{"title":"设计一种安全的协议,用于更新多服务器环境下远程存储的密码生物识别框架的凭证","authors":"Subhas Barman, Samiran Chattopadhyay, D. Samanta","doi":"10.1002/spy2.339","DOIUrl":null,"url":null,"abstract":"Integration of biometric data with cryptography is gaining importance to develop a secure distributed communication system. The main issue with this strategy is updating a biometric template and other credentials (like a cryptographic key) and sharing the same in a secure manner. This paper proposes a novel approach to protect a credential under the security of biometric data using fuzzy commitment so that it can be securely stored on a remote server. Furthermore, a protocol has been proposed to update the cryptographic key and biometric data online and share the same among communicating parties through a network channel. A rigorous security analysis of the scheme establishes the robustness of the scheme against many known attacks. In addition to this, to substantiate that the protocol is provably secure, it has been critically verified with two protocol verification tools, namely, the RO (Random Oracle) Model and the AVISPA (automated validation of Internet Security Protocols and Applications) tool. The proposed protocol is useful to design a multiparty system having a multi‐user and multi‐server environment.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2023-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Toward design a secure protocol for updating remotely stored credentials of a crypto‐biometric framework for multi‐server environment\",\"authors\":\"Subhas Barman, Samiran Chattopadhyay, D. Samanta\",\"doi\":\"10.1002/spy2.339\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Integration of biometric data with cryptography is gaining importance to develop a secure distributed communication system. The main issue with this strategy is updating a biometric template and other credentials (like a cryptographic key) and sharing the same in a secure manner. This paper proposes a novel approach to protect a credential under the security of biometric data using fuzzy commitment so that it can be securely stored on a remote server. Furthermore, a protocol has been proposed to update the cryptographic key and biometric data online and share the same among communicating parties through a network channel. A rigorous security analysis of the scheme establishes the robustness of the scheme against many known attacks. In addition to this, to substantiate that the protocol is provably secure, it has been critically verified with two protocol verification tools, namely, the RO (Random Oracle) Model and the AVISPA (automated validation of Internet Security Protocols and Applications) tool. The proposed protocol is useful to design a multiparty system having a multi‐user and multi‐server environment.\",\"PeriodicalId\":29939,\"journal\":{\"name\":\"Security and Privacy\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2023-08-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security and Privacy\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1002/spy2.339\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/spy2.339","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Toward design a secure protocol for updating remotely stored credentials of a crypto‐biometric framework for multi‐server environment
Integration of biometric data with cryptography is gaining importance to develop a secure distributed communication system. The main issue with this strategy is updating a biometric template and other credentials (like a cryptographic key) and sharing the same in a secure manner. This paper proposes a novel approach to protect a credential under the security of biometric data using fuzzy commitment so that it can be securely stored on a remote server. Furthermore, a protocol has been proposed to update the cryptographic key and biometric data online and share the same among communicating parties through a network channel. A rigorous security analysis of the scheme establishes the robustness of the scheme against many known attacks. In addition to this, to substantiate that the protocol is provably secure, it has been critically verified with two protocol verification tools, namely, the RO (Random Oracle) Model and the AVISPA (automated validation of Internet Security Protocols and Applications) tool. The proposed protocol is useful to design a multiparty system having a multi‐user and multi‐server environment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
