Abstract :The Demand For Remote Data Storage And Computation Services Is Increasing Exponentially In Our Data-driven Society; Thus, The Need For Secure Access To Such Data And Services. In This Paper, We Design A New Biometric- Based Authentication Protocol To Provide Secure Access To A Remote (cloud) Server. In The Proposed Approach, We Consider Biometric Data Of A User As A Secret Credential. We Then Derive A Unique Identity From The User’s Biometric Data, Which Is Further Used To Generate The User’s Private Key. In Addition, We Propose An Efficient Approach To Generate A Session Key Between Two Communicating Parties Using Two Biometric Templates For A Secure Message Transmission. In Other Words, There Is No Need To Store The User’s Private Key Anywhere And The Session Key Is Generated Without Sharing Any Prior Information. A Detailed Real-Or- Random (ROR) Model Based Formal Security Analysis, Informal (non- Mathematical) Security Analysis And Also Formal Security Verification Using The Broadly-accepted Automated Validation Of Internet Security Protocols And Applications (AVISPA) Tool Reveal That The Proposed Approach Can Resist Several Known Attacks Against (passive/active) Adversary. Finally, Extensive Experiments And A Comparative Study Demonstrate The Efficiency And Utility Of The Proposed Approach. Index Terms—Authentication, Biometric-based Security, Cloud Service Access, Session Key. |
Published:09-6-2025 Issue:Vol. 25 No. 6 (2025) Page Nos:230-236 Section:Articles License:This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License. How to Cite |