A Secure Fingerprint Authentication Protocol

This article proposes authentication specifications and a framework for the fingerprint authentication in the circumstance that the presentation of the user’s biometric information is not supervised. The specifications of the security properties are to certify that the liveness of the user’s fingerprint information is confirmed and that the intention of the user’s authentication is not manipulative or illegal. The framework for compliance with the specification of the fingerprint authentication protocol is proposed. Liveness detection by the fingerprint reader is considered to be essential in these situations. Cryptography and the fresh random number, nonce, are included in the framework. Analysis of the authentication framework shows that the proposed security properties are confirmed, the user’s biometric data is secured and the user’s intention of authentication is preserved.