A multibiometric cryptosystem for user authentication in client-server networks

Faezeh Sadat Babamir*, Mürvet Kırcı

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

8 Citations (Scopus)


A biometric authentication scheme enables a client to log into a network system in which the safeguarding of critical data or/and controlling access are signified. A biometric-based network system verifies users who are the owners of legal biometric information. To secure such a network, we should protect all information belonging to legal individuals and preserve the privacy of tracking actions. In our previous work, we proposed a scheme with a non-repudiation property in which all individuals’ information is preserved, but there were some deficiencies in the scheme related to privacy. In this paper, we extend the previous work such that the network system enables the handling of secure computation for confident authentication, as well as the protection of critical information and the preservation of legal individuals’ privacy. Through various practical scenarios, we consider different attacks from the client, server, and network sides as intrusions into the privacy. We mathematically and practically prove that our scheme is safe enough to resist against different network attacks and to protect legitimate individuals' information and privacy. Finally, we demonstrate our computation and memory efficiency compared to related studies.

Original languageEnglish
Article number107427
JournalComputer Networks
Publication statusPublished - 9 Nov 2020

Bibliographical note

Publisher Copyright:
© 2020 Elsevier B.V.


This research was partially supported by ULAKBIM-TUBITAK and Nit METAL A. Ş. Company. Wethank anonymous reviewers for their so-called insights.

FundersFunder number


    • Automated verification
    • Biometric authentication
    • Client-server network
    • Cryptography
    • Privacy protection


    Dive into the research topics of 'A multibiometric cryptosystem for user authentication in client-server networks'. Together they form a unique fingerprint.

    Cite this