What question did this study set out to answer?

The aim is to develop a robust biometric authentication framework that addresses security vulnerabilities and privacy concerns.

April 3, 2026

SHADOW: Secure Hidden Authenticating Digital Objects in the Wild

Key Points

The aim is to develop a robust biometric authentication framework that addresses security vulnerabilities and privacy concerns.
Introduced SHADOW framework for biometric authentication.
Implemented non-invertible and revocable representations.
Utilized oscillatory functions to create a structured authenticating object.
Incorporated nonce-driven masking for secure verification.
Conducted experiments on face, iris, and voice benchmarks.
Achieved template protection properties including unlinkability and renewability.
Demonstrated comparable recognition performance across biometric modalities.
Provided robustness against major attack vectors such as inversion and brute-force attempts.
Showed minimal computational overhead, making it viable for edge devices.

Abstract

Biometric authentication is now widely adopted across both consumer and enterprise applications, offering an intuitive and seamless user experience. However, research in the field has historically focused more on improving recognition accuracy than on addressing fundamental security and privacy concerns. As biometric technologies become increasingly pervasive, their exposure to a broad range of threats, including template leakage, identity theft, and cross-matching, raises critical challenges. Existing protection schemes such as cancelable biometrics, biometric cryptosystems, and privacy-preserving protocols suffer from significant limitations: they are often vulnerable to inversion, prone to residual linkability across reissuances, or computationally unsuited for edge devices. To address these issues, this work introduces SHADOW (Secure Hidden Authenticating Digital Objects in the Wild), a framework for secure and privacy-preserving biometric authentication based on on-device generation of non-invertible and revocable representations. SHADOW achieves template-protection properties including unlinkability and renewability. It leverages analytically defined oscillatory functions to construct a structured authenticating object that binds a hidden certificate to the protected template and supports client-aware verification via nonce-driven masking. Trusted hardware can be used as optional hardening for endpoint secret protection; it is not required for SHADOW's template-protection guarantees, while client integrity assumes the confidentiality of the device-held secret. The proposed binding strategy achieves formal irreversibility and unlinkability by design, while supporting renewability and minimal computational overhead. Experiments conducted on public face, iris and voice benchmarks demonstrate that SHADOW achieves comparable recognition performance while ensuring robustness against major attack vectors, including inversion, bruteforce, and record multiplicity. The framework is compatible with modern embedding-based biometrics and exhibits properties that can facilitate deployment in decentralized and edge computing environments.

Bookmark

Cite This Study

Daniel Riccio (Thu,) studied this question.

synapsesocial.com/papers/69cf58285a333a82146095da https://doi.org/https://doi.org/10.1109/tpami.2026.3679257

Bookmark