BIOMETRIC IDENTIFICATION USING FILTERS AND BY SECURE MULTIPART CALCULATION

摘要

The invention is about an identification process of an individual or object, in a system comprising a control server and a management server of a database comprising N indexed data of N stored individuals,;in which, to identify the individual or object, its datum is compared to each of the N data of the base. The process comprises steps during which:
the control server acquires the datum of the individual or object to be identified,the reference data of the base and the datum of the individual or object to be identified are converted into simplified data of lesser size,a set of p index of simplified data of the base, p being less than N, having the most similarities to the simplified datum of the individual or object to be identified, securely between each of the N simplified data of the database and the simplified datum of the individual or object to be identified,the management server scrambles the N reference data of the database, and transfers to the control server p scrambled data corresponding to the simplified data identified previously,from the p scrambled data the control server determines, by secure multi-party computation between each of the p scrambled data and the datum of the individual or object, the index or the indices of one or more scrambled data whereof the corresponding reference data have a rate of similarity to the datum of the individual or object, which exceeds a predetermined threshold.

主权项

1. An identification process of an individual or object (I), in a system comprising a control server (SC), adapted to acquire a datum (b) of the individual (I) or object to be identified, and a management server (SG) of a database (DB) comprising N indexed reference data (bi) of N stored individuals, the datum (b) of the individual (I) and the reference data (bi) being coded on n bits,
in which, to identify the individual or object (I), its datum (b) is compared to each of the N data (bi) of the base to determine whether the datum (b) of the individual or object (I) to be identified corresponds to one of the N reference data (bi) of the N stored individuals, the process comprising a step during which the control server (SC) acquires (100) the datum (b) of the individual or object to be identified, and the process being characterised in that it also comprises steps during which: the control server (SC) and the management server (SG) convert (210) the reference data (bi) of the base and the datum (b) of the individual or object (I) to be identified into simplified data (si, s) of less size, the simplified data (si, s) being coded on t bits, t being less than n, the control server (SC) determines (200) a set of p index (i0, . . . , ip-1) of simplified data (si0, . . . , sip-1) of the base (DB), p being less than N, having the most similarities to the simplified datum (s) of the individual or object (I) to be identified, securely between each of the N simplified data (si) of the database (DB) and the simplified datum (s) of the individual or object (I) to be identified, said set being determined by performing a method of secure multi-party computation in which the management server (SG) generates (220) a garbled computation circuit of a function to be evaluated,
the garbled circuit having for inputs the set of encryption keys of the bits of simplified data (si0, . . . , sip-1) of the base (DB) and those of the simplified datum (s) of the individual (I),the function to be evaluated being the calculation of the rates of similarities between the simplified data (si0, . . . , sip-1) of the base (DB) and the simplified datum (s) of the individual (I) followed by a search step of the simplified p data of the base having the most similarities to the simplified datum (s) of the individual, the evaluation of the circuit allowing finding the index (i0, . . . , ip-1) of the simplified data (si0, . . . , sip-1) having the most similarities to the simplified datum (s) of the individual,the management server (SG) scrambles (320) the N reference data (bi) of the database (DB), and transfers to the control server p scrambled data (b′i0, . . . , b′ip-1)(b′i0, . . . , b′ip-1) corresponding to the simplified data (si0, . . . , sip-1) identified previously,from the p scrambled data (b′i0, . . . , b′ip-1)(b′i0, . . . , b′ip-1) the control server (SC) determines (300), by secure multi-party computation between each of the p scrambled data (b′i0, . . . , b′ip-1)(b′i0, . . . , b′ip-1) and the datum (b) of the individual or object, the index or the indices (iID) of one or more scrambled data (b′iID) whereof the corresponding reference data (biID) have a rate of similarity to the datum (b) of the individual or object, which exceeds a predetermined threshold (η).