We talk at length about the importance of keeping biometric data secure, but it’s also important to highlight the technology that’s used to do so. One method we recommend for securing biometrics and keeping them private is visual cryptography. This form of encryption uses a unique approach to eliminate some of the riskier elements of traditional cryptographic methods, such as the creation of private and public keys and the communication of certificates.
The visual cryptography method was originally developed for the visual sharing of images and pictures. An image is literally broken up into two or more different pieces, with the pixels randomly distributed between the two to create a random pattern of various shades of color. This makes it so one image provides zero information about the original. However, when the pieces are superimposed, the overlapping pixels reform the original picture.
The same concept, when combined with computer vision technology, can allow for the digital encryption of biometric templates to various files that, by themselves contain no usable biometric data.
Two-Image Visual Cryptography Sharing Case
The best example of visual cryptography in action was presented by Mani Naor and Adi Shamir in their presentation “Visual Cryptography,” for the Advances in Cryptology workshop at Eurocrypt 1994. Essentially, you take a secret image and encode it into two shares randomly. You take one share and give it to person A, and the other to person B. Then, the image can only be recombined and revealed when both people work together.
Person A is given this image:
And, person B is given this image:
And when combined they can see the secret image:
Mathematically, this looks like:
Original = original, secret image
random1 = image with a selection of random pixels from original
random2 = second image whose pixels are exclusive-or (⦻) of random1 and original
Combined: random1 ⦻ random2 = random1 ⦻ (random1 ⦻ original) = original
Using Visual Cryptography with Biometrics
Using this system with biometrics is actually quite simple. The biometric template is no different than the images described in the above example, but with raw data instead of image pixels. In the place of person A and person B you have the capture device, such as a smartphone, and a secure server used for storage and matching. Whenever you need to perform biometric authentication, you take a new scan of the preferred biometric, be it a fingerprint, iris, or facial recognition, and send it, along with random1, to the server. There, the server can recombine random1 and random2 to recreate the original, compare the original to the new scan, and then discard any extra information once the authentication is complete.
This system is more secure than the alternative because it reduces the amount of data being transferred, therefore minimizing the risk of man-in-the-middle attacks, and it drastically reduces risk if the stored data is stolen, as it is useless without its paired image. This way, privacy is ensured while optimizing security by adding biometrics to any authentication system.
