• DocumentCode
    1799946
  • Title

    Using biometric key commitments to prevent unauthorized lending of cryptographic credentials

  • Author

    Bissessar, David ; Adams, Christopher ; Dong Liu

  • Author_Institution
    Canada Border Services Agency, Canada
  • fYear
    2014
  • fDate
    23-24 July 2014
  • Firstpage
    75
  • Lastpage
    83
  • Abstract
    We present a technique that uses privacy enhancing technologies and biometrics to prevent the unauthorized lending of credentials. Current credential schemes suffer the weakness that issued credentials can be transferred between users. Our technique ensures the biometric identity of the individual executing the Issue and Show protocols of an existing credential system in a manner analogous to the enrollment and verification steps in traditional biometric systems. During Issue we create Pedersen commitments on biometrically derived keys obtained from fuzzy extractors. This issue-time commitment is sealed into the issued credential. During Show a verification-time commitment is generated. Correspondence of keys is verified using a zero-knowledge proof of knowledge. The proposed approach preserves the security of the underlying credential system, protects the privacy of the biometric, and generalizes to multiple biometric modalities. We illustrate the usage of our technique by showing how it can be incorporated into digital credentials and anonymous credentials.
  • Keywords
    cryptography; data privacy; Pedersen commitments; anonymous credentials; biometric identity; biometric key commitments; biometric modalities; credential schemes; credential system; cryptographic credentials; digital credentials; fuzzy extractors; issue protocol; issue-time commitment; privacy enhancing technologies; show protocol; Data mining; Encryption; Measurement; Privacy; Protocols; anonymous credentials; biometrics; digital credentials; fuzzy extractors; non-transferability; privacy enhancing technologies;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Privacy, Security and Trust (PST), 2014 Twelfth Annual International Conference on
  • Conference_Location
    Toronto, ON
  • Print_ISBN
    978-1-4799-3502-4
  • Type

    conf

  • DOI
    10.1109/PST.2014.6890926
  • Filename
    6890926