ToMAS: Torus-based secure multi-factor biometric authentication system.
Mi Yeon Hong, Kang Hoon Lee, Ji Hyuk Jung, Ji Won Yoon
Abstract
Open AccessBiometric authentication has emerged as a convenient method for identity verification, but its widespread adoption raises serious privacy concerns. In this paper, we propose a Torus-based secure Multi-factor biometric Authentication System (ToMAS) that addresses these concerns by securing both the e n r o l l m e n t and a u t h e n t i c a t i o n phases through cryptographic protocols. ToMAS adopts a multi-factor approach using both physiological biometric traits and password-derived secrets, and leverages fully homomorphic encryption (FHE) to perform computations on encrypted data without revealing sensitive information. To reduce overhead and improve efficiency, we introduce a ciphertext packing method and a modified bootstrapping technique for secure Hamming distance evaluation. Our protocol is analyzed against active adversaries. Experiments show that a 9600-bit binary biometric template can be encrypted into an 82KB ciphertext, and the Hamming distance between encrypted templates is computed in under one second on a standard AMD Ryzen Threadripper Pro CPU, with no loss of accuracy. ToMAS offers an efficient and scalable solution suitable for large-scale biometric authentication scenarios.