Paper Info
Title
Flexible And Robust Privacy-Preserving Implicit Authentication
Abstract
Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication makes identity theft by third parties more difficult, it requires the server to learn and store the user's usage profile. Recently, the first privacy-preserving implicit authentication system was presented, in which the server does not learn the user's profile. It uses an ad hoc two-party computation protocol to compare the user's fresh sampled features against an encrypted stored user's profile. The protocol requires storing the usage profile and comparing against it using two different cryptosystems, one of them order-preserving; furthermore, features must be numerical. We present here a simpler protocol based on set intersection that has the advantages of: i) requiring only one cryptosystem; ii) not leaking the relative order of fresh feature samples; iii) being able to deal with any type of features (numerical or non-numerical).
Year
DOI
Venue
2015
10.1007/978-3-319-18467-8_2
ICT SYSTEMS SECURITY AND PRIVACY PROTECTION
Keywords
Field
DocType
Privacy-preserving implicit authentication, Privacy-preserving set intersection, Implicit authentication, Active authentication, Transparent authentication, Risk mitigation, Data brokers
Lightweight Extensible Authentication Protocol,Chip Authentication Program,Challenge-Handshake Authentication Protocol,Generic Bootstrapping Architecture,Computer security,Computer science,Internet Authentication Service,Computer network,Data Authentication Algorithm,Authentication protocol,Multi-factor authentication
Journal
Volume
ISSN
Citations 
455
1868-4238
0
PageRank 
References 
Authors
0.34
12
3
Name
Order
Citations
PageRank
Josep Domingo-Ferrer13231404.42
Wu U. Qianhong2743.06
Alberto Blanco-Justicia3146.77