Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Biometric Encryption: Privacy-Enhancing Technology European.

Published byDebra Gibson Modified over 9 years ago

Similar presentations

Presentation on theme: "© Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Biometric Encryption: Privacy-Enhancing Technology European."— Presentation transcript:

1 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Biometric Encryption: Privacy-Enhancing Technology European Biometrics Forum (EBF) Research Seminar Tuesday, 02 October 2007 Fred Carter Senior Policy & Technology Advisor Office of the Information & Privacy Commissioner / Ontario, Canada

2 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Presentation Outline 1.IPC Work 2.FIPs, PETs 3.Biometrics and Privacy 4.BE & Anonymous Biometrics 5.Reactions and Follow-up

3 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 1. IPC work to date Independent agency of gov’t; we oversee three laws Longstanding interest & involvement in privacy, technology and law/compliance issues. IPC approach: constructive engagement; ICT both a threat to and opportunity for privacy; seek pragmatic “win-win” scenarios Some publications: Path to Anonymity; guidance on use of PKI, DRM, Privacy-embedded 7 Laws of Identity, Biometrics, Biometric Encryption; ID Theft; Intelligent Agents, P3P, RFID, Privacy and the Open Networked Enterprise, Privacy Diagnostic Tool; PIA for health, contactless smart cards; mobile device security; STEPs, etc. IPC website: www.ipc.on.ca

4 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 1. IPC biometrics work Biometrics Program, Toronto (1994) Ontario Works Act (1997) Discussion & guidance papers (1999) Presentations, speeches, etc. (2000-) Statement to House of Commons Standing Committee on Citizenship & Immigration (2003) Resolution of Int’l DPAs (2005) EBF IBAC (2005-)

5 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 2. FIPs & PETs

6 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 2. PETS and FIPs Our Mantra: “Build It In” Build in privacy – early into the architecture, design specs, and technologies; design must start from maximum privacy Assess all privacy risks: conduct privacy impact assessments; annual privacy audits Minimize collection, use, data: minimize routine collection, use, and retention of all personally identifiable data Be comprehensive and systematic: effective privacy requires an integrated approach; privacy must be applied to entire data systems and throughout the data life cycle Privacy rules must be enforced; enforcement must be trustworthy for system to earn trust and use. Use privacy enhancing technologies (PETs)

7 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 2. FIPs & PETs Effective governance can come from: 1.Laws, legislation, regulation 2.Industry self-regulation, codes of conduct, best practices, guidelines, standards, policies, audit & certification practices… 3.PETs / Technology solutions 4.Public opinion / market acceptance Founded on the Fair Information Practices (FIPs) PETs just one element in the IPC privacy toolkit

8 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 2. PETs & FIPs Many FIPs in use around the world; they can be condensed into 3 primary and substantive impulses: –1. Data Minimization –2. User Participation and Control –3. Information Security Good success evangelizing to public policymakers, information security, auditors, developers, etc. Expressed in myriad ways, depending on context.

9 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Privacy OR Security: A Zero-Sum Game

10 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Privacy AND Security

11 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics and Privacy

12 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Privacy Privacy, Security Issues: Growing biometrics deployments and uses pose significant systemic risks to individual privacy and security Biometrics a lifetime permanent identifier, worse than a password (access control) Indiscriminate or excess collection of biometric data invites misuse System performance: accuracy and reliability Poor accountability will undermine trust, acceptance and use.

13 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Creation of large centralized databases Far-reaching consequences of errors in large-scale networked systems; Interoperability that invites unintended additional “secondary” uses 3. Privacy & Biometrics: Concerns

14 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Security The Risks Spoofing Replay attacks Substitution attack: Tampering Masquerade attack Trojan horse attacks Overriding Yes/No response Insufficient accuracy

15 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Identification: The Myth of Accuracy Problem with large centralized databases containing millions of biometric templates: –False positives –False negatives

16 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Privacy Accuracy and Reliability Accuracy and reliability are still viewed as major stumbling blocks for large-scale biometric applications (OECD Report on Biometric Technologies, June 2004); http://appli1.oecd.org/olis/2003doc.nsf/linkto/dsti-iccp- reg(2003)2-final Serious consequences of false positives and negatives, errors, failure rates.

