CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Security aspects of privacy-preserving biometric authentication based on ideal lattices and ring-LWE

Aysajan Abidin (Institutionen för data- och informationsteknik, Nätverk och system (Chalmers) ) ; Aikaterini Mitrokotsa (Institutionen för data- och informationsteknik, Nätverk och system (Chalmers) )
IEEE International Workshop on Information Forensics and Security, WIFS 2014; Atlanta; United States; 3 December 2014 through 5 December 2014 p. 60-65. (2014)
[Konferensbidrag, refereegranskat]

In this paper, we study the security of two recently proposed privacy-preserving biometric authentication protocols that employ packed somewhat homomorphic encryption schemes based on ideal lattices and ring-LWE, respectively. These two schemes have the same structure and have distributed architecture consisting of three entities: a client server, a computation server, and an authentication server. We present a simple attack algorithm that enables a malicious computation server to learn the biometric templates in at most 2N-τ queries, where N is the bit-length of a biometric template and τ the authentication threshold. The main enabler of the attack is that a malicious computation server can send an encryption of the inner product of the target biometric template with a bitstring of his own choice, instead of the securely computed Hamming distance between the fresh and stored biometric templates. We also discuss possible countermeasures to mitigate the attack using private information retrieval and signatures of correct computation.

Nyckelord: privacy-preservation, biometric authentication


Article number 7084304



Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2015-01-07. Senast ändrad 2016-07-07.
CPL Pubid: 209972

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)