{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T17:10:59Z","timestamp":1773249059488,"version":"3.50.1"},"reference-count":64,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2024,8,20]],"date-time":"2024-08-20T00:00:00Z","timestamp":1724112000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Bisland Dissertation Fellowship"},{"name":"Emil Stefanov Memorial Partial Fellowship"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2024,8,31]]},"abstract":"We introduce a novel privacy-preserving biometric authentication scheme based on irises that allows a user to enroll once at a trusted biometric certification authority (BCA) and authenticate to online service providers (SPs) multiple times without involving the BCA during the authentication. Our scheme preserves the user\u2019s biometric privacy from the SPs and transactional privacy from the BCA, while providing security against a malicious user. During the enrollment, the BCA issues a signed token that encrypts the user\u2019s biometrics. We introduce techniques enabling the SP and the user to perform secure computation of biometric matching between such encrypted biometrics and the user\u2019s biometrics captured at the authentication time. We provide a prototype implementation, a performance evaluation, and a security analysis of the protocol.<\/jats:p>","DOI":"10.1145\/3677017","type":"journal-article","created":{"date-parts":[[2024,7,11]],"date-time":"2024-07-11T11:28:46Z","timestamp":1720697326000},"page":"1-31","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["PEBASI: A Privacy preserving, Efficient Biometric Authentication Scheme based on Irises"],"prefix":"10.1145","volume":"27","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4654-3436","authenticated-orcid":false,"given":"Hasini","family":"Gunasinghe","sequence":"first","affiliation":[{"name":"Department of Computer Science, Purdue University, West Lafayette, IN, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4029-7051","authenticated-orcid":false,"given":"Mikhail","family":"Atallah","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Purdue University, West Lafayette, IN, United States"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3739-7745","authenticated-orcid":false,"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[{"name":"Department of Computer Sciences, Purdue University, West Lafayette, IN, United States"}]}],"member":"320","published-online":{"date-parts":[[2024,8,20]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"Transport Security Administration. 2023. Does TSA Accept Mobile Driver\u2019s Licenses? Retrieved from https:\/\/www.tsa.gov\/travel\/frequently-asked-questions\/does-tsa-accept-mobile-drivers-licensesAccessed: 28-May-2023."},{"key":"e_1_3_3_3_2","article-title":"About Face ID Advanced Technology.","year":"2015","unstructured":"Apple. 2015. About Face ID Advanced Technology. Retrieved from https:\/\/support.apple.com\/en-us\/HT208108. Accessed: 22-Aug-2019.","journal-title":"Retrieved from"},{"key":"e_1_3_3_4_2","volume-title":"Journal of Cryptology","author":"Asharov G.","year":"2017","unstructured":"G. Asharov, Y. Lindell, T. Schneider, and M. Zohner. 2017. More efficient oblivious transfer extensions. In Journal of Cryptology, Vol. 30. Issue 3."},{"key":"e_1_3_3_5_2","volume-title":"Proceedings of the CRYPTO\u201991","author":"Beaver D.","year":"1991","unstructured":"D. Beaver. 1991. Efficient multiparty protocols using circuit randomization. In Proceedings of the CRYPTO\u201991."},{"key":"e_1_3_3_6_2","volume-title":"Proceedings of the IEEE TIFS","author":"Blanton M.","year":"2013","unstructured":"M. Blanton and M. Aliasgari. 2013. Analysis of reusability of secure sketches and fuzzy extractors. In Proceedings of the IEEE TIFS."},{"key":"e_1_3_3_7_2","volume-title":"Proceedings of the ESORICS","author":"Blanton M.","year":"2011","unstructured":"M. Blanton and P. Gasti.2011. Secure and efficient protocols for iris and fingerprint identification. In Proceedings of the ESORICS."