Secure Biometric Computation and Outsourcing

Biometric computations are becoming increasingly popular, and their impact in real world applications is undeniable. There are different types of biometric data used in a variety of applications such as biometric recognition including verification and identification. Because of the highly sensitive nature of biometric data, its protection is essential during biometric computations.

Based on the computations that need to be carried out and the type of biometric data, there is a need for application-specific privacy preserving solutions. These solutions can be provided by developing secure biometric computations in a way that no information gets revealed during the protocol execution. In some biometric applications (e.g. verification and identification), data is distributed amongst different parties engaged in computations. In some other applications, the execution of computations is bounded by the computational power of the parties, motivating the use of cloud or external servers. In both these cases, 1) there is a higher risk for sensitive data to be disclosed, making secure biometric protocols a prominent need for such practical applications, 2) it is more challenging to develop novel and efficient solutions for these computational settings, making the design of secure biometric protocols a research-worthy effort.

In our research, we worked on three different biometric modalities which require various computational settings. In more detail:

• We focused on voice recognition in semi-honest and malicious adversarial mod- els using floating point arithmetic (the most common and accurate type of data for voice recognition). Based on the application, we considered two secure computational settings which are two-party and multi-party settings. For this purpose, we designed new secure floating-point operations necessary for voice recognition computations.
• We designed novel and general approaches to securely compute three genomic tests (i.e., paternity, ancestry, and genomic compatibility). We considered server aided two-party computation for those applications. Also, based on the genomic computational settings we proposed novel certified inputs technique to provide stronger security guarantees with respect to malicious users.
• We built secure fingerprint recognition protocols which include both alignment (for the first time) and matching processes. The solutions were proposed in both two-party and multi-party computational settings. We also designed a num- ber of new secure and efficient protocols for essential operations in fingerprint recognition process.

To the best of our knowledge, our unique contributions in different biometric modalities largely benefit the field of secure biometric computation. Our solutions consider the nature of computational setting (two-party and multi-party settings) of biometric applications in practice and efficiently protect the data during the computations. In addition, our secure protocols and building blocks are general and can be used for other applications where the same data types and settings are used.