Sitemap Contact SCS Campus Map Computer Science Search: Powered by Google

News & Seminars Future Students Current Students SCS Research People Tech Support

Ottawa-Carleton Institute for Computer Science (OCICS) Seminar Series

University of Ottawa - Carleton University Ottawa-Carleton Institute for Computer Science (OCICS) Presentation November 30, 2012 @ 10:00a.m. Cryptographic Credentials with Privacy-Preserving Biometric Bindings Speaker: Bissessar David Location: LMX 360 (Lamoureux) ABSTRACT Cryptographic credentials allow user authorizations to be granted and verified and have applications in e-Passports, e-Commerce, and electronic cash. This thesis proposes a privacy protecting approach of binding biometrically derived keys to cryptographic credentials to prevent unauthorized lending. Our approach builds on the 2011 work of Adams, offering additional benefits of privacy protection of biometric information, generality on biometric modalities, and performance. Our protocol integrates into Brands’ Digital Credential scheme, and the Anonymous Credentials scheme of Camenisch and Lysyanskaya. WE describe a detailed integration with the Digital Credential Scheme and sketch the integration into the Anonymous Credentials scheme. Security proofs for non-transferability, correctness of ownership, and unlinkability are provided for the protocol’s instantiation into Digital Credentials. Our approach uses specialized biometric devices in both the issue and show protocols. These devices are configured with our proposed primitive, the fuzzy extractor indistinguishability adaptor. The fuzzy extractor indistinguishability adaptor provides internally uses a traditional fuzzy extractor to create and regenerate cryptographic keys and uses IND-CCA2 secure encryption to encrypt the generated public data in it secure against fuzzy extractor multiplicity attacks. The biometric device seals the generated key in a Pedersen commitment. In the “Issue” protocol, the device samples the users biometric and produces a Pedersen commitment which the issuer inserts into the credential and signs in an unforgeable manner. In the “Show” protocol, the device collects another biometric sample, attempts to regenerate the key using the fuzzy extractor, and produces a Pedersen commitment on this regenerated key. A zero-knowledge proof of knowledge on Pedersen commitments is used to ensure that the key bound to the credential at issue-time corresponds to the key generated at show-time. The above is done in a manner which preserves biometric privacy, as and delivers non-transferability of digital credentials. The biometric itself is not stored or divulged to any of the parties involved in the protocol. Privacy protection in multiple enrollments scenarios is achieved by the fuzzy extractor indistinguishability adapter. The zero knowledge proof of knowledge is used in the showing protocol to prove knowledge of values without divulging them. Return to Schedule

© 2013 Carleton University School of Computer Science, 1125 Colonel By Drive, Ottawa, ON, Canada K1S 5B6 MyCarleton | Contact | Privacy Policy