Related papers: Discovering ePassport Vulnerabilities using Bisimi…
In process algebras, security properties are expressed as equivalences between processes, but which equivalence is suitable is not clear. This means that there is a gap between an intuitive security notion and the formulation. Appropriate…
With passkeys, the FIDO Alliance introduces the ability to sync FIDO2 credentials across a user's devices through passkey providers. This aims to mitigate user concerns about losing their devices and promotes the shift toward password-less…
Modern identity verification systems increasingly rely on facial images embedded in biometric documents such as electronic passports. To ensure global interoperability and security, these images must comply with strict standards defined by…
Internet banking (IB) continues to face security concerns arising from illegal access to users accounts. Use of personal identification numbers (PIN) as a single authentication method for IB users is prone to insecurities such as phishing,…
Attribute-based Access Control (ABAC) extends traditional Access Control by considering an access request as a set of pairs attribute name-value, making it particularly useful in the context of open and distributed systems, where security…
We introduce EL PASSO, a privacy-preserving, asynchronous Single Sign-On (SSO) system. It enables personal authentication while protecting users' privacy against both identity providers and relying parties, and allows selective attribute…
To prove that a dataset is sufficiently anonymized, many privacy policies suggest that a re-identification risk assessment be performed, but do not provide a precise methodology for doing so, leaving the industry alone with the problem.…
We consider membership inference attacks, one of the main privacy issues in machine learning. These recently developed attacks have been proven successful in determining, with confidence better than a random guess, whether a given sample…
The Assisted Commercial Authentication Service (ACAS) is a semi-assisted signal authentication concept currently being defined for Galileo, based on the E6-C encrypted signal. Leveraging the assumption that the true E6-C encrypted signal…
The rapid advancement of authentication systems and their increasing reliance on biometrics for faster and more accurate user verification experience, highlight the critical need for a reliable framework to evaluate the suitability of…
In recent years, the popularity of fingerprint-based biometric authentication systems significantly increased. However, together with many advantages, biometric systems are still vulnerable to presentation attacks (PAs). In particular, this…
Passwords remain a widely-used authentication mechanism, despite their well-known security and usability limitations. To improve on this situation, next-generation authentication mechanisms, based on behavioral biometric factors such as eye…
Applications based on biometric authentication have received a lot of interest in the last years due to the breathtaking results obtained using personal traits such as face or fingerprint. However, it is important not to forget that these…
This paper considers a MIMO Integrated Sensing and Communication (ISAC) system, where a base station simultaneously serves a MIMO communication user and a remote MIMO sensing receiver, without channel state information (CSI) at the…
While in-processing fairness approaches show promise in mitigating biased predictions, their potential impact on privacy leakage remains under-explored. We aim to address this gap by assessing the privacy risks of fairness-enhanced binary…
As applications of biometric verification proliferate, users become more vulnerable to privacy infringement. Biometric data is very privacy sensitive as it may contain information as gender, ethnicity and health conditions which should not…
In this paper we analyze different biometric authentication protocols considering an internal adversary. Our contribution takes place at two levels. On the one hand, we introduce a new comprehensive framework that encompasses the various…
The recent emergence of ubiquitous, multi-platform eye tracking has raised user privacy concerns over re-identification across platforms, where a person is re-identified across multiple eye tracking-enabled platforms using personally…
Face recognition networks encode information about sensitive attributes while being trained for identity classification. Such encoding has two major issues: (a) it makes the face representations susceptible to privacy leakage (b) it appears…
The collection and sharing of genomic data are becoming increasingly commonplace in research, clinical, and direct-to-consumer settings. The computational protocols typically adopted to protect individual privacy include sharing summary…