Cloud-based biometrics processing for privacy-preserving identification

With the increasing number of users enrolled, biometric identification requires more computing resources to scan all records of a database and locate the best match. As such, database owners are willing to delegate user biometric information (in encrypted state) to the cloud to enroll and identify users, while preserving privacy. Wang et al. proposed a cloud-based privacy-preserving biometric scheme, a.k.a. CloudBI, in ESORICS 2015, but their security assumption does not capture practical aspects of real world attacks. In this paper, we show how an attack enrolls fake biometric data and then manipulates them to recover encrypted an identification request in CloudBI. Next, we propose an effective security patch to CloudBI, which is secure against enrollment-level attackers. Experimental results show that the proposed security patch bring about little performance degradation to CloudBI.

[1]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[2]  Helmut Knebl,et al.  Introduction to Cryptography , 2002, Information Security and Cryptography.

[3]  Jonghyun Choi,et al.  Multi-Directional Multi-Level Dual-Cross Patterns for Robust Face Recognition , 2014, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[4]  Sabih H. Gerez,et al.  Systematic Methods for the Computation of the Directional Fields and Singular Points of Fingerprints , 2002, IEEE Trans. Pattern Anal. Mach. Intell..

[5]  Kun Liu,et al.  An Attacker's View of Distance Preserving Maps for Privacy Preserving Data Mining , 2006, PKDD.

[6]  Vincenzo Piuri,et al.  Privacy-preserving fingercode authentication , 2010, MM&Sec '10.

[7]  Shucheng Yu,et al.  Efficient privacy-preserving biometric identification in cloud computing , 2013, 2013 Proceedings IEEE INFOCOM.

[8]  Marina Blanton,et al.  Secure and Efficient Protocols for Iris and Fingerprint Identification , 2011, ESORICS.

[9]  Danny Z. Chen,et al.  Iris Recognition Based on Human-Interpretable Features , 2016, IEEE Trans. Inf. Forensics Secur..

[10]  Jonathan Katz,et al.  All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption , 2016, USENIX Security Symposium.

[11]  Jian Yang,et al.  Approximately symmetrical face images for image preprocessing in face recognition and sparse representation based classification , 2016, Pattern Recognit..

[12]  Jonathan Katz,et al.  Efficient Privacy-Preserving Biometric Identification , 2011, NDSS.

[13]  Kui Ren,et al.  CloudBI: Practical Privacy-Preserving Outsourcing of Biometric Identification in the Cloud , 2015, ESORICS.

[14]  Sharath Pankanti,et al.  Filterbank-based fingerprint matching , 2000, IEEE Trans. Image Process..

[15]  Stephen D. Wolthusen,et al.  Visible-Spectrum Biometric Retina Recognition , 2008, 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing.

[16]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[17]  Raymond N. J. Veldhuis,et al.  Fingerprint Verification Using Spectral Minutiae Representations , 2009, IEEE Transactions on Information Forensics and Security.