17 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Authentication: Biometric Strength and Privacy The strength of one-to-one matches: Authentication/verification does not require the central storage of biometric templates; Biometric may be stored locally, not centrally – on a smart card, token, travel document, etc.

18 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Privacy 1:1 versus 1:Many Privacy regulators favor 1:1 authentication (verification) over 1:many identification; The EU Article 29 Working Party Resolution on the use of biometrics in passports, identity cards and travel documents was passed by Data Protection and Privacy Commissioners in Montreux, Switzerland, 2005: “…The Conference calls for the technical restriction of the use of biometrics in passports and identity cards to verification purposes comparing the data in the document with the data provided by the holder, when presenting the document.” — 27th International Conference of Data Protection and Privacy Commissioners, Montreux, 16 September 2005 www.privacyconference2005.org/fileadmin/PDF/biometrie_resolution_e.pdf

19 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Privacy Centralized Databases Risks associated with large centralized, networked biometric databases; Article 29 Working Party, chaired by Peter Schaar, Germany’s federal Data Protection Commissioner, EU Opinion, August 2004 states, “The Working Party strictly opposes the storage of all EU passport holders’ biometric and other data in a centralized data base…” http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2 005/wp112_en.pdf

20 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Privacy Interoperability Interoperable biometric databases invite additional purposes and secondary uses of the data; E.U. Data Protection Supervisor, Peter Hustinx, in his March 2006 Opinion, stressed that: “Interoperability of systems must be implemented with due respect for data protection principles and in particular, the purpose limitation principle.” Comments on the Communication of the Commission on interoperability of European databases, www.edps.eu.int/legislation/Comments/06-03- 10_Comments_interoperability_EN.pdf

21 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 3. Biometrics & Privacy Risks (Summary) unauthorized secondary uses of biometric data expanded surveillance tracking, profiling, and potential discrimination data misuse (data breach, identity fraud and theft) negative personal impacts of false matches, non-matches, system errors and failures diminished oversight, accountability, and openness of biometric data systems absence of individual knowledge and consent; loss of personal control loss of user confidence, acceptance and trust; potential negative backlash

22 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. Biometric Encryption

23 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. Biometric Encryption (BE) What is Biometric Encryption? Class of emerging “untraceable biometric” technologies that seek to irreversibly transform the biometric data provided by the user. BE is a process that securely binds a PIN or a cryptographic key to a biometric, so that neither the key nor the biometric can be retrieved from the stored template. The key is re-created only if the correct live biometric sample is presented on verification.

24 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. Biometric Encryption (BE) Use Biometric as the Encryption Key 110011001011… ……………..110 01011001…01 Randomly generated key Biometrically-encrypted key is stored Enrollment Biometric Image 100110100010… ………………010 Biometric Template BE binding algorithm

25 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. Biometric Encryption (BE) Decrypt with Same Biometric Verification 101100101010… ………………000 Fresh Biometric Template 110011001011… ……………..110 Biometrically-encrypted key BE retrieval algorithm 01011001…01 Key retrieved Fresh Biometric Image

26 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. BE Advantages BE technologies can enhance privacy and security. Some key advantages offered: 1. NO Retention of biometric image or template 2. Multiple / cancellable / revocable identifiers 3. Improved authentication security: stronger binding of user biometric & system identifier 4. Improved security of personal data and communications 5. Greater public confidence, acceptance, use à compliance with privacy & data protection laws

27 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. BE Advantages 1.NO Retention of biometric image or template Best privacy practice is not to disclose / collect PII at all in the first place, if possible. Most privacy and security concerns derive from storage and misuse of the biometric data. Mitigates against risks of potential data matching, surveillance, profiling; interception, data security breaches, identity theft... User retains (local) control and use of their own biometric

28 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. BE Advantages 2. Multiple / cancellable / revocable identifiers BE allows individuals to use one biometric for multiple accounts and identifiers without fear that identifiers will be linked together. If an account identifier becomes compromised, there is less risk that all the other accounts will be compromised, i.e., no need to change one's fingers! BE technologies make possible the ability to change or recompute account identifiers; identifiers can be revoked or cancelled, and substituted for newly generated ones calculated from the same biometric!

