Presentation is loading. Please wait.

Presentation is loading. Please wait.

Anonymous Biometrics: Privacy Protection of Biometric Templates Pim Tuyls, E. Verbitskiy, D. Denteneer, J.P. Linnartz, J. Goseling, T. Ignatenko

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Anonymous Biometrics: Privacy Protection of Biometric Templates Pim Tuyls, E. Verbitskiy, D. Denteneer, J.P. Linnartz, J. Goseling, T. Ignatenko"— Presentation transcript:

1 Anonymous Biometrics: Privacy Protection of Biometric Templates Pim Tuyls, E. Verbitskiy, D. Denteneer, J.P. Linnartz, J. Goseling, T. Ignatenko Pim.Tuyls@philips.com Philips Research Eindhoven The Netherlands

2 2 Overview Introduction Challenge Literature and Related Topic Information-Theoretic model Secrecy Extractor Requirements Bounds Examples “General” Theory Experiments Summary

3 3 Introduction Biometric Identification (fingerprints, iris, speech) - is often used to identify people - is often part of a security system - uses databases containing Ref. Information (Templates) Advantages Convenience can not be lost or forgotten easy to use Uniqueness unique for a human being Offers therefore a very attractive alternative to e.g. passwords

4 4 Risks - Forgeability - Impersonation by Artificial Biometrics - Once Compromised Compromised Forever -Theft of Identity (Stolen Biometrics) - Sensitive Information - Fingerprints contain Genetic Information - Retina reveals susceptibility for Strokes and Diabetes Additional Problem - Noisy: Biometric data are obtained through noisy measurements PRIVACY

5 5 ARCHITECTURE ASSUMPTIONS Database public Channel public Sensor trusted ATTACKS - Outside (on database) - Eavesdropping of Communications - Inside (on database): Malicious owner (Verifier) - Fingerprints left on glasses, door handles (not discussed today) Database Sensor Template Channel

6 6 Possible Constructions: - Encryption (implies a decryption key at verifier site) - One-Way Function Idea: Build a scheme similar to the one used for password protection Solution Secure Storage of Biometric Templates, Against Outside and Inside Attacks Secure Communication over the Channel (prevent eavesdropping)

7 7 CHALLENGE: Integration of Cryptographic Techniques with Noisy Inputs One-Way Functions are very sensitive to small changes in the input data database matching F F

8 8 Literature - Schneier - Davida, Frankel and Matt, (Private biometrics) - Juels and Wattenberg (Fuzzy Commitment) - Ratha, Connell, Bolle (Cancelable Biometrics) - Juels, Sudan (fuzzy vault) - Linnartz, Tuyls (Shielding functions, AVBPA 2003) - Verbitskiy, Tuyls, Denteneer and Linnartz (Benelux 2003) - Goseling, Tuyls submitted to ISIT2004 Related Topic - Biometric Key Generation (Soutar)

9 9 Information Theoretic Model Biometrics X n are modeled as random variables with distribution(enrollment) Authentication measurements Y n, modeled as observations through a noisy channel

10 10 Generate Common Secret S from X n and Y n (Common Randomness) Helper data W Secrecy Extractor Database: ID, W, F(S) matching F F G G ’)? EXACT MATCH: F(S)=F(S’)? Enrollment Authentication F(S)

11 11 Terminology A functionis called a  -contracting function: if for all X there exist a W s.t probabilistic norm Versatile function: for all S  0,1  k and all X  R n, there exists a vector W  R m such that:  -Revealing function: 

12 12 Requirements A reliable biometric authentication system that protects privacy has to satisfy the following requirements:  -contracting Versatile  -revealing: Correctness: Protection against a dishonest verifier who has Access to the database (compare with passwords)

13 13 Implications Proposition 1: If W is constant, i.e. G(Y,W)=C(Y) then either  =0, or G(Y,W) is a constant independent of Y. Corollary: In order to have a robust, versatile function G=G(X,W), W must depend on X

14 14 Implications Proposition 2 : Let S be a binary string derived from X and Y by communicating helper data W as described in the protocol: Extends also to the continuous case! (Approximation argument)

15 15 EXAMPLES Three kinds of proposed schemes: Based on Quantized Index Modulation Error Correcting Code-scheme Significant Components

16 16 Example: Significant Components Assumption: Orthogonal Transformation (Fisher, PCA): Define: where  i are orthonormal vectors Theorem (Fisher, PCA): The  i can be constructed such that they are independent, normally distributed random variables with zero mean

17 17 The Scheme I: Robustness Idea: Select  -components with large absolute values to guarantee robustness to noise Choose a small positive number  and define Theorem: Let  be the fraction of average number of large comps then, if there is a sufficient amount of energy in the system,  is “large”, moreover

18 18 The Scheme II: Versatility Versatility: Given s i, search for index i j such that: (feasibility) The set of feasible secrets: Theorem: If k=  1 n with  1 =  /10, then with large probability is a large set

19 19 The Scheme III: Helper Data Given a secret S=(s 1,…,s k ) the helper data W is determined. W picks up the correct components of X in  -basis Helper data: W(X) is a k  n matrix, its j-th row is given by  -contracting function:

20 20 Information Revealing Theorem: The proposed scheme is zero-revealing: Moreover,

21 21 General Construction SEC: Tuple of encoding regions (SEC: Secure Extraction Code) such that, is the collection of SECs s.t.