},{"key":"e_1_3_3_8_2","volume-title":"Proceedings of the LATINCRYPT","author":"Chou T.","year":"2015","unstructured":"T. Chou and C. Orlandi. 2015. The simplest protocol for oblivious transfer. In Proceedings of the LATINCRYPT."},{"key":"e_1_3_3_9_2","unstructured":"CNET. 2023. You Can Put Your Driver\u2019s License on Your iPhone. Here\u2019s How. Retrieved from https:\/\/www.cnet.com\/tech\/mobile\/you-can-put-your-drivers-license-on-your-iphone-heres-how\/.Accessed: 28-May-2023."},{"key":"e_1_3_3_10_2","article-title":"SPDZ2k: Efficient MPC mod \\(2^{k}\\) for Dishonest Majority","author":"Cramer R.","year":"2018","unstructured":"R. Cramer, I. Damg\u00e5rd, D. Escudero, P. Scholl, and C. Xing. 2018. SPDZ2k: Efficient MPC mod \\(2^{k}\\) for Dishonest Majority. Retrieved from https:\/\/eprint.iacr.org\/2018\/482. Accessed: 16-Aug-2023.","journal-title":"Retrieved from"},{"key":"e_1_3_3_11_2","unstructured":"Tech Crunch. 2018. Sydney Airport Launches Face Scan Check-in Trials. Retrieved from https:\/\/techcrunch.com\/2018\/07\/05\/sydney-airport-launches-face-scan-check-in-trials\/Accessed: 28-May-2023."},{"key":"e_1_3_3_12_2","volume-title":"IEEE Transactions on Circuits and Systems for Video Technology","author":"Daugman. J.","year":"2004","unstructured":"J. Daugman.2004. How iris recognition works. In IEEE Transactions on Circuits and Systems for Video Technology."},{"key":"e_1_3_3_13_2","volume-title":"Proceedings of the INDOCRYPT","author":"al. A. R. Block et","year":"2018","unstructured":"A. R. Block et al.2018. Secure computation with constant communication overhead using multiplication embeddings. In Proceedings of the INDOCRYPT."},{"key":"e_1_3_3_14_2","volume-title":"Proceedings of the ICISC","author":"al. A. Sadeghi et","year":"2009","unstructured":"A. Sadeghi et al.2009. Efficient privacy-preserving face recognition. In Proceedings of the ICISC."},{"key":"e_1_3_3_15_2","volume-title":"Proceedings of the NDSS","author":"al. D. Demmler et","year":"2015","unstructured":"D. Demmler et al.2015. ABY\u2014A framework for efficient mixed-protocol secure two-party computation. In Proceedings of the NDSS."},{"key":"e_1_3_3_16_2","volume-title":"Proceedings of the CCS","author":"al. G. Asharov et","year":"2013","unstructured":"G. Asharov et al.2013. More efficient oblivious transfer and extensions for faster secure computation. In Proceedings of the CCS. ACM."},{"key":"e_1_3_3_17_2","unstructured":"G. Droandi et al.2018. SEMBA: SEcure multi-biometric authentication. Retrieved from https:\/\/arxiv.org\/abs\/1803.10758"},{"key":"e_1_3_3_18_2","volume-title":"IEEE Signal Processing Magazine","author":"al. G. Itkis et","year":"2015","unstructured":"G. Itkis et al.2015. Iris biometric security challenges and possible solutions. In IEEE Signal Processing Magazine."},{"key":"e_1_3_3_19_2","volume-title":"Proceedings of the ASIA CCS","author":"al. H. Chun et","year":"2014","unstructured":"H. Chun et al.2014. Outsourceable two-party privacy-preserving biometric authentication. In Proceedings of the ASIA CCS. ACM."},{"key":"e_1_3_3_20_2","doi-asserted-by":"publisher","unstructured":"Hui Zhang Xuejun Li Syh-Yuan Tan Ming Jie Lee and Zhe Jin. 2023. Privacy-preserving biometric authentication: Cryptanalysis and countermeasures. IEEE Transactions on Dependable and Secure Computing 20 6 (2023) 5056\u20135069. DOI:10.1109\/TDSC.2023.3239611","DOI":"10.1109\/TDSC.2023.3239611"},{"key":"e_1_3_3_21_2","volume-title":"Proceedings of the CRYPTO","author":"al. I. Damgard et","year":"2012","unstructured":"I. Damgard et al.2012. Multiparty computation from somewhat homomorphic encryption. In Proceedings of the CRYPTO."},{"key":"e_1_3_3_22_2","volume-title":"Proceedings of the IH&MMSec","author":"al. J. Bringer et","year":"2014","unstructured":"J. Bringer et al.2014. GSHADE: Faster privacy-preserving distance computation and biometric identification. In Proceedings of the IH&MMSec."