Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
139 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Exploit the Leak: Understanding Risks in Biometric Matchers (2307.13717v5)

Published 25 Jul 2023 in cs.CR and cs.CV

Abstract: In a biometric authentication or identification system, the matcher compares a stored and a fresh template to determine whether there is a match. This assessment is based on both a similarity score and a predefined threshold. For better compliance with privacy legislation, the matcher can be built upon a privacy-preserving distance. Beyond the binary output (yes' orno'), most schemes may perform more precise computations, e.g., the value of the distance. Such precise information is prone to leakage even when not returned by the system. This can occur due to a malware infection or the use of a weakly privacy-preserving distance, exemplified by side channel attacks or partially obfuscated designs. This paper provides an analysis of information leakage during distance evaluation. We provide a catalog of information leakage scenarios with their impacts on data privacy. Each scenario gives rise to unique attacks with impacts quantified in terms of computational costs, thereby providing a better understanding of the security level.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (24)
  1. Masaya Yasuda. Secure hamming distance computation for biometrics using ideal-lattice and ring-lwe homomorphic encryption. Information Security Journal: A Global Perspective, 26(2):85–103, 2017.
  2. Faster secure {{\{{Two-Party}}\}} computation using garbled circuits. In 20th USENIX Security Symposium (USENIX Security 11), 2011.
  3. Foundations of garbled circuits. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 784–796, 2012.
  4. Adaptively attribute-hiding (hierarchical) inner product encryption. In David Pointcheval and Thomas Johansson, editors, Advances in Cryptology – EUROCRYPT 2012, pages 591–608, Berlin, Heidelberg, 2012. Springer Berlin Heidelberg.
  5. Junichi Tomida. Tightly secure inner product functional encryption: Multi-input and function-hiding constructions. Theoretical Computer Science, 833:56–86, 2020.
  6. Security analysis and improvement of some biometric protected templates based on bloom filters. Image and Vision Computing, 58:239–253, 2017.
  7. Security and efficiency analysis of the hamming distance computation protocol based on oblivious transfer. Security and Communication Networks, 8(18):4123–4135, 2015.
  8. A new cryptographic primitive for noise tolerant template security. Pattern Recognition Letters, 80:70–75, 2016.
  9. Obfuscated fuzzy hamming distance and conjunctions from subset product problems. In Dennis Hofheinz and Alon Rosen, editors, Theory of Cryptography, pages 81–110, Cham, 2019. Springer International Publishing.
  10. Property-preserving hash functions for hamming distance from standard assumptions. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 764–781. Springer, 2022.
  11. Fundamentals of error-correcting codes. Cambridge university press, 2010.
  12. A fuzzy vault scheme. Designs, Codes and Cryptography, 38:237–257, 2006.
  13. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM journal on computing, 38(1):97–139, 2008.
  14. Computational fuzzy extractors. Information and Computation, 275:104602, 2020.
  15. Leaking secrets in homomorphic encryption with side-channel attacks. Cryptology ePrint Archive, Paper 2023/1128, 2023. https://eprint.iacr.org/2023/1128.
  16. Time is money, friend! timing side-channel attack against garbled circuit constructions. Cryptology ePrint Archive, 2023.
  17. On the leakage of information in biometric authentication. In International Conference on Cryptology in India, pages 265–280. Springer, 2014.
  18. A framework for analyzing template security and privacy in biometric authentication systems. IEEE Transactions on Information Forensics and Security, 7:833–841, 2012.
  19. Syndrome decoding estimator. In IACR International Conference on Public-Key Cryptography, pages 112–141. Springer, 2022.
  20. Functional encryption for inner product with full function privacy. In Public-Key Cryptography–PKC 2016: 19th IACR International Conference on Practice and Theory in Public-Key Cryptography, Taipei, Taiwan, March 6-9, 2016, Proceedings, Part I, pages 164–195. Springer, 2016.
  21. Function-hiding inner product encryption is practical. In International Conference on Security and Cryptography for Networks, pages 544–562. Springer, 2018.
  22. An analysis of minutiae matching strength. In Josef Bigun and Fabrizio Smeraldi, editors, Audio- and Video-Based Biometric Person Authentication, pages 223–228, Berlin, Heidelberg, 2001. Springer Berlin Heidelberg.
  23. George Lasry. A methodology for the cryptanalysis of classical ciphers with search metaheuristics. kassel university press GmbH, 2018.
  24. The coupon collector’s problem. MATerials MATemàtics, 2014:35, 05 2014.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now