Biometrics and Secret Key Binding Scheme

A Privacy-Enhanced Biometrics and Secret Key Binding Scheme to Safeguard Personal Data in Untrusted Computing Environment.


What is it?

The invention uses a novel binding scheme to fuse a user’s biometrics information and a secret in a secure way in the sense that leakage of either biometric information or the secret will not cause the leakage of the other part. Do I need it? Yes, if you have the following worries 

  • “too difficult to memorize so many passwords everyday”
  • “I like to use two-factor authentication for my financial services but not to use my biometrics for buying a bus ticket”
  • “we lose privacy if biometrics is used to replace passwords”
  • “crypto-biometrics (fuzzy commitment and fuzzy vault) has not been optimized in security and recognition performance …”
  • “I like to use biometrics to login to cloud services but I do not trust the cloud service provider to manage my biometric templates in cloud…”
  • “I have no privacy worry about my biometric data used for my smartphone access control because I know they use chip to store and compare the biometric template, but there is no such trusted things in cloud … should I use biometrics authentication for cloud services?”
  • “I have already passwords set for so many online services … if using you invention enforces me to re-set all these passwords, I would not like to use this invention.”
  • “I can encrypt my documents before backing them up in Dropbox but how can I retrieve them back by key word searching? Sure I know I can download them all to my PC and decrypt them and use key word to search but I have thousands of such encrypted files in dropbox …”
  • “how can I prove I am the author of this news photo used by this website? But I do not want to disclose my identity to them …”

What are its use cases?

The fused data, combined with other cryptographic tools, can be used to achieve multiple purposes such as 

  • encrypting personal files (documents, photos, videos, graphic design, etc.) in two modes – (1) biometrics and one master password (or a private key); or (2) only biometrics, without worry about your privacy (your biometrics and password are not reconstructable from the data binding result!)
  • managing personal passwords (without needing re-set of your existing ones)
  • indexing encrypted files without needing decryption and without disclosing the search meta data to the untrusted database service provider like a public cloud service provider
  • verifying the ownership of the user’s digital assets without need of disclosing the ownership information itself (if guaranteed by the digital signature from the service provider).


Thanks to the truly irreversible binding scheme, the user will have much less security and privacy concerns compared to prior arts, such as the fuzzy commitment scheme. The security of the invented binding scheme and the derived application schemes can be guaranteed by the state-of-the- arts cryptographic mechanisms. Experimental tests of the invented scheme over fingerprint ISO minutiae templates from the public data FVC2002DB2 and FVC2006DB2 for identity authentication use achieved comparable accuracy performance as other plain or protected template comparison algorithms in the secret-stolen scenarios (i.e., comparing all protected fingerprint templates using a same secret for binding) and almost zero error rates for the two-factor case (i.e., protected templates are compared using user-specific secrets). 

The invention is planned to publish on the IEEE Conference COMPSAC 2015 in July 2015. This will cause major awareness in an experts circle. 

What makes this invention different from the state of the arts?

Feature 1: Truly irreversibility of the data binding result (breach of one element of the {biometric data, personal secret} pair will not cause the breach of the other element) 

  

Feature 2: One biometrics-secret pair suits all applications (your do not need to change your current passwords but use the invention to add an extra layer of security) 

Feature 3: The biometrics-secret binding scheme, if not combined with other cryptographic tools, itself can be used as a biometric template protection scheme. (the secret can be owned by the user as a two-factor authentication scheme or can be generated in real time by the authentication system as a biometric-only authentication scheme) 

Feature 4: Independent of biometric modalities (so you can apply the invention to various modalities: fingerprint, face, iris, vein, ear, etc.) 

Feature 5: Tunable Security-Convenience settings (the weights on the two factors – the biometrics and the personal secret - can be fine-tuned to suit different applications including both the only-biometrics and the only-password cases) 

Feature 6: Cryptographically secure (interchangeable crypto-function component; perfect security achieved if two factors are kept well; computationally secure if one of the two is leaked)
 
 
Comparison to peer technologies