IEEE Access (Jan 2025)
Toward Secure and Transparent Global Authentication: A Blockchain-Based System Integrating Biometrics and Subscriber Identification Module
Abstract
The growing reliance on e-government services necessitates robust and secure user authentication. Existing solutions often suffer from limitations such as lack of transparency, compromise of user privacy, and reliance on a central server, thus introducing a single point of failure (SPOF). This paper proposes B2-GAS, a novel Biometric and Blockchain-based Global Authentication System, that addresses these shortcomings. B2-GAS leverages user biometrics on smartphones for strong identification and isolates sensitive cryptographic operations within a secure enclave on a SIM card. This approach safeguards user privacy and data security. By employing blockchain technology, B2-GAS eliminates SPOFs, ensures tamper-proof transaction storage, and guarantees transparency. Unlike existing protocols, which often rely on theoretical analysis, B2-GAS utilizes an emulated environment to assess its performance under realistic conditions. This allows for a more practical evaluation compared to purely theoretical approaches. B2-GAS exerts multiple factors during authentication including biometrics, a password, and a secret parameter to further enhance security. Rigorous security proofs demonstrate B2-GAS’s resistance to user impersonation, offline password-guessing, replay attacks, and brute-force attempts. Evaluation using the emulated environment and blockchain simulations demonstrates B2-GAS security parameters, performance, and computational overheads. By combining biometrics, secure SIM enclaves, and blockchain, B2-GAS offers a unique and robust authentication solution for diverse e-government services in smart cities.
Keywords
