Biometrics

3. Main Threats against Privacy-Preserving Biometric Authentication Systems

3.2. A Biometric Reference Recovery Attack

The most successful strategy to perform a biometric reference recovery attack is to use a hill-climbing technique to perform a centre search attack. The attack can be launched under three conditions:

(1)The adversary is in possession of a matching template (maybe spoofed) for the target biometric reference.

(2)The adversary is able to see the output of the authentication process

$(OUT_{\mathscr{A}\mathcal{S}})$ . For instance, this information could be in an access control system, a door that is opening.

(3)The matching process between a fresh and a stored template relies on specific distances, called leaking distances, which include the Euclidean and the Hamming distance.

Figure 3 provides an intuition of the attack strategy. In the example (Figure 3) the stored reference template is the point

$b = (6, 3)$ and the given matching

$b^{'}$ is in the point

$(6, 4)$ . The matching templates are the points in the region delimited by the green circle. The adversary starts from the first component of the given matching template, the point

$(6, 4)$ , and increments it repeatedly by a factor 1. When rejected, on the point

$(9, 4)$ denoted by the red bullet with a white cross, the attacker learns that the previous point is the last one inside the acceptance circle. The same strategy is repeated starting from the point

$b^{'}$ and decreasing (by a factor 1 each time) the first component until rejection, and for the other component of the template. After discovering the coordinates of the four boundary points in the acceptance circle, the attacker can compute the coordinates of its centre, that is, find the digital representation of the biometric reference template.

Figure 3

Example of a recovery template attack for a BAS with biometric traits represented as vectors in

$\mathbb{Z}_{10}^{2}$ and with threshold

$\tau = 2$ . The values are chosen ad hoc to be able to picture the example in an easy and intuitive way and do not reflect the parameters used in real applications (usually,

$q$ is smaller than

$n$ and

$n \gg \tau$ is in the order of 2048).

This reference recovery attack is very efficient as it only requires a number of authentication attempts that are linear in the length of the biometric template. Moreover, it can be mounted against many biometric authentication systems (privacy-preserving or not) and even systems that employ secure multiparty computation techniques including somewhat homomorphic encryption.

Another strategy to perform biometric reference recovery attacks is to gain access to the database and try to decrypt the target template. This approach, however, is way less successful since normally the employed cryptographic techniques used to protect the templates' privacy are proven to be secure.