Hervé Chabanne

Embedding edit distance to enable private keyword search

BackgroundOur work is focused on fuzzy keyword search over encrypted data in Cloud Computing.MethodsWe adapt results on private identification schemes by Bringer et al. to this new context. We here exploit a classical embedding of the edit distance into the Hamming distance.ResultsOur way of doing enables some flexibility on the tolerated edit distance when looking for close keywords while preserving the confidentiality of the queries.ConclusionOur proposal is proved secure in a security model taking into account privacy.

Anonymous identification with cancelable biometrics

Cancelable biometrics were introduced by Ratha et al. in 2001 to obtain templates which are renewable and do not let come back to the original biometric trait. We extend this technique to achieve the property of untraceability among different identifications across time. To this end, we need time-dependent templates. We here describe a system relying on time-dependent cancelable biometrics and analyse its security.

Biometric Identification over Encrypted Data Made Feasible

Realising a biometric identification scheme with the constraint of storing only encrypted data is an exciting challenge. Whereas a recent cryptographic primitive described by Bringer et al. and named Error-Tolerant Searchable Encryption achieves such a goal, the associated construction is not scalable to large databases. This paper shows how to move away from the model of Bringer et al. , and proposes to use Symmetric Searchable Encryption (SSE) as the baseline for biometric identification. The use of symmetric cryptography enables to achieve reasonable computational costs for each identification request. This paper also provides a realistic security model for this problem, which is stronger than the one for SSE. In particular, the construction for biometric identification is resilient to statistical attacks, an aspect yet to be considered in the previous constructions of SSE. As a practical example, parameters for the realisation of our scheme are provided in the case of iris recognition.

Extending match-on-card to local biometric identification

We describe the architecture of a biometric terminal designed to respect privacy. We show how to rely on a secure module equipped with Match-On-Card technology to ensure the confidentiality of biometric data of registered users. Our proposal relies on a new way of using the quantization functionality of Secure Sketches that enables identification.

Faster secure computation for biometric identification using filtering

Several attempts have been made to apply Secure Multiparty Computation (SMC) to the context of biometric recognition. Such constructions are very bandwidth and time-consuming. In order to reduce both consumptions, we propose a new construction for biometric identification based on filtering techniques that has the same security properties as the other SMC-based schemes but runs significantly faster while keeping good biometric performances. We propose as an example a secure iris identification algorithm with a fast filtering phase based on Hamming distance. We moreover present implementation results for this proposal that confirm our improvements.

Efficient and Strongly Secure Dynamic Domain-Specific Pseudonymous Signatures for ID Documents

The notion of domain-specific pseudonymous signatures (DSPS) has recently been introduced for private authentication of ID documents, like passports, that embed a chip with computational abilities. Thanks to this privacy-friendly primitive, the document authenticates to a service provider through a reader and the resulting signatures are anonymous, linkable inside the service and unlinkable across services. A subsequent work proposes to enhance security and privacy of DSPS through group signatures techniques. In this paper, we improve on these proposals in three ways. First, we spot several imprecisions in previous formalizations. We consequently provide a clean security model for dynamic domain-specific pseudonymous signatures, where we correctly address the dynamic and adaptive case. Second, we note that using group signatures is somehow an overkill for constructing DSPS, and we provide an optimized construction that achieves the same strong level of security while being more efficient. Finally, we study the implementation of our protocol in a chip and show that our solution is well-suited for these limited environments. In particular, we propose a secure protocol for delegating the most demanding operations from the chip to the reader.

Idea: Embedded Fault Injection Simulator on Smartcard

Smartcard implementations are prone to perturbation attacks that consist in changing the normal behavior of components in order to create exploitable errors. Perturbation attacks could be realized by different means such as laser beams involving costly and complex injection platforms. In the context of black box or grey box evaluation, there is a strong necessity of identifying fault injection vulnerabilities in developed products. This is why we propose to integrate the injection mechanism straight into the smartcard project. The embedded fault simulator program is thus integrated with the chip software and its effects can be analyzed by side-channel observations, which is not the case with any existing fault simulators. In this paper, we present this new concept and its architectural design. We show then how to implement the simulator on a real smartcard product. Finally, to validate this approach, we study the functional and side-channel impact of fault injection on a standard algorithm provided by the host smartcard.

On Physical Obfuscation of Cryptographic Algorithms

We describe a solution for physically obfuscating the representation of a cipher, to augment chips resistance against physical threats, by combining ideas from masking techniques and Physical Obfuscated Keys (POKs). With embedded chips --- like RFID tags --- as main motivation, we apply this strategy to the representation of a Linear Feedback Shift Register (LFSR). The application of this technique to LFSR-based stream ciphers, such as the Self Shrinking Generator, enables to share key materials between several chips within a system while increasing the resistance of the system against compromise of chips. An extension of our ideas to non-linear ciphers is also presented with an illustration onto Trivium.

Password based key exchange protocols on elliptic curves which conceal the public parameters

We here describe a new Password-based Authenticated Key Exchange (PAKE) protocol based on elliptic curve cryptography. We prove it secure in the Bellare-Pointcheval-Rogaway (BPR) model. A significant novelty in our work is that the elliptic curve public parameters remain private. This is important in the context of ID contactless devices as, in this case, there will exist most probably a way to link these parameters with the nationality of the ID document owners.

Practical identification with encrypted biometric data using oblivious RAM

Bringer et al. introduced a new primitive that enables identification over encrypted biometric data stored on a remote database and that preserves the privacy of the database users toward the database holder. The tools used in their scheme however rely on heavy cryptographic protocols that prevent it from being used in practice for large databases. We modify their technique using Oblivious RAM and prove its usability by an implementation adapted to iris recognition. For a database of 250,000 IrisCodes, only 3.6 MB of data need to be locally stored and an identification request using our new protocol requires less than 350 ms of computation time.