Abstract
Biometric identification (BI) is the task of searching a pre-established biometric database to find a matching record for an enquiring biometric trait sampled from an unknown individual of interest. This has recently been aided with cloud computing, which brings a lot of convenience but simultaneously arouses new privacy concerns. Two cloud aided BI schemes pursuing privacy preserving have recently been proposed by Wang et al. in ESORICS ’15. In this paper, we propose several elaborately designed attacks to reveal the security breaches in these two schemes. Theoretical analysis is given to validate our proposed attacks, which indicates that via such attacks the cloud server can accurately infer the outsourced database and the identification request.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bolle, R., Pankanti, S.: Biometrics: Personal Identification in Networked Society. Kluwer Academic Publishers, Norwell (1998)
Jain, A.K., Hong, L., Pankanti, S.: Biometric identification. Commun. ACM 43, 90–98 (2000)
Marstona, S., Li, Z., Bandyopadhyay, S., Zhang, J., Ghalsasi, A.: Cloud computing - The business perspective. Decis. Support Syst. 51, 176–189 (2011)
Al-Assam, H., Jassim, S.: Security evaluation of biometric keys. Comput. Secur. 31, 151–163 (2012)
Huang, Y., Malka, L., Evans, D., Katz, J.: Efficient privacy-preserving biometric identification. In: 18th Annual Network & Distributed System Security Symposium NDSS 2011, February 2011
Blanton, M., Aliasgari, M.: Secure outsourced computation of iris matching. J. Comput. Secur. 20, 259–305 (2012)
Chun, H., Elmehdwi, Y., Li, F., Bhattacharya, P., Jiang, W.: Outsourceable two-party privacy-preserving biometric authentication. In: 9th Symposium on Information, Computer and Communications Security ASIACCS 2014, pp. 401–412. ACM (2014)
Yuan, J., Yu, S.: Efficient privacy-preserving biometric identification in cloud computing. In: 32nd IEEE International Conference on Computer Communications INFOCOM 2013, pp. 2652–2660. IEEE (2013)
Wang, N., Hu, S., Ren, K., He, M., Du, M., Wang, Z.: CloudBI: practical privacy-preserving outsourcing of biometric identification in the cloud. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS. Springer, Heidelberg (2015)
Strang, G.: Introduction to Linear Algebra. Wellesley, Cambridge (2009)
Oliveira, S.R.M., Zaiane, O.R.: Privacy preserving clustering by data transformation. J. Inf. Data Manag. 1, 53–56 (2010)
Wong, W.K., Cheung, D.W., Kao, B., Mamoulis, N.: Secure kNN computation on encrypted databases. In: 28th ACM International Conference on Management of Data, SIGMOD 2009, pp. 139–152. ACM (2009)
Liu, K., Giannella, C.M., Kargupta, H.: An attacker’s view of distance preserving maps for privacy preserving data mining. In: Fürnkranz, J., Scheffer, T., Spiliopoulou, M. (eds.) PKDD 2006. LNCS (LNAI), vol. 4213, pp. 297–308. Springer, Heidelberg (2006)
Acknowledgment
The authors would like to thank the anonymous reviewers for their valuable comments. This work was supported by the National Natural Science Foundation of China under Grant 61272479, the National 973 Program of China under Grant 2013CB338001, and the Strategic Priority Research Program of Chinese Academy of Sciences under Grant XDA06010702
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Pan, S., Yan, S., Zhu, WT. (2016). Security Analysis on Privacy-Preserving Cloud Aided Biometric Identification Schemes. In: Liu, J., Steinfeld, R. (eds) Information Security and Privacy. ACISP 2016. Lecture Notes in Computer Science(), vol 9723. Springer, Cham. https://doi.org/10.1007/978-3-319-40367-0_29
Download citation
DOI: https://doi.org/10.1007/978-3-319-40367-0_29
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40366-3
Online ISBN: 978-3-319-40367-0
eBook Packages: Computer ScienceComputer Science (R0)