Improving biometric authentication with Cloud-based SMC


Dr. Henry Carter

Villanova University



Fingerprints as biometric authenticators are rapidly increasing in popularity, with fingerprint scanners available on many modern smartphones and laptops. Because these authenticators are non-revocable, special care must be taken to prevent leakage of the representative feature information of a user’s fingerprint. To this end, secure multiparty computation protocols have been designed to allow for computation over encrypted or garbled data.  These privacy-preserving techniques allow for computation to be performed on untrusted clouds or third-party application servers while maintaining a strong guarantee of privacy for the user’s data.  In this presentation, we will discuss outsourcing techniques that allow these computationally expensive protocols to be executed from smartphones and other devices with limited computing power.  After combining these protocols with fingerprint biometric techniques, we show that biometrics can be used to authenticate to remote services while maintaining the privacy of the user’s biometric information stored on the authentication server.  Preliminary performance results show that this privacy-preserving fingerprint authentication can authenticate a user to a remote service in as little as 1.5 seconds.  This prototype provides a template for designing low-cost biometric authentication systems, and shows a practical use-case for secure multiparty computation protocols in remote authentication systems.



Dr. Henry “Hank" Carter is an assistant professor in the Department of Computing Sciences at Villanova University. His research interests are in applied cryptography in mobile computing. Specifically, his work focuses on providing provably secure privacy solutions to mobile phone users. He completed his PhD and MS in Computer Science at the Georgia Institute of Technology in 2015 and 2012, respectively, and his undergraduate degree in 2010 at Belmont University.