Title :
BioSAKE: Biometrics-based secure authentication and key exchange
Author :
Nandakumar, Karthik
Author_Institution :
Inst. for Infocomm Res., ASTAR, Singapore, Singapore
Abstract :
Biometric authentication is yet to find widespread acceptance in applications requiring authentication between a remote client and server (e.g., electronic commerce). This is partly because the biometric authentication process can be circumvented through attacks on the communication interfaces or on the stored biometric templates. In this paper, we propose a biometrics-based protocol for secure authentication and key exchange between a client and a server. The proposed BioSAKE protocol is based on key-binding biometric cryptosystems and satisfies the following requirements: (i) mutual authentication between the client and the server, (ii) secure exchange of a session key between the two entities, (iii) minimal leakage of biometric information from stored credentials, and (iv) revocability of stored credentials. A detailed security analysis of the BioSAKE protocol has also been presented. Experiments on public-domain fingerprint and iris databases demonstrate the practical feasibility of the BioSAKE protocol.
Keywords :
cryptographic protocols; fingerprint identification; iris recognition; BioSAKE protocol; biometric information; biometric templates; biometrics-based protocol; biometrics-based secure authentication and key exchange; communication interfaces; iris databases; key-binding biometric cryptosystems; mutual authentication; public-domain fingerprint; remote client; security analysis; server; stored credential revocability; Authentication; Cryptography; Decoding; Error correction; Protocols; Servers;
Conference_Titel :
Biometrics (ICB), 2013 International Conference on
Conference_Location :
Madrid
DOI :
10.1109/ICB.2013.6613007
