da/sec scientific talk on Template Protection

Topic: Improved Biometrics-Authenticated Key Exchange

by Pia Bauspieß
online Big Blue Button Room: D19/2.03a, October 28, 2022 (Friday), 12.00 noon

Keywords — Authenticated Key exchange, Oblivious Pseudorandom Function, Fuzzy Vault, Biometric Information Protection

Abstract

„Biometric data are uniquely suited for connecting individuals to their digital identities. Deriving cryptographic key exchange from successful biometric authentication therefore gives an additional layer of trust compared to password-authenticated key exchange. However, biometric data differ from passwords in two crucial points: firstly, they are sensitive personal data that need to be protected on a long-term basis. Secondly, efficient feature extraction and comparison components resulting in high intra-subject tolerance and low intersubject distinguishability, documented with good biometric performance, need to be applied in order to prevent zero-effort impersonation attacks. In this work, we present a protocol for secure and efficient biometrics-authenticated key exchange that fulfils the above requirements of biometric information protection compliant with ISO/IEC 24745. The protocol is based on established fuzzy vault schemes and validated with good recognition performance. We build our protocol from established primitives for password-authenticated key exchange using oblivious pseudorandom functions. Our protocol is independent of the biometric modality and can be instantiated both based on the security of discrete logarithms as well as lattices. We provide an open-source implementation of our protocol instantiated with elliptic curves and a state-of-the art unlinkable fingerprint fuzzy vault scheme that is practical with transaction times of less than one second.“