},{"key":"e_1_3_3_23_2","volume-title":"Proceedings of the 12th Workshop on Multimedia and Security","author":"al. M. Barni et","year":"2010","unstructured":"M. Barni et al.2010. Privacy-preserving fingercode authentication. In Proceedings of the 12th Workshop on Multimedia and Security. ACM."},{"key":"e_1_3_3_24_2","article-title":"Foundations of Garbled Circuits","author":"al. M. Bellare et","year":"2012","unstructured":"M. Bellare et al.2012. Foundations of Garbled Circuits. Retrieved from https:\/\/tinyurl.com\/8hna2ad2. Accessed: 16-Aug-2019.","journal-title":"Retrieved from"},{"key":"e_1_3_3_25_2","volume-title":"Proceedings of the 34th IEEE S&P","author":"al. M. Bellare et","year":"2013","unstructured":"M. Bellare et al.2013. Efficient garbling from a fixed-key blockcipher. In Proceedings of the 34th IEEE S&P."},{"key":"e_1_3_3_26_2","article-title":"Privacy-preserving face recognition utilizing differential privacy","volume":"97","author":"al. M. A. P. Chamikara et","year":"2020","unstructured":"M. A. P. Chamikara et al.2020. Privacy-preserving face recognition utilizing differential privacy. Computers & Security 97 (2020).","journal-title":"Computers & Security"},{"key":"e_1_3_3_27_2","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy.","author":"al. M. Osadchy et","year":"2010","unstructured":"M. Osadchy et al.2010. SCiFI: A system for secure face identification. In Proceedings of the IEEE Symposium on Security and Privacy."},{"key":"e_1_3_3_28_2","article-title":"Missed Alarms and 40 Million Stolen Credit Card Numbers","author":"al. M. Riley et","year":"2014","unstructured":"M. Riley et al.2014. Missed Alarms and 40 Million Stolen Credit Card Numbers. Retrieved from https:\/\/buswk.co\/2RC5Zh3. Accessed: 16-Aug-2019.","journal-title":"Retrieved from"},{"key":"e_1_3_3_29_2","volume-title":"Proceedings of the CCS","author":"al. Nico D\u00f6ttling et","year":"2017","unstructured":"Nico D\u00f6ttling et al.2017. TinyOLE: Efficient actively secure two-party computation from oblivious linear function evaluation. In Proceedings of the CCS."},{"key":"e_1_3_3_30_2","volume-title":"Proceedings of the Crypto","author":"al. R. Cramer et","year":"2018","unstructured":"R. Cramer et al.2018. SPDZ2k: Efficient MPC mod \\(2^{k}\\) for dishonest majority. In Proceedings of the Crypto."},{"key":"e_1_3_3_31_2","unstructured":"T. Bernard et al.2017. Equifax Says Cyberattack May Have Affected 143 Million in the U.S. Retrieved from https:\/\/nyti.ms\/2E5F6KfAccessed: 16-Aug-2019."},{"key":"e_1_3_3_32_2","volume-title":"Proceedings of the IEEE TIFS","volume":"10","author":"al. T. Veugen et","year":"2015","unstructured":"T. Veugen et al.2015. A framework for secure computations with two non-colluding servers and multiple clients, applied to recommendations. In Proceedings of the IEEE TIFS, Vol. 10. Issue 3."},{"key":"e_1_3_3_33_2","volume-title":"ACM Transactions on Internet Technology","author":"al. T. Wang et","year":"2021","unstructured":"T. Wang et al.2021. FinPrivacy: A privacy-preserving mechanism for fingerprint identification. In ACM Transactions on Internet Technology, Vol. 21. Issue 3."},{"key":"e_1_3_3_34_2","volume-title":"Proceedings of the Eurocrypt","author":"al. Y. Dodis et","year":"2015","unstructured":"Y. Dodis et al.2015. Fuzzy Extractors: How to generate strong keys from biometrics and other noisy data. In Proceedings of the Eurocrypt."},{"key":"e_1_3_3_35_2","volume-title":"Proceedings of the NDSS","author":"al. Y. Huang et","year":"2011","unstructured":"Y. Huang et al.2011. Efficient privacy-preserving biometric identification. In Proceedings of the NDSS."},{"key":"e_1_3_3_36_2","volume-title":"Proceedings of the 20th USENIX Security Symposium","author":"al. Y. Huang et","year":"2011","unstructured":"Y. Huang et al.2011. Faster secure two-party computation using garbled circuits. In Proceedings of the 20th USENIX Security Symposium."