628 research outputs found
THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system
In this paper, we propose a new biometric verification and template
protection system which we call the THRIVE system. The system includes novel
enrollment and authentication protocols based on threshold homomorphic
cryptosystem where the private key is shared between a user and the verifier.
In the THRIVE system, only encrypted binary biometric templates are stored in
the database and verification is performed via homomorphically randomized
templates, thus, original templates are never revealed during the
authentication stage. The THRIVE system is designed for the malicious model
where the cheating party may arbitrarily deviate from the protocol
specification. Since threshold homomorphic encryption scheme is used, a
malicious database owner cannot perform decryption on encrypted templates of
the users in the database. Therefore, security of the THRIVE system is enhanced
using a two-factor authentication scheme involving the user's private key and
the biometric data. We prove security and privacy preservation capability of
the proposed system in the simulation-based model with no assumption. The
proposed system is suitable for applications where the user does not want to
reveal her biometrics to the verifier in plain form but she needs to proof her
physical presence by using biometrics. The system can be used with any
biometric modality and biometric feature extraction scheme whose output
templates can be binarized. The overall connection time for the proposed THRIVE
system is estimated to be 336 ms on average for 256-bit biohash vectors on a
desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link
connection speed. Consequently, the proposed system can be efficiently used in
real life applications
Decodability Attack against the Fuzzy Commitment Scheme with Public Feature Transforms
The fuzzy commitment scheme is a cryptographic primitive that can be used to
store biometric templates being encoded as fixed-length feature vectors
protected. If multiple related records generated from the same biometric
instance can be intercepted, their correspondence can be determined using the
decodability attack. In 2011, Kelkboom et al. proposed to pass the feature
vectors through a record-specific but public permutation process in order to
prevent this attack. In this paper, it is shown that this countermeasure
enables another attack also analyzed by Simoens et al. in 2009 which can even
ease an adversary to fully break two related records. The attack may only be
feasible if the protected feature vectors have a reasonably small Hamming
distance; yet, implementations and security analyses must account for this
risk. This paper furthermore discusses that by means of a public
transformation, the attack cannot be prevented in a binary fuzzy commitment
scheme based on linear codes. Fortunately, such transformations can be
generated for the non-binary case. In order to still be able to protect binary
feature vectors, one may consider to use the improved fuzzy vault scheme by
Dodis et al. which may be secured against linkability attacks using
observations made by Merkle and Tams
Coding Solutions for the Secure Biometric Storage Problem
The paper studies the problem of securely storing biometric passwords, such
as fingerprints and irises. With the help of coding theory Juels and Wattenberg
derived in 1999 a scheme where similar input strings will be accepted as the
same biometric. In the same time nothing could be learned from the stored data.
They called their scheme a "fuzzy commitment scheme". In this paper we will
revisit the solution of Juels and Wattenberg and we will provide answers to two
important questions: What type of error-correcting codes should be used and
what happens if biometric templates are not uniformly distributed, i.e. the
biometric data come with redundancy. Answering the first question will lead us
to the search for low-rate large-minimum distance error-correcting codes which
come with efficient decoding algorithms up to the designed distance. In order
to answer the second question we relate the rate required with a quantity
connected to the "entropy" of the string, trying to estimate a sort of
"capacity", if we want to see a flavor of the converse of Shannon's noisy
coding theorem. Finally we deal with side-problems arising in a practical
implementation and we propose a possible solution to the main one that seems to
have so far prevented real life applications of the fuzzy scheme, as far as we
know.Comment: the final version appeared in Proceedings Information Theory Workshop
(ITW) 2010, IEEE copyrigh
A New Biometric Template Protection using Random Orthonormal Projection and Fuzzy Commitment
Biometric template protection is one of most essential parts in putting a
biometric-based authentication system into practice. There have been many
researches proposing different solutions to secure biometric templates of
users. They can be categorized into two approaches: feature transformation and
biometric cryptosystem. However, no one single template protection approach can
satisfy all the requirements of a secure biometric-based authentication system.
In this work, we will propose a novel hybrid biometric template protection
which takes benefits of both approaches while preventing their limitations. The
experiments demonstrate that the performance of the system can be maintained
with the support of a new random orthonormal project technique, which reduces
the computational complexity while preserving the accuracy. Meanwhile, the
security of biometric templates is guaranteed by employing fuzzy commitment
protocol.Comment: 11 pages, 6 figures, accepted for IMCOM 201
The best of both worlds: Applying secure sketches to cancelable biometrics
AbstractCancelable biometrics and secure sketches have been introduced with the same purpose in mind: to protect the privacy of biometric templates while keeping the ability to match this protected data against a reference. The paradigm beyond cancelable biometrics is to perform an irreversible transformation over images and to make matching over transformed images. On one hand, a drawback of this technique is that for biometrics using a matching algorithm relying on some complex characteristics, such as the ones used for fingerprints, the irreversible transformation tends to break the underlying structure, thus degrading the performance accuracy. On the other hand, for secure sketches, matching is reduced to an error correction and we show here that applying secure sketch error correction to cancelable biometrics allows one to keep good matching performance. Moreover, the security’s advantages of both schemes adds up together
- …