What protects biometric data better than bloom filter or homomorphic encryption? Both

Protecting biometric templates from theft or leakage is one of the long-standing challenges facing the industry, but Amina Bassit of the University of Twente and her fellow researchers have a proposal they think can help.

Bassit presented a proposal combining two cryptographic methods to the European Association for Biometrics in a talk this week on ‘Hybrid Biometric Template Protection: Resolving the Agony of Choice between Bloom Filters and Homomorphic Encryption.’

An audience of more than 100 registered for the EAB Lunch Talk, signalling industry interest in protecting the privacy of biometric data.

Bassit began by presenting a theoretical comparison between using bloom filters and homomorphic encryption for template protection.

ISO/IEC 24745 states that biometric template protection should make the data irreversible, unlinkable and confidential throughout its lifecycle.

Bloom filters in biometrics consist of integers converted from the binary of the template, Bassit explained. Comparisons are made by computing the weighted Hamming distance between bloom filters to generate a similarity score.

The technology is space-efficient, preserves biometric accuracy without creating feature alignment challenges, and can be used in fast comparisons. These characteristics make it appropriate for biometrics, Bassit says.

She explained two categories of bloom filter-based template protection schemes, one of which fails to keep the biometrics unlinkable, but the other of which satisfies the criteria of the ISO standard.

The evolution of homomorphic encryption was reviewed, and Gentry’s construction mitigating the problem of noise growth that enabled full HE schemes noted. This approach has several benefits, but also presents challenges in terms of recognition speed, template size, and the storage and distribution of keys.

Single key and threshold-based HE for biometric template protection were explained, and assessed as successful in meeting the ISO standard.

A summary graphic shows relative benefits for bloom filters over HE, as well as the reverse. A drawback to both is malleability, but Bassit notes that appending a signature can resolve this shortcoming.

The first category bloom filter approach provides the best accuracy of the approaches considered, but with the weakness of linkability.

A case study using iris recognition carried out by Bassit and her fellow researchers shows that by computing multiple Hamming distances to account for the movement of the iris, the encrypted system will work, but more slowly. The invariant property of bloom filters eliminates the need to shift the features.

Biometric performance is better when using bloom filters if the key setting is specific to the user, rather than the application, Bassit notes.

A possible solution

A hybrid approach is proposed by Bassit and her team, taking the first bloom filter approach with a user-specific key setting, while HE reinforces irreversibility and confidentiality, while adding unlinkability. The inclusion of HE also makes the template dynamic, meaning new templates can be created from an existing one. Implementation details followed for those skilled in cryptography.

The hybrid approach yielded an equal error rate of only 0.17 percent, equal to the first bloom filter approach with a user-specific key, but without the linkability issue. It took longer than the bloom filter approaches, but was much closer in runtime to them then the longer HE method.

Article Topics

biometric data  |  biometric template protection  |  biometrics  |  biometrics research  |  cybersecurity  |  data protection  |  homomorphic encryption