Aysajan Abidin

Security aspects of privacy-preserving biometric authentication based on ideal lattices and ring-LWE

In this paper, we study the security of two recently proposed privacy-preserving biometric authentication protocols that employ packed somewhat homomorphic encryption schemes based on ideal lattices and ring-LWE, respectively. These two schemes have the same structure and have distributed architecture consisting of three entities: a client server, a computation server, and an authentication server. We present a simple attack algorithm that enables a malicious computation server to learn the biometric templates in at most 2N-τ queries, where N is the bit-length of a biometric template and τ the authentication threshold. The main enabler of the attack is that a malicious computation server can send an encryption of the inner product of the target biometric template with a bitstring of his own choice, instead of the securely computed Hamming distance between the fresh and stored biometric templates. We also discuss possible countermeasures to mitigate the attack using private information retrieval and signatures of correct computation.

Security of a Privacy-Preserving Biometric Authentication Protocol Revisited

Biometric authentication establishes the identity of an individual based on biometric templates e.g. fingerprints, retina scans etc.. Although biometric authentication has important advantages and many applications, it also raises serious security and privacy concerns. Here, we investigate a biometric authentication protocol that has been proposed by Bringer et al. and adopts a distributed architecture i.e. multiple entities are involved in the authentication process. This protocol was proven to be secure and privacy-preserving in the honest-but-curious or passive attack model. We present an attack algorithm that can be employed to mount a number of attacks on the protocol under investigation. We then propose an improved version of the Bringer et al. protocol that is secure in the malicious or active insider attack model and has forward security.

On Privacy-Preserving Biometric Authentication

Biometric authentication is becoming increasingly popular as a convenient authentication method. However, the privacy and security issues associated with biometric authentication are very serious. Privacy-preserving biometric authentication addresses privacy concerns associated with the use of biometrics and offers a secure solution for user authentication. Given the tremendous expansion of wireless communications a new distributed architecture in biometric authentication is evolving. In this distributed setting, a resource constrained client may outsource part of the computations during the biometric authentication process to a more powerful device (cloud server). In this work, we consider one such distributed setting consisting of clients, a cloud server, and a service provider and make a case for the need for verifiable computation to achieve security against malicious, as opposed to an honest-but-curious, cloud server. In particular, we propose to use verifiable computation on top of an homomorphic encryption scheme to verify that the cloud server correctly performs the computations outsourced to it. A proof of security of a generic protocol in the presence of a malicious cloud server is also provided. Finally, we discuss how an XOR-linear message authentication code can be used to verify the correctness of the computation.

A local electricity trading market: Security analysis

This paper proposes a local electricity trading market and provides a comprehensive security analysis of this market. It first presents a market for electricity trading among individual users, and describes the different entities and the interactions among them. Based on this market model and the interactions, the paper analyses security problems and potential privacy threats imposed on users, which leads to the specification of a set of security and privacy requirements. These requirements can be used to guide the future design of secure local electricity trading markets or to perform a risk assessment of such markets.

An MPC-Based Privacy-Preserving Protocol for a Local Electricity Trading Market

This paper proposes a decentralised and privacy-preserving local electricity trading market. The market employs a bidding protocol based on secure multiparty computation and allows users to trade their excess electricity among themselves. The bid selection and trading price calculation are performed in a decentralised and privacy-preserving manner. We implemented the market in C++ and tested its performance with realistic data sets. Our simulation results show that the market tasks can be performed for 2500 bids in less than four minutes in the “online” phase, showing its feasibility for a typical electricity trading period.

Uncoupling Biometrics from Templates for Secure and Privacy-Preserving Authentication

Biometrics are widely used for authentication in several domains, services and applications. However, only very few systems succeed in effectively combining highly secure user authentication with an adequate privacy protection of the biometric templates, due to the difficulty associated with jointly providing good authentication performance, unlinkability and irreversibility to biometric templates. This thwarts the use of biometrics in remote authentication scenarios, despite the advantages that this kind of architectures provides. We propose a user-specific approach for decoupling the biometrics from their binary representation before using biometric protection schemes based on fuzzy extractors. This allows for more reliable, flexible, irreversible and unlinkable protected biometric templates. With the proposed biometrics decoupling procedures, biometric metadata, that does not allow to recover the original biometric template, is generated. However, different biometric metadata that are generated starting from the same biometric template remain statistically linkable, therefore we propose to additionally protect these using a second authentication factor (e.g., knowledge or possession based). We demonstrate the potential of this approach within a two-factor authentication protocol for remote biometric authentication in mobile scenarios.

