Verifiable Delegation of Computation in the Setting of Privacy-Preserving Biometric Authentication Master of Science Thesis in Computer Systems and Networks

Cloud computing has gained popularity due to the growth of internet and the number of devices. Although outsourcing computation tasks to the remote cloud come with great convenience, there are increasing concerns regarding data privacy and computation integrity since the cloud providers are external third parties. Verifiable computation (VC) is a mechanism to let the client verify the computation result returned by the cloud as an integrity guarantee, which can be widely applied in various scenarios of computation outsourcing. In this thesis work we focus specifically on the setting of biometric authentication systems, where a user is granted access to some service based on biometric templates matching. It is very important to preserve the privacy of these templates as they contain many private information. Privacy-preserving can be achieved by homomorphic encryption, where the computation server only stores and performs computations on encrypted templates. Yasuda et al. proposed a biometric authentication scheme based on such mechanism [3]. However, a template recovery attack was discovered in the scheme as a result of malicious computation server and lack of integrity check [4]. The goal of this theory-oriented thesis is to choose a suitable VC scheme and integrate it into the biometric authentication scheme by Yasuda et al. in order to counter the aforementioned attack. The outcome is a new scheme BVC that allows the client to verify the correctness of the result returned by the computation server while preserving the authentication functionalities and templates privacy. We provided a general scheme description, a protocol description showing the interaction of different parties, and more importantly the actual construction of BVC with security and correctness analyses. In addition, we reflected on the template recovery attack and showed that the order combining a VC and homomorphic encryption is very critical. We presented an attack algorithm for malicious cloud to comprise the privacy of the computation outcome if the order is done in a wrong way.