IMPROVED SECURITY AND PRIVACY PRESERVATION FOR BIOMETRIC HASHING
Electronics Engineering, PhD Dissertation, 2013
Asst. Prof. Dr. Hakan Erdoğan (Thesis Supervisor), Assoc. Prof. Dr. Berrin Yanıkoğlu, Assoc. Prof. Dr. Erkay Savaş, Prof. Dr. Aytül Erçil, Asst. Prof. Dr. Engin Maşazade
Date &Time: August,02nd, 2013 – 10:30
Place: FENS L045
Keywords: Biohash, Privacy, Security, Cryptographic Protocols, Homomorphic Encryption, and Threshold Encryption.
This thesis addresses improving the verification performance as well as security and privacy aspects of biohashing methods. We propose various methods to increase the verification performance of the existing random projection based biohashing systems. First, we introduce a new biohashing method based on optimal linear transform under colored Gaussian noise assumption which seeks to find a better projection matrix. Second, we propose another face image hashing method based on a technique that we call discriminative projection selection. This technique selects the rows of the random projection matrix by using the Fisher criterion. Third, we introduce a new quantization method that attempts to optimize biometric hash vectors using the ideas from diversification of error-correcting output codes classifiers.
We consider various attacks against biohashing methods to analyze the security and privacy preservation properties of such methods. We propose a new attack method based on minimum norm solution. The results of these attacks show that biohashing is vulnerable to such attacks and better template protection methods are necessary. To overcome the security limitations of biohashing, we introduce an identity verification system which we call the THRIVE system which is also a novel biometric template protection system. The system includes new enrollment and authentication protocols based on threshold homomorphic encryption in which the private key is shared between the user and the verifier. The proposed system is suitable for applications where the user and the verifier do not trust each other. The system can be used with any biometric modality and biometric feature extraction method whose output templates can be binarized, therefore it is not limited to biohashing. We implement the proposed THRIVE system and find that an authentication protocol run requires 0.218 seconds on average. The ideas in this thesis can be used to implement more secure and privacy preserving biometric authentication systems that are efficient enough to be used in real applications.