{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,4]],"date-time":"2026-06-04T21:57:36Z","timestamp":1780610256503,"version":"3.54.1"},"reference-count":26,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2023,7,13]],"date-time":"2023-07-13T00:00:00Z","timestamp":1689206400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,7,13]],"date-time":"2023-07-13T00:00:00Z","timestamp":1689206400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2023,12]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Continuous authentication modalities collect and utilize users\u2019 sensitive data to authenticate them continuously. Such data contain information about user activities, behaviors, and other demographic information, which causes privacy concerns. In this paper, we propose two privacy-preserving protocols that enable continuous authentication while preventing the disclosure of user-sensitive information to an authentication server. We utilize homomorphic cryptographic primitives that protect the privacy of biometric features with an oblivious transfer protocol that enables\u00a0privacy-preserving information retrieval. We performed the biometric evaluation of the proposed protocols on two datasets, a swipe gesture dataset and a keystroke dynamics dataset. The biometric evaluation shows that the protocols have very good performance. The execution time of the protocols is measured by considering continuous authentication using: only swipe gestures, keystroke dynamics, and hybrid modalities. The execution time proves the protocols are very efficient, even on high-security levels.<\/jats:p>","DOI":"10.1007\/s10207-023-00721-y","type":"journal-article","created":{"date-parts":[[2023,7,13]],"date-time":"2023-07-13T09:01:47Z","timestamp":1689238907000},"page":"1833-1847","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Privacy-preserving continuous authentication using behavioral biometrics"],"prefix":"10.1007","volume":"22","author":[{"given":"Ahmed Fraz","family":"Baig","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Sigurd","family":"Eskeland","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Bian","family":"Yang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2023,7,13]]},"reference":[{"issue":"17","key":"721_CR1","doi-asserted-by":"publisher","first-page":"5967","DOI":"10.3390\/s21175967","volume":"21","author":"AF Baig","year":"2021","unstructured":"Baig, A.F., Eskeland, S.: Security, privacy, and usability in continuous authentication: a survey. Sensors 21(17), 5967 (2021)","journal-title":"Sensors"},{"key":"721_CR2","doi-asserted-by":"publisher","first-page":"7","DOI":"10.1016\/j.patrec.2015.01.011","volume":"56","author":"M Antal","year":"2015","unstructured":"Antal, M., Bokor, Z., Szab\u00f3, L.Z.: Information revealed from scrolling interactions on mobile devices. Pattern Recogn. Lett. 56, 7\u201313 (2015)","journal-title":"Pattern Recogn. Lett."},{"key":"721_CR3","doi-asserted-by":"crossref","unstructured":"Govindarajan, S., Gasti, P., Balagani, K.S.: \u201cSecure privacy-preserving protocols for outsourcing continuous authentication of smartphone users with touch data,\u201d in 2013 IEEE Sixth International Conference on Biometrics: Theory, Applications and Systems (BTAS). IEEE, pp. 1\u20138 (2013)","DOI":"10.1109\/BTAS.2013.6712742"},{"key":"721_CR4","doi-asserted-by":"crossref","unstructured":"Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: \u201cPrivacy-preserving face recognition,\u201d in International symposium on privacy enhancing technologies symposium. Springer, pp. 235\u2013253 (2009)","DOI":"10.1007\/978-3-642-03168-7_14"},{"issue":"1","key":"721_CR5","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1504\/IJACT.2008.017048","volume":"1","author":"I Damg\u00e5rd","year":"2008","unstructured":"Damg\u00e5rd, I., Geisler, M., Kr\u00f8igard, M.: Homomorphic encryption and secure comparison. Int. J. Appl. Cryptogr. 1(1), 22\u201331 (2008)","journal-title":"Int. J. Appl. Cryptogr."