Privacy leakage in biometric secrecy systems

Motivated by Maurer [1993], Ahlswede and Csiszar [1993] introduced the concept of secret sharing. In their source model two terminals observe two correlated sequences. It is the objective of both terminals to form a common secret by interchanging a public message (helper data), that should contain only a negligible amount of information about the secret. Ahlswede and Csiszar showed that the maximum secret key rate that can be achieved in this way is equal to the mutual information between the two source outputs. In a biometric setting, where the sequences correspond to the enrollment and authentication data, it is crucial that the public message leaks as little information as possible about the biometric data, since compromised biometric data cannot be replaced. We investigate the fundamental trade-offs for four biometric settings. The first one is the standard (Ahlswede-Csiszar) secret generation setting, for which we determine the secret key rate - privacy leakage region. Here leakage corresponds to the mutual information between helper data and biometric enrollment sequence conditional on the secret. In the second setting the secret is not generated by the terminals but independently chosen, and transmitted using a public message. Again we determine the region of achievable rate - leakage pairs. In setting three and four we consider zero-leakage, i.e. the public message contains only a negligible amount of information about the secret and the biometric enrollment sequence. To achieve this a private key is needed which can be observed only by the terminals. We consider again both secret generation and secret transmission and determine for both cases the region of achievable secret key rate - private key rate pairs.

[1]  H. Vincent Poor,et al.  Secure lossless compression with side information , 2008, 2008 IEEE Information Theory Workshop.

[2]  Aaron D. Wyner,et al.  The rate-distortion function for source coding with side information at the decoder , 1976, IEEE Trans. Inf. Theory.

[3]  J. Wolfowitz The rate distortion function for source coding with side information at the decoder , 1979 .

[4]  Thomas M. Cover,et al.  A Proof of the Data Compression Theorem of Slepian and Wolf for Ergodic Sources , 1971 .

[5]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[6]  V. Prabhakaran,et al.  On Secure Distributed Source Coding , 2007, 2007 IEEE Information Theory Workshop.

[7]  Venkat Anantharam,et al.  The Common Randomness Capacity of a Pair of Independent Discrete Memoryless Channels , 1998, IEEE Trans. Inf. Theory.

[8]  Aaron D. Wyner,et al.  A theorem on the entropy of certain binary sequences and applications-II , 1973, IEEE Trans. Inf. Theory.

[9]  Prakash Narayan,et al.  Secret Key and Private Key Constructions for Simple Multiterminal Source Models , 2005, IEEE Transactions on Information Theory.

[10]  Fmj Frans Willems,et al.  On the security of XOR-method in biometric authentication systems , 2006 .

[11]  Aaron D. Wyner,et al.  A theorem on the entropy of certain binary sequences and applications-I , 1973, IEEE Trans. Inf. Theory.

[12]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[13]  Rudolf Ahlswede,et al.  Common Randomness in Information Theory and Cryptography - Part II: CR Capacity , 1998, IEEE Trans. Inf. Theory.

[14]  Frans M. J. Willems,et al.  Biometric Systems: Privacy and Secrecy Aspects , 2009, IEEE Transactions on Information Forensics and Security.

[15]  Imre Csiszár,et al.  Common randomness and secret key generation with a helper , 2000, IEEE Trans. Inf. Theory.

[16]  Imre Csiszár,et al.  Broadcast channels with confidential messages , 1978, IEEE Trans. Inf. Theory.

[17]  Adam D. Smith,et al.  Maintaining secrecy when information leakage is unavoidable , 2004 .