Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
Hochschule Darmstadt,CRISP,da/secSecurityGroupFinse WinterSchool,May 2017Biometric RecognitionMartaGomez-Barrero
Ø IntroductionØ VulnerabilitiesofBiometricSystemsØ Biometrics&PrivacyFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 2/34
Outline
FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 3/34Introduction
Whybiometricrecognition?Ø WeneedtoidentifyourselvesinadailybasisØ Impossibletoremember100differentpasswordsØ Losingorforgettingourpassword/tokeniseasyFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 4/34
IntroductionWhy not useour body features or behavioural patterns?
BiometriccharacteristicsØ Classification:
o Physiologicalo Behavioural
Ø Properties:o Universality:everybodyshouldpossessito Distinctiveness:shouldhaveenoughintervariabilityo Permanence:shouldnotvarythroughtimeo Collectability:shouldbeeasytoacquireo Performance:shouldhavegooderrorrateso Acceptability:usershouldnotbereluctanttouseito Circumvention:difficulttobypassFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 5/34
Introduction
AdvantagesanddisadvantagesofbiometricsFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 6/34
IntroductionØ Noneed toremember passwords or carrytokensØ Impersonation canbedetectedØ Asinglecharacteristic canbeused inmultipleapplications,without security decreaseØ Spoofing /Presentation Attacks (PA)Ø RenewabilityØ Biometrics arenosecretsØ Sensitiveinformation
Howdoesitwork?FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 7/34
IntroductionEnrollmentSignal Proc.Subsyst. Storage VerificationComparison Signal Proc.Subsyst.Subsyst.Feat.Extractor Feat.ExtractorTr Tr TpComparatorDecision
Example:irisrecognitionFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 8/34
IntroductionSample Segmentation NormalizationTemplate:T FeatureExtraction
VerificationvsIdentificationØ Verification:IamJonDoe(1:1)Ø Identification:Iaminthelist(1:n)FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 9/34
IntroductionTrT1Tn… Yes/noIdentity i/not inthe list
ErrorratesØ Twokindsofcomparisons:Ø Twokindsoferrorrates:
o FalseMatchRate(FMR) – proportionoffalselyacceptednon-matedcomparisontrialso FalseNon-MatchRate(FNMR) – proportionoffalselyrejectedmatedcomparisontrialsFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 10/34
IntroductionMatedComparison Non-MatedComparison[ISO/IEC2382-37HarmonizedBiometrics Vocabulary (HBV)]
EvaluatingtheaccuracyØ Plotmatedandnon-matedscoredistributionsØ Establishaverificationthreshold:𝛿Ø 𝛿 determinestheFMRØ … andtheFNMRFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 11/34
Introduction[ISO/IEC19795 on Biometricperformancetesting andreporting]
ComparingsystemsØ ComparealloperatingpointswithaDetectionErrorTrade-off(DET)curveØ ThepointatwhichFMR=FNMRisdefinedasEqualErrorRate(EER) - thelower,thebetterØ ReportFNMRatfixedFMR– e.g.,FMR=0.1%FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 12/34
Introduction 0.1 0.2 0.5 1 2 5 10 20 40 False Match Rate (%) 0.1 0.2 0.5 1 2 5 10 20 40 False Non-Match Rate (%) DET CurvesIris, EER = 0.6%Face, EER = 6.3%FNMR=19.83%FMR=0.1% EERFNMR=0.58%[ISO/IEC19795 on Biometricperformancetesting andreporting]
Multi-BiometricsystemsØ Advantages
o Higher accuracyo Increased robustness toindividualsensoror subsystem failureso Decreased number ofcaseswhere the system is not able tomake adecisiono Different levels ofsecurityo …
Ø Fusionlevels:o Featurelevelo Scorelevelo Decisionlevel FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 13/34
IntroductionCanbeharder toachieve,butit’s preferred:reducedstorage andhigher security[ISO/IECTR24722on Multimodalandother multibiometric fusion]
FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 14/34VulnerabilitiesofBiometricSystems
ExternalAttacksØ Biometricsystemsarenotfreefromexternalattacks.
FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 15/34VulnerabilitiesFeatureExtractor ComparatorBiometriccharacteristic Sample Querytemplate DecisionReferencetemplatePRESENTATIONATTACKS SOFTWAREATTACKSSensor DB1 2 3 4 5 6 78
VulnerabilityAnalysisØ ProjectsØ CompetitionsØ Standards FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 16/34
Vulnerabilities
HillClimbingattacksFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 17/34
VulnerabilitiesSyntheticTemplates DB AccessGrantedModificationscheme >𝛿<ComparatorAttackedtemplate ScoreTemplate
HCbasedontheUphillSimplexalgorithmFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 18/34
VulnerabilitiesØ Newpoint:
o Computecentroid:o Tryreflection:o Tryexpansionorcontraction:
Ø Stoppingcriteria:o Oneofthepointsofthesimplexiscloseenough=>successo Maximumnumberofiterationsallowedreached=>failure
Example1:FaceFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 19/34
Vulnerabilities Target:EnrolledSampleVerificationThresholdIterationsScores A B C D E FA B C D E FThe attack wassuccessful,andweonly needed accesstothe scores
Example2:FaceandsignatureSuccessRates(SR)Ø Wecanevaluatehowdangeroustheattackisintermsofthesuccessrate:Ø AtdifferentoperationpointsintermsofFMRFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 20/34
VulnerabilitiesFMR(%) FaceSystem SignatureSystem0.05% 100% 92.69%0.01% 100% 87.84%HillClimbing attacks represent arealchallenge tothesecurity offered by biometric systems =>Quantized Scores
HCbasedongeneticalgorithms(I)FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 21/34
VulnerabilitiesØ WestartwitharandompopulationofbinaryindividualsØ Ateachiteration,wegenerateanewpopulationaccordingtofourrules:
o Elite:twoindividualso Selection:stochasticuniversalsamplingo Crossover:scatteredcrossovero Mutation:randomchanges
Ø OurfitnessfunctionisthesimilarityscoreØ Stoppingcriteria:
o Oneoftheindividualsexceedstheverificationthreshold=>successo Scoreincreaseinthelastgenerationsisverysmall=>failureo Maximumnumberofiterationsallowedreached=>failure
HCbasedongeneticalgorithms(II)FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 22/34
Vulnerabilities… … … …… …EliteParents ChildrenMutated children
Example:Iris FMR(%) IrisSystem0.05% 80.89%0.01% 62.36%FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 23/34VulnerabilitiesHillClimbing attacks represent arealchallenge tothesecurity offered by biometric systems =>Quantized Scores
HCAttacksonmulti-biometricsystemsØ Contrarytothebeliefthatitismoredifficulttoattackamulti-biometricsystems,wecancombinethesealgorithmsandsucceedinourattack
Finse WinterSchool ‘17– Biometric Recognition,9/5/17MartaGomez-Barrero 24/34VulnerabilitiesSub-Algorithm 1:Uphill SimplexSub-Algorithm 2:Genetic AlgorithmScore FullTemplateFaceTemplateIrisTemplateFMR(%) FaceSystem IrisSystem Multi-Biometric0.05% 100% 80.89% 100%0.01% 100% 62.36% 100%The multi-biometric system is asvulnerableasthe mostvulnerablecharacteristic
FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 25/34Biometrics&Privacy
Biometrics:sensitivedataØ Widedeploymentofbiometrics:
o Largescalenationalandinternationalprojectso Bankingapps,ATMso Smartphoneunlocking
Ø BiometricsareclassifiedassensitivedataØ AndwecannotpreventdatabasesleakageFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 26/34
Biometrics&Privacy[EU2016/679DataProtection Regulation][EU2016/680DataProtection Directive]
InversebiometricsattacksØ It was acommon belief that the stored templates revealed noinformationabout the biometric characteristics:Ø However,biometric samples canberecovered from the storedunprotected templatesFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 27/34
Biometrics&Privacy
Inversebiometricsattacks:Hill-ClimbingFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 28/34
Biometrics&Privacy[M.Gomez-Barrero etal.,Int.Conf.onBiometrics,2012][M.Gomez-Barrero etal.,InformationSciences,2014][J.Galbally,etal.,ComputerVision&ImageUnderstanding,2013]! ThandTface TirisØ BasedontheHCalgorithmspresentedbefore,wecanreconstructbiometricsamples:
Inversebiometricattacks:ResultsØ Canyoutellthemapart?
FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 29/34Biometrics&PrivacyBiometrics&Privacy
Inversebiometricattacks:anotherapproachFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 30/34
Biometrics&Privacy DBFeatureExtractor Accept/RejectComparatorSensor [Cappelli etal.,IEEETrans.PAMI,2007]ReconstructionProcess Stolen ISOTemplateReconstructedImage[Galbally etal.,PatternRecognitionLetters,2009] PresentationAttack!
