Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

12-2018

Abstract

Biometric-based remote user authentication (BRUA) is a useful primitive that allows an authorized user to remotely authenticate to a cloud server using biometrics. However, the existing BRUA solutions in the client-server setting lack certain privacy considerations. For example, authorized user's multiple sessions should not be linked while his identity remains anonymous to cloud server. In this work, we introduce an identity-concealed and unlinkable biometric-based remote user authentication framework, such that authorized users authenticate to an honest-but-curious server in an anonymous and unlinkable manner. In particular, we employ two non-colluding cloud servers to perform the complex biometrics matching. We formalize two new security models, including biometrics privacy and user privacy, for our proposed framework, and prove the security of the proposed framework in the standard model.

Keywords

Remote User Authentication, Biometrics Matching, User Privacy, Unlinkability

Discipline

Information Security

Research Areas

Cybersecurity

Publication

2018 IEEE Conference on Dependable and Secure Computing DSC: Kaohsiung, Taiwan, December 10-13: Proceedings

First Page

112

Last Page

132

ISBN

9781538657904

Identifier

10.1109/DESEC.2018.8625169

Publisher

IEEE

City or Country

Piscataway, NJ

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/DESEC.2018.8625169

Share

COinS