Oblivious Maximum Bipartite Matching Size Algorithm with Applications to Secure Fingerprint Identification

  • Marina BlantonEmail author
  • Siddharth Saraph
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9326)


The increasing availability and use of biometric data leads to situations when sensitive biometric data is to be handled by entities who may not be fully trusted or otherwise are not authorized to have full access to such data. This calls for mechanisms of provably protecting biometric data while still allowing the computation to take place. Our focus is on privacy-preserving matching of two fingerprints (authentication or identification purposes) using traditional minutia-based representation of fingerprints that leads to the most discriminative fingerprint comparisons. Unlike previous work in the security literature, we would like to focus on algorithms that are guaranteed to find the maximum number of minutiae that can be paired together between two fingerprints leading to more accurate comparisons. To address this problem, we formulate it as a flow network problem and reduce it to finding maximum matching size in bipartite graphs. The resulting problem is in turn reduced to computing the rank of a (non-invertible) matrix, formed as a randomized adjacency matrix of the bipartite graph. We then provide data-oblivious algorithms for matrix rank computation and consecutively finding maximum matching size in a bipartite graph and also extend the algorithms to solve the problem of accurate fingerprint matching. These algorithms lead to their secure counterparts using standard secure two-party or multi-party techniques. Lastly, we implement secure fingerprint matching in the secure two-party computation setting using garbled circuit evaluation. Our experimental results demonstrate that the techniques are efficient, leading to performance similar to that of other fastest secure fingerprint matching techniques, despite higher complexity of our solution that higher accuracy demands.



This work was supported in part by grants CNS-1223699 and CNS-1319090 from the National Science Foundation and FA9550-13-1-0066 from the Air Force Office of Scientific Research. Any opinions, findings, and conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the funding agencies.

