Secure Cloud Storage Using Multi-Modal Biometric Cryptosystem: A Deep Learning-Based Key Binding Approach

Authors

  • Ali Amer Abd-Aljabbar Electrical Engineering Technical College, Middle Technical University, Baghdad, Iraq.
  • Dalal Abdulmohsin Hammood Electrical Engineering Technical College, Middle Technical University, Baghdad, Iraq
  • Leith Hamid Abed Technical Institute of Anbar, Department of Computer Systems, Middle Technical University, Baghdad, Iraq

DOI:

https://doi.org/10.29304/jqcsm.2025.17.11976

Keywords:

Cloud Security, Key Binding, YOLOv8, DeepFace, VGG, Fuzzy Extractors

Abstract

Cloud computing has transformed data storage but presents security challenges, especially in authentication. Traditional passwords are vulnerable to attacks, while biometric authentication offers an alternative using fingerprints and facial recognition. However, biometric templates cannot be revoked if compromised. To address this, biometric cryptosystems integrate authentication with cryptography, though existing methods face computational and security challenges. This paper proposes a secure biometric cryptosystem for cloud storage using deep learning for biometric recognition and key binding techniques like fuzzy extractors and SHA-256 hashing. The system follows three phases: enrollment (feature extraction via YOLOv8 and DeepFace-VGG, fingerprint hashing with SHA-256, and key binding using fuzzy extractors), verification (cosine similarity for biometric matching), and encryption (AES-256 for secure storage). Experimental results show high authentication accuracy (mAP of 0.984 at 50% IoU), with FAR of 0%, FRR of 0.93%, and GAR of 99.07%. The comparative analysis highlights DeepFace-VGG’s effectiveness in feature extraction, SHA-256’s secure key generation, and fuzzy extractors' reliability in key reconstruction. The system resists replay attacks and biometric fluctuations while maintaining usability. Findings confirm that biometric authentication with cryptographic key binding enhances cloud security. Future research should explore scalability, multimodal biometrics, and advanced security methods like blockchain and homomorphic encryption

Downloads

Download data is not yet available.

References

B. Mahalakshmi and B. David, “An Analytical Survey on Multi-Biometric Authentication System for Enhancing the Security Levels in Cloud Computing,” in Proceedings of 8th IEEE International Conference on Science, Technology, Engineering and Mathematics, ICONSTEM 2023, Institute of Electrical and Electronics Engineers Inc., 2023. doi: 10.1109/ICONSTEM56934.2023.10142265.

A. M. Mostafa et al., “Strengthening Cloud Security: An Innovative Multi-Factor Multi-Layer Authentication Framework for Cloud User Authentication,” Applied Sciences 2023, Vol. 13, Page 10871, vol. 13, no. 19, p. 10871, Sep. 2023, doi: 10.3390/APP131910871.

A. K. Jain, A. A. Ross, and K. Nandakumar, “Introduction to Biometrics,” 2011, doi: 10.1007/978-0-387-77326-1.

O. Umoren, R. Singh, Z. Pervez, and K. Dahal, “Securing Fog Computing with a Decentralised User Authentication Approach Based on Blockchain,” Sensors 2022, Vol. 22, Page 3956, vol. 22, no. 10, p. 3956, May 2022, doi: 10.3390/S22103956.

T. Grance and W. Jansen, “Guidelines on Security and Privacy in Public Cloud Computing,” 2011, doi: 10.6028/NIST.SP.800-144.

N. K. Ratha and V. Govindaraju, “Advances in biometrics: Sensors, algorithms, and systems,” Advances in Biometrics: Sensors, Algorithms and Systems, pp. 1–503, 2008, doi: 10.1007/978-1-84628-921-7/COVER.

A. S. Amsalam, A. Al-Naji, A. Y. Daeef, and J. Chahl, “Computer Vision System for Facial Palsy Detection,” Journal of Techniques, vol. 5, no. 1, pp. 44–51, Mar. 2023, doi: 10.51173/JT.V5I1.1133.

F. Schroff, D. Kalenichenko, and J. Philbin, “FaceNet: A unified embedding for face recognition and clustering,” Proceedings of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition, vol. 07-12-June-2015, pp. 815–823, Oct. 2015, doi: 10.1109/CVPR.2015.7298682.

S. A. Salih, S. K. Gharghan, J. F. Mahdi, and I. J. Kadhim, “Lung Diseases Diagnosis-Based Deep Learning Methods: A Review,” Journal of Techniques, vol. 5, no. 3, pp. 158–173, Sep. 2023, doi: 10.51173/JT.V5I3.1469.

N. N. Ali, A. Hameed, A. G. Perera, and A. Al_Naji, “Custom YOLO Object Detection Model for COVID-19 Diagnosis,” Journal of Techniques, vol. 5, no. 3, pp. 92–100, Sep. 2023, doi: 10.51173/JT.V5I3.1174.

A. B. Nassif, I. Shahin, I. Attili, M. Azzeh, and K. Shaalan, “Speech Recognition Using Deep Neural Networks: A Systematic Review,” IEEE Access, vol. 7, pp. 19143–19165, 2019, doi: 10.1109/ACCESS.2019.2896880.

A. Graves, A. R. Mohamed, and G. Hinton, “Speech Recognition with Deep Recurrent Neural Networks,” ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings, pp. 6645–6649, Mar. 2013, doi: 10.1109/ICASSP.2013.6638947.

N. Siroya and M. Mandot, “Biometric identification using deep learning for advance cloud security,” in Deep Learning Approaches to Cloud Security, wiley, 2021, pp. 1–14. doi: 10.1002/9781119760542.ch1.

