – feature extraction mechanism used in our approach.  SVD-Hash – feature extraction mechanism used in previous work [Bhargav-Spantzel et al. ‘2010].
Department of Computer Science Our Approach NSS 2014 1. Generating BID: Extended approach with Error Correction Code  Enrolment phase: Error Correction Encoding:  Authentication phase: Error Correction Decoding: Image Hashing Algorithm Trained SVM Classifier Biometric image Hash vector Predicted class label + Password based key generation User-provided password Key 1 BID Hadamard ECC encoding Key 2 Error Correction Metadata Image Hashing Algorithm Trained SVM Classifier Biometric image Hash vector Predicted class label + Password based key generation User-provided password Key 1 BIDHadamard ECC decoding Key 2 Error corrected Hash vector Error Correction Metadata
Department of Computer Science Our Approach NSS 2014 1. Generating BID: Results with ECC  Both accuracy and overhead increase with the Hadamard Code length used for error correction.  Recommended Hadamard Error Correction Code is 16 bits.  Improves repeatability of the BID.  Secure error correction mechanism introduced by Kande et al. ‘2009.
Department of Computer Science We covered so far – in key aspects of our approach: Our Approach NSS 2014  Generating unique, repeatable and revocable BIDs.  Extended approach with ECC to improve repeatability.  Privacy preserving identity management protocol: 1. Involves zero-knowledge-proof-of-knowledge. 2. User-centric.
Department of Computer Science 3. Privacy preserving identity management protocol: Enrollment Our Approach NSS 2014 Biometric image Hash Vector R= Commitment: C = gxhr Biometric IDT Perceptual Hash Train Support Vector Machine Trained Base SVM P-Hash Customize SVM Single Label Classification Hash Vector Digitally Signed by IDP X = BID
Department of Computer Science Our Approach NSS 2014 3. Privacy preserving identity management protocol: Enrollment  Elements included in the identity token:  Commitment string  Expiration time stamp  From, To fields (to prevent attacks on ZKPK protocol by SP)  Digital signature  Public parameters of the Pedersen commitment scheme
Department of Computer Science Our Approach NSS 2014 3. Privacy preserving identity management protocol: Enrollment  Artifacts provided to the User: (stored in the TEE of user’s device)  Identity Token  Trained and customized SVM classifier.  BID generation software.  Salt value used for PBKDF.  Error correction meta-data.
Department of Computer Science Our Approach NSS 2014 3. Privacy preserving identity management protocol: Authentication Biometric image Hash Vector P-Hash Customized SVM Single Label Classification R’= Commitment: C’ = gx’hr’ X’ = BID Authentication Request Biometric IDT d = gyhs Zero Knowledge Proof of Knowledge Protocol Service Provider User Service Provider challenge: e u=y+ex, v=s+er success if Ced = guhv
Department of Computer Science Summary: Performance Performance measure Value Computing perceptual hash 0.0105 (s) Training Classifier 8 (s) [with 400 training instances] Predicting from trained classifier 0.013 (s) Creating commitment 0.003038 (s) Zero Knowledge Proof (without network delay) 0.00763 (s) Hardware Configurations:  CPU: Intel Core i7-3537U  Memory: 5GB RAM  OS: Ubuntu 13.4 OS Our Approach NSS 2014
Department of Computer Science Security Analysis:  Confidentiality of sensitive data is preserved:  Biometric image, P-Hash vector, BID are not stored anywhere.  Secrets are derived from the user’s password.  Zero Knowledge Proof of Knowledge protocol:  Biometric information not revealed at any point.  MITM attacks carried out by SP are prevented.  Identity token provides ownership assurance and avoids impersonation.  Enables revocation of the biometric based identity tokens. Our Approach NSS 2014
Department of Computer Science We covered so far: Our Approach NSS 2014  Generating unique, repeatable and revocable BIDs.  Extended approach with ECC to improve repeatability.  Privacy preserving identity management protocol:  with zero-knowledge-proofs.  User-centric identity management  Performance and Security Analysis
Department of Computer Science Future Work  Experimenting on other biometric traits.  Privacy preserving biometrics based authentication based on distance matching: • Homomorphic Encryption • Garbled circuits  Multi-modal biometrics for authentication.
Department of Computer Science Q & A
Department of Computer Science Thank You…

