Secure key agreement based on ordered biometric features

Abstract

In this work, we propose a novel secure key agreement protocol, Secure Key Agreement using Pure Ordered Biometrics (SKA-POB), in which the cryptographic keys are generated using an ordered set of biometrics, without any extra shared secret data or keys. The proposed approach is instantiated using iris biometrics. Our protocol makes use of hash functions and HMAC (Hash-based Message Authentication Code) as the only cryptographic primitives; thus, it is not cryptographically resource-hungry. We also propose and integrate a window-based comparison strategy and a window reset method in SKA-POB. This way, performance is maximized without sacrificing security. Furthermore, we propose an intelligent fake block generation and distribution strategy to hide the genuine blocks in transit, which increases the resistence of our proposed protocol against correlation attacks. SKA-POB protocol works in round manner, allowing to successfully terminate with key establishment as early as possible so that the complexity is reduced for both client and server sides. Additionally, we employ multi-criteria analyses for our proposed SKA-POB protocol and we provide verification results in terms of performance analysis together with randomness, distinctiveness and attack complexity through security analysis. Results show that highly random and computationally secure keys can be generated with almost no error and with very low complexity.