A privacy-preserving biometric authentication protocol

Kok Seng Wong, Myung Ho Kim

Research output: Contribution to journalArticle

Abstract

Biometric-based authentication systems have been widely used in many applications that require high reliable scheme. However, the rapid deployment of biometric systems raises great attentions about the privacy concern. The primary concern in any biometric-based system is the leakage of user's biometric templates stored in the server. This is of particular important because biometric characteristics for humans are limited and they cannot be reissued or changed. Once the original template has been revealed, the user's privacy will be compromised. A malicious party might use the compromised template to gain unauthorized access to the system or for cross-matching purposes. One of the commonly used solutions for template protection is the encryption of the templates. Since the same biometric trait will not produce two identical feature vectors, the encryption of two slightly difference feature vectors will produce two distinct ciphertexts. Hence, encrypted templates must be decrypted before they can be used for comparison. Unfortunately, the decryption of encrypted templates is viewed as insecure because it is too risky to expose the original biometric template during the authentication process. We propose a privacy-preserving biometric authentication system which securely authenticates users and also protects their biometric features (both the query feature vector and template). We incorporate homomorphic encryption scheme which made the comparison possible in the encrypted domain. In our protocol, the similarity score (based on squared Euclidean distance) between the query feature vector and the biometric template is computed without the decryption of the original template. Our protocol fulfills the requirements of template protection and extra attention is paid to the advantages of using a homomorphic encryption scheme over biometric-based authentication systems. Finally, we show the correctness, security and privacy analysis of our protocol in this paper.

Original languageEnglish
Pages (from-to)683-688
Number of pages6
JournalAdvanced Science Letters
Volume9
DOIs
Publication statusPublished - Jul 2 2012
Externally publishedYes

Fingerprint

Biometric Identification
Authentication Protocol
biometry
Privacy
Privacy Preserving
Biometrics
Authentication
privacy
Template
Network protocols
Feature Vector
Cryptography
Homomorphic Encryption
Encryption
protocol
biometrics
Query
Euclidean Distance

Keywords

  • Biometric template protection
  • Biometrics-based systems
  • Homomorphic encryption scheme
  • Privacy-preserving biometric authentication
  • Secure squared euclidean distance

ASJC Scopus subject areas

  • Health(social science)
  • Computer Science(all)
  • Education
  • Mathematics(all)
  • Environmental Science(all)
  • Engineering(all)
  • Energy(all)

Cite this

A privacy-preserving biometric authentication protocol. / Wong, Kok Seng; Kim, Myung Ho.

In: Advanced Science Letters, Vol. 9, 02.07.2012, p. 683-688.

Research output: Contribution to journalArticle

@article{8cb8d8fc46a9434cb52c12e61b65281d,
title = "A privacy-preserving biometric authentication protocol",
abstract = "Biometric-based authentication systems have been widely used in many applications that require high reliable scheme. However, the rapid deployment of biometric systems raises great attentions about the privacy concern. The primary concern in any biometric-based system is the leakage of user's biometric templates stored in the server. This is of particular important because biometric characteristics for humans are limited and they cannot be reissued or changed. Once the original template has been revealed, the user's privacy will be compromised. A malicious party might use the compromised template to gain unauthorized access to the system or for cross-matching purposes. One of the commonly used solutions for template protection is the encryption of the templates. Since the same biometric trait will not produce two identical feature vectors, the encryption of two slightly difference feature vectors will produce two distinct ciphertexts. Hence, encrypted templates must be decrypted before they can be used for comparison. Unfortunately, the decryption of encrypted templates is viewed as insecure because it is too risky to expose the original biometric template during the authentication process. We propose a privacy-preserving biometric authentication system which securely authenticates users and also protects their biometric features (both the query feature vector and template). We incorporate homomorphic encryption scheme which made the comparison possible in the encrypted domain. In our protocol, the similarity score (based on squared Euclidean distance) between the query feature vector and the biometric template is computed without the decryption of the original template. Our protocol fulfills the requirements of template protection and extra attention is paid to the advantages of using a homomorphic encryption scheme over biometric-based authentication systems. Finally, we show the correctness, security and privacy analysis of our protocol in this paper.",
keywords = "Biometric template protection, Biometrics-based systems, Homomorphic encryption scheme, Privacy-preserving biometric authentication, Secure squared euclidean distance",
author = "Wong, {Kok Seng} and Kim, {Myung Ho}",
year = "2012",
month = "7",
day = "2",
doi = "10.1166/asl.2012.2533",
language = "English",
volume = "9",
pages = "683--688",
journal = "Advanced Science Letters",
issn = "1936-6612",
publisher = "American Scientific Publishers",

