Paper 2014/026

Studying Potential Side Channel Leakages on an Embedded Biometric Comparison System

Maël Berthier, Yves Bocktaels, Julien Bringer, Hervé Chabanne, Taoufik Chouta, Jean-Luc Danger, Mélanie Favre, and Tarik Graba

Abstract

We study in this work the potential side channel leakages of a hardware biometric comparison system that has been designed for fingerprints. An embedded biometric system for comparison aims at comparing a stored biometric data with a freshly acquired one without the need to send the stored biometric data outside the system. Here one may try to retrieve the stored data via side channel, similarly as for embedded cryptographic modules where one may try to exploit side channel for attacking the modules. On one hand, we show that we can find partial information by the means of simple Side Channel Analysis that may help to retrieve the stored fingerprint. On the other hand, we illustrate that reconstructing the fingerprint remains not trivial and we give some simple countermeasures to protect further the comparison algorithm.

Note: This work was partially funded by the French ANR project BMOS.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MAJOR revision.
Keywords
Side Channel AnalysisHardware Biometric CoprocessorBiometric Comparison
Contact author(s)
julien bringer @ gmail com
History
2014-01-10: received
Short URL
https://ia.cr/2014/026
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/026,
      author = {Maël Berthier and Yves Bocktaels and Julien Bringer and Hervé Chabanne and Taoufik Chouta and Jean-Luc Danger and Mélanie Favre and Tarik Graba},
      title = {Studying Potential Side Channel Leakages on an Embedded Biometric Comparison System},
      howpublished = {Cryptology ePrint Archive, Paper 2014/026},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/026}},
      url = {https://eprint.iacr.org/2014/026}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.