Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360883
Iuliia Tkachenko, A. Trémeau, T. Fournel
The number of medicine counterfeits increases significantly. This problem affects not only expensive medicines, but also some low cost ones. In this paper, we study the characteristics of medicine packages printed using rotogravure printing on blister foils and propose an authentication system that identifies the equipment used for printing medicine foils. The rotogravure printing process uses an engraved cylinder and a rotogravure press. Each of these elements has its own signature that can be used for process identification and for packaging authentication. Using constructed database, we show that the signature of engraved cylinder impacts more on printed patterns in comparison with the signature of rotogravure press. The experiments done show that we can identify the cylinder used for the printing using a classical machine learning methods from a small number of training samples.
{"title":"Fighting against medicine packaging counterfeits: rotogravure press vs cylinder signatures","authors":"Iuliia Tkachenko, A. Trémeau, T. Fournel","doi":"10.1109/WIFS49906.2020.9360883","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360883","url":null,"abstract":"The number of medicine counterfeits increases significantly. This problem affects not only expensive medicines, but also some low cost ones. In this paper, we study the characteristics of medicine packages printed using rotogravure printing on blister foils and propose an authentication system that identifies the equipment used for printing medicine foils. The rotogravure printing process uses an engraved cylinder and a rotogravure press. Each of these elements has its own signature that can be used for process identification and for packaging authentication. Using constructed database, we show that the signature of engraved cylinder impacts more on printed patterns in comparison with the signature of rotogravure press. The experiments done show that we can identify the cylinder used for the printing using a classical machine learning methods from a small number of training samples.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123914211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360894
T. S. Brandes, Scott Kuzdeba, J. McClelland, N. Bomberger, Andrew Radlbeck
In this work, we demonstrate a system that enhances radio frequency (RF) fingerprints of individual transmitters via waveform modification to uniquely identify them amidst an ensemble of identical transmitters. This has the potential to enable secure identification, even in the presence of stolen and retransmitted unique device identifiers that are present in the transmitted waveforms, and ensures robust communications. This approach also lends itself to steganography as the waveform modifications can themselves encode information. Our system uses Bayesian program learning to learn specific characteristics of a set of emitters, and integrates the learned programs into a reinforcement learning architecture to build a policy for actions applied to the digital waveform before transmission. This allows the system to learn how to modify waveforms that leverage and emphasize inherent differences within RF front-ends to enhance their distinct characteristics while maintaining robust communications. In this ongoing research, we demonstrate our system in a small population, and provide a road map to expand it to larger populations that are expected in today’s interconnected spaces.
{"title":"RF Waveform Synthesis Guided by Deep Reinforcement Learning","authors":"T. S. Brandes, Scott Kuzdeba, J. McClelland, N. Bomberger, Andrew Radlbeck","doi":"10.1109/WIFS49906.2020.9360894","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360894","url":null,"abstract":"In this work, we demonstrate a system that enhances radio frequency (RF) fingerprints of individual transmitters via waveform modification to uniquely identify them amidst an ensemble of identical transmitters. This has the potential to enable secure identification, even in the presence of stolen and retransmitted unique device identifiers that are present in the transmitted waveforms, and ensures robust communications. This approach also lends itself to steganography as the waveform modifications can themselves encode information. Our system uses Bayesian program learning to learn specific characteristics of a set of emitters, and integrates the learned programs into a reinforcement learning architecture to build a policy for actions applied to the digital waveform before transmission. This allows the system to learn how to modify waveforms that leverage and emphasize inherent differences within RF front-ends to enhance their distinct characteristics while maintaining robust communications. In this ongoing research, we demonstrate our system in a small population, and provide a road map to expand it to larger populations that are expected in today’s interconnected spaces.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122264222","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360906
