Publication Type
Conference Proceeding Article
Version
acceptedVersion
Publication Date
12-2018
Abstract
Biometric-based remote user authentication (BRUA) is a useful primitive that allows an authorized user to remotely authenticate to a cloud server using biometrics. However, the existing BRUA solutions in the client-server setting lack certain privacy considerations. For example, authorized user's multiple sessions should not be linked while his identity remains anonymous to cloud server. In this work, we introduce an identity-concealed and unlinkable biometric-based remote user authentication framework, such that authorized users authenticate to an honest-but-curious server in an anonymous and unlinkable manner. In particular, we employ two non-colluding cloud servers to perform the complex biometrics matching. We formalize two new security models, including biometrics privacy and user privacy, for our proposed framework, and prove the security of the proposed framework in the standard model.
Keywords
Remote User Authentication, Biometrics Matching, User Privacy, Unlinkability
Discipline
Information Security
Research Areas
Cybersecurity
Publication
2018 IEEE Conference on Dependable and Secure Computing DSC: Kaohsiung, Taiwan, December 10-13: Proceedings
First Page
112
Last Page
132
ISBN
9781538657904
Identifier
10.1109/DESEC.2018.8625169
Publisher
IEEE
City or Country
Piscataway, NJ
Citation
TIAN, Yangguang; LI, Yingjiu; LIU, Ximeng; DENG, Robert H.; and SENGUPTA, Binanda.
PriBioAuth: Privacy-preserving biometric-based remote user authentication. (2018). 2018 IEEE Conference on Dependable and Secure Computing DSC: Kaohsiung, Taiwan, December 10-13: Proceedings. 112-132.
Available at: https://ink.library.smu.edu.sg/sis_research/4400
Copyright Owner and License
Authors
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
https://doi.org/10.1109/DESEC.2018.8625169