Impacts on Database Performance in a Privacy-Preserving Biometric Authentication Scenario

—Nowadays, biometric data are more and more used within authentication processes. Such data are usually stored in databases and underlie inherent privacy concerns. Therefore, special attention should be paid to their handling. We propose an extension to an existing privacy preserving similarity verification system. The Paillier scheme, being an asymmetric as well as additive homomorphic cryptography approach, enables signal processing in the encrypted domain operations. Amongst other modifications, we introduce a padding approach to increase entropy for better filling the co-domain. As a result, we combine the benefits of signal processing in the encrypted domain with the advantages of salting. The concept of verification of encrypted biometric data comes at the cost of increased computational effort in contrast to already available biometric systems. Nevertheless, this additional cost is in many scenarios justified by addressing that most currently available biometric authentication systems lack sufficient privacy protection. In our evaluation, we focus on performance issues of the privacy-preserving biometric authentication scheme with respect to database response time. The results presented for different evaluations on the influence of numbers of users, template sizes, and cryptographic key lengths show that the increase in effort required caused by our extensions is negligible. Furthermore, our improved scheme lowers the error rates attached as well as it reduces the amount of data that is disclosed in an authentication attempt. Our work highlights that user- and privacy-centric approaches to authentication have become feasible in the last few years. Modern schemes, as the one discussed in this paper, are not only efficient but also make the usage of data mining techniques in the domain of user tracking much more difficult.

[1]  Otto-von-Guericke Taxonomy for Computer Security Incidents , 2017 .

[2]  Claus Vielhauer,et al.  Using different encryption schemes for secure deletion while supporting queries , 2015, BTW Workshops.

[3]  Martin Schäler,et al.  On performance optimization potentials regarding data classification in forensics , 2015, BTW Workshops.

[4]  Gunter Saake,et al.  Performance Impacts in Database Privacy-Preserving Biometric Authentication , 2014, SECURWARE 2014.

[5]  Martin Schäler,et al.  Toward variability management to tailor high dimensional index implementations , 2014, 2014 IEEE Eighth International Conference on Research Challenges in Information Science (RCIS).

[6]  Martin Schäler,et al.  Minimal-invasive provenance integration into data-intensive systems , 2014 .

[7]  Hannes Federrath,et al.  Behavior-based tracking: Exploiting characteristic patterns in DNS traffic , 2013, Comput. Secur..

[8]  Gunter Saake,et al.  QuEval: Beyond high-dimensional indexing a la carte , 2013, Proc. VLDB Endow..

[9]  Gunter Saake,et al.  Privacy-Aware Multidimensional Indexing , 2013, BTW.

[10]  Stefan Katzenbeisser,et al.  Design Aspects of Secure Biometric Systems and Biometrics in the Encrypted Domain , 2013, Security and Privacy in Biometrics.

[11]  Martin Schäler,et al.  Secure Deletion: Towards Tailor-Made Privacy in Database Systems , 2013, BTW Workshops.

[12]  Gunter Saake,et al.  Challenges in Finding an Appropriate Multi-Dimensional Index Structure with Respect to Specific Use Cases , 2012, Grundlagen von Datenbanken.

[13]  Gunter Saake,et al.  Reliable Provenance Information for Multimedia Data Using Invertible Fragile Watermarks , 2011, BNCOD.

[14]  Nitesh Saxena,et al.  On the effectiveness of anonymizing networks for web search privacy , 2011, ASIACCS '11.

[15]  Carsten Binnig,et al.  Query Processing on Encrypted Data in the Cloud by , 2011 .

[16]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[17]  K. Srinathan,et al.  Efficient Biometric Verification in Encrypted Domain , 2009, ICB.

[18]  Sheng Zhong,et al.  Two methods for privacy preserving data mining with malicious participants , 2007, Inf. Sci..

[19]  Divyakant Agrawal,et al.  Privacy preserving decision tree learning over multiple parties , 2007, Data Knowl. Eng..

[20]  Gerome Miklau,et al.  Threats to privacy in the forensic analysis of database systems , 2007, SIGMOD '07.

[21]  Yücel Saygin,et al.  Privacy Preserving Clustering on Horizontally Partitioned Data , 2006, 22nd International Conference on Data Engineering Workshops (ICDEW'06).

[22]  Arun Ross,et al.  Biometric template security: Challenges and solutions , 2005, 2005 13th European Signal Processing Conference.

[23]  John Daugman,et al.  How iris recognition works , 2002, IEEE Transactions on Circuits and Systems for Video Technology.

[24]  Rudolf Bayer,et al.  Organization and maintenance of large ordered indexes , 1972, Acta Informatica.

[25]  A. Juels,et al.  A Fuzzy Vault Scheme , 2002, Proceedings IEEE International Symposium on Information Theory,.

[26]  Paul Jones,et al.  Secrets and Lies: Digital Security in a Networked World , 2002 .

[27]  P. L. Venetianer,et al.  An Iris Biometric System for Public and Personal Use , 2000, Computer.

[28]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[29]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[30]  Hans-Peter Kriegel,et al.  The pyramid-technique: towards breaking the curse of dimensionality , 1998, SIGMOD '98.

[31]  Antonin Guttman,et al.  R-trees: a dynamic index structure for spatial searching , 1984, SIGMOD '84.

[32]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[33]  Douglas Comer,et al.  Ubiquitous B-Tree , 1979, CSUR.