We propose an efficient remote biometric authentication protocol that gives
strong protection to the user’s biometric data in case of two common kinds of
security breaches: (1) loss or theft of the user’s token (smart card, handheld
device, etc.), giving the attacker full access to any secrets embedded within
it; (2) total penetration of the server. Only if both client and server are
simultaneously compromised is the user’s biometric data vulnerable to exposure.
The protocol works by encrypting the user’s biometric template in a way that
allows it to be used for authentication without being decrypted by either token
or server. Further, the encrypted template never leaves the token, and only
the server has the information that would enable it to be decrypted. We have
implemented our protocol using two iris recognition libraries and evaluated its
performance. The overall efficiency and recognition performance is essentially
the same compared to an unprotected biometric system.