A review of privacy-preserving biometric identification and authentication protocols

IF 5.4 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS Computers & Security Pub Date : 2025-03-01 Epub Date: 2025-01-04 DOI:10.1016/j.cose.2024.104309
Li Zeng , Peisong Shen , Xiaojie Zhu , Xue Tian , Chi Chen
{"title":"A review of privacy-preserving biometric identification and authentication protocols","authors":"Li Zeng ,&nbsp;Peisong Shen ,&nbsp;Xiaojie Zhu ,&nbsp;Xue Tian ,&nbsp;Chi Chen","doi":"10.1016/j.cose.2024.104309","DOIUrl":null,"url":null,"abstract":"<div><div>Biometrics now play a crucial role in user identification and authentication. However, storing biometric features in plaintext and conducting authentication without protection pose a risk of privacy leakage. To address this issue, privacy-preserving biometric identification and authentication protocols have been proposed. These protocols leverage techniques such as homomorphic encryption (HE) and secure multi-party computation (MPC) to prevent involving parties from knowing other parties’ biometrics when performing authentications or identifications between different parties. In this paper, we present a thorough survey of privacy-preserving biometric protocols, classifying them into seven distinct models based on their application scenarios. In each scenario, we delve into its security requirements and potential threats, underscoring the importance of comprehending varied application scenarios in the design of practical biometric protection schemes. We also summarize current research gaps and potential future research directions, offering insights for advancing the field.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104309"},"PeriodicalIF":5.4000,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824006151","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/4 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Biometrics now play a crucial role in user identification and authentication. However, storing biometric features in plaintext and conducting authentication without protection pose a risk of privacy leakage. To address this issue, privacy-preserving biometric identification and authentication protocols have been proposed. These protocols leverage techniques such as homomorphic encryption (HE) and secure multi-party computation (MPC) to prevent involving parties from knowing other parties’ biometrics when performing authentications or identifications between different parties. In this paper, we present a thorough survey of privacy-preserving biometric protocols, classifying them into seven distinct models based on their application scenarios. In each scenario, we delve into its security requirements and potential threats, underscoring the importance of comprehending varied application scenarios in the design of practical biometric protection schemes. We also summarize current research gaps and potential future research directions, offering insights for advancing the field.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
保护隐私的生物特征识别和认证协议综述
生物识别技术现在在用户识别和认证方面发挥着至关重要的作用。然而,以明文形式存储生物特征并在没有保护的情况下进行身份验证会带来隐私泄露的风险。为了解决这个问题,人们提出了保护隐私的生物识别和认证协议。这些协议利用同态加密(HE)和安全多方计算(MPC)等技术,防止参与各方在执行不同各方之间的身份验证或识别时了解其他各方的生物特征。在本文中,我们对隐私保护生物识别协议进行了全面的调查,并根据其应用场景将其分为七种不同的模型。在每个场景中,我们深入研究了其安全需求和潜在威胁,强调了在设计实际生物识别保护方案时理解各种应用场景的重要性。总结了当前的研究差距和未来可能的研究方向,为该领域的发展提供了见解。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
期刊最新文献
A provider-agnostic security framework for PKI-based electronic identity systems: A Swedish case study STAC-IoT: A secure task-based access control for IoT-edge computing architecture RanDS: A large-Scale open dataset of raw binaries and extracted features for ransomware research Unifying mixed boolean-arithmetic obfuscation by architectural and anti-generalization hardening Bridging industrial control systems design and testing through threat modeling-driven penetration testing - a microgrid case study
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1