University of Twente Student Theses


Secure biometric verification in a malicious attacker model setting

Scholten, R.H.D. (2020) Secure biometric verification in a malicious attacker model setting.

[img] PDF
Abstract:Biometric recognition is a means to measure physical characteristics of a person for authentication purposes. Physical characteristics are captured by a sensor, stored digitally in a feature vector and subsequently compared to a database template by a server. The European Union has stated in General Data Protection Regulation 2016/679 that biometric data is sensitive and must therefore be protected using Biometric Template Protection (BTP) schemes. The BTP scheme constructed by Peeters et al. is efficient and satisfies the requirements for a secure BTP scheme: irreversibility, unlinkability, revocability and accuracy. However, similar to most other state-of-the-art BTP schemes, it is only secure in the semi-honest model, in other words, where both the sensor and server adhere to the protocol, but may collect information along the way. In this work, we first present the semi-honest key release protocol, which follows the protocol of Peeters et al., but additionally releases a key upon successful comparison. Secondly, we present the partially malicious key release protocol, which builds upon the former protocol, but uses commitment schemes and zero-knowledge proofs to provide security against a semi-honest sensor and a malicious server, i.e. a party which may deviate from the protocol. Additionally, we present the semi-honest one-round protocol: a stepping stone protocol in which the total comparison is performed by the server. The semi-honest key release protocol appears to be very practical in real-world applications, i.e. 443 comparisons per second can be done, compared to about 250 comparisons per second in the efficient semi-honest protocol of Peeters et al.. The partially malicious key release protocol is less practical, i.e. 25 comparisons per second can be done. However, since runtime performance is a trade-off with accuracy, the partially malicious key release protocol can still be practical if accuracy is less important. Moreover, since the comparison operation is the bottleneck of both protocols, we expect that significant runtime efficiency can be gained here.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page