TY - GEN
T1 - Private eyes
T2 - 12th International Conference on Security and Cryptography, SECRYPT 2015
AU - Syta, Ewa
AU - Fischer, Michael J.
AU - Wolinsky, David
AU - Silberschatz, Abraham
AU - Gallegos-García, Gina
AU - Ford, Bryan
N1 - Publisher Copyright:
© Copyright 2015 SCITEPRESS - Science and Technology Publications. All rights reserved.
PY - 2015
Y1 - 2015
N2 - We propose an efficient remote biometric authentication protocol that gives strong protection to the user's biometric data in case of two common kinds of security breaches: (1) loss or theft of the user's token (smart card, handheld device, etc.), giving the attacker full access to any secrets embedded within it; (2) total penetration of the server. Only if both client and server are simultaneously compromised is the user's biometric data vulnerable to exposure. The protocol works by encrypting the user's biometric template in a way that allows it to be used for authentication without being decrypted by either token or server. Further, the encrypted template never leaves the token, and only the server has the information that would enable it to be decrypted. We have implemented our protocol using two iris recognition libraries and evaluated its performance. The overall efficiency and recognition performance is essentially the same compared to an unprotected biometric system.
AB - We propose an efficient remote biometric authentication protocol that gives strong protection to the user's biometric data in case of two common kinds of security breaches: (1) loss or theft of the user's token (smart card, handheld device, etc.), giving the attacker full access to any secrets embedded within it; (2) total penetration of the server. Only if both client and server are simultaneously compromised is the user's biometric data vulnerable to exposure. The protocol works by encrypting the user's biometric template in a way that allows it to be used for authentication without being decrypted by either token or server. Further, the encrypted template never leaves the token, and only the server has the information that would enable it to be decrypted. We have implemented our protocol using two iris recognition libraries and evaluated its performance. The overall efficiency and recognition performance is essentially the same compared to an unprotected biometric system.
KW - Authentication
KW - Biometrics
KW - Privacy
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=84964933299&partnerID=8YFLogxK
U2 - 10.5220/0005539602430250
DO - 10.5220/0005539602430250
M3 - Contribución a la conferencia
AN - SCOPUS:84964933299
T3 - SECRYPT 2015 - 12th International Conference on Security and Cryptography, Proceedings; Part of 12th International Joint Conference on e-Business and Telecommunications, ICETE 2015
SP - 243
EP - 250
BT - SECRYPT 2015 - 12th International Conference on Security and Cryptography, Proceedings; Part of 12th International Joint Conference on e-Business and Telecommunications, ICETE 2015
A2 - Obaidat, Mohammad S.
A2 - Lorenz, Pascal
A2 - Samarati, Pierangela
PB - SciTePress
Y2 - 20 July 2015 through 22 July 2015
ER -