Flexible and Robust Privacy-Preserving Implicit Authentication

Abstract : Implicit authentication consists of a server authenticating a user based on the user’s usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication makes identity theft by third parties more difficult, it requires the server to learn and store the user’s usage profile. Recently, the first privacy-preserving implicit authentication system was presented, in which the server does not learn the user’s profile. It uses an ad hoc two-party computation protocol to compare the user’s fresh sampled features against an encrypted stored user’s profile. The protocol requires storing the usage profile and comparing against it using two different cryptosystems, one of them order-preserving; furthermore, features must be numerical. We present here a simpler protocol based on set intersection that has the advantages of: i) requiring only one cryptosystem; ii) not leaking the relative order of fresh feature samples; iii) being able to deal with any type of features (numerical or non-numerical).
Type de document :
Communication dans un congrès
Hannes Federrath; Dieter Gollmann. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. IFIP Advances in Information and Communication Technology, AICT-455, pp.18-34, 2015, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-18467-8_2〉
Liste complète des métadonnées

Littérature citée [19 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01345093
Contributeur : Hal Ifip <>
Soumis le : mercredi 13 juillet 2016 - 10:50:43
Dernière modification le : mercredi 13 juillet 2016 - 11:18:43

Fichier

337885_1_En_2_Chapter.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Josep Domingo-Ferrer, Qianhong Wu, Alberto Blanco-Justicia. Flexible and Robust Privacy-Preserving Implicit Authentication. Hannes Federrath; Dieter Gollmann. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. IFIP Advances in Information and Communication Technology, AICT-455, pp.18-34, 2015, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-319-18467-8_2〉. 〈hal-01345093〉

Partager

Métriques

Consultations de la notice

94