Skip to Main content Skip to Navigation
Conference papers

Flexible and Robust Privacy-Preserving Implicit Authentication

Abstract : Implicit authentication consists of a server authenticating a user based on the user’s usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication makes identity theft by third parties more difficult, it requires the server to learn and store the user’s usage profile. Recently, the first privacy-preserving implicit authentication system was presented, in which the server does not learn the user’s profile. It uses an ad hoc two-party computation protocol to compare the user’s fresh sampled features against an encrypted stored user’s profile. The protocol requires storing the usage profile and comparing against it using two different cryptosystems, one of them order-preserving; furthermore, features must be numerical. We present here a simpler protocol based on set intersection that has the advantages of: i) requiring only one cryptosystem; ii) not leaking the relative order of fresh feature samples; iii) being able to deal with any type of features (numerical or non-numerical).
Document type :
Conference papers
Complete list of metadata

Cited literature [19 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Wednesday, July 13, 2016 - 10:50:43 AM
Last modification on : Wednesday, October 13, 2021 - 7:16:03 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Josep Domingo-Ferrer, Qianhong Wu, Alberto Blanco-Justicia. Flexible and Robust Privacy-Preserving Implicit Authentication. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.18-34, ⟨10.1007/978-3-319-18467-8_2⟩. ⟨hal-01345093⟩



Record views


Files downloads