A secure and private ensemble matcher using multi-vault obfuscated templates
Babak Poorebrahim Gilkalaye, Shubhabrata Mukherjee, Reza Derakhshani
TL;DR
This work addresses privacy-preserving biometric template matching by proposing a multi-vault obfuscated template protocol that distributes a template into $n$ sub-templates hidden with $m$ GAN-generated chaff points across $n$ vaults. Verification retrieves $s$ closest vectors per vault and combines them through a one-way hash, enabling a flexible $k$-out-of-$n$ criterion to balance security and accuracy, underpinned by the requirement $m^n>2^\gamma$. Experimen ts on AT&T, GT, and LFW show end-to-end ROC-AUCs of approximately 0.99 for AT&T/GT and 0.90 for LFW, with time per verification around 1.47 seconds, indicating practical performance. The paper demonstrates 2^\gamma security against brute-force attacks by leveraging GAN-generated chaff and a revocable, diverse, and accurate security framework, highlighting GenAI’s potential for proactive defensive biometric strategies.
Abstract
Generative AI has revolutionized modern machine learning by providing unprecedented realism, diversity, and efficiency in data generation. This technology holds immense potential for biometrics, including for securing sensitive and personally identifiable information. Given the irrevocability of biometric samples and mounting privacy concerns, biometric template security and secure matching are among the most sought-after features of modern biometric systems. This paper proposes a novel obfuscation method using Generative AI to enhance biometric template security. Our approach utilizes synthetic facial images generated by a Generative Adversarial Network (GAN) as "random chaff points" within a secure vault system. Our method creates n sub-templates from the original template, each obfuscated with m GAN chaff points. During verification, s closest vectors to the biometric query are retrieved from each vault and combined to generate hash values, which are then compared with the stored hash value. Thus, our method safeguards user identities during the training and deployment phases by employing the GAN-generated synthetic images. Our protocol was tested using the AT&T, GT, and LFW face datasets, achieving ROC areas under the curve of 0.99, 0.99, and 0.90, respectively. Our results demonstrate that the proposed method can maintain high accuracy and reasonable computational complexity comparable to those unprotected template methods while significantly enhancing security and privacy, underscoring the potential of Generative AI in developing proactive defensive strategies for biometric systems.