29 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. BE Advantages 3. Improved authentication security: stronger binding of user biometric & system identifier Account identifiers are re-computed directly from the biometric, not merely linked to it Results are much stronger account identifiers: –longer, more complex identifiers –no need for user memorization –less susceptible to security attacks Security of BE technology can be augmented by the use of tokens and additional PINs, if needed

30 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. BE Advantages 4. Improved security of personal data and communications Users can take advantage of the convenience and ease of BE technologies to encrypt their own personal or sensitive data. Since the key is one's own biometric, used locally, this technology could place a powerful tool in the hands of individuals This is encryption for the masses, made easy!

31 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. BE Advantages 5. Greater public confidence, acceptance, use and compliance with privacy & data protection laws Public confidence, trust are necessary ingredients for the success of any biometric system deployment. Governance policies and procedures only go so far. Privacy, security and trust should be built directly into the biometric hardware and info system. BE puts biometric data under control and use of the individual, promotes broader acceptance and use of biometrics.

32 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. Biometric Encryption BE Embodies core privacy practices: 1.Data minimization: no retention of biometric image or template, minimizing potential for secondary uses, loss, misuse 2.Maximal individual control: Individuals keep their biometric data private, and can use it to generate or change unique (“anonymous”) account identifiers, and encrypt own data. 3.Improved security: authentication, communication and data security are enhanced.

33 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Biometric ticketing for events; Biometric boarding cards for air travel; Identification, credit and loyalty card systems; “Anonymous” (untraceable) labeling of sensitive records (medical, financial); Consumer biometric payment systems; Access control to personal computing devices; Personal encryption products; Local or remote authentication to access files held by government and other various organizations. Possible Applications and Uses of Biometric Encryption

34 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 1.Small-scale use (personal authentication) 2.Anonymous (untraceable) database (access to hospital records) 3.Travel documents (3-way checks) 4. Biometric Encryption (BE) BE Case Scenarios (from paper)

35 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Three-way-Check in the ePassport Scenario (Philips) — Van der Veen et al, 2006 ID Bio-encrypted key Hashed key Biometric DB KioskBorder control 1. Measure biometric 2. Claim ID 3. Bio-encrypted key 4. Retrieve key1 from live biometric and bio-encrypted key 5. Retrieve key2 from smartcard biometric and bio-encrypted key 6. Hashed key1, key2 7. Match: Hashed key == Hashed key1== Hashed key2

36 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 4. Biometric Encryption IPC Objectives: Stimulate demand for PETs: Bring this biometric technology to attention of public, privacy advocates, policymakers: it is possible and should be considered, even demanded. Stimulate supply of PETs: Encourage research, development and marketization of privacy- enhancing technologies as viable solutions for real- world problems.

37 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 5. Reactions & Follow-Up

38 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 5. Reactions & Follow-Up BE Publication & Distribution Process Pre-publication release, vetting… Press release, website publication, etc. Announced on key listservs (DPAs, biometrics, NPC-l, PETs) Individualized mailouts (physical and electronic) to broad spectrum of public and private stakeholders (government, industry, research, academia, pivacy advocates, consumer groups, etc) Submitted to various fora for review and posting

39 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 5. Reactions & Follow-Up Significant Response and Feedback: Industry: (Philips, IBM, Microsoft, Genkey, Sagem, Bell, VeriTouch, and others) Research/Academic: (U of T, Colorado, Carleton U., Fraunhofer Institute, Bruce Schneier, Kim Cameron, others in Europe, Canada, U.S.) Policymakers: (Government departments and agencies in Ontario, Canada, U.S., EU…)

40 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 5. Reactions & Follow-Up Future work: Stimulate attention and interest in untraceable biometrics, research and development Trumpet BE pilots, success stories Technology-agnostic w.r.t. technique/details Encourage consideration, adoption by policymakers in both public and private sectors Stimulate demand and supply of biometrics PETs Improve BE accuracy, resilience against attacks

41 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 More Information Biometric Encryption: A Positive Sum Technology that Achieves Strong Authentication, Security AND Privacy: www.ipc.on.ca/index.asp?navid=46&fid1=608&fid2=4 and: www.ipc.on.ca/images/Resources/up-1bio_encryp.pdf News Release: www.ipc.on.ca/images/Resources/up- 2007_03_14_bio_encryp.pdf Executive Summary: www.ipc.on.ca/images/Resources/up-bio_encryp_execsum.pdf FAQ: www.ipc.on.ca/index.asp?navid=46&fid1=608&fid2=4

42 © Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Questions? Comments? Fred Carter Senior Policy & Technology Advisor Office of Information & Privacy Commissioner / Ontario 2 Bloor Street East, Suite 1400 Toronto, Ontario, Canada M4W 1A8 Phone: (416) 326-3333 Web: www.ipc.on.ca E-mail: info@ipc.on.ca

Download ppt "© Information and Privacy Commissioner of Ontario, 2006 EBF Research Seminar - 02 Oct 2007 Biometric Encryption: Privacy-Enhancing Technology European."

Similar presentations

Office of the Information and Privacy Commissioner, Ontario, Canada

Office of the Information and Privacy Commissioner, Ontario, Canada
NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.

NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.

Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Www.ipc.on.ca National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy? Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario.

National Security in a Post-9/11 World: The Rise of Surveillance, … the Demise of Privacy? Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario.
Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.

Consumer Authentication in e-Banking & Part 748 – Appendix B Response Program Catherine Yao Information Systems Officer NCUA.
Department of Labor HSPD-12

Department of Labor HSPD-12
Security of eGovernment, European Parliament, Brussels 2013 Max Snijder, Linda Kool, Geert Munnichs L Kool | 1 19 February 2013 Findings from the ePassport.

Security of eGovernment, European Parliament, Brussels 2013 Max Snijder, Linda Kool, Geert Munnichs L Kool | 1 19 February 2013 Findings from the ePassport.
© 2003 IBM Corporation www.ibm.com/security/privacy Preparing for Privacy Society of Internet Professionals January 19, 2004 Nigel Brown Senior Privacy.

© 2003 IBM Corporation Preparing for Privacy Society of Internet Professionals January 19, 2004 Nigel Brown Senior Privacy.
Information Security Policies Larry Conrad September 29, 2009.

Information Security Policies Larry Conrad September 29, 2009.
Security Controls – What Works

Security Controls – What Works
Information Security Policies and Standards

Information Security Policies and Standards
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.

Privacy in Ontario Brian Beamish Office of the Information and Privacy Commissioner/Ontario Presentation to Security Canada Central 2002 International.
Www.ipc.on.ca Biometrics & the Privacy Paradigm: Separating Fact from Fiction Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Security.

Biometrics & the Privacy Paradigm: Separating Fact from Fiction Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Security.
Www.ipc.on.ca Biometrics and The Privacy Paradox Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Privacy & Identity: The Promise & Perils.

Biometrics and The Privacy Paradox Ann Cavoukian, Ph.D. Information & Privacy Commissioner/Ontario Privacy & Identity: The Promise & Perils.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.

Taking Steps to Protect Privacy A presentation to Hamilton-area Physiotherapy Managers by Bob Spence Communications Co-ordinator Office of the Ontario.
Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.

Electronic Banking BY Bahaa Abas Noor abo han. Definition * e-banking is defined as: …the automated delivery of new and traditional banking products and.

Similar presentations

Ads by Google