Method and system for privacy preserving multifactor biometric authentication

Assignee

• Tata Consultancy Services Limited · IN

Inventors

• Harika Narumanchi · Chennai, IN
• Nitesh Emmadi · Hyderabad, IN
• Imtiyazuddin Shaik · Hyderabad, IN
• Srinivasa Rao Chalamala · Hyderabad, IN
• Rajan Mindigal Alasingara Bhattachar · Kanchinakote, IN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/42
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Authentication is a key procedure in information systems. Conventional biometric authentication system is based on a trusted third-party server which is not secure. The present disclosure provides a privacy preserving multifactor biometric authentication for authenticating a client without the third-party authentication server. The server receives a plurality of encrypted biometric features from the client, encrypted using Fully Homomorphic Encryption. Further, the server evaluates the plurality of encrypted biometric features to obtain a client identifier value and a plurality of encrypted resultant values. The server encrypts each of the plurality of resultant values based on a time based nonce and the client identifier value. The encrypted authentication tags and the corresponding resultant values are aggregated by the server and transmitted to the client. The client decrypts the resultant value and the authentication tag and transmits to the server. The server authenticates the client after verifying the received information.