A Complete User Authentication and Key Agreement Scheme Using Cancelable Biometrics and PUF in Multi-Server Environment

With the current development and popularization of biometrics recognition technology, our biometrics and other identity information may be illegal bulk scalping, and there is the possibility of being used for false enrolment, network fraud and other illegal criminal activities. Although some network platforms based on biometrics recognition adopt multi-identity authentication, network hacking technology is also improving constantly. Therefore, we must not ignore the importance of biometrics data protection. To this end, we propose a complete user authentication protocol and key agreement scheme based on cancelable biometrics and physical unclonable function (PUF). Firstly, cancelable biometrics are generated by efficient biometrics fusion processing which called PUF-TTM (Template Transformation Method) using a PUF embedded into the device. Then based on Biometrics-as-a-Service (BaaS) model and secret sharing technology, a complete authentication protocol in multi-server environment is designed, and the robustness, effectiveness and security of our proposed scheme are ensured from the perspective of performance and security analysis.

Automated summary

With the development and popularization of biometrics recognition technology, the protection of biometric data is of utmost importance. A user authentication protocol based on cancelable biometrics and PUF is proposed to ensure robustness, effectiveness, and security through performance and security analysis.