Privacy Preserving Biometric Multi-factor Authentication

Abstract: This thesis investigates the viability of using Fully Homomorphic Encryption and Machine Learning to construct a privacy-preserving biometric multi-factor authentication system. The system is based on the architecture described as ”Model K - Store distributed, compare distributed” in ISO/IEC 24745:2022 and uses the Torus Fully Homomorphic Encryption scheme proposed by Chillotti et al. (Journal of Cryptology, 2020) to encode and compare encrypted fingerprint images. A machine-learning-based encoder is designed using the VGG11 network architecture described by Simonyan and Zisserman (2015). The encoder is tuned for one-shot classification as a Siamese network to optimize the Euclidean distance between fingerprints from different individuals. The network is then made compatible with TFHE using the Concrete-ml library for Python. Using a prototype of the system, we show that the system succeeds in preserving users’ privacy with a relatively high authentication success rate. However, performance benchmarks show that the proposed encoding method is too inefficient. Finally, we highlight some areas of interest for future work that could make a system for privacy-preserving biometric multi-factor authentication viable.