An architecture for practical confidentiality-strengthened face authentication embedding homomorphic cryptography

Abstract

International audienceIn this paper, we propose and experiment a system architecture which intends to significantly strengthen the security of biometric authentication with respect to the confidentiality(by design) of the users' references needed to perform such a function. Our architecture has been designed to ensure that these biometric references are permanently encrypted and that the (single) server processing them has no decryption capability (in particular, does not have access to any decryption key). In order to do so, we use homomorphic encryption techniques which allow to perform calculations directly over encrypted data. We report on the careful architectural choices and agressive optimizations we had to make in order to be able to deploy an off-the-shelf face recognition module into this architecture. As the performance results presented in the paper demonstrate, we claim to have achieved practically relevant levels of performance and security in a realistic setting