{"schema_version":"0.1","map_id":"paper-48-map","publication_id":48,"publication_anchor":"paper-48","slug":"paper-48","canonical_path":"/knowledge/papers/paper-48/","machine_path":"/knowledge/papers/paper-48.json","root_node_id":"paper-48","stage":"mapped_draft","contribution_type_vocabulary_version":"0.1","contribution_types":["protocol"],"title":"SNUSE: A Secure Computation Approach for Large-Scale User Re-Enrollment in Biometric Authentication Systems","year":2019,"status":"Published · journal article","venue":"Future Generation Computer Systems, Volume 98","topic":"privacy-identity","labels":["Theory","Applied"],"authors":["Ivan De Oliveira Nunes","Karim Eldefrawy","Tancrède Lepoint"],"keywords":["biometric authentication","re-enrollment","fuzzy vault","MPC","secret sharing","prototype"],"research_question":"Can enterprise-scale biometric credentials be refreshed automatically after compromise, policy change, or helper-data loss without collecting users again and without centralizing their biometric templates?","central_answer":"SNUSE stores threshold shares of each biometric template on mostly offline re-enrollment servers and MPC-computes new fuzzy-vault helper data on demand. Precomputing exponentiations shifts work to enrollment, enabling rapid bulk refresh; the fingerprint/iris prototype and security analysis expose both feasibility and collusion/reusability limits.","curation":{"drafted_at":"2026-07-11","drafted_by":[{"actor_type":"ai","name":"OpenAI Codex","role":"full-text extraction, evidence linking, and initial assessment"}],"method":"Source-grounded review of the complete checked-in 17-page journal manuscript, including visual inspection of title, protocol, evaluation, and security pages. The design, optimization, datasets, measurements, storage analysis, and limits were read; code and experiments were not independently reproduced.","source_scope":"full_source_audit","approval":{"status":"pending","note":"AI-authored source map awaiting full author audit. Technical interpretations, version-lineage statements, and ratings remain provisional."}},"sources":[{"id":"source-paper-48-author-pdf","type":"author_hosted_copy","title":"SNUSE: A Secure Computation Approach for Large-Scale User Re-Enrollment in Biometric Authentication Systems","url":"/pubs/2019/snuse_fgcs2019.pdf","provenance_category":"author","media_type":"application/pdf","sha256":"009da76a8753d57a38b7e27439030cc6de4ab1ff2827bd813bc77ad922ddf3cb","page_count":17},{"id":"source-paper-48-official","type":"official_publication_record","title":"Future Generation Computer Systems publication record","url":"https://doi.org/10.1016/j.future.2019.03.051","provenance_category":"official"},{"id":"source-paper-48-citations","type":"citation_index_snapshot","title":"OpenAlex work W2930399968","url":"https://openalex.org/W2930399968","accessed_at":"2026-07-11"}],"source_anchors":[{"id":"anchor-paper-48-problem","source_id":"source-paper-48-author-pdf","label":"Problem, SNUSE contribution, enterprise setting, and claimed novelty","locator":"Abstract and Sections 1-1.1, PDF pages 1-3","url":"/pubs/2019/snuse_fgcs2019.pdf#page=1"},{"id":"anchor-paper-48-model","source_id":"source-paper-48-author-pdf","label":"BIA, threshold sharing, MPC, and fuzzy-vault assumptions","locator":"Section 2, PDF pages 3-5","url":"/pubs/2019/snuse_fgcs2019.pdf#page=3"},{"id":"anchor-paper-48-architecture","source_id":"source-paper-48-author-pdf","label":"Parties, lifecycle, and data placement","locator":"Section 4, PDF page 6","url":"/pubs/2019/snuse_fgcs2019.pdf#page=6"},{"id":"anchor-paper-48-protocols","source_id":"source-paper-48-author-pdf","label":"Enrollment, authentication, and re-enrollment protocols","locator":"Sections 4.1-4.3, PDF pages 7-8","url":"/pubs/2019/snuse_fgcs2019.pdf#page=7"},{"id":"anchor-paper-48-mpc","source_id":"source-paper-48-author-pdf","label":"MPC helper-data computation, three multiplication strategies, and secret handling","locator":"Sections 4.4-4.5, PDF pages 8-10","url":"/pubs/2019/snuse_fgcs2019.pdf#page=8"},{"id":"anchor-paper-48-implementation","source_id":"source-paper-48-author-pdf","label":"NTL implementation and fingerprint/iris template extraction","locator":"Sections 5-5.2, PDF pages 10-12","url":"/pubs/2019/snuse_fgcs2019.pdf#page=10"},{"id":"anchor-paper-48-accuracy","source_id":"source-paper-48-author-pdf","label":"GAR/FAR experiments and public datasets","locator":"Section 5.3 and Figure 6, PDF pages 