Fuzzy Labeled Private Set Intersection with Applications to Private Real-Time Biometric Search

The explosive growth of biometrics use (e.g., in surveillance) poses a persistent challenge to keep biometric data private without sacrificing the apps’ functionality. We consider private querying of a real-life biometric scan (e.g., a person’s face) against a private biometric database. The querier learns only the label(s) of a matching scan(s) (e.g. a person’s name), and the database server learns nothing. We formally define Fuzzy Labeled Private Set Intersection (FLPSI), a primitive computing the intersection of noisy input sets by considering closeness/similarity instead of equality. Our FLPSI protocol’s communication is sublinear in database size and is concretely efficient. We implement it and apply it to facial search by integrating with our fine-tuned toolchain that maps face images into Hamming space. We have implemented and extensively tested our system, achieving high performance with concretely small network usage: for a 10K-row database, the query response time over WAN (resp. fast LAN) is 146ms (resp. 47ms), transferring 12.1MB; offline precomputation (with no communication) time is 0.94s. FLPSI scales well: for a 1M-row database, online time is 1.66s (WAN) and 1.46s (fast LAN) with 40.8MB of data transfer in online phase and 37.5s in offline precomputation. This improves the state-of-the-art work (SANNS) by 9−25× (on WAN) and 1.2−4× (on fast LAN). Our false non-matching rate is 0.75% for at most 10 false matches over 1M-row DB, which is comparable to underlying plaintext matching algorithm.

[1]  Craig Gentry,et al.  Packed Ciphertexts in LWE-Based Homomorphic Encryption , 2013, Public Key Cryptography.

[2]  Kristen Grauman,et al.  Kernelized locality-sensitive hashing for scalable image search , 2009, 2009 IEEE 12th International Conference on Computer Vision.

[3]  Masaya Yasuda,et al.  Secure Hamming distance computation for biometrics using ideal-lattice and ring-LWE homomorphic encryption , 2017, Inf. Secur. J. A Glob. Perspect..

[4]  Ron Steinfeld,et al.  Efficient Fuzzy Matching and Intersection on Private Datasets , 2009, ICISC.

[5]  Paul A. Viola,et al.  Robust Real-Time Face Detection , 2001, International Journal of Computer Vision.

[6]  Yuxiao Hu,et al.  MS-Celeb-1M: A Dataset and Benchmark for Large-Scale Face Recognition , 2016, ECCV.

[7]  Cheng Huang,et al.  An Efficient and Privacy-Preserving Biometric Identification Scheme in Cloud Computing , 2018, IEEE Access.

[8]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[9]  Benny Pinkas,et al.  Faster Private Set Intersection Based on OT Extension , 2014, USENIX Security Symposium.

[10]  Sergey Ioffe,et al.  Inception-v4, Inception-ResNet and the Impact of Residual Connections on Learning , 2016, AAAI.

[11]  Svetlana Lazebnik,et al.  Locality-sensitive binary codes from shift-invariant kernels , 2009, NIPS.

[12]  David P. Woodruff,et al.  Polylogarithmic Private Approximations and Efficient Matching , 2006, TCC.

[13]  Patrick J. Grother,et al.  Face Recognition Vendor Test (FRVT) part 2 :: identification , 2019 .

[14]  David J. Fleet,et al.  Hamming Distance Metric Learning , 2012, NIPS.

[15]  Timo Aila,et al.  A Style-Based Generator Architecture for Generative Adversarial Networks , 2018, 2019 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR).

[16]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[17]  Jian Wang,et al.  Collusion-resisting secure nearest neighbor query over encrypted data in cloud, revisited , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).

[18]  Liujuan Cao,et al.  Toward Optimal Manifold Hashing via Discrete Locally Linear Embedding , 2017, IEEE Transactions on Image Processing.

[19]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[20]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[21]  James Steel,et al.  Cryptographic Authentication from the Iris , 2019, ISC.

[22]  Moses Charikar,et al.  Similarity estimation techniques from rounding algorithms , 2002, STOC '02.

[23]  Benny Pinkas,et al.  Efficient Private Matching and Set Intersection , 2004, EUROCRYPT.

[24]  Farinaz Koushanfar,et al.  Sub-linear Privacy-preserving Search with Untrusted Server and Semi-honest Parties , 2016, ArXiv.

[25]  Michael Naehrig,et al.  CryptoNets: applying neural networks to encrypted data with high throughput and accuracy , 2016, ICML 2016.

[26]  Yury Vizilter,et al.  Real-Time Face Identification via CNN and Boosted Hashing Forest , 2016, 2016 IEEE Conference on Computer Vision and Pattern Recognition Workshops (CVPRW).

[27]  Benny Pinkas,et al.  Efficient Circuit-based PSI via Cuckoo Hashing , 2018, IACR Cryptol. ePrint Arch..

[28]  Tal Hassner,et al.  Face recognition in unconstrained videos with matched background similarity , 2011, CVPR 2011.

