Privacy Preserving Biometric Authentication for Master Password Generation
MetadataShow full item record
The main way for users to authenticate via biometrics is through 2-factor authentication (2FA), which design requires users to bind their biometric data to a certain device. To solve this problem, Uzun et al. (2021) (to appear in AsiaCCS 2021) proposes a new pipeline which allows for users to enroll their biometric data on any device through a password manager system protocol that requires microphone/camera input. Furthermore, the biometric data stored is privacy preserving, meaning that given the stored password, the attacker unable to recreate any information about the biometric data. The proof of privacy preserving was also done by Uzun et al. (2021). Additionally, Uzun et al. (2021) show that this model (Justitia) is robust against deep learning brute force attacks from randomly sampled faces. Finally, those researchers compare their password management system to a baseline standard, showing that our pipeline has clear benefits and downsides in comparison to password replacing schemes. The research in this paper will focus on the UI system implemented to improve the usability of the existing system developed by Uzun et al. (2021).