prev

next

of 29

Published on

01-Jan-2016View

13Download

0

Embed Size (px)

DESCRIPTION

Anonymous Biometrics: Privacy Protection of Biometric Templates. Pim Tuyls , E. Verbitskiy, D. Denteneer, J.P. Linnartz, J. Goseling, T. Ignatenko Pim.Tuyls@philips.com Philips Research Eindhoven The Netherlands. Overview. Introduction Challenge Literature and Related Topic - PowerPoint PPT Presentation

Transcript

Anonymous Biometrics:

Privacy Protection of Biometric Templates Pim Tuyls, E. Verbitskiy, D. Denteneer, J.P. Linnartz, J. Goseling, T. Ignatenko Pim.Tuyls@philips.comPhilips Research EindhovenThe Netherlands

*

Overview

Introduction Challenge Literature and Related Topic Information-Theoretic model Secrecy Extractor Requirements Bounds Examples General Theory Experiments Summary

*

IntroductionBiometric Identification (fingerprints, iris, speech) is often used to identify people is often part of a security system uses databases containing Ref. Information (Templates)Advantages

Convenience can not be lost or forgotten

easy to use Uniqueness unique for a human being

Offers therefore a very attractive alternative to e.g. passwords

*

Risks Forgeability Impersonation by Artificial Biometrics

Once Compromised Compromised Forever-Theft of Identity (Stolen Biometrics)

Sensitive Information Fingerprints contain Genetic Information Retina reveals susceptibility for Strokes and Diabetes

Additional Problem- Noisy: Biometric data are obtained through noisy measurements

PRIVACY

*

ARCHITECTURE ASSUMPTIONS Database public Channel public Sensor trusted ATTACKS

Outside (on database) Eavesdropping of Communications Inside (on database): Malicious owner (Verifier) Fingerprints left on glasses, door handles (not discussed today)DatabaseSensorTemplateChannel

*

Possible Constructions:- Encryption (implies a decryption key at verifier site)- One-Way Function

Idea: Build a scheme similar to the one used for passwordprotection

Solution

Secure Storage of Biometric Templates, Against Outside and Inside Attacks Secure Communication over the Channel (prevent eavesdropping)

*

CHALLENGE: Integration of Cryptographic Techniques with Noisy Inputs

One-Way Functions are very sensitive to small changes in the input data

*

Literature Schneier Davida, Frankel and Matt, (Private biometrics) Juels and Wattenberg (Fuzzy Commitment) Ratha, Connell, Bolle (Cancelable Biometrics) Juels, Sudan (fuzzy vault) Linnartz, Tuyls (Shielding functions, AVBPA 2003) Verbitskiy, Tuyls, Denteneer and Linnartz (Benelux 2003) Goseling, Tuyls submitted to ISIT2004Related Topic- Biometric Key Generation (Soutar)

*

Information Theoretic Model Biometrics Xn are modeled as random variables with distribution(enrollment)

Authentication measurements Yn, modeled as observations through a noisy channel

*

Secrecy ExtractorGenerate Common Secret S from Xn and Yn (Common Randomness)Helper data W

Database: ID, W, F(S)matchingFFGGEXACT MATCH: F(S)=F(S)?EnrollmentAuthenticationF(S)

*

TerminologyA functionis called a-contracting function: if for all X there exist a W s.t probabilistic

norm

Versatile function:for all S0,1k and all XRn, there exists avector WRm such that:-Revealing function:

*

Requirements

A reliable biometric authentication system thatprotects privacy has to satisfy the followingrequirements: -contracting Versatile -revealing: Correctness:

Protection against a dishonest verifier who hasAccess to the database (compare with passwords)

*

ImplicationsProposition 1: If W is constant, i.e. G(Y,W)=C(Y) then either=0, or G(Y,W) is a constant independent of Y.

Corollary: In order to have a robust, versatile function G=G(X,W), W must depend on X

*

ImplicationsProposition 2 :Let S be a binary string derived from X and Yby communicating helper data W as describedin the protocol:

Extends also to the continuous case!(Approximation argument)

*

EXAMPLESThree kinds of proposed schemes: Based on Quantized Index Modulation Error Correcting Code-scheme Significant Components

*

Example: Significant ComponentsAssumption:

Orthogonal Transformation (Fisher, PCA):Define:where i are orthonormal vectorsTheorem (Fisher, PCA): The i can be constructed such that they are independent, normally distributed random variableswith zero mean

*

The Scheme I: RobustnessIdea: Select -components with large absolute valuesto guarantee robustness to noise

Choose a small positive number and define

Theorem: Let be the fraction of average numberof large comps then, if there is a sufficient amountof energy in the system, is large, moreover

*

The Scheme II: VersatilityVersatility:Given si, search for index ij such that: (feasibility)

The set of feasible secrets:

Theorem:If k=1n with 1=/10, then with large probability is a large set

*

The Scheme III: Helper DataGiven a secret S=(s1,,sk) the helper data W is determined. W picks up the correct components of X in -basis

Helper data: W(X) is a kn matrix, its j-th row isgiven by

-contracting function:

*

Information RevealingTheorem:The proposed scheme is zero-revealing:

Moreover,

*

General ConstructionSEC: Tuple of encoding regions (SEC: Secure Extraction Code)

such that,

is the collection of SECs s.t.

*

Secure Biometric Authentication Scheme (SBA)Enrollment measurement XnSelect a code in W indicates the selected codeThe Secret S is index of that coding region where Xn belongs to

A One-Way Function F is applied to S.W and F(S) are stored in the database together with the Id.ENCDEC123

*

Authentication:

An individual makes an Id claim W and is sent to the decoder The SEC C(W) is used to derive the secret as follows,

F(S) is computed Check: F(S)=F(S)

This construction achieves the earlier mentioned capacities at the same time (Asymptotically)!

*

Experiments- Biometric: Measuring the headphone-to-ear-canal-Transfer Functions First dataset: 45 Individuals, 8 Measurements per person Second dataset: 65 Individuals, 8 Measurements per person

6 Measurements for training, 2 for authentication Tested scheme: significant components FRR decreases as increases FAR decreases as secret length increases Secret length decreases as increases

*

Ear canal Biometrics = Headphone-to-Ear Transfer FunctionWhite noiseError H(z)W(z)+

*

Headphone-to-Ear Transfer Function: 1 ear, population (45x8)

*

Results: Principal Component TransformFirst dataset

*

Second datasetCombination of schemes

*

SummaryWe have described a general set-up and examples for biometric authentication/keygeneration schemes that satisfy the followingproperties:- Robust to noise- Versatile- Zero-revealing- Privacy protection