Secure biometrics

In this paper, we extend the information theoretic secure constructions for biometrics to the computational setting. Based on semantically secure encryption, we introduce robust, fully private and secure biometric key distillation and verification. Our model incorporates an adversary with side information who has access to a database with reference information. Even though our schemes are based on a master key, no master key needs to be stored in biometric sensors. In our scheme it is possible to derive a polynomial number of keys from a single biometric and we show how to renew keys in a secure and private way without additional interaction with the user. Previous work considers unconditional secure key distillation which can at most reach partial (information theoretic) privacy and which can only lead to a small number of keys for each biometric.

[1]  Bruce Schneier,et al.  Inside risks: the uses and abuses of biometrics , 1999, CACM.

[2]  R. Pearl Biometrics , 1914, The American Naturalist.

[3]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[4]  Anil K. Jain,et al.  Handbook of Fingerprint Recognition , 2005, Springer Professional Computing.

[5]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[6]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[7]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[8]  Bhagavatula Vijaya Kumar,et al.  Biometric Encryption: enrollment and verification procedures , 1998, Defense + Commercial Sensing.

[9]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[10]  Ton van der Putte,et al.  Biometrical Fingerprint Recognition: Don't Get Your Fingers Burned , 2001, CARDIS.

[11]  Pim Tuyls,et al.  Capacity and Examples of Template-Protecting Biometric Authentication Systems , 2004, ECCV Workshop BioAW.

[12]  U. Maurer,et al.  Secret key agreement by public discussion from common information , 1993, IEEE Trans. Inf. Theory.

[13]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[14]  Evgeny Verbitskiy,et al.  RELIABLE BIOMETRIC AUTHENTICATION WITH PRIVACY PROTECTION , 2007 .

[15]  Pim Tuyls,et al.  Information-theoretic approach to privacy protection of biometric templates , 2004, International Symposium onInformation Theory, 2004. ISIT 2004. Proceedings..

[16]  Jean-Paul M. G. Linnartz,et al.  New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates , 2003, AVBPA.