A new framework for privacy-preserving biometric-based remote user authentication

Author

Yangguang TIAN, Singapore Management UniversityFollow
Yingjiu LI
Robert H. DENG, Singapore Management UniversityFollow
Nan LI
Pengfei WU
Anyi LIU

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

6-2020

Abstract

In this paper, we introduce the first general framework for strong privacy-preserving biometric-based remote user authentication based on oblivious RAM (ORAM) protocol and computational fuzzy extractors. We define formal security models for the general framework, and we prove that it can achieve user authenticity and strong privacy. In particular, the general framework ensures that: (1) a strong privacy and a log-linear time-complexity are achieved by using a new tree-based ORAM protocol; (2) a constant bandwidth cost is achieved by exploiting computational fuzzy extractors in the challenge-response phase of remote user authentications.

Keywords

Remote user authentication, oblivious RAM, computational fuzzy extractors, strong privacy, constant bandwidth

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Journal of Computer Security

Volume

28

Issue

4

First Page

469

Last Page

498

ISSN

0926-227X

Identifier

10.3233/JCS-191336

Publisher

IOS Press

Citation

1

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.3233/JCS-191336