Abstract
Kerberos is a distributed authentication protocol which guarantees the mutual authentication between client and server over an insecure network. After the identification, all the subsequent communications are encrypted by session keys to ensure privacy and data integrity. Nowadays, many traditional authentication systems have tried moved to biometric system for convenience. However, the security and privacy of these systems need to put on the table. In this paper, we have proposed an efficient hybrid approach for protecting biometrics in remote authentication protocol based on Kerberos scheme. This protocol is not only resistant against attacks on the insecure network such as man-in-the-middle attack, replay attack,… but also able to protect the biometrics for using fuzzy extractor and non-invertible transformation. These techniques conceal the user’s cancelable biometrics into the cryptographic key called biometric key. This key is used to verify a user in authentication phase. Therefore, there is no need to store users’ plaint biometrics in the database. Even if biometric key is revealed, it is impossible for an attack to infer the users’ biometrics for the high security of the fuzzy extractor scheme. Moreover, another remarkable contribution of this work is that a user can also change his biometric key without replacing his biometrics. The protocol supports multi-factor authentication to enhance security of the entire system.
Similar content being viewed by others
References
Jain, A.K., Ross, A.: Multibiometric systems. Commun. ACM 47(1), 34–40 (2004)
Rathgeb, C., Uhl, A.: A survey on biometric cryptosystems and cancelable biometrics. EURASIP J. Inf. Secur. 2011(1), 1–25 (2011)
Upmanyu, M., et al.: Blind authentication: a secure crypto-biometric verification protocol. Trans. Inf. Forensics Secur. IEEE 5(2), 255–268 (2010)
Nguyen, T.A.T., Dang, T.K.: Combining fuzzy extractor in biometric-kerberos based authentication protocol. In: International Conference on Advanced Computing and Appications, pp. 1–6. IEEE, Ho Chi Minh (2015)
Xi, K., et al.: A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment. Secur. Commun. Netw. 4(5), 487–499 (2011)
Nguyen, T.H.L., Nguyen, T.T.H.: An approach to protect private key using fingerprint biometric encryption key in BioPKI based security system. In: The 10th International Conference on Control, Automation, Robotics and Vision, ICARCV (2008)
Lifang, W., Songlong, Y.: A face based fuzzy vault scheme for secure online authentication. In: Second International Symposium on Data, Privacy and E-Commerce (ISDPE) (2010)
Al-Assam, H., Rashid, R., Jassim, S.: Combining steganography and biometric cryptosystems for secure mutual authentication and key exchange. In: The 8th International Conference for Internet Technology and Secured Transactions, ICITST 2013 (2013)
Johnson, R.C., Scheirer, W.J., Boul, T.E.: Secure voice-based authentication for mobile devices: vaulted voice verification (2013)
Jonsson, E.: Co-Authentication - a probabilistic approach to authentication, in computer science and engineering. Technical University of Denmark, DTU: Informatics and Mathematical Modelling, Technical University of Denmark, DTU, p. 135 (2007)
Wang, F., Han, J.: Multimodal biometric authentication based on score level fusion using support vector machine. Opto-Electron. Rev. 17(1), 59–64 (2009)
Peng, J., et al.: Multimodal biometric authentication based on score level fusion of finger biometrics. Optik-Int. J. Light Electron. Opt. 125(23), 6891–6897 (2014)
Vasuhi, S., et al.: An efficient multi-modal biometric person authentication system using fuzzy logic. In: 2010 Second International Conference on Advanced Computing (ICoAC) (2010)
Le, T.T.B., Dang, T.K., Truong, Q.C., Nguyen, T.A.T.: Protecting biometric features by periodic function-based transformation and fuzzy vault. In: Hameurlain, A., Küng, J., Wagner, R., Dang, T.K., Thoai, N. (eds.) TLDKS XVI. LNCS, vol. 8960, pp. 57–70. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45947-8_5
Huynh, V.Q.P., et al.: A combination of ANN and secure sketch for generating strong biometric key. J. Sci. Technol. Vietnamese Acad. Sci. Technol. 51(4B), 30–39 (2013)
Al-Assam, H., Sellahewa, H., Jassim, S.: A lightweight approach for biometric template protection. In: Proceedings of SPIE (2009)
Jain, A.K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP J. Adv. Signal Process. 2008, 1–17 (2008)
Dodis, Y., et al.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)
Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 28–36. ACM: Kent Ridge Digital Labs, Singapore (1999)
Ratha, N.K., et al.: Generating cancelable fingerprint templates. IEEE Trans. Pattern Anal. Mach. Intell. 29(4), 561–572 (2007)
Nguyen, T.A.T., Nguyen, D.T., Dang, T.K.: A multi-factor biometric based remote authentication using fuzzy commitment and non-invertible transformation. In: Khalil, I., et al. (eds.) Proceedings of Information and Communication Technology: Third IFIP TC 5/8 International Conference, ICT-EurAsia 2015, and 9th IFIP WG 8.9 Working Conference, CONFENIS 2015, Held as Part of WCC 2015, Daejeon, Korea, 4–7 October 2015, pp. 77–88. Springer, Cham (2015)
Failla, P., Sutcu, Y., Barni, M.: eSketch: a privacy-preserving fuzzy commitment scheme for authentication using encrypted biometrics. In: Proceedings of the 12th ACM Workshop on Multimedia and Security, pp. 241–246. ACM, Roma (2010)
Lee, C.-C., Hsu, C.-W.: A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dyn. 71(1), 201–211 (2013)
Zhang, M., Zhang, J., Zhang, Y.: Remote three-factor authentication scheme based on fuzzy extractors. Secur. Commun. Netw. 8(4), 682–693 (2015)
Needham, R.M., Schroeder, M.D.: Using encryption for authentication in large networks of computers. Commun. ACM 21(12), 993–999 (1978)
Kohl, J.T., Neuman, B.C.: The evolution of the Kerberos authentication service. IEEE Computer Society Press, Los Alamitos (1994)
Ratha, N., et al.: Privacy enhancements for inexact biometric templates. In: Tuyls, P., Skoric, B., Kevenaar, T. (eds) Security with Noisy Data: On Private Biometrics, Secure Key Storage and Anti-Counterfeiting, pp. 153–168. Springer, London (2007)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer-Verlag GmbH Germany
About this paper
Cite this paper
Nguyen, T.A.T., Dang, T.K. (2017). Protecting Biometrics Using Fuzzy Extractor and Non-invertible Transformation Methods in Kerberos Authentication Protocol. In: Hameurlain, A., Küng, J., Wagner, R., Dang, T., Thoai, N. (eds) Transactions on Large-Scale Data- and Knowledge-Centered Systems XXXI. Lecture Notes in Computer Science(), vol 10140. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-54173-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-662-54173-9_3
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-54172-2
Online ISBN: 978-3-662-54173-9
eBook Packages: Computer ScienceComputer Science (R0)