Secure and Efficient Protocols for Iris and Fingerprint Identification

  • Marina Blanton
  • Paolo Gasti
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6879)


Recent advances in biometric recognition and the increasing use of biometric data prompt significant privacy challenges associated with the possible misuse, loss, or theft of biometric data. Biometric matching is often performed by two mutually distrustful parties, one of which holds one biometric image while the other owns a possibly large biometric collection. Due to privacy and liability considerations, neither party is willing to share its data. This gives rise to the need to develop secure computation techniques over biometric data where no information is revealed to the parties except the outcome of the comparison or search. To address the problem, in this work we develop and implement the first privacy-preserving identification protocol for iris codes. We also design and implement a secure protocol for fingerprint identification based on FingerCodes with a substantial improvement in the performance compared to existing solutions. We show that new techniques and optimizations employed in this work allow us to achieve particularly efficient protocols suitable for large data sets and obtain notable performance gain compared to the state-of-the-art prior work.


Encryption Scheme Biometric Data Homomorphic Encryption Oblivious Transfer Iris Recognition 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Atallah, M., Bykova, M., Li, J., Frikken, K., Topkara, M.: Private collaborative forecasting and benchmarking. In: ACM Workshop on Privacy in the Electronic Society (WPES), pp. 103–114 (2004)Google Scholar
  2. 2.
    Barbosa, M., Brouard, T., Cauchie, S., de Sousa, S.M.: Secure biometric authentication with improved accuracy. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 21–36. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  3. 3.
    Barni, M., Bianchi, T., Catalano, D., Di Raimondo, M., Labati, R., Failla, P., Fiore, D., Lazzeretti, R., Piuri, V., Scotti, F., Piva, A.: Privacy-preserving fingercode authentication. In: ACM Workshop on Multimedia and Security (MM&Sec), pp. 231–240 (2010)Google Scholar
  4. 4.
    Barzegar, N., Moin, M.: A new user dependent iris recognition system based on an area preserving pointwise level set segmentation approach. EURASIP Journal on Advances in Signal Processing, 1–13 (2009)Google Scholar
  5. 5.
    Blanton, M.: Empirical evaluation of secure two-party computation models. Technical Report TR 2005-58, CERIAS, Purdue University (2005)Google Scholar
  6. 6.
    Blanton, M., Aliasgari, M.: Secure computation of biometric matching. Technical Report 2009-03, Department of Computer Science and Engineering, University of Notre Dame (2009)Google Scholar
  7. 7.
    Blanton, M., Gasti, P.: Secure and Efficient Protocols for Iris and Fingerprint Identification. Cryptology ePrint Archive, Report 2010/627 (2010),
  8. 8.
    Bringer, J., Chabanne, H., Izabachène, M., Pointcheval, D., Tang, Q., Zimmer, S.: An Application of the Goldwasser-Micali Cryptosystem to Biometric Authentication. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 96–106. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Bunn, P., Ostrovsky, R.: Secure two-party k-means clustering. In: ACM Conference on Computer and Communications Security (CCS), pp. 486–497 (2007)Google Scholar
  10. 10.
    Catrina, O., Saxena, A.: Secure computation with fixed-point numbers. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 35–50. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  11. 11.
    Cramer, R., Damgård, I.B., Nielsen, J.B.: Multiparty computation from threshold homomorphic encryption. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 280–300. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Damgård, I., Geisler, M., Krøigård, M.: A correction to efficient and secure comparison for on-line auctions. Cryptology ePrint Archive, Report 2008/321 (2008)Google Scholar
  13. 13.
    Damgård, I., Geisler, M., Krøigård, M.: Homomorphic encryption and secure comparison. Journal of Applied Cryptology 1(1), 22–31 (2008)MathSciNetGoogle Scholar
  14. 14.
    Damgård, I., Geisler, M., Krøigaard, M., Nielsen, J.B.: Asynchronous multiparty computation: Theory and implementation. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 160–179. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  15. 15.
