Sergey Isadskiy defended his Master thesis on
“Biometric Information Protection in i-vector Feature Space”
The protection of biometric information is of utmost relevance for the data privacy of biometric subjects. Targeting voice biometrics with dual-use application scenarios, such as in mobile banking, call centers, as well as forensic and investigatory, conformance with latest EU data privacy regulations (GDPR & PSD2) is mandatory. Therefore, the ISO/IEC standard 24745 requires unlinkability across biometric service operators, irreversibility of leaked encrypted templates, and renewability of biometric references. Proposing two architectures based on homomorphic encryption, the following achievements are yielded:
- data privacy for biometric subjects,
- data security for biometric service providers,
- by sustaining the applicability of an incentive based decision making framework.
Contrary to conventional biometric cryptosystems, inflicting a biometric performance loss due to the binarization of extracted features, homomorphic encryption sustains algebraic properties. Based on the public key Paillier cryptosystem, addition and multiplication operations are motivated for the computation of cosine similarity scores in e.g., biometric signature recognition employing positive-valued floats. In state-of-the-art voice biometrics, reference and probe features are extracted as intermediate-sized vectors (i-vectors): normal distributed variables characterizing voice data extracted from audio speech.
Accounting for signed float values, an auxiliary feature representation is proposed for voice biometrics based on the IEEE 754 standard. For the purpose of comparing two i-vectors, within and between speaker variations are examined, such that biometric recognition decisions are made depending on the likelihoods of two i-vectors stemming from the same source, or not: the higher incentivized likelihood is favored, accepting or rejecting a biometric authentication claim.
Employing Paillier cryptosystems, established decision models are applicable unchanged, while achieving data privacy. The two proposed architectures enable data privacy for the purpose of (1) sustaining data privacy for end-users, while operators host different biometric services, (2) and further ensuring security to providers, distributing a biometric service incorporating valuable comparison model parameters to multiple system operators.