Ghostshell: Secure Biometric Authentication using Integrity-based Homomorphic Evaluations

نویسندگان

  • Jung Hee Cheon
  • HeeWon Chung
  • Myungsun Kim
  • Kang-Won Lee
چکیده

Biometric authentication methods are gaining popularity due to their convenience. For an authentication without relying on trusted hardwares, biometrics or their hashed values should be stored in the server. Storing biometrics in the clear or in an encrypted form, however, raises a grave concern about biometric theft through hacking or man-in-the middle attack. Unlike ID and password, once lost biometrics cannot practically be replaced. Encryption can be a tool for protecting them from theft, but encrypted biometrics should be recovered for comparison. In this work, we propose a secure biometric authentication scheme, named Ghostshell, in which an encrypted template is stored in the server and then compared with an encrypted attempt without decryption. The decryption key is stored only in a user’s device and so biometrics can be kept secret even against a compromised server. Our solution relies on a somewhat homomorphic encryption (SHE) and a message authentication code (MAC). Because known techniques for SHE is computationally expensive, we develop a more practical scheme by devising a significantly efficient matching function exploiting SIMD operations and a one-time MAC chosen for efficient homomorphic evaluations (of multiplication depth 2). When applied to Hamming distance matching on 2400-bit irises, our implementation shows that the computation time is approximately 0.47 and 0.1 seconds for the server and the user, respectively.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Biometric cryptosystems: authentication, encryption and signature for biometric identities

Zusammenfassung) Biometrics have been used for secure identification and authentication for more than two decades since biometric data is unique, non-transferable, unforgettable, and always with us. Recently, biometrics has pervaded other aspects of security applications that can be listed under the topic of “Biometric Cryptosystems”. Although the security of some of these systems is questionab...

متن کامل

A Dual Integrated Watermarking Approach for Biometric Authentication

To improve the information authentication and network security one of the effective authentication mechanism is Biometric authentication System. But when this authentication system is a offline authentication system, in such case, it is required to secure this authentication information. In this work, a biometric watermarking based authentication system is defined to secure the authentication s...

متن کامل

Privacy-Preserving Biometric Authentication and Matching via Lattice-Based Encryption

The continuous dependence on electronic media has radically changed our interactions, many of which are now performed online. In many occasions users need to authenticate to remote machines, but the hostile environment of the Internet may severely expose users and service providers. To counter these shortcomings, strong authentication is pushed forward. As a means to authenticate individuals, b...

متن کامل

Minutiae Matching with Privacy Protection Based on the Combination of Garbled Circuit and Homomorphic Encryption

Biometrics plays an important role in authentication applications since they are strongly linked to holders. With an increasing growth of e-commerce and e-government, one can expect that biometric-based authentication systems are possibly deployed over the open networks in the near future. However, due to its openness, the Internet poses a great challenge to the security and privacy of biometri...

متن کامل

Verifiable Delegation of Computation in the Setting of Privacy-Preserving Biometric Authentication Master of Science Thesis in Computer Systems and Networks

Cloud computing has gained popularity due to the growth of internet and the number of devices. Although outsourcing computation tasks to the remote cloud come with great convenience, there are increasing concerns regarding data privacy and computation integrity since the cloud providers are external third parties. Verifiable computation (VC) is a mechanism to let the client verify the computati...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:
  • IACR Cryptology ePrint Archive

دوره 2016  شماره 

صفحات  -

تاریخ انتشار 2016