Sneha Sudhakaran, Aisha I. Ali-Gombe, A. Orgah, Andrew Case, G. Richard
Analysis of app-specific behavior has become an increasingly important capability in the fields of digital forensics and incident response. The ability to determine the precise actions performed by a user, such as URLs visited, files downloaded, messages sent and received, images and video viewed, and personal files accessed can be the difference between a successful analysis and one that fails to meet its goals. Unfortunately, proper analysis of volatile app-specific evidence, especially the recovery of large objects such as multimedia and large text files stored in memory has not been explored. This is mainly because the allocation function in the various Android memory management algorithms handles large objects differently and in separate memory regions than small objects. Thus, in this paper our effort is focused on developing an app-agnostic memory analysis tool capable of recovering and reconstructing large objects from process memory captures. We present AmpleDroid, a tool that identifies and extracts large objects loaded in an application memory space. Our methodology involves the inspection of the process image to identify vital Android runtime data structures utilized during large object allocation. AmpleDroid is evaluated on a number of apps and the results shows the recovery of almost 91% of the allocated large objects from process memory
{"title":"AmpleDroid Recovering Large Object Files from Android Application Memory","authors":"Sneha Sudhakaran, Aisha I. Ali-Gombe, A. Orgah, Andrew Case, G. Richard","doi":"10.1109/WIFS49906.2020.9360906","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360906","url":null,"abstract":"Analysis of app-specific behavior has become an increasingly important capability in the fields of digital forensics and incident response. The ability to determine the precise actions performed by a user, such as URLs visited, files downloaded, messages sent and received, images and video viewed, and personal files accessed can be the difference between a successful analysis and one that fails to meet its goals. Unfortunately, proper analysis of volatile app-specific evidence, especially the recovery of large objects such as multimedia and large text files stored in memory has not been explored. This is mainly because the allocation function in the various Android memory management algorithms handles large objects differently and in separate memory regions than small objects. Thus, in this paper our effort is focused on developing an app-agnostic memory analysis tool capable of recovering and reconstructing large objects from process memory captures. We present AmpleDroid, a tool that identifies and extracts large objects loaded in an application memory space. Our methodology involves the inspection of the process image to identify vital Android runtime data structures utilized during large object allocation. AmpleDroid is evaluated on a number of apps and the results shows the recovery of almost 91% of the allocated large objects from process memory","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115295268","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360886
Juan E. Tapia, M. Gomez-Barrero, C. Busch
Most of the state of the art super-resolution methods use deep networks with large filter sizes. Therefore, they need to train and store a correspondingly large number of parameters, thereby making their use difficult for mobile devices applications such as recognition of individuals from selfie images. To achieve an efficient super-resolution method, we propose an Efficient Single Image Super-Resolution (ESISR) algorithm, which takes into account a trade-off among the efficiency of the deep neural network, the size of the filters, and the sharpness of the images. To that end, the method implements a novel loss function based on the Sharpness metric. This metric turns out to be more suitable for recovering the quality of the eye images. Our method drastically reduces the number of parameters when compared with Deep CNNs with Skip Connection and Network (DCSCN): from 1,754,942 to 27,209 parameters when the image size is increased by a factor of 2 (x2), from 2,170,142 to 28,654 parameters when increased by 3 (x3), and from 2,087,102 to 64,201 parameters when increased by 4 (x4). Furthermore, the proposed method maintains the sharpness quality of the images.
