Keywords and Phrases
Authentication; Biometrics; Cryptography; Local binary patterns; Secure multiparty computation
"With the advantage of not having to memorize long passwords, facial authentication has become a topic of interest among researchers. However, since many users store images containing their face on social networking sites, a new challenge emerges in preventing attackers from impersonating these users by using these online photos. Another problem with most current facial authentication protocols is that they require an unencrypted image of each registered user's face to compare against. Moreover, they might require the user's device to execute computationally expensive multiparty protocols which presents a problem for mobile devices with limited processing power. Finally, these authentication protocols will not be able to be implemented in real systems because they take too long to execute. In this paper, we present a novel privacy preserving facial authentication system, called UFace. Not only does UFace limit the amount of computation for a user's mobile device, but it also prevents unencrypted images from leaving a user' possession while finishing the authentication protocol within seconds. Web services can now outsource their authentication protocol to UFace so that each web service only needs to handle its own functionality. UFace guarantees that it can correctly authenticate each user with 90% accuracy, prevent attacks from using online photos and that all data used in the authentication protocol is done on encrypted randomized data. In other words, only the user can see the facial image and feature vector used for authentication; all other parties execute the protocol using seemingly random information. UFace was implemented through two facets: a mobile client application to obtain and encrypt the feature vector of each user's facial image, and a server protocol to securely authenticate a feature vector using secure multiparty computations. The experimental results demonstrate that UFace can be used as a third party authentication tool for any number of web services"--Abstract, page iii.
M.S. in Computer Science
Missouri University of Science and Technology
ix, 69 pages
© 2017 Nicholas Steven Hilbert, All rights reserved.
Thesis - Open Access
Electronic OCLC #
Hilbert, Nicholas Steven, "UFace: Your universal password no one can see" (2017). Masters Theses. 7854.