Biometric yet Privacy Protecting Person Authentication

Bleumer, Gerrit

doi:10.1007/3-540-49380-8_8

Gerrit Bleumer⁵

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1525))

Included in the following conference series:

International Workshop on Information Hiding

1405 Accesses
12 Citations

Abstract

Many eligibility or entitlement certificates in every day life are non-transferable between persons. However, they are usually implemented by personal physical tokens that owners can easily pass around (e.g. credit card), driver’s license). So there must either be negligible incentives to pass these certificates or the tokens around, or the tokens must allow to authenticate the persons who show certificates, e.g., by imprinted photographs. However, any kind of easily accessible personal identifying information threatens the owners’ privacy. To solve these somehow paradoxical requirements, we assume for each owner a kind of pilot that is equipped with a tamper resistant biometric authentication facility. We draft cryptographic protocols for issuing and showing non-transferable yet privacy protecting certificates. Unforgeability of certificates relies on a well-established computational assumption, nontransferability relies upon a physical assumption and owners’ privacy is protected unconditionally.

The research for this paper was supported by the German Research Foundation under grant DFG-Bi 311/9-1.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Stefan Brands: An Efficient Off-line Electronic Cash System Based On The Representation Problem; Centrum voor Wiskunde en Informatica, Computer Science/ Departement of Algorithmics and Architecture, Technical Report CS-R9323, March 1993.
Google Scholar
Stefan Brands: Untraceable Off-line Cash in Wallet with Observers; Crypto’ 93, LNCS 773, Springer-Verlag, Berlin 1994, 302–318.
Google Scholar
Josef Bigün, Gérard Chollet, Gunilla Borgefors (eds.): Audio-and Video-based Biometric Person Authentication (AVBPA)’ 97, LNCS 1206, Springer-Verlag, Berlin 1997
Google Scholar
Biometric fingerprint readers: BioMouse http://www.abio.com PC-Lockdown http://users.ids.net SecureTouch http://www.biometricaccess.com TouchSafe http://www.identix.com U.are.U http://www.digitalpersona.com Veriprint http://www.biometricID.com
Mihir Bellare, Phillip Rogaway: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols; 1st ACM Conference on Computer and Communications Security, ACM Press, New York 1993, 62–73.
Google Scholar
David Chaum: Blind Signature System; Crypto’ 83, Plenum Press, New York 1984, 153.
Google Scholar
David Chaum: A New Paradigm for Individuals in the Information Age; 1984 IEEE Symposium on Security and Privacy, IEEE Press, Washington 1984, 99–103.
Chapter Google Scholar
David Chaum: Security without Identification: Transaction Systems to make Big Brother Obsolete; Communications of the ACM 28/10 (1985) 1030–1044.
Article Google Scholar
David Chaum: Showing credentials without identification: Transferring signatures between unconditionally unlinkable pseudonyms; Auscrypt’ 90, LNCS 453, Springer-Verlag, Berlin 1990, 246–264.
Google Scholar
David Chaum: Achieving Electronic Privacy; Scientific American (August 1992) 96–101.
Google Scholar
Lidong Chen: Witness Hiding Proofs and Applications; PhD Thesis DAIMI PB-477, Computer Science Department Aarhus University, August 1994.
Google Scholar
David Chaum, Jan.-Hendrik Evertse, Jeroen van de Graaf: An improved protocol for demonstrating possession of discrete logarithms and some generalizations; Eurocrypt’ 87, LNCS 304, Springer-Verlag, Berlin 1988, 127–141.
Google Scholar
David Chaum, Torben Pryds Pedersen: Wallet Databases with Observers. Crypto’ 92, LNCS 740, Springer Verlag, Berlin 1993, 89–105.
Google Scholar
Uriel Feige, Adi Shamir: Witness Indistinguishable and Witness Hiding Protocols; 22nd Symposium on Theory of Computing (STOC) 1990, ACM Press, New York 1990, 416–426.
Google Scholar
Benjamin Miller: Vital signs of identity; IEEE spectrum 31/2 (1994) 22–30.
Article Google Scholar
Tatsuaki Okamoto, Kazuo Ohta: Divertible zero-knowledge interactive proofs and commutative random self-reducibility; Eurocrypt’ 89, LNCS 434, Sringer-Verlag, Berlin 1990, 134–149.
Google Scholar
Andreas Pfitzmann, Birgit Pfitzmann, Matthias Schunter, Michael Waidner: Trusting Mobile User Devices and Security Modules; Computer 30/2 (1997) 61–68.
Article MATH Google Scholar

Download references

Author information

Authors and Affiliations

AT&T Labs-Research, Florham Park, NJ, 07932, USA
Gerrit Bleumer

Authors

Gerrit Bleumer
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Intel Corporation JF3-373, Hillsboro, OR, 97124-5961, USA
David Aucsmith

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Bleumer, G. (1998). Biometric yet Privacy Protecting Person Authentication. In: Aucsmith, D. (eds) Information Hiding. IH 1998. Lecture Notes in Computer Science, vol 1525. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49380-8_8

Download citation

DOI: https://doi.org/10.1007/3-540-49380-8_8
Published: 30 November 1998
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65386-8
Online ISBN: 978-3-540-49380-8
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics