SIPPA-2.0 - Secure information processing with privacy assurance (version 2.0)

We present a two-party secure information processing protocol referred to as SIPPA-2.0 - targeted towards privacy preserving biometric data comparison and reconstruction. The original intention of SIPPA as reported previously is to enable private data comparison and reconstruction between a client and a server when (a) the client possesses some data that are “sufficiently similar” to that of the server, and (b) the server provides a scalar helper data to facilitate private data reconstruction by the client. In SIPPA-2.0, private data comparison and reconstruction are based on new theoretical results and a novel secure computation protocol referred to as SLSSP. These new results allow us to design and develop the much improved SIPPA and SLSSP protocols guaranteeing (a) security under semi-malicious model rather than just semi-honest model, and (b) privacy assurance with arbitrary reconstruction accuracy controllable by the server. Security analysis proving SLSSP secure under the semi-honest and semi-malicious models is presented. SIPPA-2.0 is applied to enable privacy preserving fingerprint comparison; where two parties can compare their fingerprint samples and can obtain a similarity score without revealing their raw fingerprint to each other. Experimental results on the accuracy of fingerprint matching and the run-time performance are also reported.

[1]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[2]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[3]  W.L. Woo,et al.  Secure Authentication for Face Recognition , 2007, 2007 IEEE Symposium on Computational Intelligence in Image and Signal Processing.

[4]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[5]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[6]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[7]  Fernando Pérez-González,et al.  Secure Direct and Iterative Protocols for Solving Systems of Linear Equations , 2009 .

[8]  Adam Ramirez,et al.  Parallel Secure Computation Scheme for Biometric Security and Privacy in Standard-Based BioAPI Framework , 2011 .

[9]  Ivan Damgård,et al.  Oblivious Transfer and Linear Functions , 2006, CRYPTO.

[10]  Ivan Damgård,et al.  A generalization of Paillier’s public-key system with applications to electronic voting , 2010, International Journal of Information Security.

[11]  Huafei Zhu,et al.  Secure Two-Party Computation of Squared Euclidean Distances in the Presence of Malicious Adversaries , 2007, Inscrypt.

[12]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[13]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[14]  Somesh Jha,et al.  Privacy Preserving Clustering , 2005, ESORICS.

[15]  Bon K. Sy,et al.  Secure Information Processing with Privacy Assurance - standard based design and development for biometric applications , 2010, 2010 Eighth International Conference on Privacy, Security and Trust.

[16]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[17]  B. K. Sy,et al.  Secure Computation for Biometric Data Security—Application to Speaker Verification , 2009, IEEE Systems Journal.

[18]  Venu Govindaraju,et al.  Symmetric Hash Functions for Fingerprint Minutiae , 2005, ICAPR.

[19]  Pedro F. Miret,et al.  Wikipedia , 2008, Monatsschrift für Deutsches Recht.

[20]  Gu Si-yang,et al.  Privacy preserving association rule mining in vertically partitioned data , 2006 .

[21]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[22]  Jeffrey Overbey,et al.  ON THE KEYSPACE OF THE HILL CIPHER , 2005, Cryptologia.

[23]  Bart Goethals,et al.  On Private Scalar Product Computation for Privacy-Preserving Data Mining , 2004, ICISC.