skip to main content
research-article

Secure and verifiable outsourcing of large-scale biometric computations

Published:06 December 2013Publication History
Skip Abstract Section

Abstract

Cloud computing services are becoming more prevalent and readily available today, bringing to us economies of scale and making large-scale computation feasible. Security and privacy considerations, however, stand in the way of fully utilizing the benefits of such services and architectures. In this work we address the problem of secure outsourcing of large-scale biometric experiments to a cloud or grid in a way that the client can verify that with very high probability the task was computed correctly. We conduct thorough theoretical analysis of the proposed techniques and provide implementation results that indicate that our solution imposes modest overhead.

Skip Supplemental Material Section

Supplemental Material

References

  1. Afrati, F., Das Sarma, A., Menestrina, D., Parameswaran, A., and Ullman, J. 2012. Fuzzy joins using mapreduce. In Proceedings of the IEEE International Conference on Data Engineering (ICDE'12). 498--509. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Atallah, M. and Frikken, K. 2010. Securely outsourcing linear algebra computations. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'10). 48--59. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., and Song, D. 2007. Provable data possession at untrusted stores. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS'07). 598--609. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Barni, M., Bianchi, T., Catalano, D., Di Raimondo, M., Labati, R., Failla, P., Fiore, D., Lazzeretti, R., Piuri, V., Scotti, F., and Piva, A. 2010. Privacy-preserving fingercode authentication. In Proceedings of the 12th ACM Workshop on Multimedia and Security (MM&Sec'10). 231--240. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Ben-Or, M., Goldwasser, S., and Wigderson, A. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the ACM Symposium on Theory of Computing (STOC'88). 1--10. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Benjamin, D. and Atallah, M. 2008. Private and cheating-free outsourcing of algebraic computations. In Proceedings of the Annual Conference on Privacy, Security, and Trust (PST'08). 240--245. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Blanton, M. and Aguiar, E. 2012. Private and oblivious set and multiset operations. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'12). 40--41. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Blanton, M. and Aliasgari, M. 2012. Secure outsourced computation of iris matching. J. Comput. Secur. 20, 2--3, 259--305.Google ScholarGoogle Scholar
  9. Blanton, M. and Gasti, P. 2011. Secure and efficient protocols for iris and fingerprint identification. In Proceedings of the European Symposium on Research in Computer Security (ESORICS'11). 190--209. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Blanton, M., Zhang, Y., and Frikken, K. 2011a. Secure and verifiable outsourcing of large-scale biometric computations. Tech. rep. 2011-04, Department of Computer Science and Engineering, University of Notre Dame.Google ScholarGoogle Scholar
  11. Blanton, M., Zhang, Y., and Frikken, K. 2011b. Secure and verifiable outsourcing of large-scale biometric computations. In Proceedings of the IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT'11). 1085--1091.Google ScholarGoogle Scholar
  12. Bui, H., Kelly, M., Lyon, C., Pasquier, M., Thomas, D., Flynn, P., and THAIN, D. 2009. Experience with bxgrid: A data repository and computing grid for biometrics research. J. Cluster Comput. 12, 4, 373--386. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Burkhart, M., Strasser, M., Many, D., and Dimitropoulos, X. 2010. SEPIA: Privacy-preserving aggregation of multi-domain network events and statistics. In Proceedings of the USENIX Security Symposium. 223--240. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Catrina, O. and De Hoogh, S. 2010. Improved primitives for secure multiparty integer computation. In Proceedings of the International Conference on Security and Cryptography in Networks (SCN'10). 182--199. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Chor, B., Goldwasser, S., Micali, S., and Awerbuch, B. 1985. Verifiable secret sharing and achieving simultaneity in the presence of faults. In Proceedings of the 26th Annual Symposium on Foundations of Computer Science (FOCS'85). 383--395. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Du, W. and Goodrich, M. 2005. Searching for high-value rare events with uncheatable grid computing. In Proceedings of the 3rd International Conference on Applied Cryptography and Network Security (ACNS'05). 122--137. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Du, W., Jia, J., Mangal, M., and Murugesan, M. 2004. Uncheatable grid computing. In Proceedings of the 24th International Conference on Distributed Computing Systems (ICDCS'04). 4--11. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Erkin, Z., Franz, M., Guajardo, J., Katzenbeisser, S., Lagendijk, I., and TOFT, T. 2009. Privacy preserving face recognition. In Proceedings of the 9th International Privacy Enchancing Technologies Symposium (PETS'09). 