Secure key agreement using pure biometrics

Akdoğan, Dilara and Karaoğlan Altop, Duygu and Levi, Albert (2015) Secure key agreement using pure biometrics. In: IEEE Conference on Communications and Network Security (CNS 2015), Florence, Italy

[thumbnail of PID3805647.pdf] PDF

Download (952kB)


In this paper, we propose a novel secure key agreement protocol that uses biometrics with unordered set of features. Our protocol enables the user and the server to agree on a symmetric key, which is generated by utilizing only the feature points of the user's biometrics. It means that our protocol does not generate the key randomly or it does not use any random data in the key itself. As a proof of concept, we instantiate our protocol model using fingerprints. In our protocol, we employ a threshold-based quantization mechanism, in order to group the minutiae in a predefined neighborhood. In this way, we increase the chance of user-server agreement on the same set of minutiae. Our protocol works in rounds. In each round, depending on the calculated similarity score on the common set of minutiae, the acceptance/rejection decision is made. Besides, we employ multi-criteria security analyses for our proposed protocol. These security analyses show that the generated keys possess acceptable randomness according to Shannon's entropy. In addition, the keys, which are generated after each protocol run, are indistinguishable from each other, as measured by the Hamming distance metric. Our protocol is also robust against brute-force, replay and impersonation attacks, proven by high attack complexity and low equal error rates.
Item Type: Papers in Conference Proceedings
Divisions: Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng.
Faculty of Engineering and Natural Sciences
Depositing User: Albert Levi
Date Deposited: 22 Dec 2015 21:09
Last Modified: 26 Apr 2022 09:20

Actions (login required)

View Item
View Item