Biometric-Authenticated Searchable Encryption

We introduce Biometric-Authenticated Keyword Search (BAKS), a novel searchable encryption scheme that relieves clients from managing cryptographic keys and relies purely on client’s biometric data for authenticated outsourcing and retrieval of files indexed by encrypted keywords.

[1]  Lucas Ballard,et al.  Achieving Efficient Conjunctive Keyword Searches over Encrypted Data , 2005, ICICS.

[2]  Jonathan Katz,et al.  All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption , 2016, USENIX Security Symposium.

[3]  Jonathan Katz,et al.  Robust Fuzzy Extractors and Authenticated Key Agreement from Close Secrets , 2006, CRYPTO.

[4]  Feng Hao,et al.  Practical Threshold Password-Authenticated Secret Sharing Protocol , 2015, ESORICS.

[5]  Marina Blanton,et al.  Biometric-Based Non-transferable Anonymous Credentials , 2009, ICICS.

[6]  Arun Ross,et al.  Fingerprint matching using minutiae and texture features , 2001, Proceedings 2001 International Conference on Image Processing (Cat. No.01CH37205).

[7]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[8]  David Cash,et al.  Leakage-Abuse Attacks Against Searchable Encryption , 2015, IACR Cryptol. ePrint Arch..

[9]  Charles V. Wright,et al.  Inference Attacks on Property-Preserving Encrypted Databases , 2015, CCS.

[10]  Gian Luca Foresti,et al.  Biometric Liveness Detection: Challenges and Research Opportunities , 2015, IEEE Security & Privacy.

[11]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[12]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[13]  Bart Preneel,et al.  Privacy Weaknesses in Biometric Sketches , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[14]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[15]  Xavier Boyen,et al.  Reusable cryptographic fuzzy extractors , 2004, CCS '04.

[16]  James Steel,et al.  Reusable Authentication from the Iris , 2017, IACR Cryptol. ePrint Arch..

[17]  Liehuang Zhu,et al.  Search pattern leakage in searchable encryption: Attacks and new construction , 2014, Inf. Sci..

[18]  Mihir Bellare,et al.  Robust computational secret sharing and a unified account of classical secret-sharing goals , 2007, CCS '07.

[19]  Hugo Krawczyk,et al.  Keying Hash Functions for Message Authentication , 1996, CRYPTO.

[20]  Murat Kantarcioglu,et al.  Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation , 2012, NDSS.

[21]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[22]  Mark Manulis,et al.  A Modular Framework for Multi-Factor Authentication and Key Exchange , 2014, SSR.

[23]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[24]  Veronika Kuchta,et al.  Public Key Encryption with Distributed Keyword Search , 2015, INTRUST.

[25]  Adam O'Neill,et al.  Generic Attacks on Secure Outsourced Databases , 2016, CCS.

[26]  Kaibin Huang,et al.  Password Authenticated Keyword Search , 2017, 2017 IEEE Symposium on Privacy-Aware Computing (PAC).

[27]  Sharath Pankanti,et al.  Biometric Recognition: Security and Privacy Concerns , 2003, IEEE Secur. Priv..

[28]  Rafail Ostrovsky,et al.  Secure Remote Authentication Using Biometric Data , 2005, EUROCRYPT.

[29]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[30]  Rafail Ostrovsky,et al.  Searchable symmetric encryption: Improved definitions and efficient constructions , 2011, J. Comput. Secur..

[31]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[32]  Jan Camenisch,et al.  Memento: How to Reconstruct Your Secrets from a Single Password in a Hostile Environment , 2014, CRYPTO.

[33]  Elaine Shi,et al.  Practical Dynamic Searchable Encryption with Small Leakage , 2014, NDSS.

[34]  David Pointcheval,et al.  Multi-factor Authenticated Key Exchange , 2008, ACNS.

[35]  Fuchun Guo,et al.  Dual-Server Public-Key Encryption With Keyword Search for Secure Cloud Storage , 2016, IEEE Transactions on Information Forensics and Security.

[36]  M. Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2008, Journal of Cryptology.

[37]  L. O'Gorman,et al.  Comparing passwords, tokens, and biometrics for user authentication , 2003, Proceedings of the IEEE.

[38]  John Daugman,et al.  How iris recognition works , 2002, IEEE Transactions on Circuits and Systems for Video Technology.

[39]  Julien Bringer,et al.  Error-Tolerant Searchable Encryption , 2009, 2009 IEEE International Conference on Communications.

[40]  Hugo Krawczyk,et al.  Cryptographic Extraction and Key Derivation: The HKDF Scheme , 2010, IACR Cryptol. ePrint Arch..

[41]  Kihyun Kim,et al.  Public Key Encryption with Conjunctive Field Keyword Search , 2004, WISA.

[42]  Hugo Krawczyk,et al.  Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries , 2013, IACR Cryptol. ePrint Arch..

[43]  Omer Paneth,et al.  Reusable Fuzzy Extractors for Low-Entropy Distributions , 2016, Journal of Cryptology.

[44]  Murat Kantarcioglu,et al.  Multi-Keyword search over encrypted data with scoring and search pattern obfuscation , 2015, International Journal of Information Security.