Protecting Biometrics Using Fuzzy Extractor and Non-invertible Transformation Methods in Kerberos Authentication Protocol
详细信息 查看全文
- 关键词:Biometrics ; Remote authentication ; Kerberos ; Fuzzy extractor ; Cancelable transformation ; Mutual authentication
- 刊名:Lecture Notes in Computer Science
- 出版年:2017
- 出版时间:2017
- 年:2017
- 卷:10140
- 期:1
- 页码:47-66
- 丛书名:Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXI
- ISBN:978-3-662-54173-9
- 卷排序:10140
文摘
Kerberos is a distributed authentication protocol which guarantees the mutual authentication between client and server over an insecure network. After the identification, all the subsequent communications are encrypted by session keys to ensure privacy and data integrity. Nowadays, many traditional authentication systems have tried moved to biometric system for convenience. However, the security and privacy of these systems need to put on the table. In this paper, we have proposed an efficient hybrid approach for protecting biometrics in remote authentication protocol based on Kerberos scheme. This protocol is not only resistant against attacks on the insecure network such as man-in-the-middle attack, replay attack,… but also able to protect the biometrics for using fuzzy extractor and non-invertible transformation. These techniques conceal the user’s cancelable biometrics into the cryptographic key called biometric key. This key is used to verify a user in authentication phase. Therefore, there is no need to store users’ plaint biometrics in the database. Even if biometric key is revealed, it is impossible for an attack to infer the users’ biometrics for the high security of the fuzzy extractor scheme. Moreover, another remarkable contribution of this work is that a user can also change his biometric key without replacing his biometrics. The protocol supports multi-factor authentication to enhance security of the entire system.