Privacy Protection in Distributed Fingerprint-based Authentication

Geng, Swe; Giannopoulou, Georgia; Kabir-Querrec, Maëlle

doi:10.1145/3338498.3358648

Cited by 9 publications

(10 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, Shamir Secret Sharing allows the division of the seed phrase and recovery with n out of N parts of the seed phrase [41]. These recovery types can be used as-is or with the help of applications like SeedQuest, FuzzyVault, or the Horcrux Protocol, which help recover seed phrases by playing a game [42], use of biometric data [43], and instantiating Shamir Secret Sharing [44] respectively.…”

Section: Listing 2 a Simple Did Documentmentioning

confidence: 99%

A Tutorial on the Interoperability of Self-sovereign Identities

Yıldız¹,

Küpper²,

Thatmann³

et al. 2022

Preprint

View full text Add to dashboard Cite

<p>Self-sovereign identity is the latest digital identity paradigm that allows users, organizations, and things to manage identity in a decentralized fashion without any central authority controlling the process of issuing identities and verifying assertions. Following this paradigm, implementations have emerged in recent years, with some having different underlying technologies. These technological differences often create interoperability problems between software that interact with each other from different implementations. Although a common problem, there is no common understanding of self-sovereign identity interoperability. In the context of this tutorial, we create a definition of interoperability of self-sovereign identities to enable a common understanding. Moreover, due to the decentralized nature, interoperability of self-sovereign identities depends on multiple components, such as ones responsible for establishing trust or enabling secure communication between entities without centralized authorities. To understand those components and their dependencies, we also present a reference model that maps the required components and considerations that build up a self-sovereign identity implementation. The reference model helps address the question of how to achieve interoperability between different implementations. </p>

show abstract

Section: Listing 2 a Simple Did Documentmentioning

confidence: 99%

A Tutorial on the Interoperability of Self-sovereign Identities

Yıldız¹,

Küpper²,

Thatmann³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…The messages < M 1, M 2, M 4 > are preserved as a hashed value using SHA3, and because of the difficulty of the discrete logarithm problem, inverting the one-way hash function H( Â•) to retrieve sensitive user information is impossible. While < M 3 > that containsthe locked fuzzy vault information is preserved without hashing but remains secure, it requires the expected attempts of the adversary to interpolate the secret with a precision of approximately 1.86 × 10 9 as calculated in [25]. This corresponds to a 30-bit security level of 1.86 × 10 9 ≈ 2 30 .…”

Section: Privilege Insider Attackmentioning

confidence: 99%

Mobile Cloud Computing Services Authentication Scheme

Abdulrahman

Al-Gailani²

2022

Iraqi Journal of ICT

View full text Add to dashboard Cite

Because of the rapid growth of cloud computing and the expansion of mobile phone users in recent years, mobile cloud computing has attracted wide attention. In the mobile cloud, wireless computing networks are the basics of sharing data between mobile devices and cloud services. Since air is the communication medium, it must be properly protected; otherwise, it will be subject to a variety of security threats, for example, attacks from middle-man, identity tracking, etc... Furthermore, mobile devices are limited in storage, resources, and computing powers. Hence, designing an efficient and secure balance of authentication schemes is extremely important. First of all, a multi-factor authentication scheme based on biometric (fingerprint information), hash function, and fuzzy vault algorithm is presented in that paper. Secondly, the Validation and Analysis tool of AVISPA Security was approved. Thirdly, the security of the scheme proposed is compared to other related schemes.

show abstract

“…Second, it was used to create fuzzy vault sets as an iris extraction algorithm based on the Independent Component Analysis (ICA). In [10], the author suggested that several models for a user be protected as a single entity. A fuzzy vault system was used to derive one multi-biometric template from individual templates.…”

Section: Computer Sciencesmentioning

confidence: 99%

“…This leaves (c s = v s -g s ) pair subsets were containing genuine pairs but include at least one pair of pairs of vaults. If the chaff vault pair is only one member of the candidate sub-set (n+1), the secret polynomial fails because the chaff vault pair does not lie on the secret polynomial [10]. The attacker doesn't know which vault pairs have genuine points, so they can only pick one sub-set, again and again, to interpolate at random.…”

Section: 4 Security Analysismentioning

confidence: 99%

A fuzzy vault development based on iris images

Taha

Ahmed

2021

Eureka: PE

View full text Add to dashboard Cite

Biometric systems gather information from the person's biometric attributes, used extensively to authorize the individuals. Due to the obvious convenience of using specific individual traits such as face, fingerprints, palm veins, and irises, biometric authentication is becoming more common. In particular, Iris systems are in high demand for high-assurance applications, because they contain a broad feature set and remain stable. Authentication methods based on iris biometrics are now commonly used in a variety of fields. This is due to the fact that iris biometric authentication is both safer and more comfortable than conventional passwords. Template Security is a major concern in biometric systems. The template security mechanism ensures reusable, permanent, and un-linkable models. The Fuzzy Vault strategy is one of the most popular security schemes for Template protection. Fuzzy vault has demonstrated to be an effective protection method but lacks revocability and security attacks. This article introduced an improved fuzzy vault system. The improved fuzzy vault system was introduced, which uses more than one key to protect biometric data. Different keys make the search space more detailed. The additional key was used to encrypt vault data, which stopped the intruder from accessing the information on the person's biometry. The system was tested using CASIA.v1 and IITD.v1 datasets, and findings showed that the system ensures the protection and authentication of the iris templates without compromising performance. The proposed modification gave a 0.0 % False Accepted Rate (FAR) for both the dataset and False Rejected Rate (FRR), 0.14 % for CASIA v1 and 0.12 % for ITTD v1 False Rejected rate

show abstract

Privacy Protection in Distributed Fingerprint-based Authentication

Cited by 9 publications

References 14 publications

A Tutorial on the Interoperability of Self-sovereign Identities

A Tutorial on the Interoperability of Self-sovereign Identities

Mobile Cloud Computing Services Authentication Scheme

A fuzzy vault development based on iris images

Contact Info

Product

Resources

About