Cryptology ePrint Archive: Report 2018/359

Privacy-Preserving Multibiometric Authentication in Cloud with Untrusted Database Providers

Christina-Angeliki Toli and Abdelrahaman Aly and Bart Preneel

Abstract: This paper introduces a secure and privacy-preserving mechanism for biometric-based user authentication in a distributed manner. The design combines three modalities (face, iris and fingerprint) according to userís performance strength parameters (False Acceptance and False Rejection Rates). We use a user-specific weighted score level fusion strategy to determine the final multimodal result. The stored unimodal templates are held by distinct database providers that can be malicious. Privacy regulations recognize biometric data as sensitive, hence their handling and storage in an untrusted environment with third parties are challenging. Therefore, we utilize Multi- Party Computation to enhance security among authentication stages. In contrast to the existing research, the novelty of this approach lies in performing multimodal authentication without storing private information in a single database, nor transferring the calculation results to any third party. The proposed protocol is analyzed to assess its usability, security and efficiency (execution time is less than a second under the studied scenario).

Category / Keywords: applications / biometrics and MPC protocols

Original Publication (with major differences): 15th International Conference on Cryptology and Network Security CANS 2016

Date: received 16 Apr 2018, withdrawn 28 Nov 2018

Contact author: ctoli at esat kuleuven be

Available format(s): (-- withdrawn --)

Version: 20181128:103603 (All versions of this report)

Short URL: ia.cr/2018/359


[ Cryptology ePrint archive ]