Security aspects of privacy-preserving biometric authentication based on ideal lattices and ring-LWE
Paper i proceeding, 2015

In this paper, we study the security of two recently proposed privacy-preserving biometric authentication protocols that employ packed somewhat homomorphic encryption schemes based on ideal lattices and ring-LWE, respectively. These two schemes have the same structure and have distributed architecture consisting of three entities: a client server, a computation server, and an authentication server. We present a simple attack algorithm that enables a malicious computation server to learn the biometric templates in at most 2N-τ queries, where N is the bit-length of a biometric template and τ the authentication threshold. The main enabler of the attack is that a malicious computation server can send an encryption of the inner product of the target biometric template with a bitstring of his own choice, instead of the securely computed Hamming distance between the fresh and stored biometric templates. We also discuss possible countermeasures to mitigate the attack using private information retrieval and signatures of correct computation.

privacy-preservation

biometric authentication

Författare

Aysajan Abidin

Chalmers, Data- och informationsteknik, Nätverk och system

Aikaterini Mitrokotsa

Chalmers, Data- och informationsteknik, Nätverk och system

2014 IEEE International Conference on Communications Workshops, ICC 2014

60-65
978-147998882-2 (ISBN)

2014 IEEE International Workshop on Information Forensics and Security, WIFS 2014
Atlanta, USA,

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Data- och informationsvetenskap

Datavetenskap (datalogi)

DOI

10.1109/WIFS.2014.7084304

Mer information

Senast uppdaterat

2019-11-04