Biometric Verification Secure Against Malicious Adversaries

TL;DR

This paper introduces a provably secure biometric verification protocol that protects against malicious attackers, ensuring biometric data privacy across various modalities with fast, practical performance.

Contribution

It presents a novel protocol based on homomorphic encryption and zero-knowledge proofs that secures biometric verification against malicious adversaries, improving security over prior honest-but-curious solutions.

Findings

Achieves sub-second verification speed for semi-honest security

Maintains acceptable performance with malicious security (0.95s to 2.50s)

Supports multiple biometric modalities with fixed-length feature vectors

Abstract

Biometric verification has been widely deployed in current authentication solutions as it proves the physical presence of individuals. To protect the sensitive biometric data in such systems, several solutions have been developed that provide security against honest-but-curious (semi-honest) attackers. However, in practice attackers typically do not act honestly and multiple studies have shown drastic biometric information leakage in such honest-but-curious solutions when considering dishonest, malicious attackers. In this paper, we propose a provably secure biometric verification protocol to withstand malicious attackers and prevent biometric data from any sort of leakage. The proposed protocol is based on a homomorphically encrypted log likelihood-ratio-based (HELR) classifier that supports any biometric modality (e.g. face, fingerprint, dynamic signature, etc.) encoded as a fixed-length real-valued feature vector and performs an accurate and fast biometric recognition. Our protocol, that is secure against malicious adversaries, is designed from a protocol secure against semi-honest adversaries enhanced by zero-knowledge proofs. We evaluate both protocols for various security levels and record a sub-second speed (between $0.37$s and $0.88$s) for the protocol against semi-honest adversaries and between $0.95$s and $2.50$s for the protocol secure against malicious adversaries.