Fuzzy-in-the-Loop-Driven Low-Cost and Secure Biometric User Access to Server

Azeem Irshad, Muhammad Usman, Shehzad Ashraf Chaudhry, Ali Kashif Bashir, Alireza Jolfaei, Gautam Srivastava

Research output: Contribution to journalArticlepeer-review

11 Citations (Scopus)


Fuzzy systems can aid in diminishing uncertainty and noise from biometric security applications by providing an intelligent layer to the existing physical systems to make them reliable. In the absence of such fuzzy systems, a little random perturbation in captured human biometrics could disrupt the whole security system, which may even decline the authentication requests of legitimate entities during the protocol execution. In the literature, few fuzzy logic-based biometric authentication schemes have been presented; however, they lack significant security features including perfect forward secrecy (PFS), untraceability, and resistance to known attacks. This article, therefore, proposes a novel two-factor biometric authentication protocol enabling efficient and secure combination of physically unclonable functions, a physical object analogous to human fingerprint, with user biometrics by employing fuzzy extractor-based procedures in the loop. This combination enables the participants in the protocol to achieve PFS. The security of the proposed scheme is tested using the well-known real-or-random model. The performance analysis signifies the fact that the proposed scheme not only offers PFS, untraceability, and anonymity to the participants, but is also resilient to known attacks using light-weight symmetric operations, which makes it an imperative advancement in the category of intelligent and reliable security solutions.

Original languageEnglish
Pages (from-to)1014-1025
Number of pages12
Issue number3
Publication statusPublished - Sept 2021
Externally publishedYes


  • Biometric fuzzy extractor (FE)
  • fuzzy systems
  • mutual authentication
  • physical unclonable function (PUF)
  • user access


Dive into the research topics of 'Fuzzy-in-the-Loop-Driven Low-Cost and Secure Biometric User Access to Server'. Together they form a unique fingerprint.

Cite this