Recommended

RahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco SystemRahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco System
HasiniG
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Blind authentication
Blind authenticationBlind authentication
Blind authentication
Pranjul Mishra
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET Journal
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
 

Recommended

RahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco SystemRahasNym: Preventing Linkability in the Digital Identity Eco System
RahasNym: Preventing Linkability in the Digital Identity Eco System
HasiniG
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Blind authentication
Blind authenticationBlind authentication
Blind authentication
Pranjul Mishra
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET - Secure Electronic Transaction using Strengthened Graphical OTP Authen...
IRJET Journal
 
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...
IJERD (www.ijerd.com) International Journal of Engineering Research and Devel...IJERD Editor
 
A Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemA Review Study on Secure Authentication in Mobile System
A Review Study on Secure Authentication in Mobile SystemEditor IJCATR
 
Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIs
idescitation
 
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authenticationIaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd Iaetsd
 
Online applications using strong authentication with OTP grid cards
Online applications using strong authentication with OTP grid cardsOnline applications using strong authentication with OTP grid cards
Online applications using strong authentication with OTP grid cards
Bayalagmaa Davaanyam
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificateAshvini Soni
 
120 i143
120 i143120 i143
120 i143Hai Nguyen
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
IJCSIS Research Publications
 
Two aspect authentication system using secure
Two aspect authentication system using secureTwo aspect authentication system using secure
Two aspect authentication system using secureUvaraj Shan
 
App Authentication
App AuthenticationApp Authentication
App Authentication
Trevayne Van Niekerk
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET Journal
 
Database Security Two Way Authentication Using Graphical Password
Database Security Two Way Authentication Using Graphical PasswordDatabase Security Two Way Authentication Using Graphical Password
Database Security Two Way Authentication Using Graphical Password
IJERA Editor
 
Security consideration with e commerce
Security consideration with e commerceSecurity consideration with e commerce
Security consideration with e commerceStudsPlanet.com
 
Internet of things .pptx [repaired]
Internet of things .pptx [repaired]Internet of things .pptx [repaired]
Internet of things .pptx [repaired]
Self-employed
 
An Overview on Authentication Approaches and Their Usability in Conjunction w...
An Overview on Authentication Approaches and Their Usability in Conjunction w...An Overview on Authentication Approaches and Their Usability in Conjunction w...
An Overview on Authentication Approaches and Their Usability in Conjunction w...
IJERA Editor
 
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET Journal
 
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
IJNSA Journal
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
Iaetsd Iaetsd
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
KrutiShah114
 
ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011prasanna9
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
inventionjournals
 
Fingerprint Based Voting
Fingerprint Based VotingFingerprint Based Voting
Fingerprint Based Voting
IRJET Journal
 
IRJET- End to End Message Encryption using Biometrics
IRJET- End to End Message Encryption using BiometricsIRJET- End to End Message Encryption using Biometrics
IRJET- End to End Message Encryption using Biometrics
IRJET Journal
 

More Related Content

What's hot

Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIs
idescitation
 
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authenticationIaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd Iaetsd
 
Online applications using strong authentication with OTP grid cards
Online applications using strong authentication with OTP grid cardsOnline applications using strong authentication with OTP grid cards
Online applications using strong authentication with OTP grid cards
Bayalagmaa Davaanyam
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificateAshvini Soni
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
IJCSIS Research Publications
 
Two aspect authentication system using secure
Two aspect authentication system using secureTwo aspect authentication system using secure
Two aspect authentication system using secureUvaraj Shan
 
App Authentication
App AuthenticationApp Authentication
App Authentication
Trevayne Van Niekerk
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET Journal
 
Database Security Two Way Authentication Using Graphical Password
Database Security Two Way Authentication Using Graphical PasswordDatabase Security Two Way Authentication Using Graphical Password
Database Security Two Way Authentication Using Graphical Password
IJERA Editor
 
