Strong Theft-Proof Privacy-Preserving Biometric Authentication

Biometric authentication offers many benefits ranging from strong security guarantees to user convenience, however, remote authentication poses unique challenges which are not fully addressed by biometrics alone. We propose a new remote authentication protocol that combines possessionbased authentication and biometrics in a way that conquers the main weaknesses of both authentication methods. Our protocol offers strong protection to biometric data. It is theft-proof, guarding against attacks based on stolen or lost tokens. It is also privacy-preserving with respect to the users’ biometric identities as well as actions performed using those identities. In contrast to knowledge-based authentication, where passwords or PIN numbers may be updated freely, biometric data cannot be changed and therefore attacks on biometric templates are severe in consequences. To address this issue, our protocol handles biometric templates in a novel way they are never directly stored, transmitted or made available to the verifying party. Identity verification is based on the difference between the biometric template provided in the enrollment phase and the one provided during verification. A user is authenticated only if the difference is sufficiently close to 0. Authentication information is stored on a token, for instance a smart card, and is protected by biometric techniques to ensure that the token can only be used by its legitimate owner. User’s identity is created with respect to a special blinding factor used to create a blinded biometric template, not the biometric data itself. Such approach offers two major benefits: biometric data protection and unlinkability of user’s actions.