Privacy-Preserving Biometric Authentication: Cryptanalysis and Countermeasures

In this article, we cryptanalyzed a Verifiable Threshold Predicate Encryption (VTPE) enabled Privacy-Preserving Biometric Authentication (PPBA) protocol reported in IEEE-TDSC and revealed discrepancies between its security claims and our security analysis. To be precise, the underlying authentication and key agreement scheme which is based on a challenge-response mechanism and watermark signal unsatisfactorily meets the following security scenario: (a) resistance to man-in-the-middle attacks, (b) biometric template protection, and (c) user anonymity and untraceability. To address these issues, we utilize Physical Unclonable Functions (PUF) to design a PUF driven Verifiable Threshold Predicate Encryption (PUF-VTPE) scheme and a secure PPBA protocol. The PUF-VTPE-based PPBA protocol equips with dual authentication using biometric and mobile device, which offers strong authenticity before establishing the session key. Simultaneously, the non-invertible property of PUF protects the biometric templates in the physical layer. The proposed storage-free mechanism that hides the challenge of device PUF in biometric template alleviates data leakage caused by storage challenges in PUF-based authentication protocols. Moreover, the experimental analysis suggests that the proposed PPBA protocol possesses ISO/IEC 24745 criteria of non-invertibility, unlinkability, and revocability. Additionally, the proposed PPBA protocol reduces the computational cost by about 50% compared to that of the cryptanalyzed scheme.