News

Contact

University of Oldenburg Faculty II - Department of Computer Science Department Safety-Security-Interaction 26111 Oldenburg

Secretariat

Ingrid Ahlhorn

A03 2-208

+49 (0) 441 - 798 2426

News

Article in the Frontiers in Imaging Journal!

Safety-Security-Interaction

SSI-co-authored paper „Template recovery attack on encrypted face recognition systems with unprotected decision using synthetic faces” accepted at the Frontiers in Imaging journal!

SSI-co-authored paper „Template recovery attack on encrypted face recognition systems with unprotected decision using synthetic faces” accepted at the Frontiers in Imaging journal!

A. Bassit, F. Hahn, Z. Rezgui, H. O. Shahreza, R. Veldhuis, und A. Peter, "Template recovery attack on encrypted face recognition systems with unprotected decision using synthetic faces" Frontiers in Imaging.

Short summary:

Introduction: Homomorphic encryption (HE) enables privacy-preserving face recognition by allowing encrypted facial embeddings to be compared without decryption. While efficient, these systems often reveal comparison scores in plaintext, introducing a security risk. Revealing these scores can potentially allow adversaries to reconstruct sensitive facial embeddings and infer demographic attributes, thus compromising user privacy.

Methods: This work proposes a training-less face template recovery attack leveraging the Lagrange multiplier optimization method. The attack requires only a small set of randomly generated synthetic facial images and their associated comparison scores with a target template. The method assumes attackers use spoofed synthetic faces and lack direct access to the face recognition system, aligning with real-world threat models.

Results: Experimental evaluation demonstrates the feasibility and effectiveness of the proposed attack. It shows that between 50 and 192 comparison scores and synthetic images are sufficient to recover the target face template with 100% success under strict system thresholds. The recovered templates closely resemble the original and retain identifiable soft biometric traits.

Discussion: The findings reveal a critical vulnerability in face recognition systems employing inner product similarity measures under homomorphic encryption. Even without system access or training data, attackers can exploit leaked comparison scores to compromise facial privacy. The study underscores the need to reassess how score leakage is handled in encrypted recognition systems and explore stronger protection mechanisms against template reconstruction.

(Changed: 20 Aug 2024)  Kurz-URL:Shortlink: https://uole.de/p87900n11955en
Zum Seitananfang scrollen Scroll to the top of the page