Inversebiometricsattacks:SuccessRatesFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 31/34
Biometrics&PrivacyTemplates need tobeprotected,sothat we cannotrecover the biometric sampleFMR(%) Iris Fingerprint(indirect) Fingerprint(PA)0.05% 85.1% 98% 78%0.01% 83.6% 92% 68% Over85%oftheattacksaresuccessful=>Realchallenge!Lowersuccesschances,butmoredifficulttodetectInaddition,Presentation Attacks need tobedetected
Cross-matchingattacksØ We canenroll with asinglecharacteristic indifferent applications
FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 32/34Biometrics&Privacy Same person??Tmail TbankTjobTfacebookTlinkedinTemplates need tobeprotected,sothat noone canfind out on which applications we areenrolled
SummaryØ Dothestoredtemplatesrevealanyinformationabouttheoriginalbiometricsamples?Ø Aremyenrolledtemplatesindifferentrecognitionsystemssomehowrelatedtoeachother?Ø Whatifsomeonestealsatemplateextractedfrommyface?Hasitbeenpermanentlycompromised? FinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 33/34
Biometrics&Privacy IRREVERSIBILITYUNLINKABILITYRENEWABILITY[ISO/IECIS24745on Biometric Information Protection]
MMartaGomez-Barrero([email protected])
FrominversebiometricsattacktoPAFinseWinterSchool‘17– BiometricRecognition,9/5/17MartaGomez-Barrero 35/34
Biometrics&Privacy
Hochschule Darmstadt,CRISP,da/secSecurityGroupFinse WinterSchool,May 2017Biometric Template ProtectionMartaGomez-Barrero
Ø IntroductionØ SecurityandPrivacyEvaluationØ CancelableBiometricsBasedonBloomFiltersØ BTPBasedonHomomorphicEncryptionØ Summary FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 2/47
Outline
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 3/47Introduction
Protectingthesubject’sprivacyØ Requirements ofBiometric Template Protection:
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 4/47Introduction=? K1KnMale,white,40s… IrreversibilityUnlinkability RenewabilityAtthe same time,accuracy,template size andverification speedmust bepreserved.[ISO/IECIS24745on BiometricInformation Protection]
BiometricTemplateProtectionArchitectureFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 5/47
IntroductionEnrollmentSignal Proc.Subsyst. Storage VerificationComparison Signal Proc.Subsyst.Subsyst.Feat.Extractor PIE PIC Feat.ExtractorPIRPIrAD ADPIr PIpTr TpPI:Pseudonimous IdentifierAD:Auxiliary Data PIE:PIEncoderPIR:PIRecorderPIC:PIComparatorDecision
BTPApproachesFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 6/47
Introduction [Barni etal.,SPM2015][Patel etal.,SPM2015]CancelableBiometricsØ Accuracy dropsØ Permanent irreversibilityØ Unlinkabilitynot analysedØ Computational Complexity PreservedCryptobiometricsØ Accuracy dropsØ Attacks on AD(irreversibility compromised)Ø Unlinkability not analysedØ Computational Complexity PreservedBiometrics inthe Encrypted DomainØ Accuracy preservedØ Permanent irreversibilityØ Unlinkability grantedØ Computational Complexity increased Template Protectionbased on BloomfiltersTemplate Protectionbased on HomomorphicEncryption[Campisi,Springer 2013]
Multi-BiometricsandBTPFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 7/47
IntroductionØ Multi-Biometrics:
o Higher accuracyo Different levels ofsecurityo Three fusion levels:feature,score,decision [ISO/IECTR24722]
