|
Biometrics are part of modern citizens' identity. Individuals' mobile devices collect facial, iris, fingerprint, and electrocardiogram data. Border checkpoints collect travelers' biometrics. National identity cards use biometrics to identify individuals. In many applications, a large group of users' biometrics are stored together in a centralized database. This type of widespread and expanding use of biometrics creates privacy concerns as biometrics are correlated to sensitive attributes such as race, gender, and disease risk factors. Protecting this data balances needs and citizens' privacy. This project designs a new system that allows identification while retaining privacy of non-relevant individuals when querying centralized biometric databases. The system design uses cryptography to provide rigorous security claims.
Searchable encryption allows a database to process queries without knowing the underlying data. Current biometrics are characterized by noise between repeated readings. This project designs two systems which both build on searchable encryption and noise tolerant cryptography. The first system combines selective locality sensitive hashes and searchable encryption to retrieve records that match many locality sensitive hash outputs. The second system builds a variant of inner-product encryption that retrieves only the set of close records. The superior of the two designs will be implemented and benchmarked. An important aspect of any searchable encryption design is its leakage profile. As such, the implemented scheme's leakage is evaluated with respect to the known statistical properties of an identified biometric.
|
CRII: SaTC: Searchable Encryption for Biometric Data