},{"issue":"5","key":"721_CR6","doi-asserted-by":"publisher","first-page":"877","DOI":"10.1109\/TIFS.2015.2506542","volume":"11","author":"Z Sitov\u00e1","year":"2015","unstructured":"Sitov\u00e1, Z., \u0160ed\u011bnka, J., Yang, Q., Peng, G., Zhou, G., Gasti, P., Balagani, K.S.: HMOG: new behavioral biometric features for continuous authentication of smartphone users. IEEE Trans. Inf. Forensics Secur. 11(5), 877\u2013892 (2015)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"721_CR7","doi-asserted-by":"crossref","unstructured":"Juels, A., Wattenberg, M.: \u201cA fuzzy commitment scheme,\u201d in Proceedings of the 6th ACM conference on Computer and communications security, pp. 28\u201336 (1999)","DOI":"10.1145\/319709.319714"},{"issue":"2","key":"721_CR8","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/MSP.2012.2230218","volume":"30","author":"J Bringer","year":"2013","unstructured":"Bringer, J., Chabanne, H., Patey, A.: Privacy-preserving biometric identification using secure multiparty computation\u2014an overview and recent trends. IEEE Signal Process. Mag. 30(2), 42\u201352 (2013)","journal-title":"IEEE Signal Process. Mag."},{"issue":"4","key":"721_CR9","doi-asserted-by":"publisher","first-page":"543","DOI":"10.3233\/JCS-171017","volume":"26","author":"KS Balagani","year":"2018","unstructured":"Balagani, K.S., Gasti, P., Elliott, A., Richardson, A., O\u2019Neal, M.: The impact of application context on privacy and performance of keystroke authentication systems. J. Comput. Secur. 26(4), 543\u2013556 (2018)","journal-title":"J. Comput. Secur."},{"issue":"7","key":"721_CR10","doi-asserted-by":"publisher","first-page":"5599","DOI":"10.1109\/JIOT.2020.3031486","volume":"8","author":"F Wei","year":"2020","unstructured":"Wei, F., Vijayakumar, P., Kumar, N., Zhang, R., Cheng, Q.: Privacy-preserving implicit authentication protocol using cosine similarity for internet of things. IEEE Internet Things J. 8(7), 5599\u20135606 (2020)","journal-title":"IEEE Internet Things J."},{"key":"721_CR11","doi-asserted-by":"crossref","unstructured":"Eskeland, S., Baig, A.F.: \u201cCryptanalysis of a privacy-preserving behavior-oriented authentication scheme,\u201d in Proceedings of the 19th International Conference on Security and Cryptography - SECRYPT 2022, INSTICC. SciTePress, pp. 299\u2013304 (2022)","DOI":"10.5220\/0011140300003283"},{"key":"721_CR12","doi-asserted-by":"crossref","unstructured":"Safa, N.A., Safavi-Naini, R., Shahandashti, S.F.: \u201cPrivacy-preserving implicit authentication,\u201d in IFIP International Information Security Conference. Springer, pp. 471\u2013484 (2014)","DOI":"10.1007\/978-3-642-55415-5_40"},{"key":"721_CR13","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1016\/j.cose.2015.05.009","volume":"53","author":"SF Shahandashti","year":"2015","unstructured":"Shahandashti, S.F., Safavi-Naini, R., Safa, N.A.: Reconciling user privacy and implicit authentication for mobile devices. Comput. Secur. 53, 215\u2013233 (2015)","journal-title":"Comput. Secur."},{"key":"721_CR14","doi-asserted-by":"crossref","unstructured":"Domingo-Ferrer, J., Wu, Q., Blanco-Justicia, A.: \u201cFlexible and robust privacy-preserving implicit authentication,\u201d in IFIP International Information Security and Privacy Conference. Springer, pp. 18\u201334 (2015)","DOI":"10.1007\/978-3-319-18467-8_2"},{"key":"721_CR15","doi-asserted-by":"crossref","unstructured":"Paillier, P.: \u201cPublic-key cryptosystems based on composite degree residuosity classes,\u201d in International conference on the theory and applications of cryptographic techniques. Springer, pp. 223\u2013238 (1999)","DOI":"10.1007\/3-540-48910-X_16"},{"key":"721_CR16","doi-asserted-by":"crossref","unstructured":"Hazay, C., Mikkelsen, G.L., Rabin, T., Toft, T., Nicolosi, A.A.: Efficient RSA key generation and threshold Paillier in the two-party setting. J. Cryptol. 