Biometric-Based Non-transferable Anonymous Credentials
نویسندگان
چکیده
This work explores the problem of using biometric data to achieve non-transferability of anonymous credentials; that is, sharing of anonymous credentials, which allow one to anonymously authenticate, can be severely limited if their use requires possession of the credential owner’s biometric. We target to provide strong security guarantees using minimal trust assumptions, namely that a fresh reading of a biometric is enforced on each use of the credentials. Furthermore, no biometric or other information is compromised if an adversary obtains full access to all credential-related data. Our solution relies on constructions for fuzzy extractors that allow one to extract and reproduce a random string from noisy biometric images. We first examine security requirements of biometric key generators, and then show how they can be integrated with anonymous credentials to achieve a high degree of non-transferability and security.
منابع مشابه
A Survey on Non-transferable Anonymous Credentials
There are at least two principal approaches to prevent users from sharing their anonymous credentials: adding valuable secrets into the system the user does not want to share or embedding biometric access control. This paper seeks to identify possible fields of application and to compare both approaches with respect to the credentials’ nontransferability. The paper shows that both approaches do...
متن کاملAn Efficient and Usable Multi-show Non-transferable Anonymous Credential System
In an anonymous credential system a user can prove anonymously the possession of credentials to a service provider. Multi-show and non-transferability are two important properties of such systems. More precisely, in a multi-show system the same credential can be used more than once without threatening anonymity, moreover, lending of non-transferable credentials is inconvenient. In this paper we...
متن کاملOffline Personal Credentials
Personal documents and certificates that are not transferable between individuals are common and essential means in every day life, e.g., driver’s licenses, insurance certificates, etc. At the same time, personal documents are privacy critical as they tend to fully identify their owners, e.g., photo, address, etc. We are interested in personal offline credentials, i.e., secure, non-transferable...
متن کاملAn EÆcient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
A credential system is a system in which users can obtain credentials from organizations and demonstrate possession of these credentials. Such a system is anonymous when transactions carried out by the same user cannot be linked. An anonymous credential system is of signi cant practical relevance because it is the best means of providing privacy for users. In this paper we propose a practical a...
متن کاملAn Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
A credential system is a system in which users can obtain credentials from organizations and demonstrate possession of these credentials. Such a system is anonymous when transactions carried out by the same user cannot be linked. An anonymous credential system is of significant practical relevance because it is the best means of providing privacy for users. In this paper we propose a practical ...
متن کامل