A multibiometric cryptosystem for user authentication in client-server networks

Abstract

A biometric authentication scheme enables a client to log into a network system in which the safeguarding of critical data or/and controlling access are signified. A biometric-based network system verifies users who are the owners of legal biometric information. To secure such a network, we should protect all information belonging to legal individuals and preserve the privacy of tracking actions. In our previous work, we proposed a scheme with a non-repudiation property in which all individuals’ information is preserved, but there were some deficiencies in the scheme related to privacy. In this paper, we extend the previous work such that the network system enables the handling of secure computation for confident authentication, as well as the protection of critical information and the preservation of legal individuals’ privacy. Through various practical scenarios, we consider different attacks from the client, server, and network sides as intrusions into the privacy. We mathematically and practically prove that our scheme is safe enough to resist against different network attacks and to protect legitimate individuals' information and privacy. Finally, we demonstrate our computation and memory efficiency compared to related studies.

Introduction

Authentication is the process of client verification by comparing the actual client's attributes with the expected (claimed) ones, as well as proof of their originality. Such verification is called the non-repudiation of an actual identity.

Biometric authentication has been deployed over the last few years and is progressing very quickly. An automated authentication network system operated through biometric data creates a secure guarded port for access control. Moreover, it is a lock and capture mechanism for preserving critical data or controlling the access of clients who wish to enter the system [1]. To develop such a system, a trait of the user or piece of evidence as to the legitimate person's identity (ID) should be collected and stored in a safe database (DB) to compare with received traits in the verification round [2]. Furthermore, if the network system collects multi-biometric trait, i.e. the fusion of two or more unimodal biometric traits, it is expected that the system will be more reliable due to the presence of multiple independent traits, including iris, fingerprint, etc. Such a network system is able to withstand many threats successfully because of its multi-biometric nature [2].

The network system data should be protected. These data contain users’ biometric templates, which are scanned by instruments and transmitted through a network to store in the registration server database. Later, these data are used for the authentication of users wishing to log into the system. For the network system data protection, we can implement a network system associated with a cryptographic technique, for instance, public key infrastructure (PKI).

Taking into account the privacy of biometrics, templates are not sufficient for a completely secure network system [1,2]. There are primary concerns (requirements) for a biometric authentication network system that should be considered as follows [3,4]:

• Template protection: the biometric trait of each user contains distinctive and personal characteristic data from which the biometric template is extracted. The protection of such templates is a concern. To meet this concern, in the authentication process, the server stores the template in its database. If the database is compromised by an enemy, the user's critical information can be revealed, which consequently might allow for the identity (ID) theft of the client. In a secure biometric authentication scheme, the template is protected against various attacks [2].

• User's privacy: in a biometric-based privacy-preserving system, a user's identity, biometric information and activity should be preserved as much as possible. The leakage of any mentioned items leads to a lack of privacy preservation. Moreover, if the network system is cracked or the database is compromised, an enemy can disclose a user's identity and biometric information, including habitats or medical information. In addition, if a user wishes to log into the server through his/her identity from different particular places, the server is able to determine the user's geographical locations or/and his/her activities.

• Trust between user and server: to implement a biometric-based authentication system, a user should send his/her biometric plains to the server to store his/her features in the database in a safe manner. However, all servers may not be trustworthy for the enrolment process, so a remote user cannot trust any server to send his/her biometric information.

• Network security: in addition to the untrusted server issue, an insecure network can also be breached by network attackers to compromise biometric information. Moreover, an enemy may apply various attacks to obtain biometric information being transmitted.

The disregard of any of these concerns leads to information leakage and vulnerability to attacks. A biometric-based scheme should protect the privacy of biometric data, and it should verify clients accurately. Moreover, the scheme should authorize legitimate users and resist as many attacks as possible, thus denying all unauthorized accesses.

