Design And Implementation Of Privacy-preserving Revocable Biometric Authentication Scheme Based On ECC

As a novel authentication technology,biometric identification technology is extensively used in the field of access control and privileges management.At present,the biometric identification research focuses more on the accuracy and efficiency,which often neglects the privacy preservation of biometric information.With biometric templates are unique,irrevocable and closely related to identification privacy information,they are susceptible to theft,forgery or even impersonation by attackers during the biometric authentication process to access the system’s online services,leading to serious privacy leakage risks.The existing biometric authentication schemes based on Elliptic Curve Cryptography(ECC)cannot effectively preserve the privacy of biometric information and resist most malicious attacks,and still have certain security issues.Therefore,there is an urgent necessity to design and improve a privacy-preserving biometric templates scheme.This thesis examines this in depth,the main research works are as follows:This thesis proposes a revocable privacy-preserving biometric authentication scheme based on ECC.First,this scheme uses ECC to establish a shared session key between the user and the server to achieve mutual authentication of the legal identity.The scheme not only ensures security and convenient access to network services for the user;but also guarantees the secure transmission of data.In addition,the scheme combines the random distance method with the fuzzy commitment technique to preserve the privacy of biometric information.Specifically,the revocable technique is the Random Distance Method(RDM),which processes the raw biometric information and converts it into a strongly private and revocable biometric template.The scheme then uses the fuzzy commitment technique to further preserve the converted biometric template and verify that the queried biometric template is consistent with the template stored in the database.Finally,the scheme was analyzed for security under the BPR model and proved to be effective in guaranteeing the security of biometric templates and resistant to most existing malicious attacks.This thesis designs and implements a privacy-preserving revocable biometric authentication system.The system not only enables user face recognition services;but also ensures the security of face feature information.This thesis focuses on the architecture and hierarchical design of the face recognition system and the detailed design of the system modules,completes the development environment configuration and implements the various functional modules of the system.Finally,this scheme is analyzed and compared with other related schemes in terms of performance,and the experiment was performed to evaluate biometric indicators(FAR,FRR,EER)in order to analyze the accuracy of the system’s recognition.The results show that the system has certain advantages in terms of calculation cost,communication cost and recognition accuracy while effectively preserving the privacy and security of face feature information.