Cryptology ePrint Archive: Report 2019/894

BioID: a Privacy-Friendly Identity Document

Fatih Balli and F. Betül Durak and Serge Vaudenay

Abstract: We design a suite of protocols so that a small tamper-resistant device can be used as a biometric identity document which can be scanned by authorized terminals. We target both strongly secure identification and strong privacy. Unlike biometric passports, our protocols leak no digital evidence and are essentially deniable. Besides, getting the identity information from the device requires going through access control. Access control can follow either a strong PKI-based path or a weak password-based path which offer different functionalities. We implemented our protocols on JavaCard using finger-vein recognition as a proof of concept.

Category / Keywords: cryptographic protocols / privacy, deniability, ID document, smart card

Original Publication (with major differences): 15th International Workshop on Security and Trust Management (STM) 2019

Date: received 2 Aug 2019, last revised 2 Sep 2019

Contact author: fatih balli at epfl ch

Available format(s): PDF | BibTeX Citation

Note: The version 2 of this report fixes some typos from previous version, and contains minor updates on references.

Version: 20190902:195903 (All versions of this report)

Short URL: ia.cr/2019/894