Privacy Preserving Biometric Authentication on the blockchain for smart healthcare

【Author】 Sarier, Neyire Deniz

【Source】PERVASIVE AND MOBILE COMPUTING

【影响因子】3.848

【Abstract】Privacy Preserving Biometric Authentication (PPBA) schemes are designed for anonymous authentication of patients to protect patient's privacy in accessing healthcare services. Recently, blockchain technology in healthcare has emerged as a new research area to provide tamper-resistance and non-repudiation in e-health systems. One aspect of this research could lead to blockchain-based secure biometric identification for smart healthcare, which may face the paradox of anonymous biometric authentication on public blockchains. In this paper, we describe an efficient, fully anonymous and GDPR-compliant PPBA protocol built into the blockchain of any privacy coin such as Monero. The new protocol provides encrypted offline storage and processing in the encrypted domain. The infrastructure necessary for the online authentication is outsourced to the public blockchain that provides integrity of its data. In addition to auditing capabilities for misbehaving entities, the new system reduces the number of transactions necessary for authentication and enables revocation of biometric identities. We provide new PPBA schemes both for set difference/overlap and Euclidean distance metrics without using bilinear pairings, where the former leads to an efficient solution to the compatibility for organ transplant. We limit the generation of encrypted templates for public testing even if biometric/health data is of low min-entropy. Due to the anonymity of the cryptocurrency, we break the link between the stealth address of an authenticating user and its biometrics. We describe the user and identity privacy notions independent of the underlying privacy coin and guarantee the security of our proposal in the framework of those generic notions. Finally, we simulate the new proposal on Monero blockchain and analyze the transaction fees required for hill climbing attacks. The results show that our design leads to a natural hindrance against these attacks that could be successful even if the templates are stored as encrypted. To the best of our knowledge, this is the first efficient blockchain-based PPBA scheme that exhibits a punishment against hill climbing attacks through transaction fees. (C) 2022 Elsevier B.V. All rights reserved.

【Keywords】Privacy Preserving Biometric; Authentication (PPBA); Smart healthcare; Blockchain; Monero; Hill climbing attacks; Low-entropy; Identity privacy; Public Key Cryptography (PKC); Zero Knowledge Proofs (ZKP); GDPR; IPFS

【发表时间】2022 OCT

【收录时间】2022-09-15

【文献类型】实验仿真

【主题类别】

区块链应用-实体经济-医疗领域