Secure hamming distance based biometric authentication

Kulkarni, R. V.; Namboodiri, Anoop

doi:10.1109/icb.2013.6613008

Cited by 13 publications

(5 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Kulkarni et al propose a biometric authentication scheme based on iris matching. Their scheme uses the somewhat homomorphic encryption scheme of Boneh et al .…”

Section: Related Workmentioning

confidence: 99%

“…We now apply the proposed attack as a practical example on biometric authentication systems with full success. Note that the matching procedure for fingerprint, palm print, or iris actually measures the Hamming distance between the two bit‐strings X and Y that encode the biometric sample and template (e.g., ).…”

Section: Security and Efficiency Analyses Of The Protocol By Bringer mentioning

confidence: 99%

See 1 more Smart Citation

Security and efficiency analysis of the Hamming distance computation protocol based on oblivious transfer

Kiraz

Genç

Kardaş

2015

Security Comm Networks

View full text Add to dashboard Cite

Abstract-In Financial Cryptography 2013, Bringer, Chabanne and Patey proposed two cryptographic protocols for the computation of Hamming distance in the two-party setting. Their first scheme uses Oblivious Transfer and provides security in the semi-honest model. The other scheme uses Committed Oblivious Transfer (COT) and is claimed to provide full security in the malicious case. The proposed protocols have direct implications to biometric authentication schemes between a prover and a verifier where the verifier has biometric data of the users in plain form.In this paper, we show that their protocol against malicious adversaries is not actually secure. Namely, we show a generic attack such that a malicious user can compute a Hamming distance which is different from the actual value. For biometric authentication systems, this attack allows a malicious adversary to pass the authentication without knowledge of the honest user's input with at most O(n) complexity instead of O(2 n ), where n is the input length. We propose an enhanced version of their protocol where this attack is eliminated. The security of our modified protocol is proved using simulation-based paradigm. Also as for efficiency concerns, the modified protocol utilizes Verifiable Oblivious Transfer (VOT) which excludes the commitments to outputs (as they exist in COT). We show that the use of VOT does not reduce the security of the protocol but improves the efficiency significantly.

show abstract

“…Kulkarni et al propose a biometric authentication scheme based on iris matching. Their scheme uses the somewhat homomorphic encryption scheme of Boneh et al .…”

Section: Related Workmentioning

confidence: 99%

Section: Security and Efficiency Analyses Of The Protocol By Bringer mentioning

confidence: 99%

Security and efficiency analysis of the Hamming distance computation protocol based on oblivious transfer

Kiraz

Genç

Kardaş

2015

Security Comm Networks

View full text Add to dashboard Cite

show abstract

“…There are also some works on secure Hamming distance calculation by using cryptographic primitives [64,[66][67][68]. These papers, however, limit the scope of their works only to secure Hamming distance calculation.…”

Section: Modern Cryptography For Biometricsmentioning

confidence: 99%

“…Kulkarni et al [64] propose a biometric authentication system based on somewhat homomorphic encryption scheme of Boneh et al [65], which allows an arbitrary number of addition of ciphertexts, but supports only one multiplication operation between the ciphertexts. Although the values stored on the enrollment server are the XORed values of the biometric template vector with the corresponding user's key, the user first extracts and sends her biometric features to the trusted enrollment server.…”

Section: Modern Cryptography For Biometricsmentioning

confidence: 99%

“…Kulkarni et al 's system [64] requires 58 s at the server side, 10 ms at the user side, and 400 Kbit bandwidth usage for authentication of single user with 2048-bit binary feature vector at 3.2 GHz. Our proposed system requires 6146 ms at the server side, 2051 ms at the user side, and 6296 Kbit bandwidth usage for the same authentication setup.…”

Section: Complexity Analysis Of the Proposed Systemmentioning

confidence: 99%

See 1 more Smart Citation

THRIVE: threshold homomorphic encryption based secure and privacy preserving biometric verification system

Karabat

Kiraz

Erdoğan

et al. 2015

EURASIP J. Adv. Signal Process.

View full text Add to dashboard Cite

In this paper, we introduce a new biometric verification and template protection system which we call THRIVE. The system includes novel enrollment and authentication protocols based on threshold homomorphic encryption where a private key is shared between a user and a verifier. In the THRIVE system, only encrypted binary biometric templates are stored in a database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during authentication. Due to the underlying threshold homomorphic encryption scheme, a malicious database owner cannot perform full decryption on encrypted templates of the users in the database. In addition, security of the THRIVE system is enhanced using a two-factor authentication scheme involving user's private key and biometric data. Using simulation-based techniques, the proposed system is proven secure in the malicious model. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form, but needs to prove her identity by using biometrics. The system can be used with any biometric modality where a feature extraction method yields a fixed size binary template and a query template is verified when its Hamming distance to the database template is less than a threshold. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biometric templates on a desktop PC running with quad core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real-life applications.

show abstract

Privacy-Preserving Biometric Authentication and Matching via Lattice-Based Encryption

Patsakis

Rest

Choraś

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Secure hamming distance based biometric authentication

Cited by 13 publications

References 19 publications

Security and efficiency analysis of the Hamming distance computation protocol based on oblivious transfer

Security and efficiency analysis of the Hamming distance computation protocol based on oblivious transfer

THRIVE: threshold homomorphic encryption based secure and privacy preserving biometric verification system

Privacy-Preserving Biometric Authentication and Matching via Lattice-Based Encryption

Contact Info

Product

Resources

About