Journal of the Korea Convergence Society (한국융합학회논문지)

Korea Convergence Society (한국융합학회)
권호 표지
DOI QR코드

DOI QR Code

The Biometric Authentication based Dynamic Group Signature Scheme

바이오메트릭 인증 기반의 동적 그룹 서명 기법

  • Yun, Sunghyun (Division of Information and Communication, Baekseok University)
  • 윤성현 (백석대학교 정보통신학부)
  • Received : 2015.10.29
  • Accepted : 2016.02.20
  • Published : 2016.02.29
Download PDF
⟨ Previous Next ⟩

Abstract

In a delegate authentication, a user can lend his/her own authentication data to the third parties to let them be authenticated instead of himself/herself. The user authentication schemes based on the memory of unique data such as password, are vulnerable to this type of attack. Biometric authentication could minimize the risk of delegate authentication since it uses the biometric data unique by each person. Group authentication scheme is used to prove that each group member belongs to the corresponding group. For applications such as an electronic voting or a mobile meeting where the number of group members is changing dynamically, a new group authentication method is needed to reflect the status of group in real time. In this paper, we propose biometric authentication based dynamic group signature scheme. The proposed scheme is composed of biometric key generation, group public key creation, group signature generation, group signature verification and member update protocols. The proposed member update protocol is secure against colluding attacks of existing members and could reflect group status in real time.

대리 인증은 제 3자에게 자신의 인증 정보를 제공하여 본인 대신 인증을 받도록 하는 것으로, 패스워드와 같이 내가 기억하는 것에 기반을 둔 인증 방법은 이러한 공격에 취약하다. 바이오메트릭 인증은 사람마다 고유한 바이오메트릭 데이터를 이용하기 때문에 대리 인증의 위험을 최소화할 수 있다. 그룹 인증은 그룹 멤버들이 해당 그룹에 속해 있음을 증명하는 것이다. 전자투표, 모바일 회의와 같이 멤버의 수가 동적으로 변하는 응용에서는 그룹 상태의 변화를 실시간으로 반영하는 새로운 인증 기법이 필요하다. 본 논문에서는 바이오메트릭 인증 기반의 동적 그룹 서명 기법을 제안한다. 제안한 기법은 바이오메트릭 키 생성, 그룹 공통키 생성, 그룹 서명 생성, 그룹 서명 검증 그리고 멤버 업데이트 프로토콜로 구성된다. 제안한 멤버 업데이트 프로토콜은 기존 멤버의 공모 공격으로부터 안전하고 그룹 상태를 실시간으로 반영한다.

Keywords

References

  1. M. Stamp, Information Security: Principles and Practice 2nd Edition, Wiley-Inerscience, 2011.
  2. Tepandi, "Wireless PKI Security and Mobile Voting", IEEE Computer, Vol. 43, No. 6, pp. 54-60, 2010.
  3. S. H. Yun, "The Biometric based Mobile ID and Its Application to Electronic Voting", KSII Transactions on Internet and Information Systems, Vol. 7, No. 1, pp. 166-183, 2013. https://doi.org/10.3837/tiis.2013.01.011
  4. P. Janbandhu, M. Siyal, "Novel biometric digital signatures for Internet-based applications", Information Management & Computer Security, Vol. 9, No. 5, pp. 205-212, 2001. https://doi.org/10.1108/09685220110408022
  5. N. K. Ratha, J. H. Connell, R. M. Bolle, "Enhancing security and privacy in biometric-based authentication systems", IBM Systems Journal, Vol. 40, No. 3, pp. 614-634, 2001. https://doi.org/10.1147/sj.403.0614
  6. ITU-T X.1088, A Framework for biometric digital key generation, ITU-T, 2008.
  7. Apple Support, Ues Touch ID on iPhone and iPad, http://support.apple.com/kb/HT5883.
  8. C. Vivaracho-Pascual, J. Pascual-Gaspar, "On the Use of Mobile Phones and Biometrics for Accessing Restricted Web Services", IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, pp. 1-10, 2011.
  9. H. Li, K. Toh, L. Li, Advanced Topics in Biometrics, World Scientific, 2011.
  10. L. Harn, "(t,n) Threshold Signature and Digital Multisignature", Workshop on Cryptography & Data Security, pp. 61-73, 1993.
  11. S. H. Yun, "The USIM based Biometric Multi-Signature for Mobile Content Authentication", ICONI, pp. 137-141, 2011.
  12. W. Diffie, M. Hellman, "New Directions in Cryptography", IEEE Transactions on Information Theory, Vol. 22, No. 6, pp. 644-654, 1976. https://doi.org/10.1109/TIT.1976.1055638
  13. D. M. Burton, Elementary Number Theory, McGraw-Hill, 2010.
  14. T. Elgamal, "A public key cryptosystem and a signature scheme based on discrete logarithms", IEEE Transactions on Information Theory, Vol. 31, No. 4, pp. 469-472, 1985. https://doi.org/10.1109/TIT.1985.1057074
  15. D. Chaum, "Undeniable Signatures", Advances in Cryptology, Proceedings of CRYPTO'89, Springer-Verlag, pp. 212-216, 1990.
  16. D. R. Kim, "A Study on the OTP Generation Algorithm for User Authentication", Journal of Digital Convergence, Vol. 13, No. 1, pp. 283-288, 2015. https://doi.org/10.14400/JDC.2015.13.1.283
  17. Y. J. Song, S. M. Gu, Y. C. Kim, "A Study on the Distributed Transcoding System using Secret Sharing Techniques", Journal of Digital Convergence, Vol. 12, No. 11, pp. 233-239, 2014. https://doi.org/10.14400/JDC.2014.12.11.233
  18. S. H. Hong, "Vulnerability of Directory List and Countermeasures", Journal of Digital Convergence, Vol. 12, No. 10, pp. 259-264, 2014. https://doi.org/10.14400/JDC.2014.12.10.259
  19. H. M. Choi, C. B. Jang, J. M. Kim, "Efficient Security Method Using Mobile Virtualization Technology And Trustzone of ARM", Journal of Digital Convergence, Vol. 12, No. 10, pp. 299-308, 2014.
  20. S. Y. Lee, S. S. Yeo, "Efficient Secret Sharing Data Management Scheme for Privacy Protection in Smart Grid Environment", Journal of Digital Convergence, Vol. 11, No. 12, pp. 311-318, 2013. https://doi.org/10.14400/JDPM.2013.11.12.311

Cited by

  1. User Authentication Algorithm Guaranteeing Reusability of Biometric Data in BioPKI System vol.93, pp.1, 2017, https://doi.org/10.1007/s11277-016-3595-z
  2. A Scheme for User Authentication using Pupil vol.14, pp.9, 2016, https://doi.org/10.14400/JDC.2016.14.9.325