Nothing Special   »   [go: up one dir, main page]

skip to main content
10.1145/1854229.1854270acmconferencesArticle/Chapter ViewAbstractPublication Pagesih-n-mmsecConference Proceedingsconference-collections
research-article

Privacy-preserving fingercode authentication

Published: 09 September 2010 Publication History

Abstract

We present a privacy preserving protocol for fingerprint-based authentication. We consider a scenario where a client equipped with a fingerprint reader is interested into learning if the acquired fingerprint belongs to the database of authorized entities managed by a server. For security, it is required that the client does not learn anything on the database and the server should not get any information about the requested biometry and the outcome of the matching process. The proposed protocol follows a multi-party computation approach and makes extensive use of homomorphic encryption as underlying cryptographic primitive. To keep the protocol complexity as low as possible, a particular representation of fingerprint images, named Fingercode, is adopted. Although the previous works on privacy-preserving biometric identification focus on selecting the best matching identity in the database, our main solution is a generic identification protocol and it allows to select and report all the enrolled identities whose distance to the user's fingercode is under a given threshold. Variants for simple authentication purposes are provided. Our protocols gain a notable bandwidth saving (about 25-39%) if compared with the best previous work (ICISC'09) and its computational complexity is still low and suitable for practical applications. Moreover, even if such protocols are presented in the context of a fingerprint-based system, they can be generalized to any biometric system that shares the same matching methodology, namely distance computation and thresholding.

References

[1]
A. Sadeghi, T. Schneider, and I. Wehrenberg, "Efficient privacy-preserving face recognition," in ICISC '09: Proceedings of the 12th Annual International Conference on Information Security and Cryptology, ser. LNCS, vol. 5984. Springer-Verlag, December 2--4, 2009, pp. 235{253, full version available at http://eprint.iacr.org/2009/507.
[2]
R. Bolle and S. Pankanti, Biometrics: Personal Identification in Networked Society, A. K. Jain, Ed. Norwell, MA, USA: Kluwer Academic Publishers, 1998.
[3]
Z. Erkin, M. Franz, J. Guajardo, S. Katzenbeisser, I. Lagendijk, and T. Toft, "Privacy-preserving face recognition," in PETS '09: Proceedings of the 9th International Symposium on Privacy Enhancing Technologies. Berlin, Heidelberg: Springer-Verlag, 2009, pp. 235--253.
[4]
A. Jain, S. Prabhakar, L. Hong, and S. Pankanti, "Filterbank-based fingerprint matching," Image Processing, IEEE Transactions on, vol. 9, no. 5, pp. 846--859, May 2000.
[5]
D. Maltoni, D. Maio, A. K. Jain, and S. Prabhakar, Handbook of Fingerprint Recognition. Springer Publishing Company, Incorporated, 2009.
[6]
A. Jain, L. Hong, S. Pankanti, and R. Bolle, "An identity-authentication system using fingerprints." Proc. IEEE, 85, (9), pp. 1364--1388, 1997.
[7]
C. L. Wilson, C. Watson, and E. Peak, "Effect of resolution and image quality on combined optical and neural network fingerprint matching," Putt. Recognit., 33, (Z), pp. 317--331, 2000.
[8]
C. Lee and S. Wang, "Fingerprint feature extraction using gabor filters," Eleclron. Lett., 35, (4), pp. 288--290, 1999.
[9]
H.-W. Sun, K.-Y. Lam, M. Gu, and J.-G. Sun, "An efficient algorithm for fingercode-based biometric identification," in OTM Workshops (1), 2006, pp. 469--478.
[10]
A. Jain, S. Prabhakar, and L. Hong, "A multichannel approach to fingerprint classification," Pattern Analysis and Machine Intelligence, IEEE Transactions on, vol. 21, no. 4, pp. 348--359, Apr 1999.
[11]
M. Turk and A. Pentland, "Face recognition using eigenfaces," in Computer Vision and Pattern Recognition, 1991. Proceedings CVPR '91., IEEE Computer Society Conference on, 1991, pp. 586--591.
[12]
"Nist recommendation for key management," ser. NIST Special Publication, vol. 800--57, August 2005.
[13]
P. Paillier, "Public-key cryptosystems based on composite degree residuosity classes," in EUROCRYPT'99, ser. LNCS, J. Stern, Ed., vol. 1592. Springer-Verlag, Berlin, Germany, May 1999, pp. 223--238.
[14]
I. Damgård, M. Geisler, and M. Krøigard, "Efficient and secure comparison for on-line auctions," in ACISP, ser. Lecture Notes in Computer Science, J. Pieprzyk, H. Ghodosi, and E. Dawson, Eds., vol. 4586. Springer, 2007, pp. 416--430.
[15]
J. Cohen and M. Fischer, "A robust and verifiable cryptographically secure election scheme," in 26th FOCS. IEEE Computer Society Press, Oct. 1985.
[16]
T. ElGamal, "A public key cryptosystem and a signature scheme based on discrete logarithms," in CRYPTO'84, ser. LNCS, G. R. Blakley and D. Chaum, Eds., vol. 196. Springer-Verlag, Berlin, Germany, Aug. 1985, pp. 10--18.
[17]
"Standard for efficient cryptography, SEC1: Elliptic curves cryptography," Technical report, Certicom Research, 2000, available at http://www.secg.org.
[18]
"Standard for efficient cryptography, SEC2: Recommended elliptic curves domain parameters," Technical report, Certicom Research, 2000, available at http://www.secg.org.
[19]
V. Kolesnikov and T. Schneider, "Improved garbled circuit: Free xor gates and applications," in ICALP '08: Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II. Berlin, Heidelberg: Springer-Verlag, 2008, pp. 486--498.
[20]
B. Pinkas, T. Schneider, N. Smart, and S. Williams, "Secure two-party computation is practical," in ASIACRYPT, ser. Lecture Notes in Computer Science, M. Matsui, Ed., vol. 5912. Springer, 2009, pp. 250--267.
[21]
D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella, "Fairplay|a secure two-party computation system," in SSYM'04: Proceedings of the 13th conference on USENIX Security Symposium. Berkeley, CA, USA: USENIX Association, 2004, pp. 20--20.
[22]
M. Naor and B. Pinkas, "Efficient oblivious transfer protocols," in SODA '01: Proceedings of the twelfth annual ACM-SIAM symposium on Discrete algorithms. Philadelphia, PA, USA: Society for Industrial and Applied Mathematics, 2001, pp. 448--457.

