K. Nandakumar, N. Ratha, Sharath Pankanti, S. Darnell
{"title":"为不可抵赖的多方交易提供安全的一次性生物识别令牌","authors":"K. Nandakumar, N. Ratha, Sharath Pankanti, S. Darnell","doi":"10.1109/WIFS.2017.8267654","DOIUrl":null,"url":null,"abstract":"Numerous applications require users to interact with a multitude of entities in order to avail a service. In such applications, the identity of the user is typically verified through physical or digital tokens, which are prone to both identity theft (lost or stolen tokens) and repudiation claims by malicious users. The use of biometrics can provide non-repudiability by ensuring that a purchaser is the bonafide user of the service. However, in applications entailing multiple stakeholders, there may be privacy issues with sharing user's biometrics data. While this concern can be addressed by storing the user's biometric data on the token itself, strong mechanisms are required to ensure that token is both secure and tamper-proof. In this paper, we propose a single use biometric token that relies on Shamir's secret sharing algorithm and blockchain technology to ensure that the encrypted biometric template contained in the token is secure, tamper-proof, and any attempt to use the issued token is irrefutably logged to prove subsequently that the user indeed availed the service. We also analyze issues related to the system security, user privacy, and usability of the proposed solution.","PeriodicalId":305837,"journal":{"name":"2017 IEEE Workshop on Information Forensics and Security (WIFS)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Secure one-time biometrie tokens for non-repudiable multi-party transactions\",\"authors\":\"K. Nandakumar, N. Ratha, Sharath Pankanti, S. Darnell\",\"doi\":\"10.1109/WIFS.2017.8267654\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Numerous applications require users to interact with a multitude of entities in order to avail a service. In such applications, the identity of the user is typically verified through physical or digital tokens, which are prone to both identity theft (lost or stolen tokens) and repudiation claims by malicious users. The use of biometrics can provide non-repudiability by ensuring that a purchaser is the bonafide user of the service. However, in applications entailing multiple stakeholders, there may be privacy issues with sharing user's biometrics data. While this concern can be addressed by storing the user's biometric data on the token itself, strong mechanisms are required to ensure that token is both secure and tamper-proof. In this paper, we propose a single use biometric token that relies on Shamir's secret sharing algorithm and blockchain technology to ensure that the encrypted biometric template contained in the token is secure, tamper-proof, and any attempt to use the issued token is irrefutably logged to prove subsequently that the user indeed availed the service. We also analyze issues related to the system security, user privacy, and usability of the proposed solution.\",\"PeriodicalId\":305837,\"journal\":{\"name\":\"2017 IEEE Workshop on Information Forensics and Security (WIFS)\",\"volume\":\"89 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE Workshop on Information Forensics and Security (WIFS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WIFS.2017.8267654\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Workshop on Information Forensics and Security (WIFS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WIFS.2017.8267654","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Secure one-time biometrie tokens for non-repudiable multi-party transactions
Numerous applications require users to interact with a multitude of entities in order to avail a service. In such applications, the identity of the user is typically verified through physical or digital tokens, which are prone to both identity theft (lost or stolen tokens) and repudiation claims by malicious users. The use of biometrics can provide non-repudiability by ensuring that a purchaser is the bonafide user of the service. However, in applications entailing multiple stakeholders, there may be privacy issues with sharing user's biometrics data. While this concern can be addressed by storing the user's biometric data on the token itself, strong mechanisms are required to ensure that token is both secure and tamper-proof. In this paper, we propose a single use biometric token that relies on Shamir's secret sharing algorithm and blockchain technology to ensure that the encrypted biometric template contained in the token is secure, tamper-proof, and any attempt to use the issued token is irrefutably logged to prove subsequently that the user indeed availed the service. We also analyze issues related to the system security, user privacy, and usability of the proposed solution.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
