Skip to main content
SpringerLink
Log in
Book cover

International Conference on Cryptology and Network Security

CANS 2014: Cryptology and Network Security pp 290–304Cite as

Security of a Privacy-Preserving Biometric Authentication Protocol Revisited

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8813))

Abstract

Biometric authentication establishes the identity of an individual based on biometric templates (e.g. fingerprints, retina scans etc.). Although biometric authentication has important advantages and many applications, it also raises serious security and privacy concerns. Here, we investigate a biometric authentication protocol that has been proposed by Bringer et al. and adopts a distributed architecture (i.e. multiple entities are involved in the authentication process). This protocol was proven to be secure and privacy-preserving in the honest-but-curious (or passive) attack model. We present an attack algorithm that can be employed to mount a number of attacks on the protocol under investigation. We then propose an improved version of the Bringer et al. protocol that is secure in the malicious (or active) insider attack model and has forward security.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bringer, J., Chabanne, H., Izabachène, M., Pointcheval, D., Tang, Q., Zimmer, S.: An application of the Goldwasser-Micali cryptosystem to biometric authentication. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 96–106. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  2. Ouafi, K., Vaudenay, S.: Strong Privacy for RFID Systems from Plaintext-Aware Encryption. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 247–262. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  3. Vaudenay, S.: On Privacy Models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  4. Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  5. Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  6. Gilbert, H., Robshaw, M.J.B., Sibert, H.: Active attack against HB+: a provably secure lightweight authentication protocol. Electronic Letters 41, 1169–1170 (2005)

    Article  Google Scholar 

  7. Penrose, L.: Dermatoglyphic topology. Nature 205, 544–546 (1965)

    Article  Google Scholar 

  8. Bolling, J.: A window to your health. Jacksonville Medicine, Special Issue: Retinal Diseases 51 (2000)

    Google Scholar 

  9. Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. In: Foundations of Secure Computation, pp. 165–179. Academic Press (1978)

    Google Scholar 

  10. Rabin, M.O.: How to exchange secrets with oblivious transfer. Technical Report TR-81, Aiken Computation Lab, Harvard University (1981)

    Google Scholar 

  11. Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. Commun. ACM 28(6), 637–647 (1985)

    Article  MathSciNet  Google Scholar 

  12. Goldwasser, S., Micali, S.: Probabilistic encryption & how to play mental poker keeping secret all partial information. In: Proceedings of ACM Symposium on Theory of Computing, STOC 1982, pp. 365–377 (1982)

    Google Scholar 

  13. Barbosa, M., Brouard, T., Cauchie, S., de Sousa, S.M.: Secure Biometric Authentication with Improved Accuracy. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 21–36. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  14. Simoens, K., Bringer, J., Chabanne, H., Seys, S.: A framework for analyzing template security and privacy in biometric authentication systems. IEEE Transactions on Information Forensics and Security 7(2), 833–841 (2012)

    Article  Google Scholar 

  15. Bringer, J., Chabanne, H.: An authentication protocol with encrypted biometric data. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 109–124. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Lipmaa, H.: An oblivious transfer protocol with log-squared communication. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 314–328. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  17. Stoianov, A.: Cryptographically secure biometrics. In: SPIE 7667, Biometric Technology for Human Identification VII 76670C, pp. 76670C–76670C–12 (2010)

    Google Scholar 

  18. Blum, M., Goldwasser, S.: An probabilistic public key encryption scheme which hides all partial information. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 289–299. Springer, Heidelberg (1985)

    Chapter  Google Scholar 

  19. Menezes, A., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press (1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Chalmers University of Technology, Gothenburg, Sweden

    Aysajan Abidin & Aikaterini Mitrokotsa

  2. University of Tokyo, Japan

    Kanta Matsuura

Authors
  1. Aysajan Abidin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kanta Matsuura
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aikaterini Mitrokotsa
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, Athens University of Economics & Business, 76, Patission Str., 10434, Athens, Greece

    Dimitris Gritzalis

  2. Department of Informatics and Telecommunications, Panepistimiopolis, National and Kapodistrian University of Athens, 15784, Athens, Greece

    Aggelos Kiayias

  3. FORTH-ICS, Vassilika Vouton, P.O. Box 1385, 711 10, Heraklion, Crete, Greece

    Ioannis Askoxylakis

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Abidin, A., Matsuura, K., Mitrokotsa, A. (2014). Security of a Privacy-Preserving Biometric Authentication Protocol Revisited. In: Gritzalis, D., Kiayias, A., Askoxylakis, I. (eds) Cryptology and Network Security. CANS 2014. Lecture Notes in Computer Science, vol 8813. Springer, Cham. https://doi.org/10.1007/978-3-319-12280-9_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-12280-9_19

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-12279-3

  • Online ISBN: 978-3-319-12280-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation