BLIND AUTHENTICATION: A SECURE
2. Biometric Authentication System
3. Comparison of Biometric systems
4. Privacy concerns in Biometric systems
5. What is Blind Authentication?
6. Previous work
7. Features of Blind Authentication
10. Security, Privacy and Trust
11. Extensions to Kernels and Neural networks
12. Blind Secure Product Protocol
13. Implementation and analysis
A biometric is a physiological or behavioral characteristic
of a human being that can distinguish one person from
another and that theoretically can be used for identification
or verification of identity.
WHAT YOU KNOW?
WHAT YOU HAVE?
WHAT YOU ARE?
COMPARISON OF BIOMETRIC
1. Fingerprint recognition
a) No two persons share the same fingerprints
b) Can go for thermal sensing, optical sensing, capacitance sensing,
ultrasound sensing etc.
c) Wet, dry, or dirty skin may create problems
2. Face Recognition
a) One of the most acceptable biometrics
b) Not accurate and dependable
3. Hand Geometry
a) Include length and width of fingers, different aspect
ratios of palm and fingers, thickness and width of the palm etc.
b) Existing hand geometry systems mostly use images of the
4. Iris Recognition
a) Reliable and accurate
b) Believed to be unique in every individual
c) Not work for people who are missing both eyes or who have
serious eye illnesses that affect the iris.
a) High degree of acceptance
b) Signatures lack permanence
c) Static signature verification systems & Dynamic signature
a) Depend on numerous characteristics of a human voice to identify
b) Does not require expensive input devices
c) Issues- may skillfully imitate others' voices, record and replay
Primary Concerns in a Biometric
Trust between user and
What is Blind Authentication?
A blind authentication protocol that does
not reveal any:
information about the biometric samples to the
information regarding the classifier, employed by
the server, to the user or client
Categorization of template protection schemes by Jain
Design a classifier in the encrypted feature space
Specific to a biometric trait
Security using a transformation function seeded by a user
Do not offer well defined security
Apply non-invertible function on the biometric template
Key must be available at the time of transformation
Eg. Robust hashing, Cancelable templates
KEY BINDING AND KEY GENERATION
Integrate the advantages of biometrics and cryptography
Using the biometric as a protection for the secret key or to
generate secret key
FEATURES OF BLIND
Protection against replay and
Enrollment based on a trusted third party(TTP): At the time of
registering with a website, the encrypted version of the user’s
biometric template is made available to the website. The one-time
classifier training is done on the plain biometrics, and hence requires
a trusted server to handle training.
Blind Authentication Process: Linear kernel computation for
encrypted feature vectors. At no point, the identity vectors x,
w or the intermediate results xi · wi is revealed to anyone.
SECURITY PRIVACY AND
Concern of revealing personal
Hacker gains access to the template database
Hacker is in the database server during the authentication
Impostor trying blind attacks from a remote machine
Hacker gains access to the user’s biometric or private key
Passive attack at the user’s computer
Attacker gains access to the network
Concern of revealing personal information-Template is
never revealed to the server
Concern of being tracked-Use different keys for different
EXTENSIONS TO KERNELS AND
Kernel based classifier uses a discriminating function
Similarly, in Neural Network the basic units are, for
example perceptron and sigmoid
Model above functions as arithmetic circuits consisting
of add and multiplication gates over a finite domain.
Consider two encryptions E+
BLIND SECURE PRODUCT
Receive from client
Server computes kn+k random numbers such that
and send it to the client.Client decrypts it.
to the server
IMPLEMENTATION AND ANALYSIS
Experiments designed to evaluate the efficiency and
accuracy of proposed approach.
For evaluation, an SVM based verifier based on client-
server architecture was implemented.
Verification time for various
key sizes and feature vector
Variation of accuracy w.r.t. The
ADVANTAGES OF BLIND
Fast and Provably Secure authentication without
trading off accuracy.
Supports generic classifiers such as Neural Network
Useful with wide variety of fixed-length biometric-
Ideal for applications such as biometric ATMs, login
from public terminals.
Verification can be done in real-time with the help of
Keep the interaction between the user and the server to a
Extensions to this work includes secure enrollment
protocols and encryption methods to reduce computations
Dynamic warping based matching of variable length feature
vectors can further enhance the utility of the approach
N. K. Ratha, J. H. Connell, and R. M. Bolle, “Enhancing security
and privacy in biometrics-based authentication systems”
Maneesh Upmanyu, Anoop M. Namboodiri, K. Srinathan and C.V.
Jawahar,“Blind authentication: A secure crypto-biometric