Security and Privacy Enhancement for Outsourced Biometric Identification

TL;DR

This paper introduces a new secure outsourcing scheme for biometric identification that enhances security against enrolment attacks and reduces information exposure by modeling identification as a fixed radius similarity query, maintaining efficiency.

Contribution

The proposed scheme improves security by preventing enrolment attacks and models identification as a fixed radius query to enhance privacy, while preserving computational efficiency.

Findings

Resists enrolment attacks effectively.

Reduces information exposure compared to previous schemes.

Maintains computational savings of outsourced processing.

Abstract

A lot of research has been focused on secure outsourcing of biometric identification in the context of cloud computing. In such schemes, both the encrypted biometric database and the identification process are outsourced to the cloud. The ultimate goal is to protect the security and privacy of the biometric database and the query templates. Security analysis shows that previous schemes suffer from the enrolment attack and unnecessarily expose more information than needed. In this paper, we propose a new secure outsourcing scheme aims at enhancing the security from these two aspects. First, besides all the attacks discussed in previous schemes, our proposed scheme is also secure against the enrolment attack. Second, we model the identification process as a fixed radius similarity query problem instead of the kNN search problem. Such a modelling is able to reduce the exposed information thus enhancing the privacy of the biometric database. Our comprehensive security and complexity analysis show that our scheme is able to enhance the security and privacy of the biometric database and query templates while maintaining the same computational savings from outsourcing.