Abstract :

The Demand For Remote Data Storage And Computation Services Is Increasing Exponentially In Our Data-driven Society; Thus, The Need For Secure Access To Such Data And Services. In This Paper, We Design A New Biometric- Based Authentication Protocol To Provide Secure Access To A Remote (cloud) Server. In The Proposed Approach, We Consider Biometric Data Of A User As A Secret Credential. We Then Derive A Unique Identity From The User’s Biometric Data, Which Is Further Used To Generate The User’s Private Key. In Addition, We Propose An Efficient Approach To Generate A Session Key Between Two Communicating Parties Using Two Biometric Templates For A Secure Message Transmission. In Other Words, There Is No Need To Store The User’s Private Key Anywhere And The Session Key Is Generated Without Sharing Any Prior Information. A Detailed Real-Or- Random (ROR) Model Based Formal Security Analysis, Informal (non- Mathematical) Security Analysis And Also Formal Security Verification Using The Broadly-accepted Automated Validation Of Internet Security Protocols And Applications (AVISPA) Tool Reveal That The Proposed Approach Can Resist Several Known Attacks Against (passive/active) Adversary. Finally, Extensive Experiments And A Comparative Study Demonstrate The Efficiency And Utility Of The Proposed Approach. Index Terms—Authentication, Biometric-based Security, Cloud Service Access, Session Key.

Published:

09-6-2025

Issue:

Vol. 25 No. 6 (2025)

Page Nos:

230-236

Section:

Articles

License:

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

How to Cite