The best of both worlds: Applying secure sketches to cancelable biometrics

AbstractCancelable biometrics and secure sketches have been introduced with the same purpose in mind: to protect the privacy of biometric templates while keeping the ability to match this protected data against a reference. The paradigm beyond cancelable biometrics is to perform an irreversible transformation over images and to make matching over transformed images. On one hand, a drawback of this technique is that for biometrics using a matching algorithm relying on some complex characteristics, such as the ones used for fingerprints, the irreversible transformation tends to break the underlying structure, thus degrading the performance accuracy. On the other hand, for secure sketches, matching is reduced to an error correction and we show here that applying secure sketch error correction to cancelable biometrics allows one to keep good matching performance. Moreover, the security’s advantages of both schemes adds up together

Pseudo Identities Based on Fingerprint Characteristics

This paper presents the integrated project TURBINE which is funded under the EU 7th research framework programme. This research is a multi-disciplinary effort on privacy enhancing technology, combining innovative developments in cryptography and fingerprint recognition. The objective of this project is to provide a breakthrough in electronic authentication for various applications in the physical world and on the Internet. On the one hand it will provide secure identity verification thanks to fingerprint recognition. On the other hand it will reliably protect the biometric data through advanced cryptography technology. In concrete terms, it will provide the assurance that (i) the data used for the authentication, generated from the fingerprint, cannot be used to restore the original fingerprint sample, (ii) the individual will be able to create different "pseudo-identities" for different applications with the same fingerprint, whilst ensuring that these different identities (and hence the related personal data) cannot be linked to each other, and (iii) the individual is enabled to revoke an biometric identifier (pseudo-identity) for a given application in case it should not be used anymore

Questions de Sécurité et de Vie Privée autour des Protocoles d'Identification de Personnes et d'Objets

The term 'identification' refers to a situation where a person, or a communicating device, provides an element that ensures its automatic recognition. This differs from authentication in which the claimed identity is proved with credentials. We take interest in both the identification of people and devices; the former goes through biometrics, and we study the particular case where devices communicate through electromagnetic waves. These situations raise the issues of security and privacy. Security is a confidence level in the outcome of the identification; privacy ensures that an eavesdropper cannot infer information from public elements. We show that in order to design private biometric identification protocols, special care must be taken for the storage of the biometric data. We describe several such protocols that are based on cryptographic primitives. We also show how to use identification codes to design a protocol for private interrogation of low-cost wireless devices, both private and secure.On parle d'identification lorsqu'une personne ou un objet communicant présente un élément qui permet sa reconnaissance automatique. Ce mode s'oppose traditionnellement à l'authentification, dans laquelle on prouve une identité annoncée. Nous nous intéressons ici à l'identification biométrique d'une part, et à l'identification d'objets communicants sans-fil d'autre part. Les questions de la sécurité et du respect de la vie privée sont posées. Il y a sécurité si on peut s'assurer de la certitude que l'identification produit le bon résultat, et la vie privée est respectée si une personne extérieure au système ne peut pas déduire d'information à partir d'éléments publics. Nous montrons que dans le cas biométrique, le maillon le plus sensible du système se situe au niveau du stockage des données, alors que dans le cas de communications sans-fil, c'est le contenu des messages qui doit être protégé. Nous proposons plusieurs protocoles d'identification biométrique qui respectent la vie privée des utilisateurs; ces protocoles utilisent un certain nombre de primitives cryptographiques. Nous montrons par ailleurs comment l'utilisation de codes d'identification permet de mettre en oeuvre des protocoles d'interrogation d'objets communicants

Questions de sécurité et de vie privée autour des protocoles d'identification de personnes et d'objets

On parle d'identification lorsqu'une personne ou un objet communicant présente un élément qui permet sa reconnaissance automatique. Ce mode s'oppose traditionnellement à l'authentification, dans laquelle on prouve une identité annoncée. Nous nous intéressons ici à l'identification biométrique d'une part, et à l'identification d'objets communicants sans-fil d'autre part. Les questions de la sécurité et du respect de la vie privée sont posées. Il y a sécurité si on peut s'assurer de la certitude que l'identification produit le bon résultat, et la vie privée est respectée si une personne extérieure au système ne peut pas déduire d'information à partir d'éléments publics. Nous montrons que dans le cas biométrique, le maillon le plus sensible du système se situe au niveau du stockage des données, alors que dans le cas de communications sans-fil, c'est le contenu des messages qui doit être protégé. Nous proposons plusieurs protocoles d'identification biométrique qui respectent la vie privée des utilisateurs; ces protocoles utilisent un certain nombre de primitives cryptographiques. Nous montrons par ailleurs comment l'utilisation de codes d'identification permet de mettre en oeuvre des protocoles d'interrogation d'objets communicants.The term 'identification' refers to a situation where a person, or a communicating device, provides an element that ensures its automatic recognition. This differs from authentication in which the claimed identity is proved with credentials. We take interest in both the identification of people and devices; the former goes through biometrics, and we study the particular case where devices communicate through electromagnetic waves. These situations raise the issues of security and privacy. Security is a confidence level in the outcome of the identification; privacy ensures that an eavesdropper cannot infer information from public elements. We show that in order to design private biometric identification protocols, special care must be taken for the storage of the biometric data. We describe several such protocols that are based on cryptographic primitives. We also show how to use identification codes to design a protocol for private interrogation of low-cost wireless devices, both private and secure.PARIS-Télécom ParisTech (751132302) / SudocSudocFranceF

Towards Soft Real-Time Applications on Enterprise Desktop Grids

Desktop grids use the idle cycles of desktop PC's to provide huge computational power at low cost. However, because the underlying desktop computing resources are volatile, achieving performance guarantees such as task completion rate is difficult. We investigate the use of buffering to ensure task completion rates, which is essential for soft real-time applications. In particular, we develop a model of task completion rate as a function of buffer size. We instantiate this model using parameters derived from two enterprise desktop grid data sets, evaluate the model via trace-driven simulation, and show how this model can be used to ensure application task completion rates on enterprise desktop grid systems

Towards Soft Real-Time Applications on Enterprise Desktop Grids

Desktop grids use the idle cycles of desktop PC's to provide huge computational power at low cost. However, because the underlying desktop computing resources are volatile, achieving performance guarantees such as task completion rate is difficult. We investigate the use of buffering to ensure task completion rates, which is essential for soft real-time applications. In particular, we develop a model of task completion rate as a function of buffer size. We instantiate this model using parameters derived from two enterprise desktop grid data sets, evaluate the model via trace-driven simulation, and show how this model can be used to ensure application task completion rates on enterprise desktop grid systems

Theoretical and Practical Boundaries of Binary Secure Sketches

Fuzzy commitment schemes, introduced as a link between biometrics and cryptography, are a way to handle biometric data matching as an error-correction issue. We focus here on finding the best error-correcting code with respect to a given database of biometric data. We propose a method that models discrepancies between biometric measurements as an erasure and error channel, and we estimate its capacity. We then show that two-dimensional iterative min-sum decoding of properly chosen product codes almost reaches the capacity of this channel. This leads to practical fuzzy commitment schemes that are close to theoretical limits. We test our techniques on public iris and fingerprint databases and validate our findings