For the first time, we proposed a multi-biometric authentication protocol (using a number of traits) called a “digest-based authentication system” in [5]. It is a biometric authentication protocol that takes a biometric template and generates a tuple to verify the authority of a client where the decryption of the original biometric template from the protocol output may not be carried out. Therefore, nobody, including the authentication server, can discover any information about the client biometric sample(s).

In the current study, we improve our previous work in [5] to meet the concerns stated above perfectly as follows:

• Template protection: the proposed protocol in [5] presented a secure non-invertible function (see Section 4.1) in which nobody can comprehend information about the input via the output. In this manner, this concern (template protection) was respected, counteracting the many attacks intended to access the original biometric traits.

• Privacy: for this concern, the proposed protocol in [5] was not a non-deterministic (see Section 4.1) method, meaning that, when a client wished to be authorized several times, the protocol would generate a unique tuple. This is why the privacy of a user's identity and activity is not perfectly respected, which may lead to a linkage attack. In this case, the user may revoke her/his information in the system. Now, we justify that we should use a non-deterministic-based protocol. Web resources, such as remote banking services, require protocols for the authentication, leading to privacy assurance of personal customer data. One of the most common communication protocols for web resources is Hypertext Transfer Protocol Secure (HTTPS), which is essentially an implementation of a standard asymmetric cryptosystem, such as the deterministic RSA algorithm. Therefore, it is not a very secure protocol because it is vulnerable against many attacks, and an adversary can still decrypt traffic captured over the network [6]. However, in a digest-based authentication protocol, we utilize a non-deterministic function to generate a different semi-digest in every communication session. This fact prevents an adversary from applying many attacks.

• Trust between user and server: in [5], because just one server was utilized for both enrolling users and authorizing clients, clients cannot trust the untrusted authorizing servers (through an unsafe network) to register their critical biometric information. Thus, this concern was not respected in [5]. In addition, it was vulnerable to the hill climbing attack.

• Network security: in [5], a tuple for every client was generated remotely and then sent through an untrusted environment to the authentication server. Such a method may be abused for some attacks, such as brute force, replay attacks, etc., by enemies listening in the environment.

In practice, in [5] we applied some attacks and considered the four mentioned concerns. Basically, “template protection” was perfectly preserved. In addition, the “security” of biometric information and features was entirely protected. In the current study, we improve the scheme in [5] to remove the disadvantages mentioned above in items 2–4. Moreover, we exploit our new features. The contributions of our current study are as follows:

• We extended our previous digest-based multi-biometric protocol [5] for authentication by using the ephemeral key in the authentication round. To this end, we use a one-way function (see Section 4.1). Moreover, we store the user's identity as a legitimate individual in locked form in the enrolling round. Therefore, the privacy of a user's identity, biometric data and activities can be perfectly protected.

• Concerning “trust between user and server,” we separate the enrolment session from the authentication session. Moreover, we use trusted third party (TTP) as a registration server for enrolling users, whereas the authentication server will operate similar to [5] for the verification of clients.

• We extend the protocol in [5] via random generation of clients' tuples. A client is an individual who must be authorized in the authentication round. Moreover, we use a non-deterministic method by randomly transferring quantities, through which information leakage can be prevented, leading to resistance against linkage attacks. Accordingly, “network security” is respected. We mathematically prove that these new properties prevent the mentioned attacks.

• In the current study, we lock the ID, as the third element of a transmitted/stored tuple, so if an attacker captures the tuple, she/he cannot detect the exact ID numbers from the locked ID. Therefore, the user's privacy is completely preserved.

• We claim that the current study, competent for any application, satisfies the four concerns.

In Section 2, we shortly introduce our digest-based authentication system that was proposed in [5]. Then, in Section 3, we review our current version briefly. In Section 4, we explain the details of our proposal, which will be evaluated in terms of security in Section 5. To show the efficiency and optimization of the proposal, we consider experimental results and compare our results with those of various similar studies in Section 6. Finally, in Section 7, we draw conclusions and propose future work.