To address privacy leakage risks arising from the vulnerability of facial templates to reverse engineering in face recognition systems (FRS), this paper proposes an efficient and secure template protection framework based on homomorphic encryption (HE). To overcome the severe performance degradation—often hundreds of times slower—when integrating HE directly with FRS, we introduce two key techniques: (1) a metric-preserving transformation of facial templates tailored for angular distance computation, drastically reducing ciphertext matching complexity; and (2) a space-efficient encoding scheme that compresses ciphertext size and minimizes homomorphic operation overhead. Our method achieves IND-CPA security while delivering near-plaintext retrieval efficiency: single-face identification over a million-entry encrypted template database takes only 126 ms, with end-to-end latency just twice that of the plaintext baseline—representing a 10× to 100× speedup over existing HE-based approaches.

As face recognition systems (FRS) become more widely used, user privacy becomes more important. A key privacy issue in FRS is protecting the user's face template, as the characteristics of the user's face image can be recovered from the template. Although recent advances in cryptographic tools such as homomorphic encryption (HE) have provided opportunities for securing the FRS, HE cannot be used directly with FRS in an efficient plug-and-play manner. In particular, although HE is functionally complete for arbitrary programs, it is basically designed for algebraic operations on encrypted data of predetermined shape, such as a polynomial ring. Thus, a non-tailored combination of HE and the system can yield very inefficient performance, and many previous HE-based face template protection methods are hundreds of times slower than plain systems without protection. In this study, we propose IDFace, a new HE-based secure and efficient face identification method with template protection. IDFace is designed on the basis of two novel techniques for efficient searching on a (homomorphically encrypted) biometric database with an angular metric. The first technique is a template representation transformation that sharply reduces the unit cost for the matching test. The second is a space-efficient encoding that reduces wasted space from the encryption algorithm, thus saving the number of operations on encrypted templates. Through experiments, we show that IDFace can identify a face template from among a database of 1M encrypted templates in 126ms, showing only 2X overhead compared to the identification over plaintexts.