Flexible and Robust Privacy-Preserving Implicit Authentication - ICT Systems Security and Privacy Protection Access content directly
Conference Papers Year : 2015

Flexible and Robust Privacy-Preserving Implicit Authentication

Josep Domingo-Ferrer
  • Function : Author
  • PersonId : 986115
Qianhong Wu
  • Function : Author
  • PersonId : 986116
Alberto Blanco-Justicia
  • Function : Author
  • PersonId : 986117


Implicit authentication consists of a server authenticating a user based on the user’s usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication makes identity theft by third parties more difficult, it requires the server to learn and store the user’s usage profile. Recently, the first privacy-preserving implicit authentication system was presented, in which the server does not learn the user’s profile. It uses an ad hoc two-party computation protocol to compare the user’s fresh sampled features against an encrypted stored user’s profile. The protocol requires storing the usage profile and comparing against it using two different cryptosystems, one of them order-preserving; furthermore, features must be numerical. We present here a simpler protocol based on set intersection that has the advantages of: i) requiring only one cryptosystem; ii) not leaking the relative order of fresh feature samples; iii) being able to deal with any type of features (numerical or non-numerical).
Fichier principal
Vignette du fichier
337885_1_En_2_Chapter.pdf (4 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-01345093 , version 1 (13-07-2016)





Josep Domingo-Ferrer, Qianhong Wu, Alberto Blanco-Justicia. Flexible and Robust Privacy-Preserving Implicit Authentication. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.18-34, ⟨10.1007/978-3-319-18467-8_2⟩. ⟨hal-01345093⟩
67 View
53 Download



Gmail Facebook X LinkedIn More