Henrik Kawa defended his Master Thesis on Homomorphic Encryption for Fingerprint Verification
Biometric data is unique to each individual and according to EU’s General Data Protection Regulation (GDPR), it classifies as sensitive data. Since it is classified as sensitive data, there is a requirement to protect the data. This thesis aims to benchmark a FingerCode based fingerprint verification system and a Minutiae based fingerprint verification system against each other when applying homomorphic encryption. There are existing works which apply homomorphic encryption to Minutiae-based fingerprint and FingerCode, and those are discussed in this work and used for inspiration. This work will differ from them, as the focus will be on the performance of the encryption, how they compare and what is the trade-off between them.
The Biometric performance for Minutiae based system and the FingerCode was evaluated using False Match Rate (FMR) and False Non-Match Rate (FNMR). The FMR and FNMR were 1.46% and 73.00% for the FingerCode system, and 0.95% and 75.75% for the Minutiae based system. During the work it was proved that by applying homomorphic encryption to both systems, the biometric performance remained unaffected. The encryption schemes implemented in this thesis are Paillier and Damgård, Geisler and Krøigaard (DGK). Paillier is a well known homomorphic encryption scheme that is based on Composite Degree Residuosity Classes. DGK is a homomorphic encryption scheme which security is based on k bit RSA modulus.
By applying the encryption schemes on the biometric fingerprint systems, the measured time for FingerCode verification were 0.3598 seconds using DGK and 0.6728 seconds using Paillier. For minutiae based verification the time measurement resulted in 615.53 seconds using Paillier and 69.42 seconds using DGK. Regarding the file size of the templates, FingerCode increased from 3KB to 662KB using Paillier and 498KB using DGK. For Minutiae based the file size increase from 3.9KB to 60.6KB using Paillier and 45.2KB using DGK. This investigation indicate that DGK is a better homomorphic encryption scheme than Paillier for biometric fingerprint systems. Both systems can be used, but regarding speed FingerCode seem to be the best choice.