Privacy-Preserving Identification Systems With Noisy Enrollment

In this paper, we study fundamental trade-offs in privacy-preserving biometric identification systems with noisy enrollment. The proposed identification systems include helper data, secret keys, and private keys. Helper data are stored in a public database and used for identification. Secret keys are either stored in a secure database or provided to the user, and can be used in a next step, e.g. for authentication. Private keys are provided by users, and are also used for identification. In this paper, we impose a noisy enrollment channel and an arbitrarily small privacy and secrecy leakage rate. We characterize the optimal trade-off among the identification, secret key, private key, and helper data rates. Depending on how secret keys are produced, we study two cases of the proposed privacy-preserving identification systems, where the secret keys are <italic>generated</italic> and <italic>chosen</italic> respectively. By introducing private keys, it is shown that the identification system achieves close to zero privacy leakage rate in both <italic>generated</italic> and <italic>chosen</italic> secret key settings. The results also show that the identification rate and the secret key rate can be enlarged by increasing the private key rate. This work provides a framework for analyzing privacy-preserving identification systems and an insight on the design of optimal systems.