},{"key":"e_1_3_3_37_2","volume-title":"Proceedings of the CRYPTO","author":"al. Y. Ishai et","year":"2003","unstructured":"Y. Ishai et al.2003. Extending oblivious transfers efficiently. In Proceedings of the CRYPTO."},{"key":"e_1_3_3_38_2","volume-title":"IEEE ICIP","author":"al. Y. Luo et","year":"2012","unstructured":"Y. Luo et al.2012. An efficient protocol for private iris-code matching by means of garbled circuits. In IEEE ICIP."},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","unstructured":"Yongdong Wu Jian Weng Zhengxia Wang Kaimin Wei Jinming Wen Junzuo Lai and Xin Li. 2023. Attacks and countermeasures on privacy-preserving biometric authentication schemes. IEEE Transactions on Dependable and Secure Computing 20 2 (2023) 1744\u20131755. DOI:10.1109\/TDSC.2022.3162623","DOI":"10.1109\/TDSC.2022.3162623"},{"key":"e_1_3_3_40_2","volume-title":"Proceedings of the PETS","author":"al. Z. Erkin et","year":"2009","unstructured":"Z. Erkin et al.2009. Privacy-preserving face recognition. In Proceedings of the PETS."},{"key":"e_1_3_3_41_2","doi-asserted-by":"crossref","DOI":"10.1017\/CBO9780511721656","volume-title":"Foundations of Cryptography: Volume 2, Basic Applications","author":"Goldreich Oded","year":"2004","unstructured":"Oded Goldreich. 2004. Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press."},{"key":"e_1_3_3_42_2","doi-asserted-by":"crossref","unstructured":"A. Greenberg. 2015. OPM Now Admits 5.6m Feds\u2019 Fingerprints Were Stolen By Hackers. Retrieved from https:\/\/bit.ly\/2P8O0wUAccessed: 10-Aug-2019.","DOI":"10.1016\/S0969-4765(15)30145-4"},{"key":"e_1_3_3_43_2","unstructured":"Google Wallet Help. 2023. Add your US Driver\u2019s License or State ID. Retrieved from https:\/\/support.google.com\/wallet\/answer\/12436402?hl=enAccessed: 28-May-2023."},{"key":"e_1_3_3_44_2","article-title":"FastGC","author":"Huang Y.","year":"2011","unstructured":"Y. Huang. 2011. FastGC. Retrieved from https:\/\/bit.ly\/34golHa. Accessed: 16-Aug-2019.","journal-title":"Retrieved from"},{"key":"e_1_3_3_45_2","volume-title":"Proceedings of the CRYPTO\u201913","author":"Huang Y.","year":"2013","unstructured":"Y. Huang, J. Katz, and D. Evans. 2013. Efficient secure two-party computation using symmetric cut-and-choose. In Proceedings of the CRYPTO\u201913."},{"key":"e_1_3_3_46_2","doi-asserted-by":"publisher","unstructured":"Jong-Hyuk Im Seong-Yun Jeon and Mun-Kyu Lee. 2020. Practical privacy-preserving face authentication for smartphones secure against malicious clients. IEEE Transactions on Information Forensics and Security 15 (2020) 2386\u20132401. DOI:10.1109\/TIFS.2020.2969513","DOI":"10.1109\/TIFS.2020.2969513"},{"key":"e_1_3_3_47_2","unstructured":"Security Info Watch. 2022. Methods for Improving Airport Security and Travel Experience with iris Recognition. Retrieved from https:\/\/www.securityinfowatch.com\/critical-infrastructure\/article\/21281973\/methods-for-improving-airport-security-and-travel-experience-with-iris-recognitionAccessed: 28-May-2023."},{"key":"e_1_3_3_48_2","unstructured":"J. Katz and Coursera. 2019. The Pseudo One-Time Pad. Retrieved from https:\/\/bit.ly\/2E7D1xw. Accessed: 01-Dec-2019."},{"key":"e_1_3_3_49_2","unstructured":"S. Kelly. 2014. EBay\u2019s Massive Security Breach: What It Means for You. Retrieved from https:\/\/tinyurl.com\/27cyeeau. Accessed: 16-Aug-2019."},{"key":"e_1_3_3_50_2","volume-title":"Proceedings of the CRYPTO\u201913","author":"Lindell Y.","year":"2013","unstructured":"Y. Lindell. 2013. Fast cut-and-choose based protocols for malicious and covert adversaries. In Proceedings of the CRYPTO\u201913."},{"key":"e_1_3_3_51_2","volume-title":"Proceedings of the EUROCRYPT","author":"Lindell Y.","year":"2007","unstructured":"Y. Lindell and B. Pinkas. 2007. An efficient protocol for secure two-party computation in the presence of malicious adversaries. In Proceedings of the EUROCRYPT."},{"key":"e_1_3_3_52_2","unstructured":"M. Murad. 