A multibiometric cryptosystem for user authentication in client-server networks

Babamir F. S., Kırcı M.

COMPUTER NETWORKS, vol.181, 2020 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 181
  • Publication Date: 2020
  • Doi Number: 10.1016/j.comnet.2020.107427
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus, PASCAL, ABI/INFORM, Aerospace Database, Applied Science & Technology Source, Business Source Elite, Business Source Premier, Communication Abstracts, Compendex, Computer & Applied Sciences, INSPEC, Library and Information Science Abstracts, Metadex, zbMATH, Civil Engineering Abstracts, Library, Information Science & Technology Abstracts (LISTA)
  • Istanbul Technical University Affiliated: Yes


A biometric authentication scheme enables a client to log into a network system in which the safeguarding of critical data or/and controlling access are signified. A biometric-based network system verifies users who are the owners of legal biometric information. To secure such a network, we should protect all information belonging to legal individuals and preserve the privacy of tracking actions. In our previous work, we proposed a scheme with a non-repudiation property in which all individuals' information is preserved, but there were some deficiencies in the scheme related to privacy. In this paper, we extend the previous work such that the network system enables the handling of secure computation for confident authentication, as well as the protection of critical information and the preservation of legal individuals' privacy. Through various practical scenarios, we consider different attacks from the client, server, and network sides as intrusions into the privacy. We mathematically and practically prove that our scheme is safe enough to resist against different network attacks and to protect legitimate individuals' information and privacy. Finally, we demonstrate our computation and memory efficiency compared to related studies.