A Novel Length-Flexible Lightweight Cancelable Fingerprint Template for Privacy-Preserving Authentication Systems in Resource-Constrained IoT Applications

Fingerprint authentication techniques have been employed in various Internet of Things (IoT) applications for access control to protect private data, but raw fingerprint template leakage in unprotected IoT applications may render the authentication system insecure. Cancelable fingerprint templates can effectively prevent privacy breaches and provide strong protection to the original templates. However, to suit resource-constrained IoT devices, oversimplified templates would compromise authentication performance significantly. In addition, the length of existing cancelable fingerprint templates is usually fixed, making them difficult to be deployed in various memory-limited IoT devices. To address these issues, we propose a novel length-flexible lightweight cancelable fingerprint template for privacy-preserving authentication systems in various resource-constrained IoT applications. The proposed cancelable template design primarily consists of two components: 1) length-flexible partial-cancelable feature generation based on the designed reindexing scheme and 2) lightweight cancelable feature generation based on the designed encoding nested difference XOR scheme. Comprehensive experimental results on public databases FVC2002 DB1-DB4 and FVC2004 DB1-DB4 demonstrate that the proposed cancelable fingerprint template achieves equivalent authentication performance to state-of-the-art methods in IoT environments, but our design substantially reduces template storage space and computational cost. More importantly, the proposed length-flexible lightweight cancelable template is suitable for a variety of commercial smart cards (e.g., C5-M.O.S.T. Card Contact Microprocessor Smart Cards CLXSU064KC5). To the best of our knowledge, the proposed method is the first length-flexible lightweight, high-performing cancelable fingerprint template design for resource-constrained IoT applications

A Review of Homomorphic Encryption for Privacy-Preserving Biometrics

The advancement of biometric technology has facilitated wide applications of biometrics in law enforcement, border control, healthcare and financial identification and verification. Given the peculiarity of biometric features (e.g., unchangeability, permanence and uniqueness), the security of biometric data is a key area of research. Security and privacy are vital to enacting integrity, reliability and availability in biometric-related applications. Homomorphic encryption (HE) is concerned with data manipulation in the cryptographic domain, thus addressing the security and privacy issues faced by biometrics. This survey provides a comprehensive review of state-of-the-art HE research in the context of biometrics. Detailed analyses and discussions are conducted on various HE approaches to biometric security according to the categories of different biometric traits. Moreover, this review presents the perspective of integrating HE with other emerging technologies (e.g., machine/deep learning and blockchain) for biometric security. Finally, based on the latest development of HE in biometrics, challenges and future research directions are put forward