首页 | 本学科首页   官方微博 | 高级检索  
     

一种基于同态加密的分布式生物特征认证协议
引用本文:姚海龙, 王彩芬, 许钦百, 李文婷. 一种基于同态加密的分布式生物特征认证协议[J]. 计算机研究与发展, 2019, 56(11): 2375-2383. DOI: 10.7544/issn1000-1239.2019.20190293
作者姓名:姚海龙  王彩芬  许钦百  李文婷
作者单位:1.1(西北师范大学数学与统计学院 兰州 730070);2.2(深圳技术大学大数据与互联网学院 广东深圳 518118);3.3(兰州城市学院电子与信息工程学院 兰州 730070) (Hailong.Yao@outlook.com)
基金项目:国家自然科学基金;国家自然科学基金;甘肃省自然科学基金;甘肃省高等学校科研项目;教学改革项目
摘    要:分布式生物特征认证系统因不依赖弱口令或硬件标识物而获得高的可靠性、安全性和便利性,但也因生物特征存在永久失效和隐私泄露的风险而面临更多的安全威胁.基于同态加密技术的生物特征认证方案允许特征向量在密文域匹配以保护向量安全和用户隐私,但也因此要在密文域执行昂贵的乘法运算,而且还可能因为向量封装不当而遭受安全攻击.在Brakerski等人同态加密方案的基础上提出了一种安全向量匹配方法,并在该方法的基础上设计了一个口令辅助的生物特征同态认证协议.该协议无需令牌等硬件标识物,注册时只需将带有辅助向量的特征模板密文和辅助向量外包存储,认证时服务器使用辅助向量匹配法完成模板向量和请求向量的相似性评估即可实现用户身份认证.基于Dolev-Yao攻击者模型变种和分布式生物特征认证系统所面临的主要攻击手段对协议进行了安全性分析,并通过和另外2个基于RLWE(learning with error over ring)同态的生物特征认证协议的对比分析,证明了新协议在隐私保护和向量匹配效率方面更具优势.

关 键 词:分布式计算  生物特征认证  口令辅助认证  同态加密  身份认证

A Distributed Biometric Authentication Protocol Based on Homomorphic Encryption
Yao Hailong, Wang Caifen, Xu Qinbai, Li Wenting. A Distributed Biometric Authentication Protocol Based on Homomorphic Encryption[J]. Journal of Computer Research and Development, 2019, 56(11): 2375-2383. DOI: 10.7544/issn1000-1239.2019.20190293
Authors:Yao Hailong  Wang Caifen  Xu Qinbai  Li Wenting
Affiliation:1.1(College of Mathematics and Statistics, Northwest Normal University, Lanzhou 730070);2.2(College of Big Data and Internet, Shenzhen Technology University, Shenzhen, Guangdong 518118);3.3(School of Electronic and Information Engineering, Lanzhou City University, Lanzhou 730070)
Abstract:The distributed biometric authentication system achieves high reliability, security and convenience without relying on weak passwords or hardware identifiers, but also faces more security threats due to the risk of permanent failure and privacy leakage of biometrics. The biometric authentication scheme based on homomorphic encryption technology allows feature vectors to be matched in the ciphertext domain to protect feature vector security and user privacy, but have to perform expensive multiplication operations in the ciphertext domain and it may also be compromised by improper vector encapsulation. In this paper, a secure vector matching method is proposed based on the BGV homomorphic encryption scheme, and a password-assisted biometric authentication protocol is designed based on this method. The protocol does not require hardware identifiers such as USB key, and registration only needs to store the auxiliary vector and the ciphertext of the sum of the biometric template vector and the auxiliary vector, authentication server using auxiliary vector matching method to evaluate the similarity of the template vector and the request vector can achieve user identity authentication. Based on Dolev-Yao attacker model and the multiple attacking methods of distributed biometric authentication system, the security analysis of the protocol is achieved, and the new protocol is proved to be more advantageous in privacy protection and vector matching efficiency by comparing and analyzing two other well-known RLWE-based biometric authentication protocols.
Keywords:distributed computing  biometric authentication  password-assisted authentication  homomorphic encryption  identity authentication
本文献已被 万方数据 等数据库收录!
点击此处可从《计算机研究与发展》浏览原始摘要信息
点击此处可从《计算机研究与发展》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号