ceClub: Finding Yourself is the Key - Biometric Key Derivation Which Keep Your Privacy

Orr Dunkelman (Haifa University)
Wednesday, 24.6.2015, 11:30
Class 9, Floor 1, Taub Bld.

Biometric authentication is more secure than using regular passwords, as biometrics cannot be "forgotten" and allegedly contain high entropy. Thus, many constructions rely on biometric features for authentication, and use them as a source for "good" cryptographic keys. At the same time, biometric systems carry with them many privacy concerns. Unlike regular passwords, which can be easily changed if compromised, changing biometric traits is far from being easy. Hence, we need to protect the privacy of the system's users in case of a leakage of the systems internal "password file".

In this talk we describe a proof-of-concept (PoC) system which transforms facial attributes from a single image into keys in a consistent, discriminative, and privacy-aware manner. The outcome is a user-specific string that cannot be guessed, and it reveals no information concerning the users of the system, even when the system's secrets are revealed.

This is a joint work with Margarita Osadchy and Mahmood Sharif.

Orr Dunkelman is an associate professor in the Computer Science department at the University of Haifa. His research focuses on cryptanalysis, cryptography, security, and privacy. Orr's work in symmetric-key cryptanalysis includes analyzing many ciphers and the introduction of several new cryptanalytic techniques. Orr has worked on many of the most widely deployed ciphers such as the AES, KASUMI (used in 3G mobile networks), A5/1 (used in GSM networks), and IDEA. He served in more than 60 conference committees, including CCS, Crypto and Eurocrypt, three times as a program chair (FSE 2009, CT-RSA 2012, SAC 2015), and has won several distinctions and awards (e.g., the Krill prize (2014), best paper awards in Crypto 2012 and FSE 2012(.

Orr obtained his Ph.D. in computer science in 2006 from the Technion and a B.A. in computer science in 2000 from the Technion.

Back to the index of events