Biometrics-Based Authenticated Key Exchange with Multi-Factor Fuzzy Extractor
- URL: http://arxiv.org/abs/2405.11456v1
- Date: Sun, 19 May 2024 05:50:28 GMT
- Title: Biometrics-Based Authenticated Key Exchange with Multi-Factor Fuzzy Extractor
- Authors: Hong Yen Tran, Jiankun Hu, Wen Hu,
- Abstract summary: We propose a novel multi-factor fuzzy extractor that integrates both a user's secret (e.g., a password) and a user's biometrics.
We then employ this multi-factor fuzzy extractor to construct personal identity credentials which can be used in a new multi-factor authenticated key exchange protocol.
- Score: 19.129363889273904
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Existing fuzzy extractors and similar methods provide an effective way for extracting a secret key from a user's biometric data, but are susceptible to impersonation attack: once a valid biometric sample is captured, the scheme is no longer secure. We propose a novel multi-factor fuzzy extractor that integrates both a user's secret (e.g., a password) and a user's biometrics in the generation and reconstruction process of a cryptographic key. We then employ this multi-factor fuzzy extractor to construct personal identity credentials which can be used in a new multi-factor authenticated key exchange protocol that possesses multiple important features. First, the protocol provides mutual authentication. Second, the user and service provider can authenticate each other without the involvement of the identity authority. Third, the protocol can prevent user impersonation from a compromised identity authority. Finally, even when both a biometric sample and the secret are captured, the user can re-register to create a new credential using a new secret (reusable/reissued identity credentials). Most existing works on multi-factor authenticated key exchange only have a subset of these features. We formally prove that the proposed protocol is semantically secure. Our experiments carried out on the finger vein dataset SDUMLA achieved a low equal error rate (EER) of 0.04%, a reasonable averaged computation time of 0.93 seconds for the user and service provider to authenticate and establish a shared session key, and a small communication overhead of only 448 bytes.
Related papers
- Quantum digital signature based on single-qubit without a trusted third-party [45.41082277680607]
We propose a brand new quantum digital signature protocol without a trusted third party only with qubit technology to further improve the security.
We prove that the protocol has information-theoretical unforgeability. Moreover, it satisfies other important secure properties, including asymmetry, undeniability, and expandability.
arXiv Detail & Related papers (2024-10-17T09:49:29Z) - oBAKE: an Online Biometric-Authenticated Key Exchange Protocol [0.0]
We introduce a novel biometric-authenticated key exchange protocol that allows secure and privacy-preserving key establishment.
The protocol yields a shared secret incorporating random nonce from both parties when they positively authenticate each other.
The protocol is especially suitable for interactive systems while posing a minimal computational burden on the user token.
arXiv Detail & Related papers (2024-04-15T18:02:35Z) - Incorporating Zero-Knowledge Succinct Non-interactive Argument of Knowledge for Blockchain-based Identity Management with off-chain computations [0.8621608193534839]
A novel blockchain-based fingerprint authentication system is proposed that integrates zk-SNARKs.
The proposed method has the potential to provide a secure and efficient solution for blockchain-based identity management.
arXiv Detail & Related papers (2023-10-30T11:24:05Z) - Secure and Privacy Preserving Proxy Biometrics Identities [25.272389610447856]
This work proposes a novel approach for generating new artificial fingerprints also called proxy fingerprints.
These proxy biometrics can be generated from original ones only with the help of a user-specific key.
Using the proposed approach a proxy dataset is generated from samples belonging to Anguli fingerprint database.
Matching experiments were performed on the new set which is 5 times larger than the original, and it was found that their performance is at par with 0 FAR and 0 FRR in the stolen key, safe key scenarios.
arXiv Detail & Related papers (2022-12-21T07:02:11Z) - Locally Authenticated Privacy-preserving Voice Input [10.82818142802482]
Service providers must authenticate their users, although individuals may wish to maintain privacy.
Preserving privacy while performing authentication is challenging, particularly where adversaries can use biometric data to train transformation tools.
We introduce a secure, flexible privacy-preserving system to capture and store an on-device fingerprint of the users' raw signals.
arXiv Detail & Related papers (2022-05-27T14:56:01Z) - Mobile Behavioral Biometrics for Passive Authentication [65.94403066225384]
This work carries out a comparative analysis of unimodal and multimodal behavioral biometric traits.
Experiments are performed over HuMIdb, one of the largest and most comprehensive freely available mobile user interaction databases.
In our experiments, the most discriminative background sensor is the magnetometer, whereas among touch tasks the best results are achieved with keystroke.
arXiv Detail & Related papers (2022-03-14T17:05:59Z) - Benchmarking Quality-Dependent and Cost-Sensitive Score-Level Multimodal
Biometric Fusion Algorithms [58.156733807470395]
This paper reports a benchmarking study carried out within the framework of the BioSecure DS2 (Access Control) evaluation campaign.
The campaign targeted the application of physical access control in a medium-size establishment with some 500 persons.
To the best of our knowledge, this is the first attempt to benchmark quality-based multimodal fusion algorithms.
arXiv Detail & Related papers (2021-11-17T13:39:48Z) - Data-driven behavioural biometrics for continuous and adaptive user
verification using Smartphone and Smartwatch [0.0]
We propose an algorithm to blend behavioural biometrics with multi-factor authentication (MFA)
This work proposes a two-step user verification algorithm that verifies the user's identity using motion-based biometrics.
arXiv Detail & Related papers (2021-10-07T02:46:21Z) - Diverse Part Discovery: Occluded Person Re-identification with
Part-Aware Transformer [95.02123369512384]
Occluded person re-identification (Re-ID) is a challenging task as persons are frequently occluded by various obstacles or other persons.
We propose a novel end-to-end Part-Aware Transformer (PAT) for occluded person Re-ID through diverse part discovery.
arXiv Detail & Related papers (2021-06-08T04:29:07Z) - Decoupled and Memory-Reinforced Networks: Towards Effective Feature
Learning for One-Step Person Search [65.51181219410763]
One-step methods have been developed to handle pedestrian detection and identification sub-tasks using a single network.
There are two major challenges in the current one-step approaches.
We propose a decoupled and memory-reinforced network (DMRNet) to overcome these problems.
arXiv Detail & Related papers (2021-02-22T06:19:45Z) - Keystroke Biometrics in Response to Fake News Propagation in a Global
Pandemic [77.79066811371978]
This work proposes and analyzes the use of keystroke biometrics for content de-anonymization.
Fake news have become a powerful tool to manipulate public opinion, especially during major events.
arXiv Detail & Related papers (2020-05-15T17:56:11Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.