AUTHENTICATING USERS, NOT DEVICES
Loading...
Authors
Danai, Keyawna M.
Rosnick, Kelly E.
Subjects
authentication
passwordless
biometrics
facial recognition
secret keys
obfuscation
mobile devices
m-commerce
extraction
encryption
decryption
symmetric key
passwordless
biometrics
facial recognition
secret keys
obfuscation
mobile devices
m-commerce
extraction
encryption
decryption
symmetric key
Advisors
Drusinsky, Doron
Date of Issue
2022-12
Date
Publisher
Monterey, CA: Naval Postgraduate School
Language
Abstract
As m-commerce becomes more prevalent users must provide proof of their identity, usually via some form of authentication. Consequently, the importance of authentication requires innovative methods for proving the identity of the user holding the device. While it is common for biometrics to be used for device level authentication, they also can be employed, for instance, with secret cryptographic keys for an added layer of security for hiding secrets on a mobile device. BioEncryption bolsters security of online encryption and authentication by binding the user’s biometrics to a symmetric key or a user’s secret key used for public key-based encryption and decryption. We focused on determining if facial recognition as the form of biometric data will achieve a balance between security and usability. Although encryption was achieved, the facial feature extraction software used in this study resulted in poor feature quality. The program seemed to function as designed, but with an insufficient dataset it was difficult to conclude that facial recognition is the best biometric input for optimal performance. Though poor facial feature data from extraction software did not allow us to achieve the expected results, we successfully demonstrated BioEncryption as a proof of concept. Future research could prove BioEncryption to be a valuable tool for enhancing online security.
Type
Thesis
Description
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
61 p.
Citation
Distribution Statement
Distribution Statement A. Approved for public release: Distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.