A multi-factor biometric based remote authentication using fuzzy commitment and non-invertible transformation

Abstract

Biometric-based authentication system offers more undeniable benefits to users than traditional authentication system. However, biometric features seem to be very vulnerable - easily affected by different attacks, especially those happening over transmission network. In this work, we have proposed a novel multi-factor biometric based remote authentication protocol. This protocol is not only resistant against attacks on the network but also protects biometric templates stored in the server’s database, thanks to the combination of fuzzy commitment and non-invertible transformation technologies. The notable feature of this work as compared to previous biometric based remote authentication protocols is its ability to defend insider attack. The server’s administrator is incapable of utilizing information saved in the database by client to impersonate him/her and deceive the system. In addition, the performance of the system is maintained with the support of random orthonormal project, which reduces computational complexity while preserving its accuracy.