12-13","url":"/pubs/2019/snuse_fgcs2019.pdf#page=12"},{"id":"anchor-paper-48-performance","source_id":"source-paper-48-author-pdf","label":"Timing, scale, and storage evaluation","locator":"Section 6, Table 1 and Figure 7, PDF pages 13-15","url":"/pubs/2019/snuse_fgcs2019.pdf#page=13"},{"id":"anchor-paper-48-security","source_id":"source-paper-48-author-pdf","label":"Stored and execution confidentiality, collusion leakage, and reusability","locator":"Section 7, PDF pages 14-15","url":"/pubs/2019/snuse_fgcs2019.pdf#page=14"},{"id":"anchor-paper-48-conclusion","source_id":"source-paper-48-author-pdf","label":"Conclusion, measured result, and open directions","locator":"Section 8, PDF page 15","url":"/pubs/2019/snuse_fgcs2019.pdf#page=15"},{"id":"anchor-paper-48-publication","source_id":"source-paper-48-official","label":"Official journal publication identity","locator":"FGCS 98, DOI 10.1016/j.future.2019.03.051","url":"https://doi.org/10.1016/j.future.2019.03.051"},{"id":"anchor-paper-48-reception","source_id":"source-paper-48-citations","label":"Dated citation-count snapshot","locator":"OpenAlex reported 6 citing works on 2026-07-11","url":"https://openalex.org/W2930399968"}],"nodes":[{"id":"paper-48","kind":"paper","parent_id":null,"order":1,"epistemic_status":"published_journal_article","title":"SNUSE journal paper","summary":"An expanded protocol, optimization, prototype, evaluation, and security treatment of large-scale non-interactive biometric re-enrollment.","source_anchor_ids":["anchor-paper-48-problem"]},{"id":"paper-48-question","kind":"question","parent_id":"paper-48","order":1,"epistemic_status":"research_question","title":"Research question","summary":"How can an organization refresh many biometric-bound credentials while neither storing full templates centrally nor requiring every user to return?","source_anchor_ids":["anchor-paper-48-problem"]},{"id":"paper-48-answer","kind":"contribution","parent_id":"paper-48","order":2,"epistemic_status":"implemented","title":"Central answer","summary":"Store Shamir shares at re-enrollment servers, keep only helper data at the authentication server, and MPC-generate new fuzzy vaults from those shares.","source_anchor_ids":["anchor-paper-48-architecture","anchor-paper-48-protocols"]},{"id":"paper-48-model-node","kind":"scope","parent_id":"paper-48","order":3,"epistemic_status":"defined","title":"Deployment model","summary":"One trusted reader samples templates, one AS serves routine authentication, and configurable RESs remain offline except during enrollment/re-enrollment; secure channels are assumed.","source_anchor_ids":["anchor-paper-48-architecture","anchor-paper-48-protocols"]},{"id":"paper-48-adversary","kind":"threat_model","parent_id":"paper-48","order":4,"epistemic_status":"honest_but_curious","title":"Adversary and threshold","summary":"The implementation targets honest-but-curious parties. A (K,N) sharing threshold protects stored templates against fewer than K RES compromises, with stronger simultaneous-compromise caveats during computation.","source_anchor_ids":["anchor-paper-48-model","anchor-paper-48-security"]},{"id":"paper-48-assumptions","kind":"assumption","parent_id":"paper-48","order":5,"epistemic_status":"cryptographic_and_operational","title":"Required assumptions","summary":"Security depends on Shamir privacy, fuzzy-vault security, authenticated channels, trustworthy sampling, correct implementations, and enough non-colluding RESs.","source_anchor_ids":["anchor-paper-48-model","anchor-paper-48-security"]},{"id":"paper-48-protocol-group","kind":"protocol_group","parent_id":"paper-48","order":6,"epistemic_status":"specified_and_implemented","title":"Three-phase SNUSE protocol","summary":"Initial enrollment distributes template shares and creates helper data; routine authentication opens the vault locally; re-enrollment regenerates helper data without the user.","source_anchor_ids":["anchor-paper-48-protocols"]},{"id":"paper-48-protocol-enroll","kind":"protocol","parent_id":"paper-48-protocol-group","order":1,"epistemic_status":"implemented","title":"Initial enrollment","summary":"The reader samples and shares BT; RESs choose credential material and MPC-compute helper-data shares; AS reconstructs helper data, never BT.","source_anchor_ids":["anchor-paper-48-protocols"]},{"id":"paper-48-protocol-auth","kind":"protocol","parent_id":"paper-48-protocol-group","order":2,"epistemic_status":"implemented","title":"Routine authentication","summary":"A