Table of Contents
Fetching ...

Private Iris Recognition with High-Performance FHE

Jincheol Ha, Guillaume Hanrot, Taeyeong Noh, Jung Hee Cheon, Jung Woo Kim, Damien Stehlé

TL;DR

This work tackles privacy concerns in large-scale iris recognition by replacing secret-sharing MPC with Threshold Fully Homomorphic Encryption (ThFHE) based on the CKKS scheme, enabling secure $1:N$ matching with low inter-party communication. It introduces two core approaches: (i) a direct CKKS-based pipeline optimized for fast encrypted linear algebra, and (ii) a folding technique that reduces the number of bootstraps by aggregating scores before bootstrapping, significantly lowering computational overhead. The implementation leverages a GPU-accelerated CCMM, MSRLWE-RGSW representations, and int8 cuBLAS to achieve practical runtimes (e.g., matching $32$ eyes against $7\cdot 2^{14}$ iris codes in ~${1.8}$ s on a single GPU, with multi-GPU scaling). Compared to secret-sharing MPC baselines, the ThFHE approach offers comparable performance with markedly reduced communication and enhanced scalability for distributed decryption, enabling robust privacy guarantees for world-scale biometric authentication.

Abstract

Among biometric verification systems, irises stand out because they offer high accuracy even in large-scale databases. For example, the World ID project aims to provide authentication to all humans via iris recognition, with millions already registered. Storing such biometric data raises privacy concerns, which can be addressed using privacy-enhancing techniques. Bloemen et al. describe a solution based on 2-out-of-3 Secret-Sharing Multiparty Computation (SS-MPC), for the World ID setup. In terms of security, unless an adversary corrupts 2~servers, the iris codes remain confidential and nothing leaks beyond the result of the computation. Their solution is able to match~$32$ users against a database of~$2^{22}$ iris codes in~$\approx 2$s , using~24 H100 GPUs, more than 40~communication rounds and $81$GB/party of data transferred (the timing assumes a network speed above~3Tb/s). In the present work, we explore the use of Threshold Fully Homomorphic Encryption (ThFHE) for the same task. The ThFHE solution brings a number of security advantages: no trusted setup, the encrypted database and queries can be public, the secret can be distributed among many parties, and active security can be added without significant performance degradation. Our proof-of-concept implementation of the computation phase handles $32$~eyes against a database of $7\cdot 2^{14}$ iris codes in~$\approx 1.8$s ($\approx 0.33s$ for 4 eyes against the same database), using 8 RTX-5090 GPUs. To this, one should add~2 to 3 rounds of communication (depending on deployment choice). We perform the matching using the CKKS (Th)FHE scheme. Our main technical ingredients are the use of recent progress on FHE-based linear algebra boosted using int8 GPU operations, and the introduction of a technique reducing the number of ciphertexts to be processed as early as possible.

Private Iris Recognition with High-Performance FHE

TL;DR

This work tackles privacy concerns in large-scale iris recognition by replacing secret-sharing MPC with Threshold Fully Homomorphic Encryption (ThFHE) based on the CKKS scheme, enabling secure matching with low inter-party communication. It introduces two core approaches: (i) a direct CKKS-based pipeline optimized for fast encrypted linear algebra, and (ii) a folding technique that reduces the number of bootstraps by aggregating scores before bootstrapping, significantly lowering computational overhead. The implementation leverages a GPU-accelerated CCMM, MSRLWE-RGSW representations, and int8 cuBLAS to achieve practical runtimes (e.g., matching eyes against iris codes in ~ s on a single GPU, with multi-GPU scaling). Compared to secret-sharing MPC baselines, the ThFHE approach offers comparable performance with markedly reduced communication and enhanced scalability for distributed decryption, enabling robust privacy guarantees for world-scale biometric authentication.

Abstract

Among biometric verification systems, irises stand out because they offer high accuracy even in large-scale databases. For example, the World ID project aims to provide authentication to all humans via iris recognition, with millions already registered. Storing such biometric data raises privacy concerns, which can be addressed using privacy-enhancing techniques. Bloemen et al. describe a solution based on 2-out-of-3 Secret-Sharing Multiparty Computation (SS-MPC), for the World ID setup. In terms of security, unless an adversary corrupts 2~servers, the iris codes remain confidential and nothing leaks beyond the result of the computation. Their solution is able to match~ users against a database of~ iris codes in~s , using~24 H100 GPUs, more than 40~communication rounds and GB/party of data transferred (the timing assumes a network speed above~3Tb/s). In the present work, we explore the use of Threshold Fully Homomorphic Encryption (ThFHE) for the same task. The ThFHE solution brings a number of security advantages: no trusted setup, the encrypted database and queries can be public, the secret can be distributed among many parties, and active security can be added without significant performance degradation. Our proof-of-concept implementation of the computation phase handles ~eyes against a database of iris codes in~s ( for 4 eyes against the same database), using 8 RTX-5090 GPUs. To this, one should add~2 to 3 rounds of communication (depending on deployment choice). We perform the matching using the CKKS (Th)FHE scheme. Our main technical ingredients are the use of recent progress on FHE-based linear algebra boosted using int8 GPU operations, and the introduction of a technique reducing the number of ciphertexts to be processed as early as possible.
Paper Structure (62 sections, 17 equations, 5 figures, 3 tables, 2 algorithms)

This paper contains 62 sections, 17 equations, 5 figures, 3 tables, 2 algorithms.

Figures (5)

  • Figure 1: Among $k$ folding polynomial output ciphertexts of $({\mathbf{v}}_r)_{r=1}^k$ for the same query eye, there is at most one matching DB entry. By rotating ${\mathbf{v}}_r$ by $r$ positions, the folding assumption is fulfilled.
  • Figure 2: Batch iris recognition based on ThFHE. For the sake of simplicity, we do not depict the (plaintext) iris masks, nor potential zero-knowledge proofs required for active security.
  • Figure 3: DB and Computation Distribution Over 8 GPUs
  • Figure 4: Modulus allocation
  • Figure 5: Graph of the 16$\times$ folding polynomial

Theorems & Definitions (1)

  • definition 1