Privacy in Biometrics

The privacy protection of the biometric data is an important research topic, especially in the case of distributed biometric systems. In this scenario, it is very important to guarantee that biometric data cannot be steeled by anyone, and that the biometric clients are unable to gather any information different from the single user verification/identification. In a biometric system with high level of privacy compliance, also the server that processes the biometric matching should not learn anything on the database and it should be impossible for the server to exploit the resulting matching values in order to extract any knowledge about the user presence or behavior. Within this conceptual framework, in this we propose a novel complete demonstrator based on a distributed biometric system that is capable to protect the privacy of the individuals by exploiting cryptosystems. The implemented system computes the matching task in the encrypted domain by exploiting homomorphic encryption and using Fingercode templates. The demonstrator has been fully implemented and tested in real applicative conditions.

The proposed system

The encryption method


This work was supported in part by the MIUR (Ministero dell’Università e della Ricerca) under Grant 2007JXH7ET. The research was also supported in part by the EU within the 7FP project "PrimeLife" under grant agreement 216483.
  • R. Donida Labati, V. Piuri, F. Scotti, "Biometric privacy protection: guidelines and technologies", in Communications in Computer and Information Science, M. S. Obaidat, J.S. Sevillano, F. Joaquim (eds.), Springer, pp. 3-19, 2012. ISBN: 978-3-642-35754-1. [DOI: 10.1007/978-3-642-35755-8_1][PDF]
  • S. Cimato, R. Sassi, F. Scotti, "Biometric Privacy", in Encyclopedia of Cryptography and Security (2nd ed.), H.C.A. van Tilborg, S. Jajodia (eds.), Springer, pp. 101 - 104, 2011. ISBN: 978-1-4419-5905-8. [DOI: 10.1007/978-1-4419-5906-5]
  • M. Barni, T. Bianchi, D. Catalano and M. Di Raimondo, R. Donida Labati and P. Failla, D. Fiore, R. Lazzeretti, V. Piuri, F. Scotti and A. Piva, "Privacy-preserving fingercode authentication", in Proc. of the 2010 ACM Workshop on Multimedia and Security, New York, NY, USA, pp. 231-240, September 9-10, 2010. ISBN: 978-1-4503-0286-9. [DOI: 10.1145/1854229.1854270][PDF]
  • M. Barni, T. Bianchi, D. Catalano, M. Di Raimondo, R. Donida Labati , P. Failla, D. Fiore, R. Lazzeretti, V. Piuri and F. Scotti, A. Piva, "A privacy-compliant fingerprint recognition system based on homomorphic encryption and FingerCode templates", in Proc. of the 2010 IEEE Int. Conf. on Biometrics: Theory Applications and Systems (BTAS 2010), Washington, D.C., USA, pp. 1-7, September 27-29, 2010. ISBN: 978-1-4244-7580-3. [DOI: 10.1109/BTAS.2010.5634527][PDF]
  • S. Cimato, M. Gamassi, V. Piuri, R. Sassi, F. Scotti, "Privacy in biometrics", in Biometrics: theory, methods, and applications, N.V. Boulgouris, K.N. Plataniotis, E. Micheli-Tzanakou (eds.), Wiley-IEEE Press, pp. 633-654, 2009. ISBN: 978-0-470-24782-2. [DOI: 10.1002/9780470522356.ch25]
  • S. Cimato, R. Sassi, F. Scotti, "Biometrics and privacy", in Recent Patents on Computer Science, pp. 98-109, June, 2008. ISSN: 1874-4796. [Link]
  • S. Cimato, M. Gamassi, V. Piuri, R. Sassi, F. Scotti, "A biometric verification system addressing privacy concerns", in Proc. of the 2007 Int. Conf. on Computational Intelligence and Security (CIS 2007), Harbin, China, pp. 594-598, December 15-19, 2007. ISBN: 978-0-7695-2823-6. [DOI: 10.1109/CIS.2007.117][PDF]
  • S. Cimato, M. Gamassi, V. Piuri, R. Sassi, F. Scotti, "Privacy issues in biometric identification", in Touch Briefings, Business Briefings LtD, pp. 40-42, 2006. ISBN: 1-905-05296-0. [Link][PDF]