title   
  

Secure key agreement using pure biometrics

Akdoğan, Dilara and Karaoğlan, Duygu and Levi, Albert (2015) Secure key agreement using pure biometrics. In: IEEE Conference on Communications and Network Security (CNS 2015), Florence, Italy

[img]
Preview
PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
930Kb

Official URL: http://dx.doi.org/10.1109/CNS.2015.7346828

Abstract

In this paper, we propose a novel secure key agreement protocol that uses biometrics with unordered set of features. Our protocol enables the user and the server to agree on a symmetric key, which is generated by utilizing only the feature points of the user's biometrics. It means that our protocol does not generate the key randomly or it does not use any random data in the key itself. As a proof of concept, we instantiate our protocol model using fingerprints. In our protocol, we employ a threshold-based quantization mechanism, in order to group the minutiae in a predefined neighborhood. In this way, we increase the chance of user-server agreement on the same set of minutiae. Our protocol works in rounds. In each round, depending on the calculated similarity score on the common set of minutiae, the acceptance/rejection decision is made. Besides, we employ multi-criteria security analyses for our proposed protocol. These security analyses show that the generated keys possess acceptable randomness according to Shannon's entropy. In addition, the keys, which are generated after each protocol run, are indistinguishable from each other, as measured by the Hamming distance metric. Our protocol is also robust against brute-force, replay and impersonation attacks, proven by high attack complexity and low equal error rates.

Item Type:Papers in Conference Proceedings
Subjects:UNSPECIFIED
ID Code:28408
Deposited By:Albert Levi
Deposited On:22 Dec 2015 21:09
Last Modified:03 Oct 2016 12:31

Repository Staff Only: item control page