Security consideration with e commerce
Security consideration with e commerceSecurity consideration with e commerce
Security consideration with e commerceStudsPlanet.com
 
Internet of things .pptx [repaired]
Internet of things .pptx [repaired]Internet of things .pptx [repaired]
Internet of things .pptx [repaired]
Self-employed
 
An Overview on Authentication Approaches and Their Usability in Conjunction w...
An Overview on Authentication Approaches and Their Usability in Conjunction w...An Overview on Authentication Approaches and Their Usability in Conjunction w...
An Overview on Authentication Approaches and Their Usability in Conjunction w...
IJERA Editor
 
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET Journal
 
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
IJNSA Journal
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
Iaetsd Iaetsd
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
KrutiShah114
 
ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011prasanna9
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
Melwin Mathew
 

What's hot (19)

Security for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIsSecurity for Future Networks: A Prospective Study of AAIs
Security for Future Networks: A Prospective Study of AAIs
 
Iaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authenticationIaetsd fpga implementation of rf technology and biometric authentication
Iaetsd fpga implementation of rf technology and biometric authentication
 
Online applications using strong authentication with OTP grid cards
Online applications using strong authentication with OTP grid cardsOnline applications using strong authentication with OTP grid cards
Online applications using strong authentication with OTP grid cards
 
Digital signature certificate
Digital signature certificateDigital signature certificate
Digital signature certificate
 
120 i143
120 i143120 i143
120 i143
 
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
DS-NIZKP: A ZKP-based Strong Authentication using Digital Signature for Distr...
 
Two aspect authentication system using secure
Two aspect authentication system using secureTwo aspect authentication system using secure
Two aspect authentication system using secure
 
App Authentication
App AuthenticationApp Authentication
App Authentication
 
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
IRJET-An Economical and Secured Approach for Continuous and Transparent User ...
 
Database Security Two Way Authentication Using Graphical Password
Database Security Two Way Authentication Using Graphical PasswordDatabase Security Two Way Authentication Using Graphical Password
Database Security Two Way Authentication Using Graphical Password
 
Security consideration with e commerce
Security consideration with e commerceSecurity consideration with e commerce
Security consideration with e commerce
 
Internet of things .pptx [repaired]
Internet of things .pptx [repaired]Internet of things .pptx [repaired]
Internet of things .pptx [repaired]
 
An Overview on Authentication Approaches and Their Usability in Conjunction w...
An Overview on Authentication Approaches and Their Usability in Conjunction w...An Overview on Authentication Approaches and Their Usability in Conjunction w...
An Overview on Authentication Approaches and Their Usability in Conjunction w...
 
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
IRJET- E-Grievance: Centralized System for Municipal Corporation to Citizens ...
 
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
CRYPTANALYSIS AND FURTHER IMPROVEMENT OF A BIOMETRIC-BASED REMOTE USER AUTHEN...
 
Iaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured emailIaetsd secure emails an integrity assured email
Iaetsd secure emails an integrity assured email
 
Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authority
 
ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011ipas implicit password authentication system ieee 2011
ipas implicit password authentication system ieee 2011
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 

Similar to Privacy Preserving Biometrics-Based and User Centric Authentication Protocol

Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
inventionjournals
 
Fingerprint Based Voting
Fingerprint Based VotingFingerprint Based Voting
Fingerprint Based Voting
IRJET Journal
 
IRJET- End to End Message Encryption using Biometrics
IRJET- End to End Message Encryption using BiometricsIRJET- End to End Message Encryption using Biometrics
IRJET- End to End Message Encryption using Biometrics
IRJET Journal
 
The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...
The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...
The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...
IJERA Editor
 
Securing Access Control with Biometric Identity Verification Software.pptx
Securing Access Control with Biometric Identity Verification Software.pptxSecuring Access Control with Biometric Identity Verification Software.pptx
Securing Access Control with Biometric Identity Verification Software.pptx
IDefy
 
Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...
Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...
Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...
Harikrishna Patel
 
Biometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security IssuesBiometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security Issues
ijtsrd
 
A secure Crypto-biometric verification protocol
A secure Crypto-biometric verification protocol A secure Crypto-biometric verification protocol
A secure Crypto-biometric verification protocol
Nishmitha B
 
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET Journal
 
Embedded system
Embedded systemEmbedded system
Embedded system
amitkumarjoshi11
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lecture
ynamoto
 
IRJET- Secure Online Payment with Facial Recognition using CNN
IRJET- Secure Online Payment with Facial Recognition using CNNIRJET- Secure Online Payment with Facial Recognition using CNN
IRJET- Secure Online Payment with Facial Recognition using CNN
IRJET Journal
 
Tech4biz Solutions Defending Against Cyber Threats
Tech4biz Solutions Defending Against Cyber ThreatsTech4biz Solutions Defending Against Cyber Threats
Tech4biz Solutions Defending Against Cyber Threats
yashakhandelwal2
 
Advanced Security System for Bank Lockers using Biometric and GSM
Advanced Security System for Bank Lockers using Biometric and GSMAdvanced Security System for Bank Lockers using Biometric and GSM
Advanced Security System for Bank Lockers using Biometric and GSM
IRJET Journal
 
Feature Level Fusion of Multibiometric Cryptosystem in Distributed System
Feature Level Fusion of Multibiometric Cryptosystem in Distributed SystemFeature Level Fusion of Multibiometric Cryptosystem in Distributed System
Feature Level Fusion of Multibiometric Cryptosystem in Distributed System
IJMER
 
Multi-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic SystemMulti-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic System
MangaiK4
 
Bio atm with-microsoft_finger_print_sdk
Bio atm with-microsoft_finger_print_sdkBio atm with-microsoft_finger_print_sdk
Bio atm with-microsoft_finger_print_sdk
Mahesh Shitole
 
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTPIRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET Journal
 
Role Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptx
Role Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptxRole Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptx
Role Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptx
Amrit Chhetri
 
IRJET- Secure Automated Teller Machine (ATM) by Image Processing
IRJET- Secure Automated Teller Machine (ATM) by Image ProcessingIRJET- Secure Automated Teller Machine (ATM) by Image Processing
IRJET- Secure Automated Teller Machine (ATM) by Image Processing
IRJET Journal
 

Similar to Privacy Preserving Biometrics-Based and User Centric Authentication Protocol (20)

Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
Augment the Safety in the ATM System with Multimodal Biometrics Linked with U...
 
Fingerprint Based Voting
Fingerprint Based VotingFingerprint Based Voting
Fingerprint Based Voting
 
IRJET- End to End Message Encryption using Biometrics
IRJET- End to End Message Encryption using BiometricsIRJET- End to End Message Encryption using Biometrics
IRJET- End to End Message Encryption using Biometrics
 
The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...
The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...
The Survey of Architecture of Multi-Modal (Fingerprint and Iris Recognition) ...
 
Securing Access Control with Biometric Identity Verification Software.pptx
Securing Access Control with Biometric Identity Verification Software.pptxSecuring Access Control with Biometric Identity Verification Software.pptx
Securing Access Control with Biometric Identity Verification Software.pptx
 
Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...
Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...
Mobile Authentication with biometric (fingerprint or face) in #AndroidAppDeve...
 
Biometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security IssuesBiometric System and Recognition Authentication and Security Issues
Biometric System and Recognition Authentication and Security Issues
 
A secure Crypto-biometric verification protocol
A secure Crypto-biometric verification protocol A secure Crypto-biometric verification protocol
A secure Crypto-biometric verification protocol
 
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
IRJET- A Noval and Efficient Revolving Flywheel Pin Entry Method Resilient to...
 