Ø Multi-Biometric Template Protection [Rathgeb andBusch,InTech,2012]:o Alignment issueso Different BTPapproaches for different characteristics
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 8/47SecurityandPrivacyEvaluation
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 9/47EvaluationReproducibleResearchPublic DBsPublic BaselineSystems ISORequirements EvaluationAnalysis 1:Accuracy Analysis 2:Irreversibility Analysis 3:UnlinkabilityAnalysis 4a:Robustness toCross-Matching Attacks Analysis 4b:Computational LoadIncrease EvaluationProtocolKnowledgeAttacker
Cross-MatchingAttacksMartaGomez-Barrero 10/30
EvaluationØ We canenroll with asinglecharacteristic indifferent applicationsSame person??Tmail TbankTjobTfacebookTlinkedinFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 11/30EvaluationCross-Matching Attacks:How to?TbankTjobs =DS(Tjob, Tbank) s hereè tryagain!!Ls hereè success!!Js canbethe dissimilarity scoreofthe system or any other dissimilarityscore,such asvalues extracted from partial decoding infuzzy schemesFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
Ø Advantageoftheattackeroverarandomguessingintheindistinguishabilitygameo Problem1:assumesuniformityofdata– notvalidinbiometricso Problem 2:only analysed for fuzzy schemes – not straightforward toapply tocancelablebiometrics,since calculations rely on ECCpropertiesMartaGomez-Barrero 12/30[Simoens09]K.Simoens,P.Tuyls,B.Preneel,“PrivacyWeaknessesinBiometricSketches”,IEEESymp.OnSecurityandPrivacy,2009.[Buhan09]I.Buhan,J.Breebaart,M.Guajardoetal.,“AQuantitativeAnalysisofindistinguishabilityforacontinuousDomainBiometricCryptosystem”,Int.WorkshoponDataPrivacyandManagement,2009.[Buhan10]I.Buhan,E.Kelkboom,J.Guajardo,“EfficientStrategiesforPlayingtheIndistinguishabilityGameforFuzzySketches”,IEEEWorkshoponInformationForensicsandSecurity,2010.
EvaluationUnlinkability Analysis:CurrentStatus(I)Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
Ø Plot aDETcurveofgenuine andimpostorscores,comparingtemplates enrolled indifferent systemMartaGomez-Barrero 13/30 0.1 0.2 0.5 1 2 5 10 20 40 False Match Rate (%) 0.1 0.2 0.5 1 2 5 10 20 40 False Non-Match Rate (%) Unprotected SystemUnlinkability Analysis Wearenotthatgoodanymoreatclassifyingtemplates->Unlinkability achievedForallscoresover0.15,wecanlinkthetemplates->Unlinkability NOTachieved[Nagar10]A.Nagar,K.Nandakumar,A.K.Jain,“BiometricTemplateProtectionTransformation:ASecurityAnalysis”,SPIE,ElectronicImaging,MediaForensicsandSecurity,2010.[Kelkboom11]E.Kelkboom,J.Breebart,T.Kevenaar etal.,“PreventingtheDecodability AttackbasedCross-MatchinginaFuzzyCommitmentScheme”,IEEETIFS,2011.
EvaluationUnlinkability Analysis:CurrentStatus(II)Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
Ø PlotMated andNon-matedsamplesdistributions,fortemplatesprotectedwithdifferentkeys.Ø How toanalyse those distributions?⇒ Kullback-Leibler ()divergenceMartaGomez-Barrero 14/30=0.0 =0.0005 is onlydefined inatiny regionis not bounded:⇒ difficult tocomparesystemsWe need aquantitative,general,bounded measure,e.g.forbenchmarkingincompetitionsEvaluationUnlinkability Analysis:CurrentStatus(III)
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
Unlinkability Analysis:ProposalMartaGomez-Barrero 15/30
EvaluationØ Two measures:
o Localmeasure è for which scoresis the system vulnerable?o Globalmeasure è how canwe comparetwo systemsglobally?
