Reusable user-device biometric authentication scheme for multi-service systems

Abstract

The authentication and verification of user and device identities require cost-effective solutions. As two emerging approaches, biometric authentication and digital fingerprint, allow users and device to prove their identity efficiently and securely. Most of the existing methods focus on the authentication propose for users and devices separately and do not consider the authentication problem for user-device pairing. Furthermore, users are more inclined to register multiple services with the same secret information. Therefore, the potential risks brought by the reuse of secret information need to be taken seriously. This study proposes the RUDBA scheme, a novel reusable user-device biometric authentication scheme that captures the user's biometrics and the device's fingerprint. The extracted confidential is fused as authentication information for the user-device pair's identity and can be reused among multiple service providers. This scheme is implemented using the public biometric dataset and the intrinsic SRAM PUF data. The experimental results and analysis show that the RUDBA scheme leads to a reliable and reusable users-device authentication system.