Face recognition is a widely-used technique for identification or verification, where a verifier checks whether a face image matches anyone stored in a database. However, in scenarios where the database is held by a third party, such as a cloud server, both parties are concerned about data privacy. To address this concern, we propose CryptoMask, a privacy-preserving face recognition system that employs homomorphic encryption (HE) and secure multi-party computation (MPC). We design a new encoding strategy that leverages HE properties to reduce communication costs and enable efficient similarity checks between face images, without expensive homomorphic rotation. Additionally, CryptoMask leaks less information than existing state-of-the-art approaches. CryptoMask only reveals whether there is an image matching the query or not, whereas existing approaches additionally leak sensitive intermediate distance information. We conduct extensive experiments that demonstrate CryptoMask's superior performance in terms of computation and communication. For a database with 100 million 512-dimensional face vectors, CryptoMask offers ${\thicksim}5 \times$ and ${\thicksim}144 \times$ speed-ups in terms of computation and communication, respectively.

翻译：人脸识别是一种广泛用于身份识别或验证的技术，验证者通过检查人脸图像是否与数据库中存储的某个人脸匹配。然而，在数据库由第三方（如云服务器）持有的场景中，双方都关注数据隐私。为解决这一问题，我们提出CryptoMask，一种采用同态加密（HE）和安全多方计算（MPC）的隐私保护人脸识别系统。我们设计了一种新的编码策略，利用HE特性降低通信成本，并无需昂贵的同态旋转即可实现人脸图像间的高效相似性检查。此外，CryptoMask泄露的信息比现有最先进方法更少。CryptoMask仅揭示是否存在与查询匹配的图像，而现有方法还会额外泄露敏感的中间距离信息。我们进行了大量实验，证明CryptoMask在计算和通信方面的优越性能。对于包含1亿个512维人脸向量的数据库，CryptoMask在计算和通信方面分别实现了约5倍和约144倍的加速。