Embedded system
Embedded systemEmbedded system
Embedded system
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lecture
 
IRJET- Secure Online Payment with Facial Recognition using CNN
IRJET- Secure Online Payment with Facial Recognition using CNNIRJET- Secure Online Payment with Facial Recognition using CNN
IRJET- Secure Online Payment with Facial Recognition using CNN
 
Tech4biz Solutions Defending Against Cyber Threats
Tech4biz Solutions Defending Against Cyber ThreatsTech4biz Solutions Defending Against Cyber Threats
Tech4biz Solutions Defending Against Cyber Threats
 
Advanced Security System for Bank Lockers using Biometric and GSM
Advanced Security System for Bank Lockers using Biometric and GSMAdvanced Security System for Bank Lockers using Biometric and GSM
Advanced Security System for Bank Lockers using Biometric and GSM
 
Feature Level Fusion of Multibiometric Cryptosystem in Distributed System
Feature Level Fusion of Multibiometric Cryptosystem in Distributed SystemFeature Level Fusion of Multibiometric Cryptosystem in Distributed System
Feature Level Fusion of Multibiometric Cryptosystem in Distributed System
 
Multi-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic SystemMulti-Biometric Authentication through Hybrid Cryptographic System
Multi-Biometric Authentication through Hybrid Cryptographic System
 
Bio atm with-microsoft_finger_print_sdk
Bio atm with-microsoft_finger_print_sdkBio atm with-microsoft_finger_print_sdk
Bio atm with-microsoft_finger_print_sdk
 
IRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTPIRJET- Graphical user Authentication for an Alphanumeric OTP
IRJET- Graphical user Authentication for an Alphanumeric OTP
 
Role Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptx
Role Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptxRole Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptx
Role Of Forensic Triage In Cyber Security Trends 2022-UPDATED.pptx
 
IRJET- Secure Automated Teller Machine (ATM) by Image Processing
IRJET- Secure Automated Teller Machine (ATM) by Image ProcessingIRJET- Secure Automated Teller Machine (ATM) by Image Processing
IRJET- Secure Automated Teller Machine (ATM) by Image Processing
 

Recently uploaded

20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx
Sharon Liu
 
Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...
Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...
Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...
Sérgio Sacani
 
In silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptxIn silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptx
AlaminAfendy1
 
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
University of Maribor
 
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
David Osipyan
 
Unveiling the Energy Potential of Marshmallow Deposits.pdf
Unveiling the Energy Potential of Marshmallow Deposits.pdfUnveiling the Energy Potential of Marshmallow Deposits.pdf
Unveiling the Energy Potential of Marshmallow Deposits.pdf
Erdal Coalmaker
 
Introduction to Mean Field Theory(MFT).pptx
Introduction to Mean Field Theory(MFT).pptxIntroduction to Mean Field Theory(MFT).pptx
Introduction to Mean Field Theory(MFT).pptx
zeex60
 
原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样
原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样
原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样
yqqaatn0
 
Nutraceutical market, scope and growth: Herbal drug technology
Nutraceutical market, scope and growth: Herbal drug technologyNutraceutical market, scope and growth: Herbal drug technology
Nutraceutical market, scope and growth: Herbal drug technology
Lokesh Patil
 
Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...
Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...
Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...
Ana Luísa Pinho
 
ISI 2024: Application Form (Extended), Exam Date (Out), Eligibility
ISI 2024: Application Form (Extended), Exam Date (Out), EligibilityISI 2024: Application Form (Extended), Exam Date (Out), Eligibility
ISI 2024: Application Form (Extended), Exam Date (Out), Eligibility
SciAstra
 
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...
University of Maribor
 
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
Abdul Wali Khan University Mardan,kP,Pakistan
 
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdfDMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
fafyfskhan251kmf
 
nodule formation by alisha dewangan.pptx
nodule formation by alisha dewangan.pptxnodule formation by alisha dewangan.pptx
nodule formation by alisha dewangan.pptx
alishadewangan1
 
Toxic effects of heavy metals : Lead and Arsenic
Toxic effects of heavy metals : Lead and ArsenicToxic effects of heavy metals : Lead and Arsenic
Toxic effects of heavy metals : Lead and Arsenic
sanjana502982
 
platelets_clotting_biogenesis.clot retractionpptx
platelets_clotting_biogenesis.clot retractionpptxplatelets_clotting_biogenesis.clot retractionpptx
platelets_clotting_biogenesis.clot retractionpptx
muralinath2
 