22 22 Secure Biometric Authentication Scheme (SBA) 1.Enrollment measurement X n 2.Select a code in W indicates the selected code 3.The Secret S is index of that coding region where X n belongs to 4. A One-Way Function F is applied to S. 5.W and F(S) are stored in the database together with the Id. ENCDEC 1 2 3

23 23 Authentication: 1. An individual makes an Id claim 2. W and is sent to the decoder 3. The SEC C(W) is used to derive the secret as follows, 4. 5. F(S’) is computed 6. Check: F(S’)=F(S) This construction achieves the earlier mentioned capacities at the same time (Asymptotically)!

24 24 Experiments - Biometric: Measuring the headphone-to-ear-canal-Transfer Functions - First dataset: 45 Individuals, 8 Measurements per person - Second dataset: 65 Individuals, 8 Measurements per person - 6 Measurements for training, 2 for authentication - Tested scheme: significant components - FRR decreases as  increases - FAR decreases as secret length increases - Secret length decreases as  increases

25 25 “Ear canal” Biometrics = Headphone-to-Ear Transfer Function White noiseError H(z) W(z) +

26 26 Headphone-to-Ear Transfer Function: 1 ear, population (45x8)

27 27 Results: Principal Component Transform First dataset

28 28 Second dataset Combination of schemes

29 29 Summary We have described a general set-up and examples for biometric authentication/key generation schemes that satisfy the following properties: - Robust to noise - Versatile - Zero-revealing - Privacy protection

Download ppt "Anonymous Biometrics: Privacy Protection of Biometric Templates Pim Tuyls, E. Verbitskiy, D. Denteneer, J.P. Linnartz, J. Goseling, T. Ignatenko"

Similar presentations

Ari Juels RSA Laboratories Marty Wattenberg 328 W. 19th Street, NYC A Fuzzy Commitment Scheme.

Ari Juels RSA Laboratories Marty Wattenberg 328 W. 19th Street, NYC A Fuzzy Commitment Scheme.
Biometry and Security: Secure Biometric Authentication for Weak Computational Devices Author: Zelenevskiy Vladimir Based on the research by M.J. Atallah.

Biometry and Security: Secure Biometric Authentication for Weak Computational Devices Author: Zelenevskiy Vladimir Based on the research by M.J. Atallah.
Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Fuzzy Vaults: Toward Secure Client-Side Matching Ari Juels RSA Laboratories 10th CACR Information Security Workshop 8 May 2002 LABORATORIES.

Fuzzy Vaults: Toward Secure Client-Side Matching Ari Juels RSA Laboratories 10th CACR Information Security Workshop 8 May 2002 LABORATORIES.
Securing Fingerprint Template - Fuzzy Vault with Helper Data

Securing Fingerprint Template - Fuzzy Vault with Helper Data
Fuzzy Stuff 6.857 Lecture 24, 2006. Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting.

Fuzzy Stuff Lecture 24, Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting.
Biometrics based Cryptosystem Design. Cryptosystem A mechanism using which one can encode an information content to an incomprehensible form and also.

Biometrics based Cryptosystem Design. Cryptosystem A mechanism using which one can encode an information content to an incomprehensible form and also.
Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.

Chapter 9 Creating and Maintaining Database Presented by Zhiming Liu Instructor: Dr. Bebis.
Short course on quantum computing Andris Ambainis University of Latvia.

Short course on quantum computing Andris Ambainis University of Latvia.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Fuzzy extractor based on universal hashes

Fuzzy extractor based on universal hashes
BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.

BIOMETRICS AND NETWORK AUTHENTICATION Security Innovators.
Session 4 Asymmetric ciphers.

Session 4 Asymmetric ciphers.
 Secure Authentication Using Biometric Data Karen Cui.

 Secure Authentication Using Biometric Data Karen Cui.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Digital Data Transmission ECE 457 Spring 2005. Information Representation Communication systems convert information into a form suitable for transmission.

Digital Data Transmission ECE 457 Spring Information Representation Communication systems convert information into a form suitable for transmission.
Symmetric hash functions for fingerprint minutiae

Symmetric hash functions for fingerprint minutiae
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Similar presentations

Ads by Google