Privacy-Preserving Biometric-Based Remote User Authentication

Yangguang Tian,
Yingjiu Li,
Ximeng Liu,
Robert H. Deng,
Binanda Sengupta,


Biometric-based remote user authentication (BRUA) is a useful primitive that allows an authorized user to remotely authenticate to a cloud server using biometrics. However, the existing BRUA solutions in the client-server setting lack certain privacy considerations. For example, authorized user’s multiple sessions should not be linked while her identity remains anonymous to cloud server. In this work, we introduce a new framework for biometric-based remote user authentication, such that authorized users authenticate to an honest-but-curious server in an anonymous and unlinkable manner. In particular, we employ two non-colluding cloud servers to perform the complex biometrics matching. We formalize two new security models, including biometrics privacy and user privacy, for the proposed framework, and prove the security of the proposed framework in the standard model.

Citation Format:
Yangguang Tian, Yingjiu Li, Ximeng Liu, Robert H. Deng, Binanda Sengupta, "Privacy-Preserving Biometric-Based Remote User Authentication," Journal of Internet Technology, vol. 20, no. 7 , pp. 2265-2276, Dec. 2019.

Full Text:



  • There are currently no refbacks.

Published by Executive Committee, Taiwan Academic Network, Ministry of Education, Taipei, Taiwan, R.O.C
JIT Editorial Office, Office of Library and Information Services, National Dong Hwa University
No. 1, Sec. 2, Da Hsueh Rd., Shoufeng, Hualien 974301, Taiwan, R.O.C.
Tel: +886-3-931-7314  E-mail: