Post-Quantum Secure Biometric Systems
Abstract
Biometrics, which is defined as the automated recognition of individuals based on their behavioural and biological characteristics, can be applied to increase the trust and usability of digital interactions. Due to their uniqueness and persistence, biometric characteristics allow for a reliable connection between an individual and their digital identity.
However, these same properties of uniqueness and persistence also give rise to privacy concerns. Therefore, this thesis investigates the cryptographic protection of biometric systems. If such protection is built from classical cryptography, it has two main shortcomings: firstly, it is limited in the type of computations that can be performed on the encrypted data, and secondly, it does not provide longterm protection against threats posed by quantum computers.
Fully homomorphic encryption can mitigate both of the aforementioned concerns. Based on hard lattice problems, it falls into a new category of mathematical problems that are believed to withstand known quantum computing attacks, called post-quantum cryptography. However, its practical efficiency remains an open challenge. Therefore, this thesis studies the efficiency of biometric systems under fully holomorphic encryption.
In addition, this thesis addresses how biometric characteristics can be used to facilitate cryptographic key exchange, where a shared key for encrypted communication between a client and a server is computed correctly if and only if the biometric verification was successful. As with biometric comparisons in the encrypted domain, the security of such schemes against quantum computing threats needs to be considered in order to achieve a lasting protection of the sensitive biometric information.
Finally, the security of biometric information protection against malicious adversaries, which can deviate arbitrarily from a given protocol, and its impact on the computational efficiency are investigated in this thesis.
Has parts
Paper 1: Bauspieß, Pia; Vad, Lasse; Myrekrok, Håvard Borgen; Costache, Anamaria; Kolberg, Jascha; Rathgeb, Christian; Busch, Christoph. On the Feasibility of Fully Homomorphic Encryption of Minutiae-Based Fingerprint Representations. ICISSP 2023 ;Volum 1. s. 462-470. Published by SciTePress. This article is licensed under a Creative Commons Attribution 4.0 International License CC BY-NC-ND. DOI: http://dx.doi.org/10.5220/0011657100003405Paper 2: Bauspieß, Pia; Grimmer, Marcel; Fougner, Cecilie; Le Vasseur, Damien; Stöcklin, Thomas Thaulow; Rathgeb, Christian; Kolberg, Jascha; Costache, Anamaria; Busch, Christoph. HEBI: Homomorphically Encrypted Biometric Indexing. I: 2023 IEEE International Joint Conference on Biometrics (IJCB): [Proceedings]. Institute of Electrical and Electronics Engineers (IEEE) 2023 ISBN 979-8-3503-3726-6. s. – Copyright © 2023 IEEE. Available at: http://dx.doi.org/10.1109/IJCB57857.2023.10448618
Paper 3: Bauspieß, Pia; Zok, Chiara-Marie; Costache, Anamaria; Rathgeb, Christian; Kolberg, Jascha; Busch, Christoph. MT-PRO: Multibiometric Template Protection Based On Homomorphic Transciphering. IEEE International Workshop on Information Forensics and Security (WIFS) 2023 s. - Copyright © 2023 IEEE. Available at: http://dx.doi.org/10.1109/WIFS58808.2023.10374697
Paper 4: Bauspieß, Pia; Bours, Patrick Adrianus; Rathgeb, Christian; Busch, Christoph. Type2: A Secure and Seamless Biometric Two-Factor Authentication Protocol Using Key stroke Dynamics. NIKT: Norsk IKT-konferanse for forskning og utdanning 2023 (3) s. – Published at Norwegian Information Security Conference (NISK).
Paper 5: Silde, Tjerand Aga; Bauspieß, Pia; Costache, Anamaria; Poljuha, Matej; Tullot, Alexandre; Rathgeb, Christian; Kolberg, Jascha; Busch, Christoph. BRAKE: Biometric Resilient Authenticated Key Exchange. IEEE Access 2024 ;Volum 12. s. 46596-46615. Published by IEEE. Open Access, this article is licensed under a Creative Commons Attribution 4.0 International License CC BY-NC-ND. Available at: http://dx.doi.org/10.1109/ACCESS.2024.3380915
Paper 6: Bauspieß, Pia. Post-Quantum Secure Biometric Systems: An Overview. This paper is submitted for publication and is therefore not included.