关键词: 分布式计算, 生物特征认证, 口令辅助认证, 同态加密, 身份认证

Abstract: The distributed biometric authentication system achieves high reliability, security and convenience without relying on weak passwords or hardware identifiers, but also faces more security threats due to the risk of permanent failure and privacy leakage of biometrics. The biometric authentication scheme based on homomorphic encryption technology allows feature vectors to be matched in the ciphertext domain to protect feature vector security and user privacy, but have to perform expensive multiplication operations in the ciphertext domain and it may also be compromised by improper vector encapsulation. In this paper, a secure vector matching method is proposed based on the BGV homomorphic encryption scheme, and a password-assisted biometric authentication protocol is designed based on this method. The protocol does not require hardware identifiers such as USB key, and registration only needs to store the auxiliary vector and the ciphertext of the sum of the biometric template vector and the auxiliary vector, authentication server using auxiliary vector matching method to evaluate the similarity of the template vector and the request vector can achieve user identity authentication. Based on Dolev-Yao attacker model and the multiple attacking methods of distributed biometric authentication system, the security analysis of the protocol is achieved, and the new protocol is proved to be more advantageous in privacy protection and vector matching efficiency by comparing and analyzing two other well-known RLWE-based biometric authentication protocols.

Key words: distributed computing, biometric authentication, password-assisted authentication, homomorphic encryption, identity authentication