new biometric sample and stored helper data run fuzzy-vault opening at the reader; RESs are not online.","source_anchor_ids":["anchor-paper-48-protocols"]},{"id":"paper-48-protocol-refresh","kind":"protocol","parent_id":"paper-48-protocol-group","order":3,"epistemic_status":"implemented","title":"Non-interactive re-enrollment","summary":"RESs operate on their persistent shares to compute a vault for fresh credential material, then AS reconstructs the new helper data.","source_anchor_ids":["anchor-paper-48-protocols"]},{"id":"paper-48-optimization","kind":"algorithm","parent_id":"paper-48","order":7,"epistemic_status":"implemented_and_compared","title":"MPC multiplication optimization","summary":"Three strategies trade interactive multiplications against enrollment-time precomputation and share storage; precomputing template powers minimizes online rounds and enables fast bulk refresh.","source_anchor_ids":["anchor-paper-48-mpc"]},{"id":"paper-48-implementation-node","kind":"implementation","parent_id":"paper-48","order":8,"epistemic_status":"prototype","title":"Two-modality prototype","summary":"NTL over GF(2^24), TCP processes, NBIS fingerprint minutiae, OSIRIS iris codes, polynomial fuzzy vaults, and configurable RES counts implement the full lifecycle.","source_anchor_ids":["anchor-paper-48-implementation"]},{"id":"paper-48-claims","kind":"claim_group","parent_id":"paper-48","order":9,"epistemic_status":"mixed","title":"Principal claims","summary":"SNUSE protects backend template storage below threshold, keeps regular authentication simple, and makes server-side bulk credential refresh feasible without altering the base biometric matching decision.","source_anchor_ids":["anchor-paper-48-security","anchor-paper-48-performance","anchor-paper-48-accuracy"]},{"id":"paper-48-claim-security","kind":"claim","parent_id":"paper-48-claims","order":1,"epistemic_status":"conditional_security_argument","title":"Distributed biometric confidentiality","summary":"Compromising AS yields helper data but not BT under fuzzy-vault security; fewer than K RESs yield insufficient shares; the template remains unreconstructed during normal execution.","source_anchor_ids":["anchor-paper-48-security"]},{"id":"paper-48-claim-scale","kind":"claim","parent_id":"paper-48-claims","order":2,"epistemic_status":"experimentally_supported_and_extrapolated","title":"Large-scale refresh","summary":"The reported setup averages 13.2 ms for one re-enrollment and scales linearly; 100,000 users with nine RESs are projected under five minutes and one million under one hour.","source_anchor_ids":["anchor-paper-48-performance"]},{"id":"paper-48-claim-accuracy","kind":"claim","parent_id":"paper-48-claims","order":3,"epistemic_status":"dataset_supported","title":"Biometric matching behavior","summary":"The prototype reports over 90% GAR and under 5% FAR for selected parameters; accuracy comes from feature/vault choices, while SNUSE's re-enrollment uses the same helper-data semantics.","source_anchor_ids":["anchor-paper-48-accuracy","anchor-paper-48-conclusion"]},{"id":"paper-48-evidence","kind":"evidence_group","parent_id":"paper-48","order":10,"epistemic_status":"prototype_experiments_and_analysis","title":"Evidence stack","summary":"Detailed protocol algorithms, implementation parameters, three public biometric datasets, all-pairs GAR/FAR experiments, 100-run timings, scaling trials, storage calculations, and a dedicated security section support the paper.","source_anchor_ids":["anchor-paper-48-protocols","anchor-paper-48-implementation","anchor-paper-48-accuracy","anchor-paper-48-performance","anchor-paper-48-security"]},{"id":"paper-48-boundaries","kind":"limitation_group","parent_id":"paper-48","order":11,"epistemic_status":"explicit","title":"Security and scope limits","summary":"AS plus one RES compromised simultaneously during a run can expose that run's BT when k is visible; ordinary fuzzy vaults are cross-instance linkable; malicious/covert MPC, other modalities, and reusable FE/FV support remain future work.","source_anchor_ids":["anchor-paper-48-security","anchor-paper-48-conclusion"]},{"id":"paper-48-artifacts","kind":"artifact_group","parent_id":"paper-48","order":12,"epistemic_status":"partial","title":"Reproducibility resources","summary":"Full manuscript, algorithms, parameters, environment, and public dataset names are available. Version-pinned code, processed data, raw results, and independent reproduction were not