[Resource Topic] 2020/1381: PBio: Enabling Cross-organizational Biometric Authentication Service through Secure Sharing of Biometric Templates

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2020/1381

Title:
PBio: Enabling Cross-organizational Biometric Authentication Service through Secure Sharing of Biometric Templates

Authors: Jia-Chng Loh, Geong-Sen Poh, Jason H. M. Ying, Jia Xu, Hoon Wei Lim, Jonathan Pan, Weiyang Wong

Abstract:

Prior works in privacy-preserving biometric authentication mostly focus on the following setting. An organization collects users’ biometric data during registration and later authorized access to the organization services after successful authentication. Each organization has to maintain its own biometric database. Similarly each user has to release her biometric information to multiple organizations; Independently, government authorities are making their extensive, nation-wide biometric database available to agencies and organizations, for countries that allow such access. This will enable organizations to provide authentication without maintaining biometric databases, while users only need to register once. However privacy remains a concern. We propose a privacy-preserving system, PBio, for this new setting. The core component of PBio is a new protocol comprising distance recoverable encryption and secure distance computation. We introduce an encrypt-then-split mechanism such that each of the organizations holds only an encrypted partial biometric database. This minimizes the risk of template reconstruction in the event that the encrypted partial database is recovered due to leak of the encryption key. PBio is also secure even when the organizations collude. A by-product benefit is that the use of encrypted partial templates allows quicker rejection for non-matching instances. We implemented a cloud-based prototype with desktop and Android applications. Our experiment results based on real remote users show that PBio is highly efficient. A round-trip authentication takes approximately 74ms (desktop) and 626ms (Android). The computation and communication overhead introduced by our new cryptographic protocol is only about 10ms (desktop) and 54ms (Android).

ePrint: https://eprint.iacr.org/2020/1381

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .