This document summarizes a research presentation on privacy-preserving biometrics-based authentication. It outlines the challenges with traditional biometrics schemes, including security and privacy concerns when biometric templates and identifiers are stored. The proposed approach generates unique, repeatable and revocable biometric identifiers (BIDs) using image hashing, classification and error correction. It also describes a user-centric, privacy-preserving authentication protocol using these BIDs and zero-knowledge proofs to authenticate users without revealing sensitive biometric data. Performance analysis shows the approach can generate commitments and run the authentication protocol efficiently. The work aims to address privacy and security issues while enabling convenient biometric authentication.

1. Department of Computer Science
Privacy Preserving Biometrics-Based and
User Centric Authentication Protocol
Hasini Gunasinghe and Elisa Bertino
NSS 2014

2. Department of Computer Science
Agenda
 Problem Overview
 Challenges in biometrics based authentication schemes
 Our approach
 Generating unique, repeatable and revocable BID
 Securing the BID with cryptographic commitment
 Privacy preserving authentication protocol
 Security and performance analysis
 Future work
NSS 2014

3. Department of Computer Science
Problem Overview
NSS 2014
What You Know What You Have
 Commonly used authentication factors
 Stolen passwords/tokens lead to identity theft
 Multiple passwords/tokens
 Inconvenient to users

4. Department of Computer Science
Problem Overview
NSS 2014

5. Department of Computer Science
Problem Overview
NSS 2014
Strong Authentication Factor: Biometrics  Represents who you are.
 Unique, Universal, Permanent and
Collectable.
 First known use in criminal division
of the police department in Paris –
introduced by A. Bertillon.
 Since then, many applications in
commercial, government and
forensic.
 Convenient and secure for users.
Still, it is not widely adapted in critical applications
such as online banking. Why?

6. Department of Computer Science
Challenges in biometrics based authentication:
 Inherited characteristics of biometrics
 Security concerns
 Privacy concerns
Problem Overview
NSS 2014

7. Department of Computer Science
Inherited Characteristics of
Biometrics
Desired Characteristics of
Biometrics Based Identifier
Uniqueness & Unforgeability Uniqueness & Unforgeability
Non-Repeatability Repeatability
Non-Revocability Revocability
Challenges in biometrics based authentication:
 Inherited vs desired characteristics:
Problem Overview
NSS 2014

8. Department of Computer Science
Challenges in biometrics based authentication:
 Security Concerns:
 Biometric templates are stored at the server during enrollment.
 Extracted biometric features are stored in smart cards to be
used during authentication.
e.g: In the Schiphol Privium scheme at the Amsterdam airport, Iris code stored is
in the smart card.
 Breach of security of template databases/smart cards/user-
devices can cause permanent loss of one’s biometric identity.
Problem Overview
NSS 2014

9. Department of Computer Science
Challenges in biometrics based authentication:
 Privacy Concerns of authentication protocols:
Problem Overview
NSS 2014
 Biometric identity stored at
multiple service providers.
 Different proprietary protocols.
verifies biometric
at login
SP2
SP3
SPspecificprotocols
IDP-centricprotocol
4) verifies biometric
3/5).verification
req/resp
1) enrolls biometric
SP1
IDP
SP2
 IDP learns user’s interaction patterns
with different SPs.
 Revealing BID during authentication.
enrolls biometric
at signup
SP1

10. Department of Computer Science
Addresses each of the above issues and provides better solutions.
1. Generates unique, repeatable and revocable BIDs.
2. Defines privacy preserving identity management protocol:
 Involves zero-knowledge-proof-of-knowledge.
 User-centric.
Our Approach
NSS 2014

11. Department of Computer Science
Overview:
Our Approach
NSS 2014
authenticate using
biometric identity token
enrolls biometric
obtains Identity Token
SP1
SP2
SP3
User-centricprotocol
 No interaction between IDP and SP(s).
 Biometric template is not stored anywhere.

12. Department of Computer Science
1. Generating BID:
Our Approach
NSS 2014
Image
Hashing
Algorithm
Trained
SVM
Classifier
Biometric
image
Hash
vector
Predicted
class label
(32 bits)
+
Password
based key
generation
User-provided
password
Key 1 (128 bits)
BID
Key steps:
1. Feature extraction, image hashing mechanism
2. Training SVM classifier
3. Obtaining classification output
4. Password based key generation
(160 bits)

13. Department of Computer Science
Our Approach
NSS 2014
1. Generating BID: Results
 P-Hash – feature
extraction mechanism
used in our approach.
 SVD-Hash – feature
extraction mechanism
used in previous work
[Bhargav-Spantzel et al.
‘2010].

14. Department of Computer Science
Our Approach
NSS 2014
1. Generating BID: Extended approach with Error Correction Code
 Enrolment phase: Error Correction Encoding:
 Authentication phase: Error Correction Decoding:
Image
Hashing
Algorithm
Trained SVM
Classifier
Biometric
image
Hash
vector
Predicted
class label
+
Password based key generation
User-provided
password
Key 1
BID
Hadamard
ECC encoding
Key 2
Error Correction
Metadata
Image
Hashing
Algorithm
Trained
SVM
Classifier
Biometric
image
Hash
vector
Predicted
class label +
Password based key generation
User-provided
password
Key 1
BIDHadamard
ECC
decoding
Key 2
Error corrected
Hash vector
Error Correction
Metadata

15. Department of Computer Science
Our Approach
NSS 2014
1. Generating BID: Results with ECC
 Both accuracy and overhead increase with the Hadamard Code
length used for error correction.
 Recommended Hadamard Error Correction Code is 16 bits.
 Improves repeatability of the BID.
 Secure error correction mechanism introduced by Kande et al.
‘2009.

16. Department of Computer Science
We covered so far – in key aspects of our approach:
Our Approach
NSS 2014
 Generating unique, repeatable and revocable BIDs.
 Extended approach with ECC to improve repeatability.
 Privacy preserving identity management protocol:
1. Involves zero-knowledge-proof-of-knowledge.
2. User-centric.

17. Department of Computer Science
3. Privacy preserving identity management protocol: Enrollment
Our Approach
NSS 2014
Biometric
image
Hash Vector
R=
Commitment: C = gxhr
Biometric
IDT
Perceptual Hash
Train Support Vector Machine
Trained Base SVM
P-Hash
Customize
SVM
Single Label Classification Hash Vector
Digitally Signed by IDP
X = BID

18. Department of Computer Science
Our Approach
NSS 2014
3. Privacy preserving identity management protocol: Enrollment
 Elements included in the identity token:
 Commitment string
 Expiration time stamp
 From, To fields (to prevent attacks on ZKPK protocol by SP)
 Digital signature
 Public parameters of the Pedersen commitment scheme

19. Department of Computer Science
Our Approach
NSS 2014
3. Privacy preserving identity management protocol: Enrollment
 Artifacts provided to the User: (stored in the TEE of user’s device)
 Identity Token
 Trained and customized SVM classifier.
 BID generation software.
 Salt value used for PBKDF.
 Error correction meta-data.

20. Department of Computer Science
Our Approach
NSS 2014
3. Privacy preserving identity management protocol: Authentication
Biometric
image
Hash Vector
P-Hash
Customized SVM
Single Label Classification
R’=
Commitment:
C’ = gx’hr’
X’ = BID
Authentication Request
Biometric
IDT
d = gyhs
Zero Knowledge Proof of Knowledge Protocol
Service
Provider
User Service Provider
challenge: e
u=y+ex, v=s+er
success if Ced = guhv

21. Department of Computer Science
Summary: Performance
Performance measure Value
Computing perceptual hash 0.0105 (s)
Training Classifier 8 (s) [with 400 training instances]
Predicting from trained classifier 0.013 (s)
Creating commitment 0.003038 (s)
Zero Knowledge Proof (without
network delay)
0.00763 (s)
Hardware Configurations:
 CPU: Intel Core i7-3537U
 Memory: 5GB RAM
 OS: Ubuntu 13.4 OS
Our Approach
NSS 2014

22. Department of Computer Science
Security Analysis:
 Confidentiality of sensitive data is preserved:
 Biometric image, P-Hash vector, BID are not stored anywhere.
 Secrets are derived from the user’s password.
 Zero Knowledge Proof of Knowledge protocol:
 Biometric information not revealed at any point.
 MITM attacks carried out by SP are prevented.
 Identity token provides ownership assurance and avoids
impersonation.
 Enables revocation of the biometric based identity tokens.
Our Approach
NSS 2014

23. Department of Computer Science
We covered so far:
Our Approach
NSS 2014
 Generating unique, repeatable and revocable BIDs.
 Extended approach with ECC to improve repeatability.
 Privacy preserving identity management protocol:
 with zero-knowledge-proofs.
 User-centric identity management
 Performance and Security Analysis

24. Department of Computer Science
Future Work
 Experimenting on other biometric traits.
 Privacy preserving biometrics based authentication based
on distance matching:
• Homomorphic Encryption
• Garbled circuits
 Multi-modal biometrics for authentication.

25. Department of Computer Science
Q & A

26. Department of Computer Science
Thank You…