Achieving non‐transferability in credential systems using hidden biometrics

Abstract: In credential systems, which allow the construction of privacy-preserving access control infrastructures in online environments, credential transfer occurs when Alice gives her private key to another entity who can then freely use Alice's credential as if it was his/her own. Prior approaches to limit credential transfer require tamper-resistant user hardware, or are ineffective against closely knit groups of users who are willing to share personal or valuable information with each other. In this paper we propo… Show more

“…We do so by comparing the 2011 protocol proposed by Adams [1], (Alg 0 ) with the protocol proposed in this work. We refer to these as Alg 0 and Alg 1 , respectively.…”

“…4) embedded biometric approaches include the direct use of a biometric within the credential, and necessarily some manner of distance comparison to establish identity. Approaches such as these have been proposed including Brands [8], and Adams [1]. In general, these approaches suffer the weakness that biometric is directly used: privacy is not protected.…”

“…Non transferability comes from the verification relation, and the ZKPoK in the Show protocol in combination with unforgeability of signatures in digital credentials and the intractability of the discrete log problem. The complete proofs are available in [1].…”

“…The following calculation can put into context the performance saving due to the removal of the third PoK (refered to as PoK3) from [1]. Consider that the cost of a modular exponentiation on a 1024 bits Integer on a Pentium 5 workstation to be approximately 40 milliseconds.…”

“…A PoK holding these three properties is called a Zero Knowledge Proof of Knowledge (ZKPoK). Adams [1] presents a ZKPoK which, given public values h , Pedersen commitment C pub and associated group parameters, provides the ability to prove knowledge of the discrete log representation of h consisting of l + 1 terms, where the lth…”

Using biometric key commitments to prevent unauthorized lending of cryptographic credentials

“…We do so by comparing the 2011 protocol proposed by Adams [1], (Alg 0 ) with the protocol proposed in this work. We refer to these as Alg 0 and Alg 1 , respectively.…”

“…4) embedded biometric approaches include the direct use of a biometric within the credential, and necessarily some manner of distance comparison to establish identity. Approaches such as these have been proposed including Brands [8], and Adams [1]. In general, these approaches suffer the weakness that biometric is directly used: privacy is not protected.…”

“…Non transferability comes from the verification relation, and the ZKPoK in the Show protocol in combination with unforgeability of signatures in digital credentials and the intractability of the discrete log problem. The complete proofs are available in [1].…”

“…The following calculation can put into context the performance saving due to the removal of the third PoK (refered to as PoK3) from [1]. Consider that the cost of a modular exponentiation on a 1024 bits Integer on a Pentium 5 workstation to be approximately 40 milliseconds.…”

“…A PoK holding these three properties is called a Zero Knowledge Proof of Knowledge (ZKPoK). Adams [1] presents a ZKPoK which, given public values h , Pedersen commitment C pub and associated group parameters, provides the ability to prove knowledge of the discrete log representation of h consisting of l + 1 terms, where the lth…”

Using biometric key commitments to prevent unauthorized lending of cryptographic credentials

Limiting Disclosure by Hiding the Identity

A Survey on Multimodal Biometrics and the Protection of Their Templates