Paper 2020/1381
PBio: Enabling Cross-organizational Biometric Authentication Service through Secure Sharing of Biometric Templates
Jia-Chng Loh, Geong-Sen Poh, Jason H. M. Ying, Jia Xu, Hoon Wei Lim, Jonathan Pan, and Weiyang Wong
Abstract
Prior works in privacy-preserving biometric authentication mostly focus on the following setting. An organization collects users' biometric data during registration and later authorized access to the organization services after successful authentication. Each organization has to maintain its own biometric database. Similarly each user has to release her biometric information to multiple organizations; Independently, government authorities are making their extensive, nation-wide biometric database available to agencies and organizations, for countries that allow such access. This will enable organizations to provide authentication without maintaining biometric databases, while users only need to register once. However privacy remains a concern. We propose a privacy-preserving system, PBio, for this new setting. The core component of PBio is a new protocol comprising distance recoverable encryption and secure distance computation. We introduce an encrypt-then-split mechanism such that each of the organizations holds only an encrypted partial biometric database. This minimizes the risk of template reconstruction in the event that the encrypted partial database is recovered due to leak of the encryption key. PBio is also secure even when the organizations collude. A by-product benefit is that the use of encrypted partial templates allows quicker rejection for non-matching instances. We implemented a cloud-based prototype with desktop and Android applications. Our experiment results based on real remote users show that PBio is highly efficient. A round-trip authentication takes approximately 74ms (desktop) and 626ms (Android). The computation and communication overhead introduced by our new cryptographic protocol is only about 10ms (desktop) and 54ms (Android).
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- Applicationsauthentication protocolssecure computationfunctional encryption
- Contact author(s)
-
jasonlohjc @ gmail com
geongsen @ gmail com - History
- 2020-11-10: received
- Short URL
- https://ia.cr/2020/1381
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/1381, author = {Jia-Chng Loh and Geong-Sen Poh and Jason H. M. Ying and Jia Xu and Hoon Wei Lim and Jonathan Pan and Weiyang Wong}, title = {{PBio}: Enabling Cross-organizational Biometric Authentication Service through Secure Sharing of Biometric Templates}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/1381}, year = {2020}, url = {https://eprint.iacr.org/2020/1381} }