Research And Implementation On Searchable Encrypted Facial Images

In recent years,facial image search has been widely used.While providing convenience,it also increases the risk of people’s privacy leakage.How to conduct facial image search on the premise of protecting privacy has become a major problem.This paper proposes a scheme including a privacy-preserving facial image searchable encryption system Facial Image Encryption and Decryption System(FIEDS).The scheme consists of two stages of uploading and matching.In the uploading stage,the facial image is divided into the obfuscated features after blurring and the encrypted facial image;in the matching stage,the similarity between the extracted facial image features after blurring processing and the cloud blurred facial image features are calculated.,FIEDS can return the encrypted facial images corresponding to the top K fuzzy features with the largest similarity according to the parameters preset by the user,and decrypt the original image plaintext by the user.FIEDS can solve the limitations of the current searchable encryption scheme,such as low verification efficiency,only support for single-user model,and only support for static database.In order to improve the security of facial image searchable encryption scheme,the performance of authentication and facial image retrieval,the main research work in this paper is as follows:(1)A facial image searchable encryption system FIEDS is proposed in the single-user retrieval scenario.The scheme constructed by this system can realize the facial image retrieval function in the hidden scenario.The scheme has good security and facial image retrieval performance,and protects personal privacy while realizing facial image retrieval.During retrieval,the local facial image confusion feature is matched with the facial image confusion feature on the cloud third-party server.In order to prevent the third-party server from obtaining the original facial image data during the matching process,an Obfuscation function is designed to The local and cloud facial images are blurred,and the facial images stored in the cloud are encrypted using the Advanced Encryption Standard algorithm AES(Advanced Encryption Standard),so that the third party cannot decrypt the encrypted facial images without obtaining the private key.In order to improve the retrieval efficiency in the retrieval scenario and reduce the time cost,this paper uses the vector retrieval tool to use the recall technology FAISS(Facebook AI Similarity Search)to construct a facial image index file.In the traditional searchable encryption scheme,the entire cloud data set is traversed during retrieval,but in the scheme including FIEDS proposed in this paper,the cloud data set is divided by setting the number of categories K,and only the divided data set is traversed during retrieval.Greatly improve retrieval efficiency.(2)The facial image searchable encryption verification system FIEDVS(Facial Image Encryption and Decryption Verification System)in the identity verification scenario is proposed,and the scheme composed of the system can realize the identity verification function in the hidden scenario.The scheme can be divided into the generation stage where the encrypted facial image and the obfuscated facial image features are bound and uploaded to the cloud server when the identity is authenticated by the facial image,and the uploading stage using the local obfuscated facial image features and the generation stage The verification stage when similarity matching is performed on the cloud-based fuzzy facial image features to the cloud server.In the generation stage,the data provider sends the facial image data to FIEDVS for encryption using AES.In order to prevent the cloud server from using the exhaustive method to restore the original facial image data to a certain extent,an obfuscation function is also used before uploading to the cloud server.The features of the facial image are blurred,and the obtained obfuscated features are bound to the encrypted facial image and uploaded to the cloud server;in the verification stage,the data user uploads the facial image for authentication and performs the obfuscation processing through FIEDVS.The processed facial image confusion features are matched with all the stored facial image confusion features on the cloud server.If the similarity is greater than the preset threshold,the face is deemed to have passed the identity verification.The third-party cloud server is hidden.The solution constructed by the FIEDVS system has good security and high accuracy in the authentication scenario,and uses the facial image to realize the authentication function in the hidden scenario.(3)The facial image searchable encryption retrieval system FIMEDS(Facial Image Multi-user Encryption and Decryption System)in the multi-user retrieval scenario is proposed,and the Diffie-Hellman key is used in the case of not performing living body recognition on the retrieved facial image.The shared algorithm can retrieve other people’s facial images after obtaining other people’s key parameters.The scheme constructed by FIMEDS system is divided into facial image upload stage,key exchange stage and retrieval stage.In the upload stage,user A sends the facial image to FIMEDS,FIMEDS confuses and encrypts the received facial image,and the generated facial image confusion feature and encrypted facial image ciphertext are bound and uploaded to the third-party cloud server;In the key exchange phase,user B and user A use the Diffie-Hellman key sharing algorithm to exchange their respective keys in a secure channel;in the retrieval phase,user B uses user A’s private key and other parameters to replace user A’s The facial images stored on the third-party server are retrieved,and the retrieved facial images are subjected to similarity matching with the confusion features after classification in the cloud after being obfuscated by FIMEDS,and the corresponding images of the top K confusion features whose similarity is greater than the preset threshold are returned.To encrypt the facial image,user B uses the private key of user A to decrypt the ciphertext of the encrypted facial image to obtain the plaintext.