Paper 2018/359

Privacy-Preserving Multibiometric Authentication in Cloud with Untrusted Database Providers

Christina-Angeliki Toli, Abdelrahaman Aly, and Bart Preneel


This paper introduces a secure and privacy-preserving mechanism for biometric-based user authentication in a distributed manner. The design combines three modalities (face, iris and fingerprint) according to user’s performance strength parameters (False Acceptance and False Rejection Rates). We use a user-specific weighted score level fusion strategy to determine the final multimodal result. The stored unimodal templates are held by distinct database providers that can be malicious. Privacy regulations recognize biometric data as sensitive, hence their handling and storage in an untrusted environment with third parties are challenging. Therefore, we utilize Multi- Party Computation to enhance security among authentication stages. In contrast to the existing research, the novelty of this approach lies in performing multimodal authentication without storing private information in a single database, nor transferring the calculation results to any third party. The proposed protocol is analyzed to assess its usability, security and efficiency (execution time is less than a second under the studied scenario).

Available format(s)
-- withdrawn --
Publication info
Published elsewhere. Major revision. 15th International Conference on Cryptology and Network Security CANS 2016
biometrics and MPC protocols
Contact author(s)
ctoli @ esat kuleuven be
2018-11-28: withdrawn
2018-04-18: received
See all versions
Short URL
Creative Commons Attribution
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.