Secure key agreement based on ordered biometric features

•SKA-POB is a secure key agreement protocol with keys being purely generated via ordered biometrics (i.e. iriscodes).•SKA-POB has window-based comparison and reset methods for verification to maximize performance without sacrificing security.•SKA-POB includes an intelligent fake block generation and...

Full description

Saved in:
Bibliographic Details
Published inComputer networks (Amsterdam, Netherlands : 1999) Vol. 163; p. 106885
Main Authors Akdoğan, Dilara, Karaoğlan Altop, Duygu, Levi, Albert
Format Journal Article
LanguageEnglish
Published Amsterdam Elsevier B.V 09.11.2019
Elsevier Sequoia S.A
Subjects
Bio-cryptography
Biometrics
Complexity
Cryptography
Iris
Key agreement
Multiple criterion
Protocol (computers)
Security
Security analysis
Biometrics
Bio-cryptography
Key agreement
Iris
Security analysis
Online AccessGet full text

Cover

More Information
Summary:•SKA-POB is a secure key agreement protocol with keys being purely generated via ordered biometrics (i.e. iriscodes).•SKA-POB has window-based comparison and reset methods for verification to maximize performance without sacrificing security.•SKA-POB includes an intelligent fake block generation and distribution strategy to hide the genuine blocks of the iriscode.•Correct and incorrect key generation rates of SKA-POB are 100% and 0%, respectively. Thus it has perfect match rates.•It has been shown that SKA-POB resists against brute-force, replay, impersonation and correlation attacks effectively. In this work, we propose a novel secure key agreement protocol, Secure Key Agreement using Pure Ordered Biometrics (SKA-POB), in which the cryptographic keys are generated using an ordered set of biometrics, without any extra shared secret data or keys. The proposed approach is instantiated using iris biometrics. Our protocol makes use of hash functions and HMAC (Hash-based Message Authentication Code) as the only cryptographic primitives; thus, it is not cryptographically resource-hungry. We also propose and integrate a window-based comparison strategy and a window reset method in SKA-POB. This way, performance is maximized without sacrificing security. Furthermore, we propose an intelligent fake block generation and distribution strategy to hide the genuine blocks in transit, which increases the resistence of our proposed protocol against correlation attacks. SKA-POB protocol works in round manner, allowing to successfully terminate with key establishment as early as possible so that the complexity is reduced for both client and server sides. Additionally, we employ multi-criteria analyses for our proposed SKA-POB protocol and we provide verification results in terms of performance analysis together with randomness, distinctiveness and attack complexity through security analysis. Results show that highly random and computationally secure keys can be generated with almost no error and with very low complexity.
ISSN:1389-1286
1872-7069
DOI:10.1016/j.comnet.2019.106885