This document summarizes a research presentation on privacy-preserving biometrics-based authentication. It outlines the challenges with traditional biometrics schemes, including security and privacy concerns when biometric templates and identifiers are stored. The proposed approach generates unique, repeatable and revocable biometric identifiers (BIDs) using image hashing, classification and error correction. It also describes a user-centric, privacy-preserving authentication protocol using these BIDs and zero-knowledge proofs to authenticate users without revealing sensitive biometric data. Performance analysis shows the approach can generate commitments and run the authentication protocol efficiently. The work aims to address privacy and security issues while enabling convenient biometric authentication.
1. Department of Computer Science
Privacy Preserving Biometrics-Based and
User Centric Authentication Protocol
Hasini Gunasinghe and Elisa Bertino
NSS 2014
2. Department of Computer Science
Agenda
Problem Overview
Challenges in biometrics based authentication schemes
Our approach
Generating unique, repeatable and revocable BID
Securing the BID with cryptographic commitment
Privacy preserving authentication protocol
Security and performance analysis
Future work
NSS 2014
3. Department of Computer Science
Problem Overview
NSS 2014
What You Know What You Have
Commonly used authentication factors
Stolen passwords/tokens lead to identity theft
Multiple passwords/tokens
Inconvenient to users
5. Department of Computer Science
Problem Overview
NSS 2014
Strong Authentication Factor: Biometrics Represents who you are.
Unique, Universal, Permanent and
Collectable.
First known use in criminal division
of the police department in Paris –
introduced by A. Bertillon.
Since then, many applications in
commercial, government and
forensic.
Convenient and secure for users.
Still, it is not widely adapted in critical applications
such as online banking. Why?
6. Department of Computer Science
Challenges in biometrics based authentication:
Inherited characteristics of biometrics
Security concerns
Privacy concerns
Problem Overview
NSS 2014
7. Department of Computer Science
Inherited Characteristics of
Biometrics
Desired Characteristics of
Biometrics Based Identifier
Uniqueness & Unforgeability Uniqueness & Unforgeability
Non-Repeatability Repeatability
Non-Revocability Revocability
Challenges in biometrics based authentication:
Inherited vs desired characteristics:
Problem Overview
NSS 2014
8. Department of Computer Science
Challenges in biometrics based authentication:
Security Concerns:
Biometric templates are stored at the server during enrollment.
Extracted biometric features are stored in smart cards to be
used during authentication.
e.g: In the Schiphol Privium scheme at the Amsterdam airport, Iris code stored is
in the smart card.
Breach of security of template databases/smart cards/user-
devices can cause permanent loss of one’s biometric identity.
Problem Overview
NSS 2014
9. Department of Computer Science
Challenges in biometrics based authentication:
Privacy Concerns of authentication protocols:
Problem Overview
NSS 2014
Biometric identity stored at
multiple service providers.
Different proprietary protocols.
verifies biometric
at login
SP2
SP3
SPspecificprotocols
IDP-centricprotocol
4) verifies biometric
3/5).verification
req/resp
1) enrolls biometric
SP1
IDP
SP2
IDP learns user’s interaction patterns
with different SPs.
Revealing BID during authentication.
enrolls biometric
at signup
SP1
10. Department of Computer Science
Addresses each of the above issues and provides better solutions.
1. Generates unique, repeatable and revocable BIDs.
2. Defines privacy preserving identity management protocol:
Involves zero-knowledge-proof-of-knowledge.
User-centric.
Our Approach
NSS 2014
11. Department of Computer Science
Overview:
Our Approach
NSS 2014
authenticate using
biometric identity token
enrolls biometric
obtains Identity Token
SP1
SP2
SP3
User-centricprotocol
No interaction between IDP and SP(s).
Biometric template is not stored anywhere.
13. Department of Computer Science
Our Approach
NSS 2014
1. Generating BID: Results
P-Hash – feature
extraction mechanism
used in our approach.
SVD-Hash – feature
extraction mechanism
used in previous work
[Bhargav-Spantzel et al.
‘2010].
15. Department of Computer Science
Our Approach
NSS 2014
1. Generating BID: Results with ECC
Both accuracy and overhead increase with the Hadamard Code
length used for error correction.
Recommended Hadamard Error Correction Code is 16 bits.
Improves repeatability of the BID.
Secure error correction mechanism introduced by Kande et al.
‘2009.
16. Department of Computer Science
We covered so far – in key aspects of our approach:
Our Approach
NSS 2014
Generating unique, repeatable and revocable BIDs.
Extended approach with ECC to improve repeatability.
Privacy preserving identity management protocol:
1. Involves zero-knowledge-proof-of-knowledge.
2. User-centric.
17. Department of Computer Science
3. Privacy preserving identity management protocol: Enrollment
Our Approach
NSS 2014
Biometric
image
Hash Vector
R=
Commitment: C = gxhr
Biometric
IDT
Perceptual Hash
Train Support Vector Machine
Trained Base SVM
P-Hash
Customize
SVM
Single Label Classification Hash Vector
Digitally Signed by IDP
X = BID
18. Department of Computer Science
Our Approach
NSS 2014
3. Privacy preserving identity management protocol: Enrollment
Elements included in the identity token:
Commitment string
Expiration time stamp
From, To fields (to prevent attacks on ZKPK protocol by SP)
Digital signature
Public parameters of the Pedersen commitment scheme
19. Department of Computer Science
Our Approach
NSS 2014
3. Privacy preserving identity management protocol: Enrollment
Artifacts provided to the User: (stored in the TEE of user’s device)
Identity Token
Trained and customized SVM classifier.
BID generation software.
Salt value used for PBKDF.
Error correction meta-data.
20. Department of Computer Science
Our Approach
NSS 2014
3. Privacy preserving identity management protocol: Authentication
Biometric
image
Hash Vector
P-Hash
Customized SVM
Single Label Classification
R’=
Commitment:
C’ = gx’hr’
X’ = BID
Authentication Request
Biometric
IDT
d = gyhs
Zero Knowledge Proof of Knowledge Protocol
Service
Provider
User Service Provider
challenge: e
u=y+ex, v=s+er
success if Ced = guhv
21. Department of Computer Science
Summary: Performance
Performance measure Value
Computing perceptual hash 0.0105 (s)
Training Classifier 8 (s) [with 400 training instances]
Predicting from trained classifier 0.013 (s)
Creating commitment 0.003038 (s)
Zero Knowledge Proof (without
network delay)
0.00763 (s)
Hardware Configurations:
CPU: Intel Core i7-3537U
Memory: 5GB RAM
OS: Ubuntu 13.4 OS
Our Approach
NSS 2014
22. Department of Computer Science
Security Analysis:
Confidentiality of sensitive data is preserved:
Biometric image, P-Hash vector, BID are not stored anywhere.
Secrets are derived from the user’s password.
Zero Knowledge Proof of Knowledge protocol:
Biometric information not revealed at any point.
MITM attacks carried out by SP are prevented.
Identity token provides ownership assurance and avoids
impersonation.
Enables revocation of the biometric based identity tokens.
Our Approach
NSS 2014
23. Department of Computer Science
We covered so far:
Our Approach
NSS 2014
Generating unique, repeatable and revocable BIDs.
Extended approach with ECC to improve repeatability.
Privacy preserving identity management protocol:
with zero-knowledge-proofs.
User-centric identity management
Performance and Security Analysis
24. Department of Computer Science
Future Work
Experimenting on other biometric traits.
Privacy preserving biometrics based authentication based
on distance matching:
• Homomorphic Encryption
• Garbled circuits
Multi-modal biometrics for authentication.