Shallowest Oil Discovery of Turkiye.pptx
Shallowest Oil Discovery of Turkiye.pptxShallowest Oil Discovery of Turkiye.pptx
Shallowest Oil Discovery of Turkiye.pptx
Gokturk Mehmet Dilci
 
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Sérgio Sacani
 
Phenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvementPhenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvement
IshaGoswami9
 

Recently uploaded (20)

20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx20240520 Planning a Circuit Simulator in JavaScript.pptx
20240520 Planning a Circuit Simulator in JavaScript.pptx
 
Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...
Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...
Observation of Io’s Resurfacing via Plume Deposition Using Ground-based Adapt...
 
In silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptxIn silico drugs analogue design: novobiocin analogues.pptx
In silico drugs analogue design: novobiocin analogues.pptx
 
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
Comparing Evolved Extractive Text Summary Scores of Bidirectional Encoder Rep...
 
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
3D Hybrid PIC simulation of the plasma expansion (ISSS-14)
 
Unveiling the Energy Potential of Marshmallow Deposits.pdf
Unveiling the Energy Potential of Marshmallow Deposits.pdfUnveiling the Energy Potential of Marshmallow Deposits.pdf
Unveiling the Energy Potential of Marshmallow Deposits.pdf
 
Introduction to Mean Field Theory(MFT).pptx
Introduction to Mean Field Theory(MFT).pptxIntroduction to Mean Field Theory(MFT).pptx
Introduction to Mean Field Theory(MFT).pptx
 
原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样
原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样
原版制作(carleton毕业证书)卡尔顿大学毕业证硕士文凭原版一模一样
 
Nutraceutical market, scope and growth: Herbal drug technology
Nutraceutical market, scope and growth: Herbal drug technologyNutraceutical market, scope and growth: Herbal drug technology
Nutraceutical market, scope and growth: Herbal drug technology
 
Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...
Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...
Deep Behavioral Phenotyping in Systems Neuroscience for Functional Atlasing a...
 
ISI 2024: Application Form (Extended), Exam Date (Out), Eligibility
ISI 2024: Application Form (Extended), Exam Date (Out), EligibilityISI 2024: Application Form (Extended), Exam Date (Out), Eligibility
ISI 2024: Application Form (Extended), Exam Date (Out), Eligibility
 
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...
Remote Sensing and Computational, Evolutionary, Supercomputing, and Intellige...
 
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
THEMATIC APPERCEPTION TEST(TAT) cognitive abilities, creativity, and critic...
 
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdfDMARDs Pharmacolgy Pharm D 5th Semester.pdf
DMARDs Pharmacolgy Pharm D 5th Semester.pdf
 
nodule formation by alisha dewangan.pptx
nodule formation by alisha dewangan.pptxnodule formation by alisha dewangan.pptx
nodule formation by alisha dewangan.pptx
 
Toxic effects of heavy metals : Lead and Arsenic
Toxic effects of heavy metals : Lead and ArsenicToxic effects of heavy metals : Lead and Arsenic
Toxic effects of heavy metals : Lead and Arsenic
 
platelets_clotting_biogenesis.clot retractionpptx
platelets_clotting_biogenesis.clot retractionpptxplatelets_clotting_biogenesis.clot retractionpptx
platelets_clotting_biogenesis.clot retractionpptx
 
Shallowest Oil Discovery of Turkiye.pptx
Shallowest Oil Discovery of Turkiye.pptxShallowest Oil Discovery of Turkiye.pptx
Shallowest Oil Discovery of Turkiye.pptx
 
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...
 
Phenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvementPhenomics assisted breeding in crop improvement
Phenomics assisted breeding in crop improvement
 

Privacy Preserving Biometrics-Based and User Centric Authentication Protocol

  • 1. Department of Computer Science Privacy Preserving Biometrics-Based and User Centric Authentication Protocol Hasini Gunasinghe and Elisa Bertino NSS 2014
  • 2. Department of Computer Science Agenda  Problem Overview  Challenges in biometrics based authentication schemes  Our approach  Generating unique, repeatable and revocable BID  Securing the BID with cryptographic commitment  Privacy preserving authentication protocol  Security and performance analysis  Future work NSS 2014
  • 3. Department of Computer Science Problem Overview NSS 2014 What You Know What You Have  Commonly used authentication factors  Stolen passwords/tokens lead to identity theft  Multiple passwords/tokens  Inconvenient to users
  • 4. Department of Computer Science Problem Overview NSS 2014
  • 5. Department of Computer Science Problem Overview NSS 2014 Strong Authentication Factor: Biometrics  Represents who you are.  Unique, Universal, Permanent and Collectable.  First known use in criminal division of the police department in Paris – introduced by A. Bertillon.  Since then, many applications in commercial, government and forensic.  Convenient and secure for users. Still, it is not widely adapted in critical applications such as online banking. Why?
  • 6. Department of Computer Science Challenges in biometrics based authentication:  Inherited characteristics of biometrics  Security concerns  Privacy concerns Problem Overview NSS 2014
  • 7. Department of Computer Science Inherited Characteristics of Biometrics Desired Characteristics of Biometrics Based Identifier Uniqueness & Unforgeability Uniqueness & Unforgeability Non-Repeatability Repeatability Non-Revocability Revocability Challenges in biometrics based authentication:  Inherited vs desired characteristics: Problem Overview NSS 2014
  • 8. Department of Computer Science Challenges in biometrics based authentication:  Security Concerns:  Biometric templates are stored at the server during enrollment.  Extracted biometric features are stored in smart cards to be used during authentication. e.g: In the Schiphol Privium scheme at the Amsterdam airport, Iris code stored is in the smart card.  Breach of security of template databases/smart cards/user- devices can cause permanent loss of one’s biometric identity. Problem Overview NSS 2014
  • 9. Department of Computer Science Challenges in biometrics based authentication:  Privacy Concerns of authentication protocols: Problem Overview NSS 2014  Biometric identity stored at multiple service providers.  Different proprietary protocols. verifies biometric at login SP2 SP3 SPspecificprotocols IDP-centricprotocol 4) verifies biometric 3/5).verification req/resp 1) enrolls biometric SP1 IDP SP2  IDP learns user’s interaction patterns with different SPs.  Revealing BID during authentication. enrolls biometric at signup SP1
  • 10. Department of Computer Science Addresses each of the above issues and provides better solutions. 1. Generates unique, repeatable and revocable BIDs. 2. Defines privacy preserving identity management protocol:  Involves zero-knowledge-proof-of-knowledge.  User-centric. Our Approach NSS 2014
  • 11. Department of Computer Science Overview: Our Approach NSS 2014 authenticate using biometric identity token enrolls biometric obtains Identity Token SP1 SP2 SP3 User-centricprotocol  No interaction between IDP and SP(s).  Biometric template is not stored anywhere.
  • 12. Department of Computer Science 1. Generating BID: Our Approach NSS 2014 Image Hashing Algorithm Trained SVM Classifier Biometric image Hash vector Predicted class label (32 bits) + Password based key generation User-provided password Key 1 (128 bits) BID Key steps: 1. Feature extraction, image hashing mechanism 2. Training SVM classifier 3. Obtaining classification output 4. Password based key generation (160 bits)
  • 13. Department of Computer Science Our Approach NSS 2014 1. Generating BID: Results  P-Hash – feature extraction mechanism used in our approach.  SVD-Hash – feature extraction mechanism used in previous work [Bhargav-Spantzel et al. ‘2010].
