Paper 2016/484

Ghostshell: Secure Biometric Authentication using Integrity-based Homomorphic Evaluations

Jung Hee Cheon, HeeWon Chung, Myungsun Kim, and Kang-Won Lee


Biometric authentication methods are gaining popularity due to their convenience. For an authentication without relying on trusted hardwares, biometrics or their hashed values should be stored in the server. Storing biometrics in the clear or in an encrypted form, however, raises a grave concern about biometric theft through hacking or man-in-the middle attack. Unlike ID and password, once lost biometrics cannot practically be replaced. Encryption can be a tool for protecting them from theft, but encrypted biometrics should be recovered for comparison. In this work, we propose a secure biometric authentication scheme, named Ghostshell, in which an encrypted template is stored in the server and then compared with an encrypted attempt \emph{without} decryption. The decryption key is stored only in a user's device and so biometrics can be kept secret even against a compromised server. Our solution relies on a somewhat homomorphic encryption (SHE) and a message authentication code (MAC). Because known techniques for SHE is computationally expensive, we develop a more practical scheme by devising a significantly efficient matching function exploiting SIMD operations and a one-time MAC chosen for efficient homomorphic evaluations (of multiplication depth 2). When applied to Hamming distance matching on 2400-bit irises, our implementation shows that the computation time is approximately 0.47 and 0.1 seconds for the server and the user, respectively.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Biometric authenticationHomomorphic encryptionMAC
Contact author(s)
msunkim @ suwon ac kr
2016-05-20: received
Short URL
Creative Commons Attribution


      author = {Jung Hee Cheon and HeeWon Chung and Myungsun Kim and Kang-Won Lee},
      title = {Ghostshell: Secure Biometric Authentication using Integrity-based Homomorphic Evaluations},
      howpublished = {Cryptology ePrint Archive, Paper 2016/484},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.