Skip to main content
SpringerLink
Log in

BLOcKeR: A Biometric Locking Paradigm for IoT and the Connected Person

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

As the internet-of-things (IoT) era begins, there is a significant need for low-cost access control schemes that allow humans to activate and maintain IoT systems.Traditional biometric access control systems remain, however, vulnerable to physical attacks resulting in template theft/privacy, illegal access, etc. This paper aimed to address this by expanding on a proposal called BLOcKeR, which combines biometrics with two recent advances in hardware security—physically unclonable functions (PUFs) and hardware obfuscation. Hardware obfuscation is a technique to protect electronic hardware against access control circumvention attacks through locking mechanisms. A PUF is incorporated to tie the biometrics of the owner to the system. Combining these advances with biometrics, BLOcKeR protects a biometric system from physical attacks by locking its functionality and aims at ensuring successful activation of the locked system unlike the authentication /matching in biometric systems. In addition, unlike various existing approaches, BLOcKeR does not store the raw biometric of users while providing irreversibility, unlinkability, and revocability to the templates. We present a security analysis and experiments with more than 45,000 attack variants to evaluate BLOcKeR’s security against unauthorized access.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Notes

  1. This study has been mostly carried out, when Fatemeh Ganji was with Florida Institute for Cybersecurity Research

  2. An initial assertion on this idea was discussed in our non-peer-reviewed, earlier version of this study [5], which only covered how our framework enrolls a device to one user.

  3. This is a simplified overview of how BLOcKeR works. For details, see Sect. 3.

  4. This cannot be performed by an adversary, even if she has access to AD, as x cannot be retrieved from AD.

  5. More formally, the number of CRPs offered by a strong PUF is exponential in the security parameter, i.e., the number of bits in a challenge.

  6. This notion should not be confused with Bipartite Biotokens that concerns generating revocable biotokens [42].

  7. Alternatively, the designer of BLOcKeR can store the entire set of CRPs, which is indeed against the storage efficiency as the size of the set is exponential in the number of bits in a challenge.

  8. \(\Delta \mathbb {H}_\infty { isdenotedby}\text {I}(\text {AD};x)\) in some reference, e.g., [36].

References

  1. Dockrill P (2018) First-ever drone swarm attack has struck russian military bases, sources claim. Online at https://goo.gl/rABptt

  2. Jain AK, Nandakumar K, Nagar A (2008) Biometric template security. EURASIP J Adv Signal Process 2008:113

    Article  Google Scholar 

  3. Nandakumar K, Jain AK (2015) Biometric template protection: Bridging the performance gap between theory and practice. IEEE Signal Process Mag 32(5):88–100

    Article  Google Scholar 

  4. Wu S-C, Chen P-T, Swindlehurst AL, Hung P-L (2018) Cancelable biometric recognition with ecgs: subspace-based approaches. IEEE Trans Inf Forensics Secur 14(5):1323–1336

    Article  Google Scholar 

  5. Ganji F, Karimian N, Woodard D, Forte D (2019) Leave adversaries in the dark- blocker: Secure and reliable biometric access control. The Journal of the Homeland Defense and Security Information Analysis Center (HDIAC) 6(1):4–8

    Google Scholar 

  6. Forte D, Bhunia S, Tehranipoor MM (2017) Hardware protection through obfuscation. Springer

  7. Suh GE, Devadas S (2007) Physical unclonable functions for device authentication and secret key generation. In Proceedings of the 44th annual design automation Conf ACM pp. 9–14

  8. Rahman MT, Tajik S, Rahman MS, Tehranipoor M, Asadizanjani N (2020) The key is left under the mat: On the inappropriate security assumption of logic locking schemes. In Hardware Oriented Security and Trust (HOST) pp. 262–272

  9. Karimian N, Tehranipoor M, Woodard D, Forte D (2019) Unlock your heart: Next generation biometric in resource-constrained healthcare systems and iot. IEEE Access 7:49135–49149

    Article  Google Scholar 

  10. ISO/IEC 24745 (2011) Information technology–security techniques–biometric information protection

  11. Chikkerur S, Ratha NK, Connell JH, Bolle RM (2008) Generating registration-free cancelable fingerprint templates. In 2008 IEEE Second International Conf on Biometrics: Theory, Applications and Systems pp. 1–6

  12. Patel VM, Ratha NK, Chellappa R (2015) Cancelable biometrics: A review. IEEE Signal Process Mag 32(5):54–65

    Article  Google Scholar 

  13. Weber S, Karger PA, Paradkar A (2005) A software flaw taxonomy: aiming tools at security. ACM SIGSOFT Software Engineering Notes 30(4):1–7