{"title":"An Efficient Super-Resolution Single Image Network using Sharpness Loss Metrics for Iris","authors":"Juan E. Tapia, M. Gomez-Barrero, C. Busch","doi":"10.1109/WIFS49906.2020.9360886","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360886","url":null,"abstract":"Most of the state of the art super-resolution methods use deep networks with large filter sizes. Therefore, they need to train and store a correspondingly large number of parameters, thereby making their use difficult for mobile devices applications such as recognition of individuals from selfie images. To achieve an efficient super-resolution method, we propose an Efficient Single Image Super-Resolution (ESISR) algorithm, which takes into account a trade-off among the efficiency of the deep neural network, the size of the filters, and the sharpness of the images. To that end, the method implements a novel loss function based on the Sharpness metric. This metric turns out to be more suitable for recovering the quality of the eye images. Our method drastically reduces the number of parameters when compared with Deep CNNs with Skip Connection and Network (DCSCN): from 1,754,942 to 27,209 parameters when the image size is increased by a factor of 2 (x2), from 2,170,142 to 28,654 parameters when increased by 3 (x3), and from 2,087,102 to 64,201 parameters when increased by 4 (x4). Furthermore, the proposed method maintains the sharpness quality of the images.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127779218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360897
Yassine Yousfi, Jan Butora, Eugene Khvedchenya, J. Fridrich
In this paper, we investigate pre-trained computer-vision deep architectures, such as the EfficientNet, MixNet, and ResNet for steganalysis. These models pre-trained on ImageNet can be rather quickly refined for JPEG steganalysis while offering significantly better performance than CNNs designed purposely for steganalysis, such as the SRNet, trained from scratch. We show how different architectures compare on the ALASKA II dataset. We demonstrate that avoiding pooling/stride in the first layers enables better performance, as noticed by other top competitors, which aligns with the design choices of many CNNs designed for steganalysis. We also show how pre-trained computer-vision deep architectures perform on the ALASKA I dataset.
{"title":"ImageNet Pre-trained CNNs for JPEG Steganalysis","authors":"Yassine Yousfi, Jan Butora, Eugene Khvedchenya, J. Fridrich","doi":"10.1109/WIFS49906.2020.9360897","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360897","url":null,"abstract":"In this paper, we investigate pre-trained computer-vision deep architectures, such as the EfficientNet, MixNet, and ResNet for steganalysis. These models pre-trained on ImageNet can be rather quickly refined for JPEG steganalysis while offering significantly better performance than CNNs designed purposely for steganalysis, such as the SRNet, trained from scratch. We show how different architectures compare on the ALASKA II dataset. We demonstrate that avoiding pooling/stride in the first layers enables better performance, as noticed by other top competitors, which aligns with the design choices of many CNNs designed for steganalysis. We also show how pre-trained computer-vision deep architectures perform on the ALASKA I dataset.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"SE-3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126573269","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360889
Matthias Börsig, Sven Nitzsche, Max Eisele, Roland Gröll, J. Becker, I. Baumgart
With the increasing popularity of the Internet of Things (IoT), security issues in this domain have become a major concern in recent years. In favor of a fast time to market and low cost, security is often neglected during IoT development and little effort has been spent to enhance security tools to support the most common IoT architectures. Therefore, this work investigates fuzzing, an emerging security analysis technique, on the popular ESP32 IoT architecture. Instead of performing fuzzing directly on the target IoT system, we propose a full-system emulator that runs ESP32 firmware images and is able to perform fuzzing several orders of magnitude faster than the actual system. Using this emulator, we were able to fuzz a commercial IoT device with more than 300 requests per second and identify a bug in it within a few minutes. The developed framework can not only be used for discovering security issues in released products, but also for automated fuzzing tests during development.
{"title":"Fuzzing Framework for ESP32 Microcontrollers","authors":"Matthias Börsig, Sven Nitzsche, Max Eisele, Roland Gröll, J. Becker, I. Baumgart","doi":"10.1109/WIFS49906.2020.9360889","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360889","url":null,"abstract":"With the increasing popularity of the Internet of Things (IoT), security issues in this domain have become a major concern in recent years. In favor of a fast time to market and low cost, security is often neglected during IoT development and little effort has been spent to enhance security tools to support the most common IoT architectures. Therefore, this work investigates fuzzing, an emerging security analysis technique, on the popular ESP32 IoT architecture. Instead of performing fuzzing directly on the target IoT system, we propose a full-system emulator that runs ESP32 firmware images and is able to perform fuzzing several orders of magnitude faster than the actual system. Using this emulator, we were able to fuzz a commercial IoT device with more than 300 requests per second and identify a bug in it within a few minutes. The developed framework can not only be used for discovering security issues in released products, but also for automated fuzzing tests during development.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"97 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124793839","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360892
Kaizaburo Chubachi
We present our third place solution for the ALASKA2 Image Steganalysis competition. We develop detectors using convolutional neural networks (CNNs) on both the spatial domain and the frequency domain of the discrete cosine transform used in JPEG compression. Our CNN detectors use state-of-the-art architectures in image classification tasks. We adjust the architecture to better capture the features of steganography methods in the frequency domain. We build an ensemble model of these CNNs, in which both spatial and frequency domain models contribute to performance. In this paper, we describe those models in detail and explain how the techniques used in them improve accuracy through experiments.
