Paper 2018/359

Privacy-Preserving Multibiometric Authentication in Cloud with Untrusted Database Providers

Christina-Angeliki Toli, Abdelrahaman Aly, and Bart Preneel

Abstract

This paper introduces a secure and privacy-preserving mechanism for biometric-based user authentication in a distributed manner. The design combines three modalities (face, iris and fingerprint) according to user’s performance strength parameters (False Acceptance and False Rejection Rates). We use a user-specific weighted score level fusion strategy to determine the final multimodal result. The stored unimodal templates are held by distinct database providers that can be malicious. Privacy regulations recognize biometric data as sensitive, hence their handling and storage in an untrusted environment with third parties are challenging. Therefore, we utilize Multi- Party Computation to enhance security among authentication stages. In contrast to the existing research, the novelty of this approach lies in performing multimodal authentication without storing private information in a single database, nor transferring the calculation results to any third party. The proposed protocol is analyzed to assess its usability, security and efficiency (execution time is less than a second under the studied scenario).

Metadata
Available format(s)
-- withdrawn --
Category
Applications
Publication info
Published elsewhere. Major revision. 15th International Conference on Cryptology and Network Security CANS 2016
Keywords
biometrics and MPC protocols
Contact author(s)
ctoli @ esat kuleuven be
History
2018-11-28: withdrawn
2018-04-18: received
See all versions
Short URL
https://ia.cr/2018/359
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.