The increasing use of biometrics has given rise to new privacy concerns. Biometric encryption systems have been proposed in order to alleviate such concerns: rather than comparing the biometric data directly, a key is derived from these data and subsequently knowledge of this key is proved. One specific application of biometric encryption is the use of biometric sketches: in this case biometric template data are protected with biometric encryption. We address the question whether one can undermine a user's privacy given access to biometrically encrypted documents, and more in particular, we examine if an attacker can determine whether two documents were encrypted using the same biometric. This is a particular concern for biometric sketches that are deployed in multiple locations: in one scenario the same biometric sketch is deployed everywhere; in a second scenario the same biometric data is protected with two different biometric sketches. We present attacks on template protection schemes that can be described as fuzzy sketches based on error-correcting codes. We demonstrate how to link and reverse protected templates produced by code-offset and bit-permutation sketches.
In this paper we analyze the vulnerabilities of biometric authentication protocols with respect to user and data privacy. The goal of an adversary in such context is not to bypass the authentication but to learn information either on biometric data or on users that are in the system. We elaborate our analysis on a general system model involving four logical entities (sensor, server, database and matcher), and we focus on internal adversaries to encompass the situation where one or a combination of these entities would be malicious. Our goal is to emphasize that when going beyond the usual honest-but-curious assumption much more complex attacks can affect the privacy of data and users. On the one hand, we introduce a new comprehensive framework that encompasses the various schemes we want to look at. It presents a system model in which each internal entity or combination of entities is a potential attacker. Different attack goals are considered and resulting requirements on data flows are discussed. On the other hand, we develop different generic attacks. We follow a blackbox approach in which we consider components that perform operations on biometric data but where only the input/output behavior is analyzed. These attack strategies are exhibited on recent schemes such as the distributed protocol of Bringer et al. (ACISP 2007), which is based on the Goldwasser-Micali cryptosystem, the related protocol of Barbosa et al. (ACISP 2008), which uses the Paillier cryptosystem, and the scheme of Stoianov (SPIE 2010), that features the Blum-Goldwasser cryptosystem. All these schemes have been developed in the honest-but-curious adversary model and show potential weaknesses when considered in our malicious insider attack model.
Traditional criteria used in biometric performance evaluation do not cover all the performance aspects of biometric template protection (BTP) and the lack of well-defined metrics inhibits the proper evaluation of such methods. Previous work in the literature focuses, in general, on a limited set of criteria and methods. This paper provides the first holistic approach to the evaluation of biometric template protection that is able to cover a whole range of methods. We present a selection of well-defined criteria and some metrics that are compliant with the reference architecture for template protection as defined in the recently adopted standard ISO/IEC 24745 (2011), which is applicable to nearly all known BTP methods. The criteria have been grouped in three categories of performance: technical, protection, and operational.
We investigate generic methods to find near-collisions in cryptographic hash functions. We introduce a new generic approach based on methods to find cycles in the space of codewords of a code with low covering radius. We give an analysis of our approach and demonstrate it on the SHA-3 candidate TIB3.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2025 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.