E. Abdellatef, N. A. Ismail, S. E. S. E. Abd Elrahman, K. N. Ismail, M. Rihan, and F. E. Abd El-Samie, “Cancelable multi-biometric recognition system based on deep learning,” Visual Computer, vol. 36, no. 6, pp. 1097–1109, Jun. 2020, doi: 10.1007/s00371-019-01715-5.

T. Sudhakar and M. Gavrilova, “Cancelable Biometrics Using Deep Learning as a Cloud Service,” IEEE Access, vol. 8, pp. 112932–112943, 2020, doi: 10.1109/ACCESS.2020.3003869.

A. Zeroual, M. Amroune, M. Derdour, and A. Bentahar, “Lightweight deep learning model to secure authentication in Mobile Cloud Computing,” Journal of King Saud University - Computer and Information Sciences, vol. 34, no. 9, pp. 6938–6948, Oct. 2022, doi: 10.1016/j.jksuci.2021.09.016.

R. Shukla and H. Kaur, “Deep learning based cancelable biometric system,” in 2023 14th International Conference on Computing Communication and Networking Technologies, ICCCNT 2023, Institute of Electrical and Electronics Engineers Inc., 2023. doi: 10.1109/ICCCNT56998.2023.10307990.

E. Gonzalez-Sosa, J. Fierrez, R. Vera-Rodriguez, and F. Alonso-Fernandez, “Facial Soft Biometrics for Recognition in the Wild: Recent Works, Annotation, and COTS Evaluation,” IEEE Transactions on Information Forensics and Security, vol. 13, no. 8, pp. 2001–2014, Oct. 2022, doi: 10.1109/TIFS.2018.2807791.

S. G. E. Brucal, L. C. M. De Jesus, S. R. Peruda, L. A. Samaniego, and E. D. Yong, “Development of Tomato Leaf Disease Detection using YoloV8 Model via RoboFlow 2.0,” GCCE 2023 - 2023 IEEE 12th Global Conference on Consumer Electronics, pp. 692–694, 2023, doi: 10.1109/GCCE59613.2023.10315251.

C. Gottschlich and S. Huckemann, “Separating the real from the synthetic: minutiae histograms as fingerprints of fingerprints,” IET Biom, vol. 3, no. 4, pp. 291–301, Dec. 2014, doi: 10.1049/IET-BMT.2013.0065.

A. R. Lahitani, A. E. Permanasari, and N. A. Setiawan, “Cosine similarity to determine similarity measure: Study case in online essay assessment,” Proceedings of 2016 4th International Conference on Cyber and IT Service Management, CITSM 2016, Sep. 2016, doi: 10.1109/CITSM.2016.7577578.

A. Biryukov and D. Khovratovich, “Related-Key Cryptanalysis of the Full AES-192 and AES-256,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5912 LNCS, pp. 1–18, 2009, doi: 10.1007/978-3-642-10366-7_1.

A. Biryukov, O. Dunkelman, N. Keller, D. Khovratovich, and A. Shamir, “Key recovery attacks of practical complexity on AES-256 variants with up to 10 rounds,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 6110 LNCS, pp. 299–319, 2010, doi: 10.1007/978-3-642-13190-5_15.

F. Abbaas and G. Serpen, “Evaluation of biometric user authentication using an ensemble classifier with face and voice recognition,” May 2020, Accessed: Feb. 06, 2025. [Online]. Available: https://arxiv.org/abs/2006.00548v1

M. Mageshbabu and J. Mohana, “Enhancing Biometric Security: A Machine Learning Approach to ECG-Based Authentication,” 2nd International Conference on Intelligent Cyber Physical Systems and Internet of Things, ICoICI 2024 - Proceedings, pp. 1654–1659, 2024, doi: 10.1109/ICOICI62503.2024.10696328.

R. Padilla, W. L. Passos, T. L. B. Dias, S. L. Netto, and E. A. B. Da Silva, “A Comparative Analysis of Object Detection Metrics with a Companion Open-Source Toolkit,” Electronics 2021, Vol. 10, Page 279, vol. 10, no. 3, p. 279, Jan. 2021, doi: 10.3390/ELECTRONICS10030279.

K. Nandakumar and A. K. Jain, “Biometric Template Protection: Bridging the performance gap between theory and practice,” IEEE Signal Process Mag, vol. 32, no. 5, pp. 88–100, Sep. 2015, doi: 10.1109/MSP.2015.2427849.

U. Uludag, S. Pankanti, and A. K. Jain, “Fuzzy Vault for Fingerprints,” Lecture Notes in Computer Science, vol. 3546, pp. 310–319, 2005, doi: 10.1007/11527923_32.

Y. Dodis, R. Ostrovsky, L. Reyzin, and A. Smith, “Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data,” SIAM Journal on Computing, vol. 38, no. 1, pp. 97–139, Feb. 2006, doi: 10.1137/060651380.

J. M. Cheng and H. C. Wang, “A method of estimating the equal error rate for automatic speaker verification,” 2004 International Symposium on Chinese Spoken Language Processing - Proceedings, pp. 285–288, 2004, doi: 10.1109/CHINSL.2004.1409642.

Downloads

Published

2025-03-30

How to Cite

Abd-Aljabbar, A. A., Hammood, D. A., & Abed, L. H. (2025). Secure Cloud Storage Using Multi-Modal Biometric Cryptosystem: A Deep Learning-Based Key Binding Approach. Journal of Al-Qadisiyah for Computer Science and Mathematics, 17(1), COMP. 214–229. https://doi.org/10.29304/jqcsm.2025.17.11976

Issue

Vol. 17 No. 1 (2025): JQCM

Section

Computer Articles

License

Copyright (c) 2025 Ali Amer Abd-Aljabbar, Dalal Abdulmohsin Hammood, Leith Hamid Abed

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.