Verifiable Biometric Matching

20/ Feb/ 2018

Several applications rely on biometrics to authenticate users. Since performing a biometric matching requires advanced technical knowledge, companies may prefer to delegate this computation to a specialized cloud server. Our Verifiable Biometric Matching enhances the confidence in a delegated biometric matching by adding a proof that the result of the computation is correct.

Verifiable Computing is a recent research area which aims at proving that a computation was correctly executed, making no assumption about the possible failures nor using specialized hardware. We perform the proof computation using a general purpose verifiable computation scheme which produces a short proof that the biometric matching was correct. In existing schemes, the bottleneck is the prover time. Thus, in order to decrease the proof computation time, we represent efficiently the computation to verify and achieve performance improvement for the prover.

All the general purpose verifiable computing systems can verify computations with elements belonging to a large finite field; typically, the field elements are about 250 bit long.

We leverage the shorter size of the input elements in a biometric matching (16 or 32 bit each) to define a multiplexing technique: we pack several input elements of the matching into a single field element and thus perform several multiplications simultaneously. This results in a more efficient computation and therefore decreases the prover time compared with using existing verifiable computing systems. We fine-tuned the parameters to pack the maximum of inputs while still being able to recover the final result.

Online banks begin to rely on biometrics for smartphone applications and therefore delegate the matching process to specialized companies. Adding a proof of correctness to the computation enables the bank to audit the company to which the biometric matching was delegated and thus incentivizes the delegation of biometric authentication.