Research On Secure Biometric Hashing Method Against Relation-based Attacks

The development of big data and cloud has brought a lot of convenience to people's lives,but more and more personal data has been transmitted to the cloud,which caused people's concern about privacy.In particular,biometric data,such as the face,iris,fingerprint,are recorded by the biometric system and then transferred to the database.Once they are attacked,they directly disclose the user's identity and cannot be used for life.Since the biometric hashing encodes the biometrics into binary strings,it is difficult for attackers to directly restore the original biometric through the hash code,and the hash code has the advantages of small computation and high storage efficiency,which leads to the widespread application of the biometric hashing method in the biometric system.However,in recent years,there have been a series of attacks against the biometric hashing method,which has a huge threat to people's privacy.Through the analysis of these attack methods,we find that the effectiveness of these attacks comes from the leakage of distance information in the original biometric space.Based on this,we unify these attack methods to the relation-based attack and propose a secure biometric hashing method(SBH-RA)to defend against relation-based attack.The main contributions of this paper are as follows:1.We model and analyze the relation-based attacks,and find that the key to defense attacks is to reduce the leakage of distance information between the original biometrics.On this basis,the probability-based security target and availability target are defined to make the defense capability of relation-based attack as an evaluable quantity.2.We measure the information leakage to obtain the optimal secure biometric hashing target,and then use the interval length ratio to replace the probability to transform the target.On this basis,for the distance mapping from the original biometric space to the hash space,two constraints are designed,so as to obtain the conditions that the secure biometric hashing method needs to meet.3.Based on the residual network and quantization network,we implement a secure biometric hashing method against relation-based attack,which we call SBH-RA.After that,we analyze the security of this method under black-box attack and white-box attack.Finally,we compare SBH-RA with other existing methods in the iris dataset and face dataset.The experimental results show that the hash code generated by our proposed method is not only secure,but also usable,and has a certain practical value in the biometric system.