Privacy-preserving biometrics authentication systems using fully homomorphic encryption

The purpose of this paper is to determine the effectiveness of using fully homomorphic encryption (FHE) to preserve the privacy of biometric data in an authentication system. Biometrics offers higher accuracy for personal recognition than traditional methods because of its properties. Biometric data are permanently linked with an individual and cannot be revoked or cancelled, especially when biometric data are compromised, leading to privacy issues.

By reviewing current approaches, FHE is considered as a promising solution for the privacy issue because of its ability to perform computations in the encrypted domain. The authors studied the effectiveness of FHE in biometric authentication systems. In doing so, the authors undertake the study by implementing a protocol for biometric authentication system using iris.

The security analysis of the implementation scheme demonstrates the effectiveness of FHE to protect the privacy of biometric data, as unlimited operations can be performed in the encrypted domain, and the FHE secret key is not shared with any other party during the authentication protocol.

The use of malicious model in the design of the authentication protocol to improve the privacy, packing methods and use of low-level programming language to enhance performance of the system needs to be further investigated.

The main contributions of this paper are the implementation of a privacy-preserving iris biometric authentication protocol adapted to lattice-based FHE and a sound security analysis of authentication and privacy.