CALIPER: Continuous Authentication Layered with Integrated PKI Encoding Recognition

TL;DR

CALIPER introduces a continuous authentication protocol that uses biometric-derived cryptographic keys to securely verify user identity, even in compromised device environments, supporting remote and local authentication scenarios.

Contribution

The paper presents CALIPER, a novel protocol that embeds cryptographic keys in biometric challenges for continuous user authentication, enhancing security against device compromise.

Findings

Supports multiple biometric modalities and security levels

Enables privacy-preserving authentication even with compromised kernels

Can be extended to obfuscate kernel object manipulation malware

Abstract

Architectures relying on continuous authentication require a secure way to challenge the user's identity without trusting that the Continuous Authentication Subsystem (CAS) has not been compromised, i.e., that the response to the layer which manages service/application access is not fake. In this paper, we introduce the CALIPER protocol, in which a separate Continuous Access Verification Entity (CAVE) directly challenges the user's identity in a continuous authentication regime. Instead of simply returning authentication probabilities or confidence scores, CALIPER's CAS uses live hard and soft biometric samples from the user to extract a cryptographic private key embedded in a challenge posed by the CAVE. The CAS then uses this key to sign a response to the CAVE. CALIPER supports multiple modalities, key lengths, and security levels and can be applied in two scenarios: One where the CAS must authenticate its user to a CAVE running on a remote server (device-server) for access to remote application data, and another where the CAS must authenticate its user to a locally running trusted computing module (TCM) for access to local application data (device-TCM). We further demonstrate that CALIPER can leverage device hardware resources to enable privacy and security even when the device's kernel is compromised, and we show how this authentication protocol can even be expanded to obfuscate direct kernel object manipulation (DKOM) malwares.