Abstract
Revocability and reusability are important properties in an authentication scheme in reality. The former requires that the user credential stored in the authentication server be easily replaced if it is compromised while the latter allows the credentials of the same user to appear independent in cross-domain applications. However, the invariable biometrics features in the face authentication poses a great challenge to accomplishing these two properties. Existing solutions either sacrifice the accuracy of the authentication result or rely on a trusted third party. In this paper, we propose a novel privacy-preserving face authentication scheme without the assistance of an additional server, which achieves both revocability and reusability as well as the same accuracy level of the plaintext face recognition that uses Euclidean distance measure. Moreover, we rigorously analyze the security of our scheme using the simulation technique and conduct the experiment on a real-world dataset to demonstrate its efficiency. We report that a successful user authentication costs less than a second on a smartphone with common specs.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Casia-webface-database. http://www.cbsr.ia.ac.cn/english/Databases.asp
Smile to pay. https://www.antfin.com/report.htm. Accessed 16 Mar 2015
Your face is your secure password. https://www.apple.com/iphone-x/#face-id
Boyen, X.: Reusable cryptographic fuzzy extractors. In: Proceedings of the 11th ACM Conference on Computer and Communications Security. ACM (2004)
Brunelli, R.: Template Matching Techniques in Computer Vision: Theory and Practice. Wiley, Hoboken (2009)
Canetti, R., Fuller, B., Paneth, O., Reyzin, L., Smith, A.: Reusable fuzzy extractors for low-entropy distributions. In: Fischlin, M., Coron, J.S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 117–146. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_5
Cui, H., Au, M.H., Qin, B., Deng, R.H., Yi, X.: Fuzzy public-key encryption based on biometric data. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 400–409. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68637-0_24
Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_31
Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03168-7_14
Gunasinghe, H., Bertino, E.: PrivBioMTAuth: privacy preserving biometrics-based and user centric protocol for user authentication from mobile phones. IEEE Trans. Inf. Forensics Secur. 13(4), 1042–1057 (2018)
Guo, F., Susilo, W., Mu, Y.: Distance-based encryption: how to embed fuzziness in biometric-based encryption. IEEE Trans. Inf. Forensics Secur. 11(2), 247–257 (2016)
Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015)
Li, J., Sun, L., Yan, Q., Li, Z., Srisa-an, W., Ye, H.: Significant permission identification for machine learning based android malware detection. IEEE Trans. Industr. Inf. 14, 3216–3225 (2018)
Li, P., Li, T., Ye, H., Li, J., Chen, X., Xiang, Y.: Privacy-preserving machine learning with multiple data providers. Future Gener. Comput. Syst. 87, 341–350 (2018)
Liu, K., Kargupta, H., Ryan, J.: Random projection-based multiplicative data perturbation for privacy preserving distributed data mining. IEEE Trans. Knowl. Data Eng. 18(1), 92–106 (2006)
Matsuda, T., Takahashi, K., Murakami, T., Hanaoka, G.: Fuzzy signatures: relaxing requirements and a new construction. In: Manulis, M., Sadeghi, A.R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 97–116. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39555-5_6
Ouyang, W., et al.: DeepID-Net: deformable deep convolutional neural networks for object detection. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (2015)
Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16
Patel, V.M., Ratha, N.K., Chellappa, R.: Cancelable biometrics: a review. IEEE Signal Process. Mag. 32(5), 54–65 (2015)
Ratha, N.K.: Privacy protection in high security biometrics applications. In: Kumar, A., Zhang, D. (eds.) ICEB 2010. LNCS, vol. 6005, pp. 62–69. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-12595-9_9
Sadeghi, A.R., Schneider, T., Wehrenberg, I.: Efficient privacy-preserving face recognition. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 229–244. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14423-3_16
Sun, Y., Liang, D., Wang, X., Tang, X.: Deepid3: face recognition with very deep neural networks. arXiv preprint arXiv:1502.00873 (2015)
Sun, Y., Wang, X., Tang, X.: Deep learning face representation from predicting 10,000 classes. In: Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition (2014)
Takahashi, K., Matsuda, T., Murakami, T., Hanaoka, G., Nishigaki, M.: A signature scheme with a fuzzy private key. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 105–126. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-28166-7_6
Wu, Z., Liang, B., You, L., Jian, Z., Li, J.: High-dimension space projection-based biometric encryption for fingerprint with fuzzy minutia. Soft Comput. 20(12), 4907–4918 (2016)
Wu, Z., Tian, L., Li, P., Wu, T., Jiang, M., Wu, C.: Generating stable biometric keys for flexible cloud computing authentication using finger vein. Inf. Sci. 433–434, 431–447 (2018)
Xia, Z., Xiong, N.N., Vasilakos, A.V., Sun, X.: EPCBIR: an efficient and privacy-preserving content-based image retrieval scheme in cloud computing. Inf. Sci. 387, 195–204 (2017)
Zhuang, D., Wang, S., Chang, J.M.: FRiPAL: face recognition in privacy abstraction layer. In: 2017 IEEE Conference on Dependable and Secure Computing. IEEE (2017)
Acknowledgments
This work is supported by the National Key Research and Development Program of China under Grant 2016YFB0800601, the Key Program of NSFC-Tongyong Union Foundation under Grant U1636209 and the Key Basic Research Plan in Shaanxi Province under Grant 2017ZDXM-GY-014.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Lei, J., Pei, Q., Liu, X., Sun, W. (2018). A Practical Privacy-Preserving Face Authentication Scheme with Revocability and Reusability. In: Vaidya, J., Li, J. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2018. Lecture Notes in Computer Science(), vol 11337. Springer, Cham. https://doi.org/10.1007/978-3-030-05063-4_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-05063-4_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-05062-7
Online ISBN: 978-3-030-05063-4
eBook Packages: Computer ScienceComputer Science (R0)