[29]  Erkam Uzun,et al.  Cryptographic Key Derivation from Biometric Inferences for Remote Authentication , 2021, AsiaCCS.

[30]  James Philbin,et al.  FaceNet: A unified embedding for face recognition and clustering , 2015, 2015 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[31]  Piotr Indyk,et al.  Approximate nearest neighbors: towards removing the curse of dimensionality , 1998, STOC '98.

[32]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[33]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[34]  Andy Harter,et al.  Parameterisation of a stochastic model for human face identification , 1994, Proceedings of 1994 IEEE Workshop on Applications of Computer Vision.

[35]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[36]  Kui Ren,et al.  CloudBI: Practical Privacy-Preserving Outsourcing of Biometric Identification in the Cloud , 2015, ESORICS.

[37]  Victor S. Lempitsky,et al.  Efficient Indexing of Billion-Scale Datasets of Deep Descriptors , 2016, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[38]  Nicu Sebe,et al.  A Survey on Learning to Hash , 2016, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[39]  Yunde Jia,et al.  Deep CNN based binary hash video representations for face retrieval , 2018, Pattern Recognit..

[40]  E. Meijering A chronology of interpolation: from ancient astronomy to modern signal and image processing , 2002, Proc. IEEE.

[41]  Constantine Caramanis,et al.  Binary Embedding: Fundamental Limits and Fast Algorithm , 2015, ICML.

[42]  Vitaly Shmatikov,et al.  Membership Inference Attacks Against Machine Learning Models , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[43]  Joan Feigenbaum,et al.  Secure multiparty computation of approximations , 2001, TALG.

[44]  Qi Tian,et al.  Super-Bit Locality-Sensitive Hashing , 2012, NIPS.

[45]  Nathan Chenette,et al.  Efficient Fuzzy Search on Encrypted Data , 2014, FSE.

[46]  Shucheng Yu,et al.  Efficient privacy-preserving biometric identification in cloud computing , 2013, 2013 Proceedings IEEE INFOCOM.

[47]  Jonathan Katz,et al.  Efficient Privacy-Preserving Biometric Identification , 2011, NDSS.

[48]  Omer Paneth,et al.  Reusable Fuzzy Extractors for Low-Entropy Distributions , 2016, Journal of Cryptology.

[49]  Marina Blanton,et al.  Secure and Efficient Protocols for Iris and Fingerprint Identification , 2011, ESORICS.

[50]  Yu Qiao,et al.  Joint Face Detection and Alignment Using Multitask Cascaded Convolutional Networks , 2016, IEEE Signal Processing Letters.

[51]  Damien Stehlé,et al.  Sanitization of FHE Ciphertexts , 2016, EUROCRYPT.

[52]  Liehuang Zhu,et al.  PTBI: An efficient privacy-preserving biometric identification based on perturbed term in the cloud , 2017, Inf. Sci..

[53]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[54]  Ahmad-Reza Sadeghi,et al.  Efficient Privacy-Preserving Face Recognition , 2009, ICISC.

[55]  Ilya P. Razenshteyn,et al.  SANNS: Scaling Up Secure Approximate k-Nearest Neighbors Search , 2019, IACR Cryptol. ePrint Arch..

[56]  Hao Chen,et al.  Fast Private Set Intersection from Homomorphic Encryption , 2017, CCS.

[57]  Vladimir Kolesnikov,et al.  Efficient Batched Oblivious PRF with Applications to Private Set Intersection , 2016, CCS.

[58]  Benny Pinkas,et al.  Phasing: Private Set Intersection Using Permutation-based Hashing , 2015, USENIX Security Symposium.

[59]  Frederik Vercauteren,et al.  Fully homomorphic SIMD operations , 2012, Designs, Codes and Cryptography.

[60]  Murat Kantarcioglu,et al.  Efficient Similarity Search over Encrypted Data , 2012, 2012 IEEE 28th International Conference on Data Engineering.

[61]  Hao Chen,et al.  Labeled PSI from Fully Homomorphic Encryption with Malicious Security , 2018, IACR Cryptol. ePrint Arch..

[62]  Frederik Vercauteren,et al.  Somewhat Practical Fully Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[63]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[64]  Kouichi Sakurai,et al.  One Pixel Attack for Fooling Deep Neural Networks , 2017, IEEE Transactions on Evolutionary Computation.

[65]  Ahmad-Reza Sadeghi,et al.  Compacting privacy-preserving k-nearest neighbor search using logic synthesis , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[66]  Martin R. Albrecht,et al.  On the concrete hardness of Learning with Errors , 2015, J. Math. Cryptol..

[67]  Somesh Jha,et al.  Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures , 2015, CCS.

[68]  Vladimir Kolesnikov,et al.  A Pragmatic Introduction to Secure Multi-Party Computation , 2019, Found. Trends Priv. Secur..

[69]  Jaap-Henk Hoepman,et al.  Fuzzy Private Matching , 2006 .

[70]  Patrick J. Flynn,et al.  Image understanding for iris biometrics: A survey , 2008, Comput. Vis. Image Underst..