32(2), 265\u2013323 (2019)","DOI":"10.1007\/s00145-017-9275-7"},{"key":"721_CR17","unstructured":"Pinkas, B., Schneider, T., Zohner, M.: \u201cFaster private set intersection based on $$\\{$$OT$$\\}$$ extension,\u201d in 23rd USENIX Security Symposium (USENIX Security 14), pp. 797\u2013812 (2014)"},{"key":"721_CR18","doi-asserted-by":"crossref","unstructured":"Cong, K., Moreno, R.C., da\u00a0Gama, M.B., Dai, W., Iliashenko, I., Laine, K., Rosenberg, M.: \u201cLabeled psi from homomorphic encryption with reduced computation and communication,\u201d in Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 1135\u20131150 (2021)","DOI":"10.1145\/3460120.3484760"},{"key":"721_CR19","doi-asserted-by":"crossref","unstructured":"Karako\u00e7, F., Nateghizad, M., Erkin, Z.: \u201cSet-ot: A secure equality testing protocol based on oblivious transfer,\u201d in Proceedings of the 14th International Conference on Availability, Reliability and Security, pp. 1\u20139 (2019)","DOI":"10.1145\/3339252.3339264"},{"issue":"1","key":"721_CR20","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1109\/TBIOM.2021.3112540","volume":"4","author":"A Acien","year":"2021","unstructured":"Acien, A., Morales, A., Monaco, J.V., Vera-Rodriguez, R., Fierrez, J.: Typenet: deep learning keystroke biometrics. IEEE Trans. Biom., Behav., Identity Sci. 4(1), 57\u201370 (2021)","journal-title":"IEEE Trans. Biom., Behav., Identity Sci."},{"issue":"4","key":"721_CR21","doi-asserted-by":"publisher","first-page":"1106","DOI":"10.1109\/TCBB.2012.33","volume":"9","author":"C Lazar","year":"2012","unstructured":"Lazar, C., Taminau, J., Meganck, S., Steenhoff, D., Coletta, A., Molter, C., de Schaetzen, V., Duque, R., Bersini, H., Nowe, A.: A survey on filter techniques for feature selection in gene expression microarray analysis. IEEE\/ACM Trans. Comput. Biol. Bioinf. 9(4), 1106\u20131119 (2012)","journal-title":"IEEE\/ACM Trans. Comput. Biol. Bioinf."},{"issue":"2","key":"721_CR22","doi-asserted-by":"publisher","first-page":"384","DOI":"10.1109\/TIFS.2014.2375571","volume":"10","author":"J \u0160ed\u011bnka","year":"2014","unstructured":"\u0160ed\u011bnka, J., Govindarajan, S., Gasti, P., Balagani, K.S.: Secure outsourced biometric authentication with performance evaluation on smartphones. IEEE Trans. Inf. Forensics Secur. 10(2), 384\u2013396 (2014)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"721_CR23","doi-asserted-by":"crossref","unstructured":"Damg\u00e5rd, I., Geisler, M., Kr\u00f8igaard, M.: \u201cEfficient and secure comparison for on-line auctions,\u201d in Australasian conference on information security and privacy. Springer, pp. 416\u2013430 (2007)","DOI":"10.1007\/978-3-540-73458-1_30"},{"issue":"4","key":"721_CR24","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1504\/IJACT.2009.028031","volume":"1","author":"I Damg\u00e5rd","year":"2009","unstructured":"Damg\u00e5rd, I., Geisler, M., Kr\u00f8igard, M.: A correction to \u2019Efficient and secure comparison for on-line auctions. Int. J. Appl. Cryptogr. 1(4), 323\u2013324 (2009)","journal-title":"Int. J. Appl. Cryptogr."},{"key":"721_CR25","doi-asserted-by":"crossref","unstructured":"Killourhy, K.S., Maxion, R.A.: \u201cFree vs. transcribed text for keystroke-dynamics evaluations,\u201d in Proceedings of the 2012 Workshop on Learning from Authoritative Security Experiment Results, pp. 1\u20138 (2012)","DOI":"10.1145\/2379616.2379617"},{"key":"721_CR26","unstructured":"Python-paillier.readthedocs.io, \u201cPython library for Partially Homomorphic Encryption,\u201d https:\/\/python-paillier.readthedocs.io\/en\/develop\/index.html, 2016, [Accessed 11.05.2022]"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-023-00721-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-023-00721-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-023-00721-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,26]],"date-time":"2023-09-26T02:18:08Z","timestamp":1695694688000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-023-00721-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,13]]},"references-count":26,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2023,12]]}},"alternative-id":["721"],"URL":"https:\/\/doi.org\/10.1007\/s10207-023-00721-y","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,7,13]]},"assertion":[{"value":"13 July 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no conflict of interest. This article does not involve human participants or animals.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Compliance with Ethical Standards"}}]}}