Privacy-Preserving Identification Systems With Noisy Enrollment

Abstract

In this paper, we study fundamental trade-offs in privacy-preserving biometric identification systems with noisy enrollment. The proposed identification systems include helper data, secret keys, and private keys. Helper data are stored in a public database and used for identification. Secret keys are either stored in a secure database or provided to the user, and can be used in a next step, e.g. for authentication. Private keys are provided by users, and are also used for identification. In this paper, we impose a noisy enrollment channel and an arbitrarily small privacy and secrecy leakage rate. We characterize the optimal trade-off among the identification, secret key, private key, and helper data rates. Depending on how secret keys are produced, we study two cases of the proposed privacy-preserving identification systems, where the secret keys are generated and chosen respectively. By introducing private keys, it is shown that the identification system achieves close to zero privacy leakage rate in both generated and chosen secret key settings. The results also show that the identification rate and the secret key rate can be enlarged by increasing the private key rate. This work provides a framework for analyzing privacy-preserving identification systems and an insight on the design of optimal systems.