An Efficient Entity Authentication Protocol with Enhanced Security and Privacy Properties

User authentication based on biometrics is getting an increasing attention. However, privacy concerns for biometric data have impeded the adoption of cloud-based services for biometric authentication. This paper proposes an efficient distributed two-factor authentication protocol that is privacy-preserving even in the presence of colluding internal adversaries. One of the authentication factors in our protocol is biometrics, and the other factor can be either knowledge-based or possession-based. The actors involved in our protocol are users, user/client devices with biometric sensors, service provider, and cloud for storing protected biometric templates. Contrary to the existing biometric authentication protocols that offer security only in the honest-but-curious adversarial model, our protocol provides enhanced security and privacy properties in the active (or malicious) adversarial model. Specifically, our protocol offers identity privacy, unlinkability, and user data (i.e., the biometric template data and the second factor) privacy against compromised cloud storage service, and preserves the privacy of the user data even if the cloud storage service colludes with the service provider. Moreover, our protocol only employs lightweight schemes and thus is efficient. The distributed model combined with the security and privacy properties of our protocol paves the way towards a new cloud-based business model for privacy-preserving authentication.

Efficient Verifiable Computation of XOR for Biometric Authentication

This work addresses the security and privacy issues in remote biometric authentication by proposing an efficient mechanism to verify the correctness of the outsourced computation in such protocols. In particular, we propose an efficient verifiable computation of XORing encrypted messages using an XOR linear message authentication code (MAC) and we employ the proposed scheme to build a biometric authentication protocol. The proposed authentication protocol is both secure and privacy-preserving against malicious (as opposed to honest-but-curious) adversaries. Specifically, the use of the verifiable computation scheme together with an homomorphic encryption protects the privacy of biometric templates against malicious adversaries. Furthermore, in order to achieve unlinkability of authentication attempts, while keeping a low communication overhead, we show how to apply Oblivious RAM and biohashing to our protocol. We also provide a proof of security for the proposed solution. Our simulation results show that the proposed authentication protocol is efficient.

Efficient Unconditionally Secure Signatures Using Universal Hashing

Digital signatures are one of the most important cryptographic primitives. In this work we construct an information-theoretically secure signature scheme which, unlike prior schemes, enjoys a number of advantageous properties such as short signature length and high generation efficiency, to name two. In particular, we extend symmetric-key message authentication codes (MACs) based on universal hashing to make them transferable, a property absent from traditional MAC schemes. Our main results are summarised as follows.

Towards Quantum Distance Bounding Protocols

Distance Bounding (DB) is a security technique through which it is possible to determine an upper-bound on the physical distance between two parties (denoted as verifier and prover). These protocols typically combine physical properties of the communication channel with cryptographic challenge-response schemes. A key challenge to design secure DB protocols is to keep the time required by the prover to process the challenges and compute and transmit the responses as low as possible. For this purpose, different implementation approaches have been proposed in the literature, both in the analog as in the digital domain. Moreover, different types of communication channels have been proposed as well to find an optimal balance between security and implementation feasibility. This paper is the first to evaluate the feasibility of implementing DB protocols using quantum communication. Unlike conventional DB protocols, which execute the rapid-bit exchanges over a Radio Frequency (RF) or ultrasound channel, our quantum-based DB protocol makes use of quantum-bit (qubit) transmissions and detection during the challenge-response phase. Our protocol offers security against distance fraud, mafia fraud and terrorist attacks. We also discuss how to protect against some specific implementation attacks, such as double read-out and quantum attacks, and give an overview of the main implementation challenges as well as possible limitations.