Biometric systems: privacy and secrecy aspects

T. Ignatenko, F.M.J. Willems

Research output: Contribution to journalArticleAcademicpeer-review

126 Citations (Scopus)
426 Downloads (Pure)


This paper addresses privacy leakage in biometric secrecy systems. Four settings are investigated. The first one is the standard Ahlswede-Csiszar secret-generation setting in which two terminals observe two correlated sequences. They form a common secret by interchanging a public message. This message should only contain a negligible amount of information about the secret, but here, in addition, we require it to leak as little information as possible about the biometric data. For this first case, the fundamental tradeoff between secret-key and privacy-leakage rates is determined. Also for the second setting, in which the secret is not generated but independently chosen, the fundamental secret-key versus privacy-leakage rate balance is found. Settings three and four focus on zero-leakage systems. Here the public message should only contain a negligible amount of information on both the secret and the biometric sequence. To achieve this, a private key is needed, which can only be observed by the terminals. For both the generated-secret and the chosen-secret model, the regions of achievable secret-key versus private-key rate pairs are determined. For all four settings, the fundamental balance is determined for both unconditional and conditional privacy leakage.
Original languageEnglish
Pages (from-to)956-973
Number of pages18
JournalIEEE Transactions on Information Forensics and Security
Issue number4
Publication statusPublished - 2009


Dive into the research topics of 'Biometric systems: privacy and secrecy aspects'. Together they form a unique fingerprint.

Cite this