{"title":"An Ensemble Model using CNNs on Different Domains for ALASKA2 Image Steganalysis","authors":"Kaizaburo Chubachi","doi":"10.1109/WIFS49906.2020.9360892","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360892","url":null,"abstract":"We present our third place solution for the ALASKA2 Image Steganalysis competition. We develop detectors using convolutional neural networks (CNNs) on both the spatial domain and the frequency domain of the discrete cosine transform used in JPEG compression. Our CNN detectors use state-of-the-art architectures in image classification tasks. We adjust the architecture to better capture the features of steganography methods in the frequency domain. We build an ensemble model of these CNNs, in which both spatial and frequency domain models contribute to performance. In this paper, we describe those models in detail and explain how the techniques used in them improve accuracy through experiments.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"100 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133330105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360895
Pierre-Olivier Brissaud, J. François, Isabelle Chrisment, Thibault Cholez, Olivier Bettan
Encrypted HTTP/2 (h2) has been worldwide adopted since its official release in 2015. The major services over Internet use it to protect the user privacy against traffic interception. However, under the guise of privacy, one can hide the abnormal or even illegal use of a service. It has been demonstrated that machine learning algorithms combined with a proper set of features are still able to identify the incriminated traffic even when it is encrypted with h2. However, it can also be used to track normal service use and so endanger privacy of Internet users. Independently of the final objective, it is extremely important for a security practitioner to understand the efficiency of such a technique and its limit. No existing research has been achieved to assess how generic is it to be directly applicable to any service or website and how long an acceptable accuracy can be maintained.This paper addresses these challenges by defining an experimental methodology applied on more than 3000 different websites and also over four months continuously. The results highlight that an off-the-shelf machine-learning method to classify h2 traffic is applicable to many websites but a weekly training may be needed to keep the model accurate.
{"title":"Encrypted HTTP/2 Traffic Monitoring: Standing the Test of Time and Space","authors":"Pierre-Olivier Brissaud, J. François, Isabelle Chrisment, Thibault Cholez, Olivier Bettan","doi":"10.1109/WIFS49906.2020.9360895","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360895","url":null,"abstract":"Encrypted HTTP/2 (h2) has been worldwide adopted since its official release in 2015. The major services over Internet use it to protect the user privacy against traffic interception. However, under the guise of privacy, one can hide the abnormal or even illegal use of a service. It has been demonstrated that machine learning algorithms combined with a proper set of features are still able to identify the incriminated traffic even when it is encrypted with h2. However, it can also be used to track normal service use and so endanger privacy of Internet users. Independently of the final objective, it is extremely important for a security practitioner to understand the efficiency of such a technique and its limit. No existing research has been achieved to assess how generic is it to be directly applicable to any service or website and how long an acceptable accuracy can be maintained.This paper addresses these challenges by defining an experimental methodology applied on more than 3000 different websites and also over four months continuously. The results highlight that an off-the-shelf machine-learning method to classify h2 traffic is applicable to many websites but a weekly training may be needed to keep the model accurate.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122232342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360898
A. Garnaev, W. Trappe, N. Mandayam, H. Poor
Wireless networks are susceptible to malicious attacks, especially those involving jamming and eavesdropping. In this paper, we consider a sophisticated adversary with the dual capability of either eavesdropping passively or jamming any ongoing transmission. We investigate a new aspect to consider when designing an anti-adversary strategy to maintain secure and reliable communication: how subjective behavior can impact multi-time slotted communication in the presence of such a sophisticated adversary. To model this scenario we develop a Prospect Theory (PT) extension of a non-zero-sum stochastic game, and derive its PT-equilibrium in closed form for any probability weighting functions. Uniqueness of the PT-equilibrium is proven. Our theoretical results, also supported by simulations, suggest that the anti-adversary strategy is more sensitive to varying network parameters and subjective factors when compared to the adversary’s strategy.