Cited By

View all
  • (2025)A review of privacy-preserving biometric identification and authentication protocolsComputers & Security10.1016/j.cose.2024.104309(104309)Online publication date: Jan-2025
  • (2024)Towards Real-Time Privacy-Preserving Minutiae MatchingProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695049(98-108)Online publication date: 20-Nov-2024
  • (2024)Privacy Preserving Biometric Authentication for Fingerprints and BeyondProceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy10.1145/3626232.3653269(367-378)Online publication date: 19-Jun-2024
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences
MM&Sec '10: Proceedings of the 12th ACM workshop on Multimedia and security
September 2010
264 pages
ISBN:9781450302869
DOI:10.1145/1854229
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 September 2010

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. biometric-based identification
  2. fingercode
  3. homomorphic encryption
  4. multi-party computation
  5. privacy preserving protocol

Qualifiers

  • Research-article

Conference

MM&Sec '10
Sponsor:
MM&Sec '10: Multimedia and Security Workshop
September 9 - 10, 2010
Roma, Italy

Acceptance Rates

Overall Acceptance Rate 128 of 318 submissions, 40%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)25
  • Downloads (Last 6 weeks)2
Reflects downloads up to 23 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2025)A review of privacy-preserving biometric identification and authentication protocolsComputers & Security10.1016/j.cose.2024.104309(104309)Online publication date: Jan-2025
  • (2024)Towards Real-Time Privacy-Preserving Minutiae MatchingProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695049(98-108)Online publication date: 20-Nov-2024
  • (2024)Privacy Preserving Biometric Authentication for Fingerprints and BeyondProceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy10.1145/3626232.3653269(367-378)Online publication date: 19-Jun-2024
  • (2024)UFinAKA: Fingerprint-Based Authentication and Key Agreement With Updatable Blind CredentialsIEEE/ACM Transactions on Networking10.1109/TNET.2023.331113032:2(1110-1123)Online publication date: Apr-2024
  • (2024)Janus: Safe Biometric Deduplication for Humanitarian Aid Distribution2024 IEEE Symposium on Security and Privacy (SP)10.1109/SP54263.2024.00116(655-672)Online publication date: 19-May-2024
  • (2023)A novel privacy-preserving biometric authentication schemePLOS ONE10.1371/journal.pone.028621518:5(e0286215)Online publication date: 25-May-2023
  • (2023)Designing Secure and Efficient Biometric Access Mechanism for Banking Systems2023 5th International Conference on Inventive Research in Computing Applications (ICIRCA)10.1109/ICIRCA57980.2023.10220875(1236-1240)Online publication date: 3-Aug-2023
  • (2023)Privacy-Preservation Techniques for IoT Devices: A Systematic Mapping StudyIEEE Access10.1109/ACCESS.2023.324552411(16323-16345)Online publication date: 2023
  • (2023)You Can’t Hide Behind Your Headset: User Profiling in Augmented and Virtual RealityIEEE Access10.1109/ACCESS.2023.324007111(9859-9875)Online publication date: 2023
  • (2023)A Review on Protection and Cancelable Techniques in Biometric SystemsIEEE Access10.1109/ACCESS.2023.323938711(8531-8568)Online publication date: 2023
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media