With their increasing popularity in cryptosystems, biometrics have attracted more and more attention from the information security community. However, how to handle the relevant privacy concerns remains to be troublesome. In this paper, we propose a novel security model to formalize the privacy concerns in biometric-based remote authentication schemes. Our security model covers a number of practical privacy concerns such as identity privacy and transaction anonymity, which have not been formally considered in the literature. In addition, we propose a general biometric-based remote authentication scheme and prove its security in our security model.
|Title of host publication||Information Security Practice and Experience, 4th International Conference, ISPEC 2008|
|Editors||L. Chen, Y. Mu, W. Susilo|
|Place of Publication||London|
|Number of pages||15|
|Publication status||Published - Apr 2008|
|Name||Lecture Notes in Computer Science|