Face recognition technology has been deployed in various real-life applications. The most sophisticated deep learning-based face recognition systems rely on training millions of face images through complex deep neural networks to achieve high accuracy. It is quite common for clients to upload face images to the service provider in order to access the model inference. However, the face image is a type of sensitive biometric attribute tied to the identity information of each user. Directly exposing the raw face image to the service provider poses a threat to the user's privacy. Current privacy-preserving approaches to face recognition focus on either concealing visual information on model input or protecting model output face embedding. The noticeable drop in recognition accuracy is a pitfall for most methods. This paper proposes a hybrid frequency-color fusion approach to reduce the input dimensionality of face recognition in the frequency domain. Moreover, sparse color information is also introduced to alleviate significant accuracy degradation after adding differential privacy noise. Besides, an identity-specific embedding mapping scheme is applied to protect original face embedding by enlarging the distance among identities. Lastly, secure multiparty computation is implemented for safely computing the embedding distance during model inference. The proposed method performs well on multiple widely used verification datasets. Moreover, it has around 2.6% to 4.2% higher accuracy than the state-of-the-art in the 1:N verification scenario.

翻译：人脸识别技术已广泛应用于各类现实场景。最先进的基于深度学习的人脸识别系统依赖于通过复杂深度神经网络训练数百万张人脸图像以实现高精度。客户端为获取模型推理服务，通常需向服务提供商上传人脸图像。然而，人脸图像作为与用户身份信息强关联的敏感生物特征属性，直接暴露原始图像将威胁用户隐私。当前人脸识别隐私保护方法主要聚焦于两类策略：一是隐藏模型输入的视觉信息，二是保护模型输出的人脸嵌入向量。多数方法存在识别精度显著下降的缺陷。本文提出一种混合频率-色彩融合方法，通过降低频域人脸识别的输入维度，并引入稀疏色彩信息以缓解差分隐私噪声导致的精度退化。此外，采用身份特异性嵌入映射方案，通过扩大身份间距离保护原始人脸嵌入。最后，在模型推理阶段通过安全多方计算实现嵌入距离的可靠计算。该方法在多个广泛使用的验证数据集上表现优异，且在1:N验证场景中比现有最优方法精度提升约2.6%至4.2%。