Humanitarian organizations provide aid to people in need. To use their limited budget efficiently, their distribution processes must ensure that legitimate recipients cannot receive more aid than they are entitled to. Thus, it is essential that recipients can register at most once per aid program. Taking the International Committee of the Red Cross's aid distribution registration process as a use case, we identify the requirements to detect double registration without creating new risks for aid recipients. We then design Janus, which combines privacy-enhancing technologies with biometrics to prevent double registration in a safe manner. Janus does not create plaintext biometric databases and reveals only one bit of information at registration time (whether the user registering is present in the database or not). We implement and evaluate three instantiations of Janus based on secure multiparty computation, somewhat homomorphic encryption, and trusted execution environments. We demonstrate that they support the privacy, accuracy, and performance needs of humanitarian organizations. We compare Janus with existing alternatives and show it is the first system that provides the accuracy our scenario requires while providing strong protection.

翻译：人道主义组织向有需要的人群提供援助。为高效利用有限预算，其分配流程必须确保合法受助者不会获得超出其应得范围的援助。因此，确保每位受助者在每个援助项目中仅能注册一次至关重要。以红十字国际委员会的援助分配登记流程为用例，我们明确了在不给受助者带来新风险的前提下检测重复注册的需求。据此设计出Janus系统，该方案将隐私增强技术与生物特征相结合，以安全方式防止重复注册。Janus不构建明文生物特征数据库，在注册时仅泄露一个比特信息（即判断当前注册用户是否存在于数据库中）。我们基于安全多方计算、部分同态加密和可信执行环境实现了Janus的三种实例化方案，并证明其能够满足人道主义组织对隐私、准确性和性能的需求。通过对比现有替代方案，我们证明Janus是首个在提供强保护的同时满足本场景所需准确性的系统。