Privacy preserving remote multi-server biometric authentication using cancelable biometrics and secret sharing

Biometric authentication over cloud and network applications demands a wide range of solutions against increasing cyber crimes and digital identity thefts. This work addresses security and privacy issues of network/cloud based remote biometric authentication where a number of applications are hosted over different servers. The proposed framework combines the benefits of cancelable pseudobiometric identities and advance protection using secret sharing. Random Distance Method is used to generate privacy preserving, non-invertible, revocable, and dimensionally reduced pseudo-biometric identities. Its performance is compared with some recent state-of-art techniques. Multiple pseudoidentities generated from the same biometric can prevent cross-matching and other database attacks, and allow user to operate safely on diverse applications. A share distribution model for multiple servers is developed and authentication protocols are designed to maintain user-anonymity, session key agreement, and prevent transmission attacks like replay, ARM, MIMA, database, and server-spoofing. (C) 2019 Published by Elsevier B.V.