Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security Practice and Experience

ISPEC 2017: Information Security Practice and Experience pp 297–319Cite as

A Lattice-Based Approach to Privacy-Preserving Biometric Authentication Without Relying on Trusted Third Parties

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10701))

Abstract

We propose a two-factor authentication protocol that uses a cryptographic authentication factor (secret key) to add biometric template privacy security against server exposure attack, to any given (non-private, one-factor) biometric authentication scheme based on Hamming-Distance (HD) comparison of stored and queried binary biometric templates. Our protocol provides provable privacy under the hardness of a standard cryptographic lattice problem (Ring-LWE), and provable two-factor impersonation security under malicious client model.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Fujitsu develops world’s first slide-style vein authentication technology based on palm veins - Fujitsu global. http://www.fujitsu.com/global/about/resources/news/press-releases/2017/0110-01.html. Accessed 23 Jan 2017

  2. Alkim, E., Ducas, L., Pöppelmann, T., Schwabe, P.: Post-quantum key exchange-a new hope. In: USENIX Security Symposium, pp. 327–343 (2016)

    Google Scholar 

  3. Bai, S., Langlois, A., Lepoint, T., Stehlé, D., Steinfeld, R.: Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 3–24. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_1

    Chapter  Google Scholar 

  4. Belguechi, R., Alimi, V., Cherrier, E., Lacharme, P., Rosenberger, C., et al.: An overview on privacy preserving biometrics. In: Recent Application in Biometrics, pp. 65–84 (2011)

    Google Scholar 

  5. Bellare, M., Goldreich, O.: On defining proofs of knowledge. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 390–420. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_28

    Google Scholar 

  6. Blanton, M., Gasti, P.: Secure and efficient protocols for iris and fingerprint identification. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 190–209. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_11

    Chapter  Google Scholar 

  7. Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-lwe and security for key dependent messages. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 505–524. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_29

    Chapter  Google Scholar 

  8. Bringer, J., Chabanne, H., Izabachène, M., Pointcheval, D., Tang, Q., Zimmer, S.: An application of the Goldwasser-Micali cryptosystem to biometric authentication. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 96–106. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73458-1_8

    Chapter  Google Scholar 

  9. Cappelli, R., Ferrara, M., Maltoni, D.: Minutia cylinder-code: a new representation and matching technique for fingerprint recognition. IEEE Trans. Pattern Anal. Mach. Intell. 32(12), 2128–2141 (2010)

    Article  Google Scholar 

  10. Damgard, I., Geisler, M., Kroigard, M.: Homomorphic encryption and secure comparison. Int. J. Appl. Cryptography 1(1), 22–31 (2008)

    Article  MathSciNet  Google Scholar 

  11. Daugman, J.: The importance of being random: statistical principles of iris recognition. Pattern Recogn. 36(2), 279–291 (2003)

    Article  Google Scholar 

  12. Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03168-7_14

    Chapter  Google Scholar 

  13. Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptol. 1(2), 77–94 (1988)

    Article  MathSciNet  MATH  Google Scholar 

  14. FVC-ongoing. https://biolab.csr.unibo.it/FVCOnGoing/UI/Form/Home.aspx. Accessed 12 Apr 2016

  15. Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009). crypto.stanford.edu/craig

  16. Gentry, C., Halevi, S., Vaikuntanathan, V.: i-Hop homomorphic encryption and rerandomizable Yao circuits. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 155–172. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_9

    Chapter  Google Scholar 

  17. Gentry, C., Sahai, A., Waters, B.: Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 75–92. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_5

    Chapter  Google Scholar 

  18. Goldwasser, S., Micali, S., Rackoff, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  19. Higo, H., Isshiki, T., Mori, K., Obana, S.: Privacy-preserving fingerprint authentication resistant to hill-climbing attacks. In: Dunkelman, O., Keliher, L. (eds.) SAC 2015. LNCS, vol. 9566, pp. 44–64. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31301-6_3

    Chapter  Google Scholar 

  20. Hirano, T., Hattori, M., Ito, T., Matsuda, N.: Cryptographically-secure and efficient remote cancelable biometrics based on public-key homomorphic encryption. In: Sakiyama, K., Terada, M. (eds.) IWSEC 2013. LNCS, vol. 8231, pp. 183–200. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41383-4_12

    Chapter  Google Scholar 

  21. Ishai, Y., Paskin, A.: Evaluating branching programs on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 575–594. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_31

    Chapter  Google Scholar 

  22. Jain, A., Flynn, P., Ross, A.A.: Handbook of Biometrics. Springer, New York (2007)

    Google Scholar 

  23. Jain, A.K., Nandakumar, K., Nagar, A.: Biometric template security. EURASIP J. Adv. Sig. Process. 2008, 113 (2008)

    Google Scholar 

  24. Jain, A.K., Nandakumar, K., Ross, A.: 50 years of biometric research: accomplishments, challenges, and opportunities. Pattern Recogn. Lett. 79, 80–105 (2016)

    Article  Google Scholar 

  25. Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372–389. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_23

    Chapter  Google Scholar 

  26. Langlois, A., Stehlé, D., Steinfeld, R.: GGHLite: more efficient multilinear maps from ideal lattices. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 239–256. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_14

    Chapter  Google Scholar 

  27. Lauter, K., Naehrig, M., Vaikuntanathan, V.: Can homomorphic encryption be practical? Cryptology ePrint Archive, Report 2011/405 (2011). http://eprint.iacr.org/2011/405

