Decentralized Biometric Authentication based on Fuzzy Commitments and Blockchain

TL;DR

This paper proposes a blockchain-based biometric authentication protocol that enables decentralization and resilience while protecting the privacy, personal data, and, in particular, biometric features of users.

Abstract

Blockchain technology, which was introduced for supporting cryptocurrencies, today provides a decentralized infrastructure for general information storage and execution of algorithms, thus enabling the conversion of many applications and services from a centralized and intermediated model to a decentralized and disintermediated one. In this paper we focus on biometric authentication, which is classically performed using centralized systems, and could hence benefit from decentralization. For such a purpose, however, an inherent contradiction between biometric applications and blockchain technology must be overcome, as the former require keeping biometric features private, while blockchain is a public infrastructure. We propose a blockchain-based biometric authentication protocol that enables decentralization and resilience while protecting the privacy, personal data, and, in particular, biometric features of users. The protocol we propose leverages fuzzy commitment schemes to allow biometric authentication to be performed without disclosing biometric data. We also analyze the security of the protocol we propose by considering some relevant attacks.

Figures (8)

• Figure 1: General scheme of the stages of the proposed system for decentralized biometric authentication of a generic user.
• Figure 2: Registration Stage.
• Figure 3: Enrollment Stage of a generic user.
• Figure 4: Authentication Stage for a generic user.
• Figure 5: Gas consumption of the smart contract deployment and payable functions execution.