A protocol to establish trust on biometric authentication devices

IF 1.5 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
U. Kiran, R. Moona, S. Biswas
{"title":"A protocol to establish trust on biometric authentication devices","authors":"U. Kiran, R. Moona, S. Biswas","doi":"10.1002/spy2.305","DOIUrl":null,"url":null,"abstract":"One of the most extensively utilized mechanisms for person authentication is a system built using biometric‐based authentication. However, many applications use biometric authentication devices that do not support any device authentication mechanisms. As a result, a counterfeit scanning device may be substituted for the genuine one. Non‐authentic biometric authentication devices may perform some additive / subtractive or malicious functions. This paper proposes a technique for establishing trust in biometric authentication devices. The device authentication procedure is essential to build trust in biometric authentication devices such that non‐genuine biometric authentication devices are not used, which may compromise the loss of authentication factor and its replay when the genuine user is not getting authenticated. The protocol uses strong cryptographic mechanisms to authenticate the biometric authentication device with the application server and includes mechanisms for protection against the tampering of biometric templates and to prevent replay attacks. We also perform a formal verification using BAN logic to demonstrate that the proposed protocol meets the defined objectives. The proposed protocol can be used with any biometric authentication device to achieve the same objectives.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2023-03-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.305","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

One of the most extensively utilized mechanisms for person authentication is a system built using biometric‐based authentication. However, many applications use biometric authentication devices that do not support any device authentication mechanisms. As a result, a counterfeit scanning device may be substituted for the genuine one. Non‐authentic biometric authentication devices may perform some additive / subtractive or malicious functions. This paper proposes a technique for establishing trust in biometric authentication devices. The device authentication procedure is essential to build trust in biometric authentication devices such that non‐genuine biometric authentication devices are not used, which may compromise the loss of authentication factor and its replay when the genuine user is not getting authenticated. The protocol uses strong cryptographic mechanisms to authenticate the biometric authentication device with the application server and includes mechanisms for protection against the tampering of biometric templates and to prevent replay attacks. We also perform a formal verification using BAN logic to demonstrate that the proposed protocol meets the defined objectives. The proposed protocol can be used with any biometric authentication device to achieve the same objectives.
一种在生物识别认证设备上建立信任的协议
最广泛使用的人员身份验证机制之一是使用基于生物特征的身份验证构建的系统。然而,许多应用程序使用不支持任何设备身份验证机制的生物识别身份验证设备。因此,假冒扫描设备可能会取代正品扫描设备。非真实的生物识别认证设备可能会执行一些附加/减去或恶意功能。提出了一种在生物特征认证设备中建立信任的技术。设备认证过程对于建立对生物识别认证设备的信任至关重要,这样就不会使用非真实的生物识别认证设备,这可能会损害身份验证因素的损失,并在真正的用户未获得身份验证时重播。该协议使用强加密机制与应用服务器对生物识别身份验证设备进行身份验证,并包括防止生物识别模板篡改和防止重放攻击的保护机制。我们还使用BAN逻辑执行正式验证,以证明所提议的协议符合定义的目标。所提出的协议可以与任何生物识别认证设备一起使用,以实现相同的目标。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
5.30%
发文量
80
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信