Security Analysis on Privacy-Preserving Cloud Aided Biometric Identification Schemes

Pan, Shiran; Yan, Shen; Zhu, Wen-Tao

doi:10.1007/978-3-319-40367-0_29

Shiran Pan^15,16,17,
Shen Yan^15,16,17 &
Wen-Tao Zhu^15,16

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9723))

Included in the following conference series:

Australasian Conference on Information Security and Privacy

1150 Accesses
6 Citations

Abstract

Biometric identification (BI) is the task of searching a pre-established biometric database to find a matching record for an enquiring biometric trait sampled from an unknown individual of interest. This has recently been aided with cloud computing, which brings a lot of convenience but simultaneously arouses new privacy concerns. Two cloud aided BI schemes pursuing privacy preserving have recently been proposed by Wang et al. in ESORICS ’15. In this paper, we propose several elaborately designed attacks to reveal the security breaches in these two schemes. Theoretical analysis is given to validate our proposed attacks, which indicates that via such attacks the cloud server can accurately infer the outsourced database and the identification request.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Bolle, R., Pankanti, S.: Biometrics: Personal Identification in Networked Society. Kluwer Academic Publishers, Norwell (1998)
Google Scholar
Jain, A.K., Hong, L., Pankanti, S.: Biometric identification. Commun. ACM 43, 90–98 (2000)
Article Google Scholar
Marstona, S., Li, Z., Bandyopadhyay, S., Zhang, J., Ghalsasi, A.: Cloud computing - The business perspective. Decis. Support Syst. 51, 176–189 (2011)
Article Google Scholar
Al-Assam, H., Jassim, S.: Security evaluation of biometric keys. Comput. Secur. 31, 151–163 (2012)
Article Google Scholar
Huang, Y., Malka, L., Evans, D., Katz, J.: Efficient privacy-preserving biometric identification. In: 18th Annual Network & Distributed System Security Symposium NDSS 2011, February 2011
Google Scholar
Blanton, M., Aliasgari, M.: Secure outsourced computation of iris matching. J. Comput. Secur. 20, 259–305 (2012)
Article Google Scholar
Chun, H., Elmehdwi, Y., Li, F., Bhattacharya, P., Jiang, W.: Outsourceable two-party privacy-preserving biometric authentication. In: 9th Symposium on Information, Computer and Communications Security ASIACCS 2014, pp. 401–412. ACM (2014)
Google Scholar
Yuan, J., Yu, S.: Efficient privacy-preserving biometric identification in cloud computing. In: 32nd IEEE International Conference on Computer Communications INFOCOM 2013, pp. 2652–2660. IEEE (2013)
Google Scholar
Wang, N., Hu, S., Ren, K., He, M., Du, M., Wang, Z.: CloudBI: practical privacy-preserving outsourcing of biometric identification in the cloud. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS. Springer, Heidelberg (2015)
Google Scholar
Strang, G.: Introduction to Linear Algebra. Wellesley, Cambridge (2009)
MATH Google Scholar
Oliveira, S.R.M., Zaiane, O.R.: Privacy preserving clustering by data transformation. J. Inf. Data Manag. 1, 53–56 (2010)
Google Scholar
Wong, W.K., Cheung, D.W., Kao, B., Mamoulis, N.: Secure kNN computation on encrypted databases. In: 28th ACM International Conference on Management of Data, SIGMOD 2009, pp. 139–152. ACM (2009)
Google Scholar
Liu, K., Giannella, C.M., Kargupta, H.: An attacker’s view of distance preserving maps for privacy preserving data mining. In: Fürnkranz, J., Scheffer, T., Spiliopoulou, M. (eds.) PKDD 2006. LNCS (LNAI), vol. 4213, pp. 297–308. Springer, Heidelberg (2006)
Chapter Google Scholar

Download references

Acknowledgment

The authors would like to thank the anonymous reviewers for their valuable comments. This work was supported by the National Natural Science Foundation of China under Grant 61272479, the National 973 Program of China under Grant 2013CB338001, and the Strategic Priority Research Program of Chinese Academy of Sciences under Grant XDA06010702

Author information

Authors and Affiliations

State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China
Shiran Pan, Shen Yan & Wen-Tao Zhu
Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing, China
Shiran Pan, Shen Yan & Wen-Tao Zhu
University of Chinese Academy of Sciences, Beijing, China
Shiran Pan & Shen Yan

Authors

Shiran Pan
View author publications
You can also search for this author in PubMed Google Scholar
Shen Yan
View author publications
You can also search for this author in PubMed Google Scholar
Wen-Tao Zhu
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wen-Tao Zhu .

Editor information

Editors and Affiliations

Monash University , Melbourne, Victoria, Australia
Joseph K. Liu
Monash University , Melbourne, Victoria, Australia
Ron Steinfeld

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Pan, S., Yan, S., Zhu, WT. (2016). Security Analysis on Privacy-Preserving Cloud Aided Biometric Identification Schemes. In: Liu, J., Steinfeld, R. (eds) Information Security and Privacy. ACISP 2016. Lecture Notes in Computer Science(), vol 9723. Springer, Cham. https://doi.org/10.1007/978-3-319-40367-0_29

Download citation

DOI: https://doi.org/10.1007/978-3-319-40367-0_29
Published: 30 June 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40366-3
Online ISBN: 978-3-319-40367-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics