Bruno Kindarji

Optimal Iris Fuzzy Sketches

Fuzzy sketches, introduced as a link between biometry and cryptography, are a way of handling biometric data matching as an error correction issue. We focus here on iris biometrics and look for the best error-correcting code in that respect. We show that two-dimensional iterative min-sum decoding leads to results near the theoretical limits. In particular, we experiment our techniques on the iris challenge evaluation (ICE) database and validate our findings.

Theoretical and Practical Boundaries of Binary Secure Sketches

Fuzzy commitment schemes, introduced as a link between biometrics and cryptography, are a way to handle biometric data matching as an error-correction issue. We focus here on finding the best error-correcting code with respect to a given database of biometric data. We propose a method that models discrepancies between biometric measurements as an erasure and error channel, and we estimate its capacity. We then show that two-dimensional iterative min-sum decoding of properly chosen product codes almost reaches the capacity of this channel. This leads to practical fuzzy commitment schemes that are close to theoretical limits. We test our techniques on public iris and fingerprint databases and validate our findings.

The best of both worlds: Applying secure sketches to cancelable biometrics

Cancelable biometrics and secure sketches have been introduced with the same purpose in mind: to protect the privacy of biometric templates while keeping the ability to match this protected data against a reference. The paradigm beyond cancelable biometrics is to perform an irreversible transformation over images and to make matching over transformed images. On one hand, a drawback of this technique is that for biometrics using a matching algorithm relying on some complex characteristics, such as the ones used for fingerprints, the irreversible transformation tends to break the underlying structure, thus degrading the performance accuracy. On the other hand, for secure sketches, matching is reduced to an error correction and we show here that applying secure sketch error correction to cancelable biometrics allows one to keep good matching performance. Moreover, the securitys advantages of both schemes adds up together.

Error-Tolerant Searchable Encryption

In this paper, we describe a new primitive for Error-Tolerant Searchable Encryption and a security model for it. This generic scheme permits to make searches on encrypted data with only an approximation of some keyword. It enables to efficiently query secure databases in order to get the exact data with a close estimation of it. An application to biometric identification arises from this construction. n nThis is the first construction both for Error-Tolerant Searchable Encryption and for a biometric identification protocol over encrypted personal data.

Identification with encrypted biometric data

Biometrics make human identification possible with a sample of a biometric trait and an associated database. Classical identification techniques lead to privacy concerns. This paper introduces a new method to identify someone using his biometrics in an encrypted way. Our construction combines Bloom Filters with Storage and Locality-Sensitive Hashing. We apply this error-tolerant scheme, in a Hamming space, to achieve biometric identification in an efficient way. This is the first non-trivial identification scheme dealing with fuzziness and encrypted data. Copyright

Anonymous identification with cancelable biometrics

Cancelable biometrics were introduced by Ratha et al. in 2001 to obtain templates which are renewable and do not let come back to the original biometric trait. We extend this technique to achieve the property of untraceability among different identifications across time. To this end, we need time-dependent templates. We here describe a system relying on time-dependent cancelable biometrics and analyse its security.

Pseudo Identities Based on Fingerprint Characteristics

This paper presents the integrated project TURBINE which is funded under the EU 7th research framework programme. This research is a multi-disciplinary effort on privacy enhancing technology, combining innovative developments in cryptography and fingerprint recognition. The objective of this project is to provide a breakthrough in electronic authentication for various applications in the physical world and on the Internet. On the one hand it will provide secure identity verification thanks to fingerprint recognition. On the other hand it will reliably protect the biometric data through advanced cryptography technology. In concrete terms, it will provide the assurance that (i) the data used for the authentication, generated from the fingerprint, cannot be used to restore the original fingerprint sample, (ii) the individual will be able to create different pseudo-identities for different applications with the same fingerprint, whilst ensuring that these different identities (and hence the related personal data) cannot be linked to each other, and (iii) the individual is enabled to revoke an biometric identifier (pseudo-identity) for a given application in case it should not be used anymore.

Biometric Identification over Encrypted Data Made Feasible

Realising a biometric identification scheme with the constraint of storing only encrypted data is an exciting challenge. Whereas a recent cryptographic primitive described by Bringer et al. and named Error-Tolerant Searchable Encryption achieves such a goal, the associated construction is not scalable to large databases. This paper shows how to move away from the model of Bringer et al. , and proposes to use Symmetric Searchable Encryption (SSE) as the baseline for biometric identification. The use of symmetric cryptography enables to achieve reasonable computational costs for each identification request. n nThis paper also provides a realistic security model for this problem, which is stronger than the one for SSE. In particular, the construction for biometric identification is resilient to statistical attacks, an aspect yet to be considered in the previous constructions of SSE. n nAs a practical example, parameters for the realisation of our scheme are provided in the case of iris recognition.

Extending match-on-card to local biometric identification

We describe the architecture of a biometric terminal designed to respect privacy. We show how to rely on a secure module equipped with Match-On-Card technology to ensure the confidentiality of biometric data of registered users. Our proposal relies on a new way of using the quantization functionality of Secure Sketches that enables identification.

Private Interrogation of Devices via Identification Codes

Consider a device that wants to communicate with another device (for instance a contactless one). We focus on how to withstand privacy threats in such a situation, and we here describe how to query the device and then identify it, with a new identification protocol solution. The interrogation step uses the concept of identification codes introduced by Ahlswede and Dueck. We show that this probabilistic coding scheme indeed protects the device against an eavesdropper who wants to track it. In particular, when using a special class of identification codes due to Moulin and Koetter that are based on Reed-Solomon codes, we directly depend on the hardness of a cryptographic assumption known as the Polynomial Reconstruction problem. We analyse the security and privacy properties of our proposal in the privacy model for contactless devices introduced by Vaudenay at ASIACRYPT 2007. We finally explain how to apply our scheme with very low-cost devices.