A Practical Privacy-Preserving Face Authentication Scheme with Revocability and Reusability

  • Jing Lei
  • Qingqi Pei
  • Xuefeng LiuEmail author
  • Wenhai Sun
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11337)


Revocability and reusability are important properties in an authentication scheme in reality. The former requires that the user credential stored in the authentication server be easily replaced if it is compromised while the latter allows the credentials of the same user to appear independent in cross-domain applications. However, the invariable biometrics features in the face authentication poses a great challenge to accomplishing these two properties. Existing solutions either sacrifice the accuracy of the authentication result or rely on a trusted third party. In this paper, we propose a novel privacy-preserving face authentication scheme without the assistance of an additional server, which achieves both revocability and reusability as well as the same accuracy level of the plaintext face recognition that uses Euclidean distance measure. Moreover, we rigorously analyze the security of our scheme using the simulation technique and conduct the experiment on a real-world dataset to demonstrate its efficiency. We report that a successful user authentication costs less than a second on a smartphone with common specs.


Face authentication Revocability Reusability 



This work is supported by the National Key Research and Development Program of China under Grant 2016YFB0800601, the Key Program of NSFC-Tongyong Union Foundation under Grant U1636209 and the Key Basic Research Plan in Shaanxi Province under Grant 2017ZDXM-GY-014.


  1. 1.
  2. 2.
    Smile to pay. Accessed 16 Mar 2015
  3. 3.
    Your face is your secure password.
  4. 4.
    Boyen, X.: Reusable cryptographic fuzzy extractors. In: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM (2004)Google Scholar
  5. 5.
    Brunelli, R.: Template Matching Techniques in Computer Vision: Theory and Practice. Wiley, Hoboken (2009)CrossRefGoogle Scholar
  6. 6.
    Canetti, R., Fuller, B., Paneth, O., Reyzin, L., Smith, A.: Reusable fuzzy extractors for low-entropy distributions. In: Fischlin, M., Coron, J.S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 117–146. Springer, Heidelberg (2016). Scholar
  7. 7.
    Cui, H., Au, M.H., Qin, B., Deng, R.H., Yi, X.: Fuzzy public-key encryption based on biometric data. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 400–409. Springer, Cham (2017). Scholar
  8. 8.
    Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). Scholar
  9. 9.
    Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009). Scholar
  10. 10.
    Gunasinghe, H., Bertino, E.: PrivBioMTAuth: privacy preserving biometrics-based and user centric protocol for user authentication from mobile phones. IEEE Trans. Inf. Forensics Secur. 13(4), 1042–1057 (2018)CrossRefGoogle Scholar
  11. 11.
    Guo, F., Susilo, W., Mu, Y.: Distance-based encryption: how to embed fuzziness in biometric-based encryption. IEEE Trans. Inf. Forensics Secur. 11(2), 247–257 (2016)CrossRefGoogle Scholar
  12. 12.
    Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine learning based android malware detection. IEEE Trans. Industr. Inf. 14, 3216–3225 (2018)CrossRefGoogle Scholar
  14. 14.
    Li, P., Li, T., Ye, H., Li, J., Chen, X., Xiang, Y.: Privacy-preserving machine learning with multiple data providers. Future Gener. Comput. Syst. 87, 341–350 (2018)CrossRefGoogle Scholar
  15. 15.
    Liu, K., Kargupta, H., Ryan, J.: Random projection-based multiplicative data perturbation for privacy preserving distributed data mining. IEEE Trans. Knowl. Data Eng. 18(1), 92–106 (2006)CrossRefGoogle Scholar
  16. 16.
    Matsuda, T., Takahashi, K., Murakami, T., Hanaoka, G.: Fuzzy signatures: relaxing requirements and a new construction. In: Manulis, M., Sadeghi, A.R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 97–116. Springer, Cham (2016). Scholar
  17. 17.
    Ouyang, W., et al.: DeepID-Net: deformable deep convolutional neural networks for object detection. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (2015)Google Scholar
  18. 18.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). Scholar
  19. 19.
    Patel, V.M., Ratha, N.K., Chellappa, R.: Cancelable biometrics: a review. IEEE Signal Process. Mag. 32(5), 54–65 (2015)CrossRefGoogle Scholar
  20. 20.
    Ratha, N.K.: Privacy protection in high security biometrics applications. In: Kumar, A., Zhang, D. (eds.) ICEB 2010. LNCS, vol. 6005, pp. 62–69. Springer, Heidelberg (2010). Scholar
  21. 21.
    Sadeghi, A.R., Schneider, T., Wehrenberg, I.: Efficient privacy-preserving face recognition. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 229–244. Springer, Heidelberg (2010). Scholar
  22. 22.
    Sun, Y., Liang, D., Wang, X., Tang, X.: Deepid3: face recognition with very deep neural networks. arXiv preprint arXiv:1502.00873 (2015)
  23. 23.
    Sun, Y., Wang, X., Tang, X.: Deep learning face representation from predicting 10,000 classes. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (2014)Google Scholar
  24. 24.
    Takahashi, K., Matsuda, T., Murakami, T., Hanaoka, G., Nishigaki, M.: A signature scheme with a fuzzy private key. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 105–126. Springer, Cham (2015). Scholar
  25. 25.
    Wu, Z., Liang, B., You, L., Jian, Z., Li, J.: High-dimension space projection-based biometric encryption for fingerprint with fuzzy minutia. Soft Comput. 20(12), 4907–4918 (2016)CrossRefGoogle Scholar
  26. 26.
    Wu, Z., Tian, L., Li, P., Wu, T., Jiang, M., Wu, C.: Generating stable biometric keys for flexible cloud computing authentication using finger vein. Inf. Sci. 433–434, 431–447 (2018)CrossRefGoogle Scholar
  27. 27.
    Xia, Z., Xiong, N.N., Vasilakos, A.V., Sun, X.: EPCBIR: an efficient and privacy-preserving content-based image retrieval scheme in cloud computing. Inf. Sci. 387, 195–204 (2017)CrossRefGoogle Scholar
  28. 28.
    Zhuang, D., Wang, S., Chang, J.M.: FRiPAL: face recognition in privacy abstraction layer. In: 2017 IEEE Conference on Dependable and Secure Computing. IEEE (2017)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.State Key Lab of Integrated Service Networks, School of Telecommunications EngineeringXidian UniversityXi’anChina
  2. 2.School of Cyber EngineeringXidian UniversityXi’anChina
  3. 3.Department of Computer and Information TechnologyPurdue UniversityWest LafayetteUSA

Personalised recommendations