Cryptology ePrint Archive: Report 2020/1381

PBio: Enabling Cross-organizational Biometric Authentication Service through Secure Sharing of Biometric Templates

Jia-Chng Loh and Geong-Sen Poh and Jason H. M. Ying and Jia Xu and Hoon Wei Lim and Jonathan Pan and Weiyang Wong

Abstract: Prior works in privacy-preserving biometric authentication mostly focus on the following setting. An organization collects users' biometric data during registration and later authorized access to the organization services after successful authentication. Each organization has to maintain its own biometric database. Similarly each user has to release her biometric information to multiple organizations; Independently, government authorities are making their extensive, nation-wide biometric database available to agencies and organizations, for countries that allow such access. This will enable organizations to provide authentication without maintaining biometric databases, while users only need to register once. However privacy remains a concern. We propose a privacy-preserving system, PBio, for this new setting. The core component of PBio is a new protocol comprising distance recoverable encryption and secure distance computation. We introduce an encrypt-then-split mechanism such that each of the organizations holds only an encrypted partial biometric database. This minimizes the risk of template reconstruction in the event that the encrypted partial database is recovered due to leak of the encryption key. PBio is also secure even when the organizations collude. A by-product benefit is that the use of encrypted partial templates allows quicker rejection for non-matching instances. We implemented a cloud-based prototype with desktop and Android applications. Our experiment results based on real remote users show that PBio is highly efficient. A round-trip authentication takes approximately 74ms (desktop) and 626ms (Android). The computation and communication overhead introduced by our new cryptographic protocol is only about 10ms (desktop) and 54ms (Android).

Category / Keywords: cryptographic protocols / Applications, authentication protocols, secure computation, functional encryption

Date: received 3 Nov 2020

Contact author: jasonlohjc at gmail com,geongsen@gmail com

Available format(s): PDF | BibTeX Citation

Version: 20201110:123229 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]