Some progress on protecting biometric templates, evaluating methods
As biometric templates are more widely enrolled, stored and used, and the methods used to attack the privacy of people and the security of systems advance, ways to protect those templates are evolving, and were discussed in the recent Biometrics Workshop in Martigny, Switzerland.
The European Association for Biometrics organized the hybrid event in collaboration with the Center for Identification Technology Research (CITeR), and it was held at the Idiap Research Institute.
Evaluating biometric template protection
Dr. Marta Gomez-Barrero of Hochschule Ansbach kicked off the topic with a keynote on the ‘Evaluation of Template Protection Schemes.’
Gomez-Barrero noted the importance of template privacy protection for GDPR compliance, a topic recently explored in some depth by the EAB, and other countries are following suit.
The belief that biometric data cannot be extracted from templates, commonly-held ten or more years ago, has been exploded, Gomez-Barrero says. Hill-Climbing is presented as an example of inverse biometrics attacks. Similarly, cross-matching attacks can theoretically break biometric security with stolen templates.
For templates to preserve privacy, they should reveal no information about the subject, be irreversible, unlinkable and renewable. These characteristics are reflected in the ISO/IEC 24745 standard. Gomez-Barrero also explained the difference between the latter two.
From there, the presentation explored how biometric templates can be protected, and what kinds of cryptography can help.
The pseudonymous identifier framework set out in the ISO standard describes a two-stage conversion to protect templates.
Evaluations of template security schemes should, like academic research in general, start with public baseline systems, according to Gomez-Barrero, along with public databases, what the attacker knows, and the evaluation protocol.
ISO requirements for accuracy, irreversibility, unlinkability, robustness to cross-matching attacks, and computational load increase. The latter, Gomez-Barrero says, is “especially important for approaches based, for instance, on homomorphic encryption.” Each analysis was explained in some detail, and several new concepts, such as “semi-linkable” biometrics introduced.
The importance of choosing “proper” keys is well known in cryptography, but must also be heeded in biometrics, Gomez-Barrero emphasized.
This part of the presentation catered to the large portion of the EAB, CITeR and Idiap audience comfortable with formulas for advanced metrics and the graphs that accompany them.
Innovations on offer
Ideas from the commercial developers, academia and research bodies to protect the privacy and security of biometric templates followed.
Tech5 Co-founder, Chairman and CTO Rahul Parthe presented the company’s printed cryptograph, Erik Guoqiang Li of Mobai spoke about homomorphic encryption, and Lennig Pedron of Trust Valley Switzerland initiative Tech4Trust introduced the public-private partnership’s development hubs. The Tech4Trust runs a 6-month acceleration program for technology projects to enhance trust, including with biometrics. Applications for the next cohort of startups are open now.
Christian Rathgeb of Hochschule Darmstadt discussed biometric cryptosystems, Johannes Ernst of University of St. Gallen presented the concept of “function-hiding inner-product functional encryption,” which allows the evaluation of the “inner-product of two encrypted or hidden vectors,” which can be used in biometric authentication. Hatef Otroshi of Idiap spoke about how deep facial templates can be inverted to reveal biometric data using face generation with StyleGAN, and Norman Poh of Trust Stamp gave a talk on the use of biometrically-bound credentials to perform transactions over the internet without exchanging biometric material.