Private Eyes: Secure Remote Biometric Authentication

Ewa Syta; Michael J. Fischer; David Wolinsky; Abraham Silberschatz; Gina Gallegos-Garcia; Bryan Ford

doi:10.5220/0005539602430250

Private Eyes: Secure Remote Biometric Authentication

Ewa Syta, Michael J. Fischer, David Wolinsky, Abraham Silberschatz, Gina Gallegos-Garcia, Bryan Ford

2015

Abstract

We propose an efficient remote biometric authentication protocol that gives strong protection to the user’s biometric data in case of two common kinds of security breaches: (1) loss or theft of the user’s token (smart card, handheld device, etc.), giving the attacker full access to any secrets embedded within it; (2) total penetration of the server. Only if both client and server are simultaneously compromised is the user’s biometric data vulnerable to exposure. The protocol works by encrypting the user’s biometric template in a way that allows it to be used for authentication without being decrypted by either token or server. Further, the encrypted template never leaves the token, and only the server has the information that would enable it to be decrypted. We have implemented our protocol using two iris recognition libraries and evaluated its performance. The overall efficiency and recognition performance is essentially the same compared to an unprotected biometric system.

Download

Paper Citation

in Harvard Style

Syta E., J. Fischer M., Wolinsky D., Silberschatz A., Gallegos-Garcia G. and Ford B. (2015). Private Eyes: Secure Remote Biometric Authentication . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 243-250. DOI: 10.5220/0005539602430250

in Bibtex Style

@conference{secrypt15,
author={Ewa Syta and Michael J. Fischer and David Wolinsky and Abraham Silberschatz and Gina Gallegos-Garcia and Bryan Ford},
title={Private Eyes: Secure Remote Biometric Authentication},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={243-250},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005539602430250},
isbn={978-989-758-117-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Private Eyes: Secure Remote Biometric Authentication
SN - 978-989-758-117-5
AU - Syta E.
AU - J. Fischer M.
AU - Wolinsky D.
AU - Silberschatz A.
AU - Gallegos-Garcia G.
AU - Ford B.
PY - 2015
SP - 243
EP - 250
DO - 10.5220/0005539602430250