Privacy Protection in Biometric-Based Recognition Systems: A marriage between cryptography and signal processing

Systems employing biometric traits for people authentication and identification are witnessing growing popularity due to the unique and indissoluble link between any individual and his/her biometric characters. For this reason, biometric templates are increasingly used for border monitoring, access control, membership verification, and so on. When employed to replace passwords, biometrics have the added advantage that they do not need to be memorized and are relatively hard to steal. Nonetheless, unlike conventional security mechanisms such as passwords, biometric data are inherent parts of a person?s body and cannot be replaced if they are compromised. Even worse, compromised biometric data can be used to have access to sensitive information and to impersonate the victim for malicious purposes. For the same reason, biometric leakage in a given system can seriously jeopardize the security of other systems based on the same biometrics. A further problem associated with the use of biometric traits is that, due to their uniqueness, the privacy of their owner is put at risk. Geographical position, movements, habits, and even personal beliefs can be tracked by observing when and where the biometric traits of an individual are used to identify him/her.

[1]  Michael O. Rabin,et al.  How To Exchange Secrets with Oblivious Transfer , 2005, IACR Cryptol. ePrint Arch..

[2]  Mauro Barni,et al.  Private Computing with Garbled Circuits [Applications Corner] , 2013, IEEE Signal Processing Magazine.

[3]  Marina Blanton,et al.  Secure and Efficient Protocols for Iris and Fingerprint Identification , 2011, ESORICS.

[4]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[5]  Qiang Tang,et al.  Extended Private Information Retrieval and Its Application in Biometrics Authentications , 2007, CANS.

[6]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[7]  Julien Bringer,et al.  GSHADE: faster privacy-preserving distance computation and biometric identification , 2014, IH&MMSec '14.

[8]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[9]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[10]  Takeshi Koshiba,et al.  Packed Homomorphic Encryption Based on Ideal Lattices and Its Application to Biometrics , 2013, CD-ARES Workshops.

[11]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[12]  Ivan Damgård,et al.  Homomorphic encryption and secure comparison , 2008, Int. J. Appl. Cryptogr..

[13]  Jonathan Katz,et al.  Efficient Privacy-Preserving Biometric Identification , 2011, NDSS.

[14]  Otto Carlos Muniz Bandeira Duarte,et al.  Somewhat homomorphic encryption scheme for arithmetic operations on large integers , 2012, 2012 Global Information Infrastructure and Networking Symposium (GIIS).

[15]  A. Sadeghi,et al.  How to Combine Homomorphic Encryption and Garbled Circuits - Improved Circuits and Computing the Minimum Distance Efficiently , 2009 .

[16]  Marina Blanton,et al.  Secure Multiparty Computation , 2011, Encyclopedia of Cryptography and Security.

[17]  Craig Gentry,et al.  Implementing Gentry's Fully-Homomorphic Encryption Scheme , 2011, EUROCRYPT.

[18]  Julien Bringer,et al.  Privacy-Preserving Biometric Identification Using Secure Multiparty Computation: An Overview and Recent Trends , 2013, IEEE Signal Processing Magazine.

[19]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[20]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[21]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[22]  Fernando Pérez-González,et al.  Fully Private Noninteractive Face Verification , 2013, IEEE Transactions on Information Forensics and Security.

[23]  Vincenzo Piuri,et al.  Privacy-preserving fingercode authentication , 2010, MM&Sec '10.

[24]  Kannan Ramchandran,et al.  Toward efficient, privacy-aware media classification on public databases , 2014, ICMR.

[25]  Ying Luo,et al.  Anonymous Biometric Access Control based on homomorphic encryption , 2009, 2009 IEEE International Conference on Multimedia and Expo.

[26]  Mauro Barni,et al.  An efficient protocol for private iris-code matching by means of garbled circuits , 2012, 2012 19th IEEE International Conference on Image Processing.

[27]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[28]  Vincenzo Piuri,et al.  A privacy-compliant fingerprint recognition system based on homomorphic encryption and Fingercode templates , 2010, 2010 Fourth IEEE International Conference on Biometrics: Theory, Applications and Systems (BTAS).

[29]  Emiliano De Cristofaro,et al.  EsPRESSo: Efficient Privacy-Preserving Evaluation of Sample Set Similarity , 2012, DPM/SETOP.

[30]  Julien Bringer,et al.  Faster secure computation for biometric identification using filtering , 2012, 2012 5th IAPR International Conference on Biometrics (ICB).

[31]  Alex Pentland,et al.  Face recognition using eigenfaces , 1991, Proceedings. 1991 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.

[32]  Jiri Matas,et al.  XM2VTSDB: The Extended M2VTS Database , 1999 .

[33]  John Daugman,et al.  How iris recognition works , 2002, IEEE Transactions on Circuits and Systems for Video Technology.

[34]  Ahmad-Reza Sadeghi,et al.  Efficient Privacy-Preserving Face Recognition , 2009, ICISC.

[35]  Amit Sahai,et al.  Secure Multi-Party Computation , 2013 .

[36]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[37]  M. S. Kumbhar,et al.  An Identity-Authentication System Using Fingerprints , 2012 .

[38]  Caroline Fontaine,et al.  A Survey of Homomorphic Encryption for Nonspecialists , 2007, EURASIP J. Inf. Secur..

[39]  Mauro Barni,et al.  Encrypted signal processing for privacy protection: Conveying the utility of homomorphic encryption and multiparty computation , 2013, IEEE Signal Processing Magazine.

[40]  Patrizio Campisi,et al.  Security and Privacy in Biometrics , 2013, Springer London.