  • 14. Department of Computer Science Our Approach NSS 2014 1. Generating BID: Extended approach with Error Correction Code  Enrolment phase: Error Correction Encoding:  Authentication phase: Error Correction Decoding: Image Hashing Algorithm Trained SVM Classifier Biometric image Hash vector Predicted class label + Password based key generation User-provided password Key 1 BID Hadamard ECC encoding Key 2 Error Correction Metadata Image Hashing Algorithm Trained SVM Classifier Biometric image Hash vector Predicted class label + Password based key generation User-provided password Key 1 BIDHadamard ECC decoding Key 2 Error corrected Hash vector Error Correction Metadata
  • 15. Department of Computer Science Our Approach NSS 2014 1. Generating BID: Results with ECC  Both accuracy and overhead increase with the Hadamard Code length used for error correction.  Recommended Hadamard Error Correction Code is 16 bits.  Improves repeatability of the BID.  Secure error correction mechanism introduced by Kande et al. ‘2009.
  • 16. Department of Computer Science We covered so far – in key aspects of our approach: Our Approach NSS 2014  Generating unique, repeatable and revocable BIDs.  Extended approach with ECC to improve repeatability.  Privacy preserving identity management protocol: 1. Involves zero-knowledge-proof-of-knowledge. 2. User-centric.
  • 17. Department of Computer Science 3. Privacy preserving identity management protocol: Enrollment Our Approach NSS 2014 Biometric image Hash Vector R= Commitment: C = gxhr Biometric IDT Perceptual Hash Train Support Vector Machine Trained Base SVM P-Hash Customize SVM Single Label Classification Hash Vector Digitally Signed by IDP X = BID
  • 18. Department of Computer Science Our Approach NSS 2014 3. Privacy preserving identity management protocol: Enrollment  Elements included in the identity token:  Commitment string  Expiration time stamp  From, To fields (to prevent attacks on ZKPK protocol by SP)  Digital signature  Public parameters of the Pedersen commitment scheme
  • 19. Department of Computer Science Our Approach NSS 2014 3. Privacy preserving identity management protocol: Enrollment  Artifacts provided to the User: (stored in the TEE of user’s device)  Identity Token  Trained and customized SVM classifier.  BID generation software.  Salt value used for PBKDF.  Error correction meta-data.
  • 20. Department of Computer Science Our Approach NSS 2014 3. Privacy preserving identity management protocol: Authentication Biometric image Hash Vector P-Hash Customized SVM Single Label Classification R’= Commitment: C’ = gx’hr’ X’ = BID Authentication Request Biometric IDT d = gyhs Zero Knowledge Proof of Knowledge Protocol Service Provider User Service Provider challenge: e u=y+ex, v=s+er success if Ced = guhv
  • 21. Department of Computer Science Summary: Performance Performance measure Value Computing perceptual hash 0.0105 (s) Training Classifier 8 (s) [with 400 training instances] Predicting from trained classifier 0.013 (s) Creating commitment 0.003038 (s) Zero Knowledge Proof (without network delay) 0.00763 (s) Hardware Configurations:  CPU: Intel Core i7-3537U  Memory: 5GB RAM  OS: Ubuntu 13.4 OS Our Approach NSS 2014
  • 22. Department of Computer Science Security Analysis:  Confidentiality of sensitive data is preserved:  Biometric image, P-Hash vector, BID are not stored anywhere.  Secrets are derived from the user’s password.  Zero Knowledge Proof of Knowledge protocol:  Biometric information not revealed at any point.  MITM attacks carried out by SP are prevented.  Identity token provides ownership assurance and avoids impersonation.  Enables revocation of the biometric based identity tokens. Our Approach NSS 2014
  • 23. Department of Computer Science We covered so far: Our Approach NSS 2014  Generating unique, repeatable and revocable BIDs.  Extended approach with ECC to improve repeatability.  Privacy preserving identity management protocol:  with zero-knowledge-proofs.  User-centric identity management  Performance and Security Analysis
  • 24. Department of Computer Science Future Work  Experimenting on other biometric traits.  Privacy preserving biometrics based authentication based on distance matching: • Homomorphic Encryption • Garbled circuits  Multi-modal biometrics for authentication.
  • 25. Department of Computer Science Q & A
  • 26. Department of Computer Science Thank You…