Expanders, randomness, or time versus space
Journal of Computer and System Sciences - Structure in Complexity Theory Conference, June 2-5, 1986
Inside risks: the uses and abuses of biometrics
Communications of the ACM
Password security: a case history
Communications of the ACM
Biometric Recognition: Security and Privacy Concerns
IEEE Security and Privacy
Enhancing security and privacy in biometrics-based authentication systems
IBM Systems Journal - End-to-end security
Protecting Biometric Templates With Sketch: Theory and Practice
IEEE Transactions on Information Forensics and Security - Part 2
Social Network Privacy via Evolving Access Control
WASA '09 Proceedings of the 4th International Conference on Wireless Algorithms, Systems, and Applications
Hi-index | 0.00 |
Strong and/or multi-factor entity authentication protocols are of crucial importancein building successful identity management architectures. Popular mechanisms to achieve these types of entity authentication are biometrics, and, in particular, voice, for which there are especially interesting business cases in the telecommunication and financial industries, among others. Despite several studies on the suitability of voice within entity authentication protocols, there has been little or no formal analysis of any such methods. In this paper we embark into formal modeling of seemingly cryptographic properties of voice. The goal is to define a formal abstraction for voice, in terms of algorithms with certain properties, that are of both combinatorial and cryptographic type. While we certainly do not expect to achieve the perfect mathematical model for a human phenomenon, we do hope that capturing some properties of voice in a formal model would help towards the design and analysis of voice-based cryptographic protocols, as for entity authentication. In particular, in this model we design and formally analyze two voice-based entity authentication schemes, the first being a voice-based analogue of the conventional password-transmission entity authentication scheme. We also design and analyze, in the recently introduced bounded-retrieval model [4], one voice-and-password-based entity authentication scheme that is additionally secure against intrusions and brute-force attacks, including dictionary attacks.