A Theoretical Analysis of Authentication, Privacy and Reusability Across Secure Biometric Systems

Details A Theoretical Analysis of Authentication, Privacy and Reusability Across Secure Biometric Systems A Theoretical Analysis of Authentication, Privacy and Reusability Across Secure Biometric Systems

2011-12-23

arxiv.org/abs/1112.5630v1

Computer Science

Information Theory

15 pages

Scientific paper

We present a theoretical framework for the analysis of privacy and security tradeoffs in secure biometric authentication systems. We use this framework to conduct a comparative information-theoretic analysis of two biometric systems that are based on linear error correction codes, namely fuzzy commitment and secure sketches. We derive upper bounds for the probability of false rejection ($P_{FR}$) and false acceptance ($P_{FA}$) for these systems. We use mutual information to quantify the information leaked about a user's biometric identity, in the scenario where one or multiple biometric enrollments of the user are fully or partially compromised. We also quantify the probability of successful attack ($P_{SA}$) based on the compromised information. Our analysis reveals that fuzzy commitment and secure sketch systems have identical $P_{FR}, P_{FA}, P_{SA}$ and information leakage, but secure sketch systems have lower storage requirements. We analyze both single-factor (keyless) and two-factor (key-based) variants of secure biometrics, and consider the most general scenarios in which a single user may provide noisy biometric enrollments at several access control devices, some of which may be subsequently compromised by an attacker. Our analysis highlights the revocability and reusability properties of key-based systems and exposes a subtle design tradeoff between reducing information leakage from compromised systems and preventing successful attacks on systems whose data have not been compromised.

Affiliated with

Also associated with

No associations

Rating

A Theoretical Analysis of Authentication, Privacy and Reusability Across Secure Biometric Systems does not yet have a rating. At this time, there are no reviews or comments for this scientific paper.

If you have personal experience with A Theoretical Analysis of Authentication, Privacy and Reusability Across Secure Biometric Systems, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and A Theoretical Analysis of Authentication, Privacy and Reusability Across Secure Biometric Systems will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFWR-SCP-O-193048