Supplementary material


  1. 1.
    Aliasgari, M., Blanton, M.: Secure computation of Hidden Markov Models. In: International Conference on Security and Cryptography (SECRYPT) (2013)Google Scholar
  2. 2.
    Aly, A., Cuvelier, E., Mawet, S., Pereira, O., Van Vyve, M.: Securely solving simple combinatorial graph problems. In: Financial Cryptography, pp. 239–257 (2013)CrossRefGoogle Scholar
  3. 3.
    Barni, M., Bianchi, T., Catalano, D., Di Raimondo, M., Labati, R., Failla, P., Fiore, D., Lazzeretti, R., Piuri, V., Scotti, F., Piva, A.: Privacy-preserving fingercode authentication. In: ACM Workshop on Multimedia and Security (MM&Sec), pp. 231–240 (2010)Google Scholar
  4. 4.
    Beerliová-Trubíniová, Z., Hirt, M.: Perfectly-secure MPC with linear communication complexity. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 213–230. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Hoang, V., Keelveedhi, S., Rogaway, P.: Efficient garbling from a fixed-key blockcipher. In: IEEE Symposium on Security and Privacy, pp. 478–492 (2013)Google Scholar
  6. 6.
    Blanton, M., Aguiar, E.: Private and oblivious set and multiset operations. Cryptology ePrint Archive Report 2011/464 (2011)Google Scholar
  7. 7.
    Blanton, M., Aliasgari, M.: Secure outsourcing of DNA searching via finite automata. In: DBSec, pp. 49–64 (2010)Google Scholar
  8. 8.
    Blanton, M., Aliasgari, M.: Secure outsourced computation of iris matching. J. Comput. Secur. 20(2–3), 259–305 (2012)CrossRefGoogle Scholar
  9. 9.
    Blanton, M., Gasti, P.: Secure and efficient protocols for iris and fingerprint identification. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 190–209. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  10. 10.
    Blanton, M., Gasti, P.: Secure and efficient iris and fingerprint identification. In: Ngo, D., Teoh, A., Hu, J. (eds.) Biometric Security (2015)Google Scholar
  11. 11.
    Blanton, M., Saraph, S.: Secure and oblivious maximum bipartite matching size algorithm with applications to secure fingerprint identification. Cryptology ePrint Archive Report 2014/596 (2014)Google Scholar
  12. 12.
    Blanton, M., Steele, A., Aliasgari, M.: Data-oblivious graph algorithms for secure computation and outsourcing. In: ASIACCS, pp. 207–218 (2013)Google Scholar
  13. 13.
    Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  14. 14.
    Damgård, I., Geisler, M., Krøigård, M.: Asynchronous multiparty computation: Theory and implementation. In: Public Key Cryptography (PKC), pp. 160–179 (2009)CrossRefGoogle Scholar
  15. 15.
    Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009) CrossRefGoogle Scholar
  16. 16.
    Fan, K.-C., Liu, C.-W., Wang, Y.-K.: A fuzzy bipartite weighted graph matching approach to fingerprint verification. IEEE Trans. Syst. Man Cybern. 5, 4363–4368 (1998)Google Scholar
  17. 17.
    Ford, L., Fulkerson, D.: Flows in Networks. Princeton University Press (1962)Google Scholar
  18. 18.
    Goldreich, O.: Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press, Cambridge (2004)Google Scholar
  19. 19.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM (JACM) 43(3), 431–473 (1996)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Goodrich, M.: Data-oblivious external-memory algorithms for the compaction, selection, and sorting of outsourced data. In: SPAA, pp. 379–388 (2011)Google Scholar
  21. 21.
    Ibarra, O., Moran, S.: Deterministic and probabilistic algorithms for maximum bipartite matching via fast matrix multiplication. Inf. Process. Lett. 13(1), 12–15 (1981)MathSciNetCrossRefGoogle Scholar
  22. 22.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  23. 23.
    Jain, A., Prabhakar, S., Hong, L., Pankanti, S.: Filterbank-based fingerprint matching. IEEE Trans. Image Process. 9(5), 846–859 (2000)CrossRefGoogle Scholar
  24. 24.
    Jea, T.-Y., Govindaraju, V.: A minutia-based partial fingerprint recognition system. Pattern Recogn. 38(10), 1672–1684 (2005)CrossRefGoogle Scholar
  25. 25.
    Keller, M., Scholl, P.: Efficient, oblivious data structures for MPC. Cryptology ePrint Archive Report 2014/137 (2014)Google Scholar
  26. 26.
    Kolesnikov, V., Schneider, T.: Improved garbled circuit: free XOR gates and applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  27. 27.
    Kreuter, B., shelat, A., Shen, C.: Billion-gate secure computation with malicious adversaries. In: USENIX Security Symposium (2012)Google Scholar
  28. 28.
    Lovasz, L.: On determinants, matchings and random algorithms. Fundam. Comput. Theor. 79, 565–574 (1979)MathSciNetzbMATHGoogle Scholar
  29. 29.
    Lu, S., Ostrovsky, R.: Distributed oblivious RAM for secure two-party computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 377–396. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  30. 30.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - a secure two-party computation system. In: USENIX Security Symposium, pp. 287–302 (2004)Google Scholar
  31. 31.
    Maltoni, D., Maio, D., Jain, A., Prabhakar, S.: Handbook of Fingerprint Recognition, 2nd edn. Springer, London (2009) CrossRefGoogle Scholar
  32. 32.
    Mucha, M., Sankowski, P.: Maximum matchings via Gaussian elimination. In: IEEE Symposium on Foundations of Computer Science, pp. 248–255 (2004)Google Scholar
  33. 33.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: SODA (2001)Google Scholar
  34. 34.
    Pathak, M., Portelo, J., Raj, B., Trancoso, I.: Privacy-preserving speaker authentication. In: Gollmann, D., Freiling, F.C. (eds.) ISC 2012. LNCS, vol. 7483, pp. 1–22. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  35. 35.
    Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: Efficient privacy-preserving face recognition. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 229–244. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  36. 36.
    Shahandashti, S.F., Safavi-Naini, R., Ogunbona, P.: Private fingerprint matching. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 426–433. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  37. 37.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  38. 38.
    Solodovnikov, V.: Extension of Strassen’s estimate to the soultion of arbitrary systems of linear equations. USSR Comput. Maths. Math. Phys. 19, 21–33 (1978)CrossRefGoogle Scholar
  39. 39.
    Stefanov, E., van Dijk, M., Shi, E., Fletcher, C., Ren, L., Yu, X., Devadas, S.: Path ORAM: An extremely simple oblivious RAM protocol. In: CCS, pp. 299–310 (2013)Google Scholar
  40. 40.
    Strassen, V.: Gaussian elimination is not optimal. Numer. Math. 13, 354–356 (1969)MathSciNetCrossRefGoogle Scholar
  41. 41.
    The Corbett Report. India fingerprints, iris scanning over one billion people.
  42. 42.
    Troncoso-Pastoriza, J., Katzenbeisser, S., Celik, M.: Privacy preserving error resilient DNA searching through oblivious automata. In: CCS, pp. 519–528 (2007)Google Scholar
  43. 43.
  44. 44.
    U.S. Dhs Office of Biometric Identity Management.
  45. 45.
    Wang, C., Gavrilova, M., Luo, Y., Rokne, J.: An efficient algorithm for fingerprint matching. In: International Conference on Pattern Recognition (ICPR), pp. 1034–1037 (2006)Google Scholar
  46. 46.
    Yao, A.: How to generate and exchange secrets. In: FOCS, pp. 162–167 (1986)Google Scholar
  47. 47.
    Zhang, Y., Steele, A., Blanton, M.: PICCO: a general-purpose compiler for private distributed computation. In: CCS, pp. 813–826 (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Open Access This chapter is licensed under the terms of the Creative Commons Attribution-NonCommercial 2.5 International License (, which permits any noncommercial use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringUniversity of Notre DameNotre DameUSA

Personalised recommendations