  28. Ling, S., Nguyen, K., Stehlé, D., Wang, H.: Improved zero-knowledge proofs of knowledge for the ISIS problem, and applications. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 107–124. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7_8

    Chapter  Google Scholar 

  29. Lyubashevsky, V.: Lattice-based identification schemes secure under active attacks. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 162–179. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78440-1_10

    Chapter  Google Scholar 

  30. Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_1

    Chapter  Google Scholar 

  31. Mandal, A., Roy, A., Yasuda, M.: Comprehensive and improved secure biometric system using homomorphic encryption. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2015. LNCS, vol. 9481, pp. 183–198. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29883-2_12

    Chapter  Google Scholar 

  32. Micciancio, D., Vadhan, S.P.: Statistical zero-knowledge proofs with efficient provers: lattice problems and more. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 282–298. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_17

    Chapter  Google Scholar 

  33. Nagar, A., Nandakumar, K., Jain, A.K.: A hybrid biometric cryptosystem for securing fingerprint minutiae templates. Pattern Recogn. Lett. 31(8), 733–741 (2010)

    Article  Google Scholar 

  34. Osadchy, M., Pinkas, B., Jarrous, A., Moskovich, B.: SCiFI-a system for secure face identification. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 239–254. IEEE (2010)

    Google Scholar 

  35. Ostrovsky, R., Paskin-Cherniavsky, A., Paskin-Cherniavsky, B.: Maliciously circuit-private FHE. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 536–553. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_30

    Chapter  Google Scholar 

  36. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16

    Google Scholar 

  37. Peterson, A.: OPM says 5.6 million fingerprints stolen in cyberattack, five times as many as previously thought. The Washington Post, 23 September 2015

    Google Scholar 

  38. Rackoff, C., Simon, D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_35

    Google Scholar 

  39. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM (JACM) 56(6), 34 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  40. Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. Found. Secure Comput. 4(11), 169–180 (1978)

    MathSciNet  Google Scholar 

  41. Sander, T., Young, A., Yung, M.: Non-interactive cryptocomputing for NC/SUP 1. In: 40th Annual Symposium on Foundations of Computer Science, pp. 554–566. IEEE (1999)

    Google Scholar 

  42. Schoenmakers, B., Tuyls, P.: Efficient binary conversion for Paillier encrypted values. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 522–537. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_31

    Chapter  Google Scholar 

  43. Šeděnka, J., Govindarajan, S., Gasti, P., Balagani, K.S.: Secure outsourced biometric authentication with performance evaluation on smartphones. IEEE Trans. Inf. Forensics Secur. 10(2), 384–396 (2015)

    Article  Google Scholar 

  44. Shahandashti, S.F., Safavi-Naini, R., Ogunbona, P.: Private fingerprint matching. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 426–433. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31448-3_32

    Chapter  Google Scholar 

  45. Smart, N.P., Vercauteren, F.: Fully homomorphic SIMD operations. Des. Codes Crypt. 71(1), 1–25 (2014)

    Article  MATH  Google Scholar 

  46. Stehlé, D., Steinfeld, R.: Faster fully homomorphic encryption. Cryptology ePrint Archive, Report 2010/299 (2010). http://eprint.iacr.org/2010/299

  47. Stehlé, D., Steinfeld, R., Tanaka, K., Xagawa, K.: Efficient public key encryption based on ideal lattices. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 617–635. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_36

    Chapter  Google Scholar 

  48. Stern, J.: A new identification scheme based on syndrome decoding. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 13–21. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_2

    Google Scholar 

  49. Teoh, A.B., Kuan, Y.W., Lee, S.: Cancellable biometrics and annotations on biohash. Pattern Recogn. 41(6), 2034–2044 (2008)

    Article  MATH  Google Scholar 

  50. Uludag, U., Pankanti, S., Prabhakar, S., Jain, A.K.: Biometric cryptosystems: issues and challenges. Proc. IEEE 92(6), 948–960 (2004)

    Article  Google Scholar 

  51. van Dijk, M., Gentry, C., Halevi, S., Vaikuntanathan, V.: Fully homomorphic encryption over the integers. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 24–43. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_2

    Chapter  Google Scholar 

  52. Yasuda, M., Shimoyama, T., Kogure, J., Yokoyama, K., Koshiba, T.: Practical packing method in somewhat homomorphic encryption. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W.M. (eds.) DPM/SETOP -2013. LNCS, vol. 8247, pp. 34–50. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54568-9_3

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Monash University, Clayton, VIC, 3800, Australia

    Trung Dinh, Ron Steinfeld & Nandita Bhattacharjee

Authors
  1. Trung Dinh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ron Steinfeld
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nandita Bhattacharjee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Trung Dinh .

Editor information

Editors and Affiliations

  1. Monash University, Clayton, Victoria, Australia

    Joseph K. Liu

  2. University of Milan, Milan, Italy

    Pierangela Samarati

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dinh, T., Steinfeld, R., Bhattacharjee, N. (2017). A Lattice-Based Approach to Privacy-Preserving Biometric Authentication Without Relying on Trusted Third Parties. In: Liu, J., Samarati, P. (eds) Information Security Practice and Experience. ISPEC 2017. Lecture Notes in Computer Science(), vol 10701. Springer, Cham. https://doi.org/10.1007/978-3-319-72359-4_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72359-4_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72358-7

  • Online ISBN: 978-3-319-72359-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation