Joint Privacy and Security of Multiple Biometric Systems

doi:10.1017/9781316450840.017

16 - Joint Privacy and Security of Multiple Biometric Systems

from Part IV - Data Systems and Related Applications

Published online by Cambridge University Press: 28 June 2017

A. Goldberg and

Edited by

Ashish Khisti and

A. Goldberg: Affiliation:
Department of Electrical and Computer Engineering, University of Toronto
S. C. Draper: Affiliation:
Department of Electrical and Computer Engineering, University of Toronto
Rafael F. Schaefer: Affiliation:
Technische Universität Berlin
Holger Boche: Affiliation:
Technische Universität München
Ashish Khisti: Affiliation:
University of Toronto
H. Vincent Poor: Affiliation:
Princeton University, New Jersey

Book contents

Get access

Summary

This paper explores the design of biometric authentication in the context of a single user that has enrolled in multiple (distinct) authentication systems. The compromise of some subset of these systems will generally impact both the privacy of the user's biometric information and the security of the balance of the systems. In this work we consider how to design the systems jointly to minimize losses in privacy and security in the case of such compromise. It turns out that there is a tension between the two objectives, resulting in a privacy/security tradeoff.We introduce worst-case privacy and security measures, and consider the tradeoff between them, in the context of the “secure sketch” architecture. Secure sketch systems are based on error correction codes, and the considerations of joint design that we pose result in a novel code design problem. We first study the design problem algebraically and identify an equivalence with a type of subspace packing problem. While the packing problem fully characterizes the design space, it does not yield an explicit characterization. We then turn to a “fixed-basis” subspace of the general design space. We map a relaxed version of the fixed-basis design problem to a linear program which, after exploiting much symmetry, leads to an explicit tradeoff between security and privacy. While we show that fixed-basis designs are restrictive in terms of the achievable privacy/security tradeoffs, they have the advantage of being easily mapped to existing codes (e.g., low-density parity check codes), and thence to immediate deployment. Finally, we conjecture that the achievable privacy/security tradeoff of fixed-basis designs is characterized by an extremely simple analytic expression, one that matches our numerical results.

Introduction

The goal of an authentication system is to ensure that only legitimate individuals gain access to a secured resource or area. Increasingly popular are methods of authentication that use biometric data – unique information present in a person's physical attributes. An example of such a biometric system is a laptop-mounted fingerprint scanner, or an iris scanner at an airport.

Type: Chapter
Information: Information Theoretic Security and Privacy of Information Systems , pp. 445 - 472

DOI: https://doi.org/10.1017/9781316450840.017 [Opens in a new window]

Publisher: Cambridge University Press

Print publication year: 2017

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

Book purchase

Temporarily unavailable

References

[1] A., Jain, P., Flynn, and A., Ross, Handbook of Biometrics. New York: Springer, 2008.

[2] P., Reid, Biometrics and Network Security. Upper Saddle River, NJ: Prentice Hall, 2003.

[3] N., Ratha, J., Connell, and R., Bolle, “Enhancing security and privacy in biometrics-based authentication systems,” IBM Syst. J., vol. 40, no. 3, pp. 614–634, 2001.Google Scholar

[4] P., Campisi, Security and Privacy in Biometrics. New York: Springer, 2013.

[5] T., Ignatenko and F. M. J., Willems, Privacy Leakage in Binary Biometric Systems: From Gaussian to Binary Data. London: Springer, 2013, pp. 105–122.

[6] Y., Wang, S., Rane, S. C., Draper, and P., Ishwar, “A theoretical analysis of authentication, privacy and reusability across secure biometric systems,” IEEE Trans. Inf. Forensics Security, vol. 7, no. 6, pp. 1825–1840, Dec. 2012.Google Scholar

[7] L., Lai, S.-W., Ho, and H. V., Poor, “Privacy–security trade-offs in biometric security systems – Part II: Multiple use case,” IEEE Trans. Inf. Forensics Security, vol. 6, no. 1, pp. 140–151, Mar. 2011.Google Scholar

[8] R., Koetter and F., Kschischang, “Coding for errors and erasures in random network coding,” IEEE Trans. Inf. Theory, vol. 54, no. 8, pp. 3579–3591, Aug. 2008.Google Scholar

[9] A., Khaleghi, D., Silva, and F., Kschischang, Subspace Codes, ser. Lecture Notes in Computer Science, vol. 5921, pp. 1–21. Berlin, Heidelberg: Springer, 2009.

[10] A., Dimakis, P., Godfrey, Y., Wu, M., Wainwright, and K., Ramchandran, “Network coding for distributed storage systems,” IEEE Trans. Inf. Theory, vol. 56, no. 9, pp. 4539–4551, Sep. 2010.Google Scholar

[11] P., Sobe and K., Peter, “Comparison of redundancy schemes for distributed storage systems,” in IEEE Int. Symp. Network Computing and Apps., Cambridge, MA, USA, Jul. 2006, pp. 196–203.

[12] A., Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, pp. 612–613, Nov. 1979.Google Scholar

[13] Y., Sutcu, S., Rane, J. S., Yedidia, S., Draper, and A., Vetro, “Feature extraction for a Slepian–Wolf biometric system using LDPC codes,” in Proc. IEEE Int. Symp. Inf. Theory, Toronto, ON, Canada, Jul. 2008, pp. 2297–2301.

[14] D., Silva and F., Kschischang, “On metrics for error correction in network coding,” IEEE Trans. Inf. Theory, vol. 55, no. 12, pp. 5479–5490, Dec. 2009.Google Scholar

[15] E., Erkut, “The discrete p-dispersion problem,” European J. Operational Research, vol. 46, no. 1, pp. 48–60, May 1990.Google Scholar

[16] A., Goldberg and S. C., Draper, “The privacy/security tradeoff across jointly designed linear authentication systems,” in Proc. 52nd Annual Allerton Conf. Commun., Control, Computing, Monticello, IL, USA, Sep. 2014, pp. 1279–1286.

[17] K., Metsch, “A characterization of Grassmann graphs,” Eur. J. Combinatorics, vol. 16, no. 6, pp. 639–644, Nov. 1995.Google Scholar

[18] J., Kosiorek, A., Matras, and M., Pankov, “Distance preserving mappings of Grassmann graphs,” Beitr. Algebra Geom., vol. 49, no. 1, pp. 233–242, Jan. 2008.Google Scholar

[19] R., Bailey and K., Meagher, “On the metric dimension of Grassmann graphs,” Discrete Math. & Theoretical Computer Science, no. 4, pp. 97–104, Jan. 2011.Google Scholar

[20] D., Djokovic, “Distance-preserving subgraphs of hypercubes,” J. Comb. Theory B, vol. 14, no. 3, pp. 263–267, Jun. 1973.Google Scholar

[21] H., Cheung, T., Kwok, and L., Lau, “Fast matrix rank algorithms and applications,” in ACM Symp. Theory Computing, New York, NY, USA, May 2012, pp. 549–562.

[22] A., Goldberg, “The privacy/security tradeoff for multiple secure sketch biometric authentication systems,” Master's thesis, Univ. of Toronto, 2015.