POSTER: Secure authentication from facial attributeswith no privacy loss

Biometric authentication is more secure than using regular passwords, as biometrics cannot be "forgotten" and contain high entropy. Thus, many constructions rely on biometric features for authentication, and use them as a source for "good" cryptographic keys. At the same time, biometric systems carry with them many privacy concerns. We describe a proof-of-concept (PoC) which transforms facial attributes from a single image into keys in a consistent, discriminative, and privacy-aware manner. The outcome is a user-specific string that cannot be guessed, and it reveals no information concerning the users of the system, even when the system's secrets are revealed.

[1]  John Daugman,et al.  The importance of being random: statistical principles of iris recognition , 2003, Pattern Recognit..

[2]  Anton H. M. Akkermans,et al.  Face recognition with renewable and privacy preserving binary templates , 2005, Fourth IEEE Workshop on Automatic Identification Advanced Technologies (AutoID'05).

[3]  Martin J. Wainwright,et al.  Scale Mixtures of Gaussians and the Statistics of Natural Images , 1999, NIPS.

[4]  Andrew Beng Jin Teoh,et al.  Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[5]  Chun Chen,et al.  Biometric binary string generation with detection rate optimized bit allocation , 2008, 2008 IEEE Computer Society Conference on Computer Vision and Pattern Recognition Workshops.

[6]  David J. Kriegman,et al.  Eigenfaces vs. Fisherfaces: Recognition Using Class Specific Linear Projection , 1996, ECCV.

[7]  Shih-Fu Chang,et al.  Sequential Projection Learning for Hashing with Compact Codes , 2010, ICML.

[8]  Shuicheng Yan,et al.  An HOG-LBP human detector with partial occlusion handling , 2009, 2009 IEEE 12th International Conference on Computer Vision.

[9]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[10]  Michael K. Reiter,et al.  The Practical Subtleties of Biometric Key Generation , 2008, USENIX Security Symposium.

[11]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[12]  M. Turk,et al.  Eigenfaces for Recognition , 1991, Journal of Cognitive Neuroscience.

[13]  David Zhang,et al.  An analysis of BioHashing and its variants , 2006, Pattern Recognit..

[14]  Nasir D. Memon,et al.  Protecting Biometric Templates With Sketch: Theory and Practice , 2007, IEEE Transactions on Information Forensics and Security.

[15]  Ari Juels,et al.  Error-tolerant password recovery , 2001, CCS '01.

[16]  Andreas Uhl,et al.  A survey on biometric cryptosystems and cancelable biometrics , 2011, EURASIP J. Inf. Secur..

[17]  Pong C. Yuen,et al.  A Hybrid Approach for Generating Secure and Discriminating Face Template , 2010, IEEE Transactions on Information Forensics and Security.