located.","source_anchor_ids":["anchor-paper-48-implementation","anchor-paper-48-performance"]},{"id":"paper-48-scrutiny","kind":"scrutiny","parent_id":"paper-48","order":13,"epistemic_status":"journal_reviewed","title":"External scrutiny","summary":"FGCS journal publication provides external review exposure; reports, artifact evaluation, and independent replication are not represented.","source_anchor_ids":["anchor-paper-48-publication"]},{"id":"paper-48-lineage","kind":"lineage","parent_id":"paper-48","order":14,"epistemic_status":"expanded_version","title":"Relation to the CSCML paper","summary":"This journal article expands paper","source_anchor_ids":["anchor-paper-48-problem","anchor-paper-48-mpc"]}],"relations":[{"id":"paper-48-relation-answer-question","type":"addresses","from_id":"paper-48-answer","to_id":"paper-48-question"},{"id":"paper-48-relation-enroll-group","type":"component_of","from_id":"paper-48-protocol-enroll","to_id":"paper-48-protocol-group"},{"id":"paper-48-relation-auth-group","type":"component_of","from_id":"paper-48-protocol-auth","to_id":"paper-48-protocol-group"},{"id":"paper-48-relation-refresh-group","type":"component_of","from_id":"paper-48-protocol-refresh","to_id":"paper-48-protocol-group"},{"id":"paper-48-relation-optimization-refresh","type":"accelerates","from_id":"paper-48-optimization","to_id":"paper-48-protocol-refresh"},{"id":"paper-48-relation-assumptions-security","type":"qualifies","from_id":"paper-48-assumptions","to_id":"paper-48-claim-security"},{"id":"paper-48-relation-adversary-security","type":"qualifies","from_id":"paper-48-adversary","to_id":"paper-48-claim-security"},{"id":"paper-48-relation-evidence-claims","type":"supports","from_id":"paper-48-evidence","to_id":"paper-48-claims"},{"id":"paper-48-relation-boundaries-claims","type":"qualifies","from_id":"paper-48-boundaries","to_id":"paper-48-claims"},{"id":"paper-48-relation-lineage-paper","type":"contextualizes","from_id":"paper-48-lineage","to_id":"paper-48"}],"assessment":{"id":"paper-48-assessment-2026-07-11","rubric_version":"0.2","assessed_at":"2026-07-11","status":"ai_draft_author_review_pending","note":"These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.","axes":[{"id":"epistemic_evidence","level":"high","rationale":"The complete journal paper supplies protocols, optimization alternatives, a working prototype, public-dataset accuracy tests, performance/storage evaluation, and explicit security analysis and limits.","basis_source_anchor_ids":["anchor-paper-48-protocols","anchor-paper-48-accuracy","anchor-paper-48-performance","anchor-paper-48-security"]},{"id":"auditability","level":"high","rationale":"A checked-in full author copy with SHA-256/page count, precise page anchors, and DOI makes the complete represented paper inspectable; code and raw results are not fixed here.","basis_source_anchor_ids":["anchor-paper-48-problem","anchor-paper-48-publication"]},{"id":"production_provenance","level":"medium","rationale":"Authors, journal, DOI, libraries, datasets, parameters, hardware, and experiment procedure are documented; roles, revisions, exact code version, and raw-run lineage are not.","basis_source_anchor_ids":["anchor-paper-48-publication","anchor-paper-48-implementation","anchor-paper-48-performance"]},{"id":"external_scrutiny","level":"medium","rationale":"Journal publication establishes external review, but public reports, artifact evaluation, and independent reproduction were not located.","basis_source_anchor_ids":["anchor-paper-48-publication"]},{"id":"reception","level":"low","rationale":"OpenAlex reported 6 citations on 2026-07-11; under the finalized rubric, 0 through 8 located citations is Low.","basis_source_anchor_ids":["anchor-paper-48-reception"]},{"id":"contribution_significance","level":"medium","rationale":"The work develops and validates a concrete response to a real deployment bottleneck, while security remains bounded by honest-but-curious MPC, collusion, and fuzzy-vault reusability.","basis_source_anchor_ids":["anchor-paper-48-problem","anchor-paper-48-security","anchor-paper-48-conclusion"]}]},"reception_snapshot":{"as_of":"2026-07-11","method":"OpenAlex DOI lookup","citation_count":6,"source_url":"https://openalex.org/W2930399968","signals":["OpenAlex reported 6 works citing the FGCS journal article."],"limitation":"The count varies by index/date and may be split with the CSCML version; it does not establish security, deployment, or reproduction."}}
