Security evaluation of Biosec
نویسندگان
چکیده
In 2003, Cherukuri et al. proposed Biosec, a novel key distribution protocol where two (implanted) sensors that do not share any secret on beforehand can establish a key through the use of cryptography in combination with biometrics. Their solution makes use of an error correction code to tolerate some errors in the biometrics, and is the first to use patient physiological signals to securely transport a shared session key. In this paper, we evaluated the security of their protocol and identified several weaknesses. More in particular, we observed that the key is reused for multiple cryptographic primitives, and that, as stated by the authors, the biometrics randomness level may not be sufficient to fully conceal the key. In addition, we show that the effective length of the key is shorter than the one claimed by the authors due to the use of error correction codes.
منابع مشابه
BioSec Multimodal Biometric Database in Text-Dependent Speaker Recognition
In this paper we briefly describe the BioSec multimodal biometric database and analyze its use in automatic text-dependent speaker recognition research. The paper is structured into four parts: a short introduction to the problem of text-dependent speaker recognition; a brief review of other existing databases, including monomodal text-dependent speaker recognition databases and multimodal biom...
متن کاملBiosec baseline corpus: A multimodal biometric database
The baseline copus of a new multimodal database, acquired in the framework of the FP6 EU BioSec Integrated Project, is presented. The corpus consist of fingerprint images acquired with three different sensors, frontal face images from a webcam, iris images from an iris sensor, and voice utterances acquired both with a close-talk headset and a distant webcam microphone. The BioSec baseline corpu...
متن کاملCharacterization of monoclonal antibodies on the Agilent 1260 Infinity Bio-inert Quaternary LC by Size Exclusion Chromatography using the Agilent BioSEC columns
The Agilent 1260 Bio-inert Quaternary LC System and Agilent BioSEC columns were used to investigate the purity and stability of two monoclonal antibodies (mAb): AntiFLAG and BL05. The high sensitivity of the Agilent 1260 Infinity Diode Array Detector was used to characterize these antibodies at low concentrations. The bio-inert LC system in combination with BioSEC columns resulted in the develo...
متن کاملA survey on physiological-signal-based security for medical devices
Implantable Medical Devices (IMDs) are used to monitor and control patients with chronic diseases. A growing number of IMDs are equipped with a wireless interface that allows non-invasive monitoring and reprogramming through an external device, also known as device programmer. However, this wireless interface also brings important security and privacy risks that may lead to remote attacks. In t...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کامل