Share Email Print

Proceedings Paper

Multi-factor challenge/response approach for remote biometric authentication
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

Although biometric authentication is perceived to be more reliable than traditional authentication schemes, it becomes vulnerable to many attacks when it comes to remote authentication over open networks and raises serious privacy concerns. This paper proposes a biometric-based challenge-response approach to be used for remote authentication between two parties A and B over open networks. In the proposed approach, a remote authenticator system B (e.g. a bank) challenges its client A who wants to authenticate his/her self to the system by sending a one-time public random challenge. The client A responds by employing the random challenge along with secret information obtained from a password and a token to produce a one-time cancellable representation of his freshly captured biometric sample. The one-time biometric representation, which is based on multi-factor, is then sent back to B for matching. Here, we argue that eavesdropping of the one-time random challenge and/or the resulting one-time biometric representation does not compromise the security of the system, and no information about the original biometric data is leaked. In addition to securing biometric templates, the proposed protocol offers a practical solution for the replay attack on biometric systems. Moreover, we propose a new scheme for generating a password-based pseudo random numbers/permutation to be used as a building block in the proposed approach. The proposed scheme is also designed to provide protection against repudiation. We illustrate the viability and effectiveness of the proposed approach by experimental results based on two biometric modalities: fingerprint and face biometrics.

Paper Details

Date Published: 31 May 2011
PDF: 11 pages
Proc. SPIE 8063, Mobile Multimedia/Image Processing, Security, and Applications 2011, 80630V (31 May 2011); doi: 10.1117/12.884578
Show Author Affiliations
Hisham Al-Assam, Univ. of Buckingham (United Kingdom)
Sabah A. Jassim, Univ. of Buckingham (United Kingdom)

Published in SPIE Proceedings Vol. 8063:
Mobile Multimedia/Image Processing, Security, and Applications 2011
Sos S. Agaian; Sabah A. Jassim; Yingzi Du, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?