235--253. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Gennaro, R., Gentry, C., and Parno, B. 2010. Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In Proceedings of the 30th Annual Conference on Advances in Cryptology (CRYPTO'10). 465--482. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Gennaro, R., Rabin, M., and Rabin, T. 1998. Simplified vss and fast-track multiparty computations with applications to threshold cryptography. In Proceedings of the 17th Annual ACM Symposium on Principles of Distributed Computing (PODC'98). 101--111. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Gens, F. 2008. It cloud services user survey, pt. 2: top benefits and challenges. http://bit.ly/oUCbY.Google ScholarGoogle Scholar
  22. Goldwasser, S., Micali, S., and Rackoff, C. 1985. The knowledge complexity of interactive proof systems. In Proceedings of the 17th Annual ACM Symposium on Theory of Computing (STOC'85). 291--304. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Golle, P. and Mironov, I. 2001. Uncheatable distributed computations. In Proceedings of the Conference on Topics in Cryptology: The Cryptographer's Track at RSA (CT-RSA'01). 425--440. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Golle, P. and Stubblebine, S. 2001. Secure distributed computing in a commercial environment. In Proceedings of the International Conference on Financial Cryptography (FC'01). 289--304. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Goodrich, M. 2008. Pipelined algorithms to detect cheating in long-term grid computations. Theor. Comput. Sci. 408, 2--3, 199--207. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Goodrich, M. 2010. Randomized shellsort: a simple oblivious sorting algorithm. In Proceedings of the 21st Annual ACM-SIAM Symposium on Discrete Algorithms (SODA'10). 1262--1277. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Juels, A. and Kaliski, B. 2007. PORs: Proofs of retrievability for large files. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS'07). 584--597. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Kahney, L. 2001. Cheaters bow to peer pressure. WIRED Mag. http://bit.ly/ZVuXCJ.Google ScholarGoogle Scholar
  29. Karame, G., Strasser, M., and Capkun, S. 2009. Secure remote execution of sequential computations. In Proceedings of the International Conference on Information and Communications Security (ICICS'09). 181--197. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Kim, H., Gil, J., Hwang, C., Yu, H., and Joung, S. 2007. Agent-based autonomous result verification mechanism in desktop grid systems. In Proceedings of the 6th International Workshop on Agents and Peer-to-Peer Computing (AP2PC'07). 72--84.Google ScholarGoogle Scholar
  31. Kuhn, M., Schmid, S., and Watterhofer, R. 2008. Distributed asymmetric verification in computational grids. In Proceedings of the IEEE International Symposium on Parallel and Distributed Processing (IPDPS'08). 1--10.Google ScholarGoogle Scholar
  32. Okcan, A. and Riedewald, M. 2011. Processing theta-joins using mapreduce. In Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD'11). 949--960. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Shamir, A. 1979. How to share a secret. Comm. ACM 22, 11, 612--613. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Szajda, D., Lawson, B., and Owen, J. 2003. Hardening functions for large scale distributed computations. In Proceedings of the IEEE Symposium on Security and Privacy (SP'03). 216--224. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Wang, C., Ren, K., and Wang, J. 2011. Secure and practical outsourcing of linear programming in cloud computing. In Proceedings of the 30th IEEE International Conference on Computer Communications (INFOCOM'11).Google ScholarGoogle Scholar
  36. Watanabe, K., Fukushi, M., and Horiguchi, S. 2009. Collusion-resistant sabotage-tolerance mechanisms for volunteer computing systems. In Proceedings of the IEEE International Conference on e-Business Engineering (ICEBE'09). 213--218. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Secure and verifiable outsourcing of large-scale biometric computations

          Recommendations

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          • Published in

            cover image ACM Transactions on Information and System Security
            ACM Transactions on Information and System Security  Volume 16, Issue 3
            November 2013
            120 pages
            ISSN:1094-9224
            EISSN:1557-7406
            DOI:10.1145/2555946
            Issue’s Table of Contents

            Copyright © 2013 ACM

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            • Published: 6 December 2013
            • Accepted: 1 September 2013
            • Revised: 1 May 2013
            • Received: 1 July 2012
            Published in tissec Volume 16, Issue 3

            Permissions

            Request permissions about this article.

            Request Permissions

            Check for updates

            Qualifiers

            • research-article
            • Research
            • Refereed

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!