2021. Iris Patterns: One of the Most Stable Biometrics. Retrieved from https:\/\/www.irisid.com\/iris-patterns-one-of-the-most-stable-biometrics\/Accessed: 15-July-2023."},{"key":"e_1_3_3_53_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-71677-8_23"},{"key":"e_1_3_3_54_2","unstructured":"OAuth. 2017. OAuth 2.0. Retrieved from https:\/\/oauth.net\/2\/. Accessed: 22-Aug-2019."},{"key":"e_1_3_3_55_2","unstructured":"OpenID. 2017. Welcome to OpenID Connect. Retrieved from http:\/\/openid.net\/connect\/. Accessed: 22-Aug-2019."},{"key":"e_1_3_3_56_2","article-title":"Iris ID Tech Helps Streamline Passenger Screening at Qatar Airport","author":"Perala A.","year":"2017","unstructured":"A. Perala. 2017. Iris ID Tech Helps Streamline Passenger Screening at Qatar Airport. Retrieved from https:\/\/bit.ly\/2E5Nae3. Accessed: 16-Aug-2019.","journal-title":"Retrieved from"},{"key":"e_1_3_3_57_2","article-title":"Hardware-backed Keystore","author":"Project Android Open Source","year":"2022","unstructured":"Android Open Source Project. 2022. Hardware-backed Keystore. Retrieved from https:\/\/source.android.com\/docs\/security\/features\/keystore. Accessed: 16-July-2023.","journal-title":"Retrieved from"},{"key":"e_1_3_3_58_2","volume-title":"Proceedings of the EURASIP","author":"Rathgeb C.","year":"2011","unstructured":"C. Rathgeb and A. Uhi. 2011. A survey on biometric cryptosystems and cacelable biometrics. In Proceedings of the EURASIP."},{"key":"e_1_3_3_59_2","volume-title":"Proceedings of the DAC\u201907","author":"Suh G. Edward","year":"2007","unstructured":"G. Edward Suh and S. Devadas. 2007. Physical unclonable functions for device authentication and secret key generation. In Proceedings of the DAC\u201907. ACM\/IEEE."},{"key":"e_1_3_3_60_2","unstructured":"Apple Support. 2023. Add your Driver\u2019s License or State ID to Apple Wallet. Retrieved from https:\/\/support.apple.com\/en-us\/HT212940Accessed: 28-May-2023."},{"key":"e_1_3_3_61_2","volume-title":"Proceedings of the CCS\u201917","author":"Wang X.","year":"2017","unstructured":"X. Wang, S. Ranellucci, and J. Katz. 2017. Authenticated garbling and efficient maliciously secure two-party computation. In Proceedings of the CCS\u201917."},{"key":"e_1_3_3_62_2","volume-title":"Proceedings of the EUROCRYPT","author":"Wolf Stefan","year":"2006","unstructured":"Stefan Wolf and Jurg Wullschleger. 2006. Oblivious transfer is symmetric. In Proceedings of the EUROCRYPT."},{"key":"e_1_3_3_63_2","unstructured":"Lamont Wood. 2016. How it Works: Iris Scanning Improves Smartphone Security. Retrieevd from https:\/\/bit.ly\/38swz24. Accessed: 16-Aug-2019."},{"key":"e_1_3_3_64_2","volume-title":"Proceedings of the IEEE FOCS","author":"Yao A. C.","year":"1982","unstructured":"A. C. Yao. 1982. Protocols for secure computation. In Proceedings of the IEEE FOCS."},{"key":"e_1_3_3_65_2","volume-title":"Cryptology ePrint Archive: Report 2015:1153","author":"Zahur S.","year":"2015","unstructured":"S. Zahur and D. Evans. 2015. Obliv-C: A language for extensible data-oblivious computation. In Cryptology ePrint Archive: Report 2015:1153."}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3677017","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3677017","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T00:58:15Z","timestamp":1750294695000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3677017"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,8,20]]},"references-count":64,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2024,8,31]]}},"alternative-id":["10.1145\/3677017"],"URL":"https:\/\/doi.org\/10.1145\/3677017","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"value":"2471-2566","type":"print"},{"value":"2471-2574","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,8,20]]},"assertion":[{"value":"2022-07-13","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-04-08","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-08-20","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}