Biometric authentication is up-and-coming to replace the traditional identity authentication method (e.g., passwords, PIN, identification cards) for its convenience and intelligence. With more and more users using this method, the database becomes more extensive, and the functions are seriously challenged. Data outsourcing has advantages in terms of convenience and cost savings, so it has attracted much research effort. However, due to the biometric's immutability of the whole life, it is extremely sensitive, and disclosing it to a third party is undesirable. In this paper, we address the issue of securely outsourcing biometric database. We propose a novel boolean searchable symmetric encryption (SSE) to construct a secure interactive protocol when outsourcing. A new encrypted database construction method was proposed, using the more efficient boolean vectors. Based on this, We suggest three kinds of expressive SSE, supporting disjunctive query, boolean query, and lightweight settings. We prove the schemes' correctness and security theoretically. Our constructions use simple cryptographic tools, such as symmetric cryptography and pseudo-random functions. They are straightforward to understand and easy to implement. The experiments show that all our schemes are practical and more efficient than the existing methods.
Read full abstract