    Daugman, J.: How iris recognition works. IEEE Transactions on Circuits and Systems for Video Technology 14(1), 21–30 (2004)CrossRefGoogle Scholar
  16. 16.
    Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., Toft, T.: Privacy-preserving face recognition. In: Goldberg, I., Atallah, M.J. (eds.) PETS 2009. LNCS, vol. 5672, pp. 235–253. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  17. 17.
    Frikken, K.B.: Privacy-preserving set union. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 237–252. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    Henecka, W., Kogl, S., Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: TASTY: Tool for Automating Secure Two-partY computations. In: ACM Conference on Computer and Communications Security (CCS), pp. 451–462 (2010)Google Scholar
  19. 19.
    Hoens, T., Blanton, M., Chawla, N.: A private and reliable recommendation system using a social network. In: IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT), pp. 816–825 (2010)Google Scholar
  20. 20.
    Hollingsworth, K., Bowyer, K., Flynn, P.: The best bits in an iris code. IEEE Transactions on Pattern Analysis and Machine Intelligence 31(6), 964–973 (2009)CrossRefGoogle Scholar
  21. 21.
  22. 22.
    Multiprecision Integer and Rational Arithmetic C/C++ Library,
  23. 23.
    IrisGuard Press Release,
  24. 24.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  25. 25.
    Jain, A., Prabhakar, S., Hong, L., Pankanti, S.: Filterbank-based fingerprint matching. IEEE Transactions on Image Processing 9(5), 846–859 (2000)CrossRefGoogle Scholar
  26. 26.
    Kolesnikov, V., Sadeghi, A.-R., Schneider, T.: Improved garbled circuit building blocks and applications to auctions and computing minima. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 1–20. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Kolesnikov, V., Schneider, T.: Improved garbled circuit: Free XOR gates and applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  28. 28.
    Lindell, Y., Pinkas, B., Smart, N.P.: Implementing two-party computation efficiently with security against malicious adversaries. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 2–20. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  29. 29.
    Freedman, M.J., Nissim, K., Pinkas, B.: Efficient private matching and set intersection. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 1–19. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  30. 30.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay – a secure two-party computation system. In: USENIX Security Symposium, pp. 287–302 (2004)Google Scholar
  31. 31.
    Maltoni, D., Maio, D., Jain, A., Prabhakar, S.: Hanbook of Fingerprint Recognition, 2nd edn. Springer, Heidelberg (2009)CrossRefzbMATHGoogle Scholar
  32. 32.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: ACM-SIAM Symposium on Discrete Algorithms (SODA), pp. 448–457 (2001)Google Scholar
  33. 33.
    Osadchy, M., Pinkas, B., Jarrous, A., Moskovich, B.: SCiFI – A system for secure face identification. In: IEEE Symposium on Security and Privacy, pp. 239–254 (2010)Google Scholar
  34. 34.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  35. 35.
    Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure two-party computation is practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  36. 36.
    Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: ACM Symposium on Theory of Computing (STOC), pp. 73–85 (1989)Google Scholar
  37. 37.
    Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: Efficient privacy-preserving face recognition. In: Lee, D., Hong, S. (eds.) ICISC 2009. LNCS, vol. 5984, pp. 229–244. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  38. 38.
    Troncoso-Pastoriza, J., Katzenbeisser, S., Celik, M.: Privacy preserving error resilient DNA searching through oblivious automata. In: ACM Conference on Computer and Communications Security (CCS), pp. 519–528 (2007)Google Scholar
  39. 39.
    Yao, A.: How to generate and exchange secrets. In: IEEE Symposium on Foundations of Computer Science (FOCS), pp. 162–167 (1986)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Marina Blanton
    • 1
  • Paolo Gasti
    • 2
  1. 1.Department of Computer Science and EngineeringUniversity of Notre DameUSA
  2. 2.Department of Information and Computer ScienceUniversity of CaliforniaIrvineUSA

Personalised recommendations