Ø Both bounded in[0,1],anddefined for all dissimilarity scores.Ø Generalmeasures,valid for all BTPschemesFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
FullUnlinkabilityMartaGomez-Barrero 16/30
Evaluation Cannot ensureboth templatesbelong to thesame subjectènoriskNorisk,regardless ofsFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
FullLinkabilityMartaGomez-Barrero 17/30
EvaluationBoth templatesbelong to thesame subjectèhigh risk Both templatesbelong to differentsubjectsè noriskHighrisk,regardless ofs
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 18/30EvaluationSemi-Linkable Scenario AMorelikely bothtemplates belongto the samesubjectèhigh risk Morelikely bothtemplates belongto differentsubjectsè noriskHighrisk only forsome s
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 19/30EvaluationSemi-Linkable Scenario BMost likely bothtemplates belong tothe same subject
èhigh risk Most likely bothtemplates belongto differentsubjectsè noriskHighrisk,for largervalue range sFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 20/30EvaluationLocalmeasure:Background
Ø We areinterested inevaluating:Ø But we don’t know ,Ø HecanuseLRs:Ø Doing some tricks,we get:Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 21/30EvaluationLocalmeasure:finaldefinition
Ø If we know ,usethemtosetØ Otherwise,assumeand Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 22/30EvaluationGlobalmeasure
Ø GlobalmeasureFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
Linkability Scenarios:SummaryMartaGomez-Barrero 23/30
EvaluationFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 24/47CancelableBiometricsBasedonBloomFilters
WhyBloomfilters?FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 25/47
BloomFilters[Bloom,Comm.ofthe ACM 1970][Broder andMitzenmacher,InternetMathematics 2004]Ø BiometricTemplateProtectionbasedonBloomfilters:
o General:successfullyappliedtoiris,face,fingerprint,fingerveino Multimodal:featurelevelfusiono Irreversibility achievedo Accuracy,dependingontheconfiguration,preservedo Templatesize:similarorcompressedo Verificationspeed similar
Ø ButweneedtoaddunlinkabilityØ Andfindawaytofusetemplatesofdifferentsized(Multi-Biometrics)
GeneralarchitectureØ Addingunlinkability:
o Smallcomplexityo Smallimpactonaccuracy
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 26/47BloomfiltersFeatureExtraction BF TemplateProtection Comparison intheProtected DomainDFeatureRe-Arrangement Random shuffling ofbits⇒↑EER>40%
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 27/47Bloomfilters0 0 1 0 0 1 1 0 0 11 1 1 0 1 0 0 1 1 01 0 0 0 1 1 0 0 1 00 0 0 1 0 0 1 0 0 10 0 0 0 0 0 0 0 0 0 0 0 0 0 0 06 4 6 9Re-Arranged Block1 0 11 1 0… … … … … … … … … …0 0 1 Protected TemplatenBits nWords0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 00 0 0 0 1 0 1 0 0 0 0 0 0 0 0 00 1 0 0 1 0 1 0 0 0 1 0 1 0 0 00 1 0 0 1 0 1 0 0 1 1 0 1 0 0 0BloomFilter 2nBits1BFperblock,of2nBitsHow canwe select thisparameters?
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 28/47Bloomfilters|b|=2.4|b’|=1.6 |bfused|=3.2|b’,fused|=3.2To achieve aafusion weight α: Same sizeIf bitis activated here……itisalso activated hereORw XORK1w XORK2w bDifferent number ofkeys=>different α α1- α Setnumber ofkeys intermsof:|bfused|/|b’|MK-XOR pos
AccuracyAnalysisFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 29/47
BloomfiltersAccuracy is preserved atalloperating points 0.1 0.2 0.5 1 2 5 10 20 40 False Match Rate (%) 0.1 0.2 0.5 1 2 5 10 20 40 False Non-Match Rate (%) Accuracy Analysis Face + IrisUnprotected Score, EER = 0.1%BF Face, EER = 4.4%BF Iris, EER = 0.8%BF Score, EER = 0.3%BF Feature, EER = 0.1% 0.1 0.2 0.5 1 2 5 10 20 40 False Match Rate (%) 0.1 0.2 0.5 1 2 5 10 20 40 False Non-Match Rate (%) Accuracy Analysis FaceUnprotected System, EER = 7.0%BF System, EER = 4.3% For the fusion,best accuracyfor protected feature level
IrreversibilityanalysisØ Arethereconstructedunprotectedtemplatessimilartotheoriginalones?
