THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

Relations among Security Metrics for Template Protection Algorithms

Many biometric template protection algorithms have been proposed mainly in two approaches: biometric feature transformation and biometric cryptosystem. Security evaluation of the proposed algorithms are often conducted in various inconsistent manner. Thus, it is strongly demanded to establish the common evaluation metrics for easier comparison among many algorithms. Simoens et al. and Nagar et al. proposed good metrics covering nearly all aspect of requirements expected for biometric template protection algorithms. One drawback of the two papers is that they are biased to experimental evaluation of security of biometric template protection algorithms. Therefore, it was still difficult mainly for algorithms in biometric cryptosystem to prove their security according to the proposed metrics. This paper will give a formal definitions for security metrics proposed by Simoens et al. and Nagar et al. so that it can be used for the evaluation of both of the two approaches. Further, this paper will discuss the relations among several notions of security metrics

Pitfall of the Detection Rate Optimized Bit Allocation within template protection and a remedy

One of the requirements of a biometric template protection system is that the protected template ideally should not leak any information about the biometric sample or its derivatives. In the literature, several proposed template protection techniques are based on binary vectors. Hence, they require the extraction of a binary representation from the real- valued biometric sample. In this work we focus on the Detection Rate Optimized Bit Allocation (DROBA) quantization scheme that extracts multiple bits per feature component while maximizing the overall detection rate. The allocation strategy has to be stored as auxiliary data for reuse in the verification phase and is considered as public. This implies that the auxiliary data should not leak any information about the extracted binary representation. Experiments in our work show that the original DROBA algorithm, as known in the literature, creates auxiliary data that leaks a significant amount of information. We show how an adversary is able to exploit this information and significantly increase its success rate on obtaining a false accept. Fortunately, the information leakage can be mitigated by restricting the allocation freedom of the DROBA algorithm. We propose a method based on population statistics and empirically illustrate its effectiveness. All the experiments are based on the MCYT fingerprint database using two different texture based feature extraction algorithms

On Burst Error Correction and Storage Security of Noisy Data

Secure storage of noisy data for authentication purposes usually involves the use of error correcting codes. We propose a new model scenario involving burst errors and present for that several constructions.Comment: to be presented at MTNS 201