}

TY - JOUR

T1 - A privacy-preserving biometric authentication protocol

AU - Wong, Kok Seng

AU - Kim, Myung Ho

PY - 2012/7/2

Y1 - 2012/7/2

N2 - Biometric-based authentication systems have been widely used in many applications that require high reliable scheme. However, the rapid deployment of biometric systems raises great attentions about the privacy concern. The primary concern in any biometric-based system is the leakage of user's biometric templates stored in the server. This is of particular important because biometric characteristics for humans are limited and they cannot be reissued or changed. Once the original template has been revealed, the user's privacy will be compromised. A malicious party might use the compromised template to gain unauthorized access to the system or for cross-matching purposes. One of the commonly used solutions for template protection is the encryption of the templates. Since the same biometric trait will not produce two identical feature vectors, the encryption of two slightly difference feature vectors will produce two distinct ciphertexts. Hence, encrypted templates must be decrypted before they can be used for comparison. Unfortunately, the decryption of encrypted templates is viewed as insecure because it is too risky to expose the original biometric template during the authentication process. We propose a privacy-preserving biometric authentication system which securely authenticates users and also protects their biometric features (both the query feature vector and template). We incorporate homomorphic encryption scheme which made the comparison possible in the encrypted domain. In our protocol, the similarity score (based on squared Euclidean distance) between the query feature vector and the biometric template is computed without the decryption of the original template. Our protocol fulfills the requirements of template protection and extra attention is paid to the advantages of using a homomorphic encryption scheme over biometric-based authentication systems. Finally, we show the correctness, security and privacy analysis of our protocol in this paper.

AB - Biometric-based authentication systems have been widely used in many applications that require high reliable scheme. However, the rapid deployment of biometric systems raises great attentions about the privacy concern. The primary concern in any biometric-based system is the leakage of user's biometric templates stored in the server. This is of particular important because biometric characteristics for humans are limited and they cannot be reissued or changed. Once the original template has been revealed, the user's privacy will be compromised. A malicious party might use the compromised template to gain unauthorized access to the system or for cross-matching purposes. One of the commonly used solutions for template protection is the encryption of the templates. Since the same biometric trait will not produce two identical feature vectors, the encryption of two slightly difference feature vectors will produce two distinct ciphertexts. Hence, encrypted templates must be decrypted before they can be used for comparison. Unfortunately, the decryption of encrypted templates is viewed as insecure because it is too risky to expose the original biometric template during the authentication process. We propose a privacy-preserving biometric authentication system which securely authenticates users and also protects their biometric features (both the query feature vector and template). We incorporate homomorphic encryption scheme which made the comparison possible in the encrypted domain. In our protocol, the similarity score (based on squared Euclidean distance) between the query feature vector and the biometric template is computed without the decryption of the original template. Our protocol fulfills the requirements of template protection and extra attention is paid to the advantages of using a homomorphic encryption scheme over biometric-based authentication systems. Finally, we show the correctness, security and privacy analysis of our protocol in this paper.

KW - Biometric template protection

KW - Biometrics-based systems

KW - Homomorphic encryption scheme

KW - Privacy-preserving biometric authentication

KW - Secure squared euclidean distance

UR - http://www.scopus.com/inward/record.url?scp=84862860607&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84862860607&partnerID=8YFLogxK

U2 - 10.1166/asl.2012.2533

DO - 10.1166/asl.2012.2533

M3 - Article

VL - 9

SP - 683

EP - 688

JO - Advanced Science Letters

JF - Advanced Science Letters

SN - 1936-6612

ER -