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 30/47Bloomfilters Irreversible:HDbigger than impostorcomparisons[Bringer etal.,ICB2015]VerificationThreshold
MartaGomez-Barrero 31/30BloomfiltersUnlinkability analysis (I)Linkability hasdecreased!JXORSystem +HW,=0.33 NEWSystem +HW,=0.08
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17
MartaGomez-Barrero 32/30BloomfiltersUnlinkability analysis (II)Still room forimprovementLinkability hasbarely increasedJ
Only dissimilarity scoresareneeded tocomputethe metricsFinse WinterSchool ‘17– Biometric Template Protection,9/5/17
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 33/47BTPBasedonHomomorphicEncryption
WhyHomomorphicEncryption?FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 34/47
BTP&HEØ BTPbasedonHomomorphicEncryption:
o Generalo Accuracyfullypreservedo Permanentprotection:allcomputationsintheencrypteddomaino Irreversibility andunlinkability achievedo Renewability withnore-acquisition[Fontaine etal.,EURASIPJ.Inf.Sec. 2007][Lagendijk etal.,IEEESPMag. 2013]Ø Limitationonthenumberofoperationsintheencrypteddomain
Ø Secretkey+protectedtemplate=unprotectedtemplatecompromised
HomomorphicEncryptionØ Practicalimplementation:Paillier Cryptosystem[P.Paillier,EUROCRYPT,1999]Ø HE- Paillier:basedontheDECISIONALCOMPOSITERESIDUOSITYASSUMPTION FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 35/47
BTP&HEDCRA:given acomposite n andand integer z,it is (very)hard todecidewhether there exists y such that:z=yn (mod n2)
AdditiveHomomorphicEncryptionFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 36/47
BTP&HEProduct ofciphertexts Sumofplain textsExponentiation ofciphertext andplain text Product ofplain texts
GeneralarchitectureFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 37/47
BTP&HEFeatureExtraction Distance Computation inthe Encrypted DomainEncryptedTemplatesDProblem 1:what dowestore inthe database?Problem 2:given Tp andE(Tr),how canwecomputeE(d(Tp,Tr))? Additionally,only integervalues canbehandled
Multi-BiometricsFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 38/47
BTP&HE DBServerSTEP1Feature ExtractorExtract TpSTEP3Encrypted DistanceComputeE(S) STEP5ComparatorDecrypt E(S),decideEncryptedTemplatesKey(pk,sk)Client Auth.ServerCommunicationChannelSTEP2:Serversends E(Tr)STEP4:Client sends E(S)CommunicationChannel
EncrypteddistancecomputationFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 39/47
BTP&HEEncrypted Euclidean distance:Given two vectors Tp andE(Tr),oflength FEuclidean distance:Given two vectors Tp andE(Tr),oflength FProbe templateEncrypted referencetemplate stored inDB
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 40/47BTP&HEEncrypted Cosine similarity:Given two vectors Tp andE(Tr),oflength FCosine similarity:Given two vectors Tp andTr,oflength FProbe templateEncrypted referencetemplate stored inDB
AccuracyEvaluationFinse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 41/47
BTP&HE 0.1 0.2 0.5 1 2 5 10 20 40 False Match Rate (%) 0.1 0.2 0.5 1 2 5 10 20 40 False Non-Match Rate (%) Feature Level FusionUnprotected Euc, EER = 0.1Protected Euc, EER = 0.1Unprotected Cos, EER = 3.0Protected Cos, EER = 3.0BioSecurID DB[Fierrez etal.,PAA2009]GlobalFeatures Sign.[Martinez-Diaz etal.,IETBio 2014]Fingercodes [Jain etal.,CVPR1999]4,200mated +17,500non-mated scoresAccuracy is fully preserved atall operating points
Unlinkability AnalysisFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 42/47
BTP&HEFullunlinkability,aslong asthe secret key is not compromised
ComputationalOverheadØ 1realvalue(16bits)è 2,048bitsencryptedè x128increasefactorØ Dependingondistance,morevaluesneedtobestored
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 43/47BTP&HEEuclidean distance template:2F +1encrypted valuesè 70.25KB Cosine distance template:F encrypted valuesè 35KBUnprotected template:F realvaluesè 0.27KBStoragerequirements andcommunication bandwidth multiplied by128- 256However,templates arestill small enough for realtimeapps
Finse WinterSchool ‘17– Biometric Template Protection,9/5/17MartaGomez-Barrero 44/47Summary
Ø MethodologyforastandardizedsecurityandprivacyevaluationofBTPschemesØ BTPschemesbasedonBloomfiltersorHomomorphicEncryptioncomplywithISO/IECIS24745,providingirreversibility,unlinkability,renewabilityandaccuracypreservationØ MBTPschemesbasedonBloomfiltersorHomomorphicEncryptionachievehigheraccuracyandprivacyprotectionFinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 45/47
Summary
FinseWinterSchool‘17– BiometricTemplateProtection,9/5/17MartaGomez-Barrero 46/47Summary
Ø HEadvantages:o Full accuracy preservationo Revocabilitywithnore-acquisitiono Higherdegreeof unlinkabilityØ Bloomfiltersadvantages:
o Compressed templateso Irreversibility evenifkeyiscompromisedo Low computationalload
Ø Bloomfilterslimitations:o Someaccuracydegradationdependingonfeatureextractorso SomeaccuracydegradationatlowFMRs Ø HElimitations:
o Keycompromisedè reversibleo Storagerequirements x128
MMartaGomez-Barrero([email protected])