2 research outputs found
Biometric Verification Secure Against Malicious Adversaries
Biometric verification has been widely deployed in current authentication
solutions as it proves the physical presence of individuals. To protect the
sensitive biometric data in such systems, several solutions have been developed
that provide security against honest-but-curious (semi-honest) attackers.
However, in practice attackers typically do not act honestly and multiple
studies have shown drastic biometric information leakage in such
honest-but-curious solutions when considering dishonest, malicious attackers.
In this paper, we propose a provably secure biometric verification protocol
to withstand malicious attackers and prevent biometric data from any sort of
leakage. The proposed protocol is based on a homomorphically encrypted log
likelihood-ratio-based (HELR) classifier that supports any biometric modality
(e.g. face, fingerprint, dynamic signature, etc.) encoded as a fixed-length
real-valued feature vector and performs an accurate and fast biometric
recognition. Our protocol, that is secure against malicious adversaries, is
designed from a protocol secure against semi-honest adversaries enhanced by
zero-knowledge proofs. We evaluate both protocols for various security levels
and record a sub-second speed (between s and s) for the protocol
against semi-honest adversaries and between s and s for the
protocol secure against malicious adversaries.Comment: This is a complete reworking and major expansion of our paper
arXiv:1705.09936 * Reworking of original semi-honest protocol and its
security proof * Major expansions: tailored zero-knowledge proofs; efficient
variant of original protocol that we prove secure against malicious
adversaries; extensive experimental evaluation using three different
datasets; in-depth comparison with related wor