Homomorphic Encryption for Biometric Security: Challenges, Progress and Opportunities

Vishnu Naresh Boddeti

Michigan State University

7th March, 2023

- Biometric systems suffer from vulnerabilities.

- Data encryption is an attractive option
- protects user's data from unauthorized access
- protects service provider's models from unauthorized access
- facilitates free and open sharing of private data
- mitigate legal and ethical issues

- Traditional solutions need data decryption for computation.
- Security only during data transmission.

- Cryptographic scheme needs to allow computations directly on the encrypted data.
- Solution: Homomorphic Encryption
- Attractive Property: Conjectured to be post-quantum secure for appropriate choice of encryption parameters.

- Limitations: only supports additions and multiplications.

- Template protection using Homomorphic Encryption:
- Encrypt database of features.
- Encrypt query feature.
- Match score computed directly in encrypted domain.

- Boddeti, "Secure Face Matching Using Fully Homomorphic Encryption," BTAS 2018

- Bassit et.al, "Multiplication-Free Biometric Recognition for Faster Processing under Encryption," IJCB 2022

- Engelsma, Jain, Boddeti, "HERS: Homomorphically Encrypted Representation Search," TBIOM 2022

- Bauspieß et.al, "Improved Homomorphically Encrypted Biometric Identification Using Coefficient Packing," IWBF 2022

__Hybrid__- Pros: Low memory and runtime overhead
- Cons: Scales linearly with number of samples

__SIMD__- Pros: Scales well with number of samples
- Cons: High memory and runtime overhead

where

^{$\dagger$}: problematic operations for FHE

- FHE is limited to specific operations on encrypted data.
- Normalization is not directly computable - need to approximate.
- Approximation is a source of error and hence a loss of matching performance
- We incorporate approximate normalization into our training of the projection matrix to recover performance

- $$Loss = \lambda \underbrace{\frac{\sum_M d(\mathbf{c}_i, \mathbf{c}_j)}{|M|}}_{ \color{orange}{Pull} } + (1-\lambda)\underbrace{\frac{\sum_{V}[m + d(\mathbf{c}_i, \mathbf{c}_j) - d(\mathbf{c}_i, \mathbf{c}_k)]_{+}}{|V|}}_{ \color{orange}{Push} }$$
- where $$d(\mathbf{c}_i, \mathbf{c}_j) = 1-P\underbrace{f(\mathbf{c}_i)}_{ \color{cyan}{approximation} } \cdot P\underbrace{f(\mathbf{c}_j)}_{ \color{cyan}{approximation} }$$ $f(\cdot)$ approximates the inverse norm of a vector.

- Synthetic fusion dataset by randomly pairing classes.
- 10,760 samples over 188 classes.

- Fusion improves performance:
- Face by 11.07%
- Voice by 9.58%

- Dimensionality Reduction: $512D \rightarrow 32D$ (16$\times$ compression)

- Projection is costliest operation

- Projection is costliest operation

- Preliminary Work:
- Ao and
__Boddeti__, "AutoFHE: Automated Adaption of CNNs for Efficient Evaluation over FHE," Cryptology ePrint Archive 2023

- Aggarwal et al. "FedFace: Collaborative Learning of Face Recognition Model," IJCB 2021
- Meng et al. "Improving Federated Learning Face Recognition via Privacy-Agnostic Clusters," ICLR 2022
- Preliminary Work
- Yonetani,
__Boddeti__, Kitani, Sato "Privacy-Preserving Visual Learning Using Doubly Permuted Homomorphic Encryption," ICCV 2017

- Problems with existing FHE solutions for biometrics:
- Cannot perform distributed authentication.
- Even centralized authentication has practical limitations.
- Either, need shared public key, impractical for some use cases.
- Or, needs key-switching to work with different private keys.
- Solution: Multi-Key FHE
- Critical for practical deployments.

- Security and privacy are very often conflated with each other.
- Different but related concepts.
- Homomorphic encryption: controls access to private information.
- Differential Privacy: allows analysis + controls information.
- Postulates:
- There is no privacy without security.
- Homomorphic encryption is an ideal tool for enhancing privacy but it is not a privacy technique in and of itself.

Ideal solution: Differential privacy + Homomorphic Encryption

Many avenues for leveraging homomorphic encryption to enhance biometric security and privacy.