{"title":"A Prospect Theoretic Extension of a Non-Zero-Sum Stochastic Eavesdropping and Jamming Game","authors":"A. Garnaev, W. Trappe, N. Mandayam, H. Poor","doi":"10.1109/WIFS49906.2020.9360898","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360898","url":null,"abstract":"Wireless networks are susceptible to malicious attacks, especially those involving jamming and eavesdropping. In this paper, we consider a sophisticated adversary with the dual capability of either eavesdropping passively or jamming any ongoing transmission. We investigate a new aspect to consider when designing an anti-adversary strategy to maintain secure and reliable communication: how subjective behavior can impact multi-time slotted communication in the presence of such a sophisticated adversary. To model this scenario we develop a Prospect Theory (PT) extension of a non-zero-sum stochastic game, and derive its PT-equilibrium in closed form for any probability weighting functions. Uniqueness of the PT-equilibrium is proven. Our theoretical results, also supported by simulations, suggest that the anti-adversary strategy is more sensitive to varying network parameters and subjective factors when compared to the adversary’s strategy.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127353543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-06DOI: 10.1109/WIFS49906.2020.9360881
Pia Bauspieß, Jascha Kolberg, Daniel Demmler, Juliane Krämer, C. Busch
Thinking about the protection of biometric data, future attacks using a quantum computer call for adequate resistance of biometric verification systems. Such systems are often deployed on a long-term basis and deserve strong protection due to the sensitive nature and persistence property of the data they contain. To achieve efficient template protection, we combine post-quantum secure two-party computation with secret sharing and apply the first practically implemented post-quantum secure two-party computation protocol for the purpose of biometric template protection. The proposed system ensures permanent protection of the biometric data as templates are stored and compared in the encrypted domain. For the verification, we present two options which can be achieved as real-time transactions: A well-established classical two-party computation scheme or a recent post-quantum upgrade of that scheme. Both methods maintain full biometric performance. For the database of reference templates, which is a target for attacks in a biometric system, post-quantum security is maintained throughout both verification options. Regarding the computational efficiency of our proposed system, we offer real-time computational transaction times, making our solution relevant for practical applications.
{"title":"Post-Quantum Secure Two-Party Computation for Iris Biometric Template Protection","authors":"Pia Bauspieß, Jascha Kolberg, Daniel Demmler, Juliane Krämer, C. Busch","doi":"10.1109/WIFS49906.2020.9360881","DOIUrl":"https://doi.org/10.1109/WIFS49906.2020.9360881","url":null,"abstract":"Thinking about the protection of biometric data, future attacks using a quantum computer call for adequate resistance of biometric verification systems. Such systems are often deployed on a long-term basis and deserve strong protection due to the sensitive nature and persistence property of the data they contain. To achieve efficient template protection, we combine post-quantum secure two-party computation with secret sharing and apply the first practically implemented post-quantum secure two-party computation protocol for the purpose of biometric template protection. The proposed system ensures permanent protection of the biometric data as templates are stored and compared in the encrypted domain. For the verification, we present two options which can be achieved as real-time transactions: A well-established classical two-party computation scheme or a recent post-quantum upgrade of that scheme. Both methods maintain full biometric performance. For the database of reference templates, which is a target for attacks in a biometric system, post-quantum security is maintained throughout both verification options. Regarding the computational efficiency of our proposed system, we offer real-time computational transaction times, making our solution relevant for practical applications.","PeriodicalId":354881,"journal":{"name":"2020 IEEE International Workshop on Information Forensics and Security (WIFS)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114608004","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: