THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

Bio-Cryptosystem Using Fuzzy Vault Scheme

— In recent years most challenging problem is protection of information from unauthorized users. The conventional Cryptographic systems are insufficient to provide a security. The main problem is how to protect private keys from attackers and Intruder such as in case of Internet Banking. Cryptographic systems have been widely used in many information security systems. Hence in this paper we have proposed a framework of Biometric based cryptosystems. It provide reliable way of hiding private keys by using biometric features of individuals. A fuzzy vault approach is used to protect private keys and to release them only when legitimate individual enter their biometric sample. The main advantage of this system is there is no need of storing biometric information. However, fuzzy vault systems do not store directly these templates since they are encrypted with private keys by using novel cryptography algorithm. In proposed framework we are combining iris features with the encryption algorithm that can be a new research direction. The proposed approach provides high security and also image information can be protected. DOI: 10.17762/ijritcc2321-8169.150712

EsPRESSo: Efficient Privacy-Preserving Evaluation of Sample Set Similarity

Electronic information is increasingly often shared among entities without complete mutual trust. To address related security and privacy issues, a few cryptographic techniques have emerged that support privacy-preserving information sharing and retrieval. One interesting open problem in this context involves two parties that need to assess the similarity of their datasets, but are reluctant to disclose their actual content. This paper presents an efficient and provably-secure construction supporting the privacy-preserving evaluation of sample set similarity, where similarity is measured as the Jaccard index. We present two protocols: the first securely computes the (Jaccard) similarity of two sets, and the second approximates it, using MinHash techniques, with lower complexities. We show that our novel protocols are attractive in many compelling applications, including document/multimedia similarity, biometric authentication, and genetic tests. In the process, we demonstrate that our constructions are appreciably more efficient than prior work.Comment: A preliminary version of this paper was published in the Proceedings of the 7th ESORICS International Workshop on Digital Privacy Management (DPM 2012). This is the full version, appearing in the Journal of Computer Securit

A novel cryptosystem based on iris key generation

Author name used in this publication: David ZhangBiometrics Research Centre, Department of ComputingVersion of RecordPublishe

An iris cryptosystem for information security

Author name used in this publication: David ZhangBiometrics Research Centre, Department of ComputingVersion of RecordPublishe