BioLeak: Side-Channel Analysis of Fingerprint Matching Algorithms
The use of biometry and in particular fingerprint matching for authenticating users has been repeatedly put forward in the past, but only recently has the idea found widespread application (outside niche use cases) due to the integration in smart phones and tablets. With the increasing use of biometric algorithms,potential attack vectors have been studied in the past years. Most attacks focus on duplicating the user’s features (e.g. fingerprints) from physical traces, photographs, and so on. Since fingerprint matching traditionally was often used in controlled environments (e.g. at a border control point), attacks that require the adversary to have (temporary) physical access to the device that performs the matching were deemed unrealistic. However, with the integration into mobile devices, this assumption no longer holds. In contrast to classical authentication methods (e.g. password or PIN code), biometric authentication faces the issue that, once obtained by an attacker, a biometric feature cannot be replaced (since it is a characteristic of the user’s body). Hence, biometric features in principle need higher protection than e.g. passwords. However, while it is well-studied how to prevent the disclosure of a password if an attacker obtains the password database by using proper hash functions, this is not true for biometric authentication, and fingerprint templates are nowadays often stored as clear text: In 2015, 5.5M fingerprints of US federal employees were stolen, and in 2016, the Philippine voter’s database was breached, resulting in the leak of more than 15M fingerprints. The project therefore has the following goals:
- Survey and audit biometric algorithms as implemented in smart devices and laptops (to the extent permitted by licenses/terms and conditions). A starting point will be libfprint , the main open-source library used under Linux for fingerprint authentication.
- Develop novel side-channel attacks on fingerprint matching algorithms, including those running inside a TEE such as TrustZone. Apart from classic power analysis, we will consider software side channels like (cache) timing as well as RowHammer-like fault injection.
- Develop countermeasures against the discovered attacks, starting with a constant-runtime implementation of fingerprint matching that will be made available as open source. In addition, we will investigate methods for the secure storage of biometric templates at rest, akin to the use of a PBKDF when storing password hashes.
Vacancy: Fully funded PhD studentship in Cyber Security
The School of Computer Science at Birmingham is one of the UK's leading computer science departments. We have a very active security research group and is a GCHQ/ESPRC centre of excellence in cyber security. The project will provide a tax free annual stipend of £22.000 per annum for 3.5 years. The project will additionally cover the college fees, provision for a laptop, equipment, software and travel to attend conferences and summer schools.
- The candidate MUST be a UK citizen. The studentship is sponsored by the HM Government and therefore, to be considered for this studentship, the candidate must be able to apply for UK security clearance.
- The ideal candidate will have a strong background in computer science, computer security, low level programming and/or formal methods. Experience in embedded programming, Arduino development, etc will be a plus.
How to Apply:To apply in the first instance you should send:
- your CV;
- a transcript with a list of all your courses and grades; and
- a description of your research interests and motivation