    Article  Google Scholar 

  14. Skorobogatov SP (2005) Semi-invasive attacks: a new approach to hardware security analysis. PhD thesis, Citeseer

  15. Wang H, Forte D, Tehranipoor MM, Shi Q (2017) Probing attacks on integrated circuits: Challenges and research opportunities. IEEE Des Test 34(5):63–71

    Article  Google Scholar 

  16. Dodis Y, Reyzin L, Smith A (2004) Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In International Conf on the theory and applications of cryptographic techniques. Springer pp. 523–540

  17. Mykletun E, Narasimha M, Tsudik G (2003) Providing authentication and integrity in outsourced databases using merkle hash trees. UCI-SCONCE Technical Report

  18. Maes R, Verbauwhede I (2010) Physically unclonable functions: A study on the state of the art and future research directions. In Towards Hardware-Intrinsic Security. Springer pp. 3–37

  19. Zheng Y, Cao Y, Chang C-H (2018) Facial biohashing based user-device physical unclonable function for bring your own device security. In Consumer Electronics (ICCE) IEEE International Conf pp. 1–6

  20. Rührmair et al (2010) Modeling attacks on physical unclonable functions. In Proceedings of the 17th ACM Conf. on Computer and communications security ACM pp. 237–249

  21. Ganji F (2018) On the learnability of physically unclonable functions. Springer

  22. Juels A, Sudan M (2006) A fuzzy vault scheme. Des Codes Crypt 38(2):237–257

    Article  MathSciNet  Google Scholar 

  23. Scheirer WJ, Boult TE (2007) Cracking fuzzy vaults and biometric encryption. In Biometrics Symp IEEE pp. 1–6

  24. Tuyls P, Akkermans AH, Kevenaar TA, Schrijen G-J, Bazen AM, Veldhuis RN (2005) Practical biometric authentication with template protection. In International Conf. on Audio-and Video-Based Biometric Person Authentication. Springer pp. 436–446

  25. Hao F, Anderson R, Daugman J (2006) Combining crypto with biometrics effectively. IEEE Trans Comput 55(9):1081–1088

    Article  Google Scholar 

  26. Uludag U, Pankanti S, Prabhakar S, Jain AK (2004) Biometric cryptosystems: issues and challenges. Proc IEEE 92(6):948–960

    Article  Google Scholar 

  27. Scheirer W, Boult T (2008) Bio-cryptographic protocols with bipartite biotokens. In Biometrics Symp BSYM’08 IEEE pp. 9–16

  28. Kumar A (2016) Security and privacy for outsourced computations. PhD thesis, Université Grenoble Alpes

  29. Markantonakis K, Tunstall M, Hancke G, Askoxylakis I, Mayes K (2009) Attacking smart card systems: Theory and practice. Information security technical report 14(2):46–56

  30. Su Y, Holleman J, Otis B (2007) A 1.6 pj/bit 96% stable chip-id generating circuit using process variations. In Solid-State Circuits Conf., 2007. ISSCC 2007. Digest of Technical Papers. IEEE International pp. 406–611

  31. Delvaux J et al (2016) Efficient fuzzy extraction of puf-induced secrets: Theory and applications. In International Conf on Cryptographic Hardware and Embedded Systems. Springer pp. 412–431

  32. Merli D, Schuster D, Stumpf F, Sigl G (2011) Side-channel analysis of pufs and fuzzy extractors. In International Conf Trust and Trustworthy Computing. Springer pp. 33–47

  33. Hiller M et al (2013) Breaking through fixed puf block limitations with differential sequence coding and convolutional codes. In Proceedings of the 3rd international workshop on Trustworthy embedded devices ACM pp. 43–54

  34. Karam R, Hoque T, Ray S, Tehranipoor M, Bhunia S (2016) Robust bitstream protection in fpga-based systems through low-overhead obfuscation. In ReConFigurable Computing and FPGAs (ReConFig) International Conf on IEEE pp. 1–8

  35. Yubico Team (2018) Upgrading yubikey firmware. Online at https://support.yubico.com/support/solutions/articles/15000006434-upgrading-yubikey-firmware Accessed 24 Jul 2020

  36. Tuyls P, Goseling J (2004) Capacity and examples of template-protecting biometric authentication systems. In International Workshop on Biometric Authentication. Springer pp. 158–170

  37. Brglez F, Bryan D, Kozminski K (1989) Combinational profiles of sequential benchmark circuits. In IEEE International Symp Circuits and Systems pp. 1929–1934

  38. Chen C, Veldhuis RN, Kevenaar TA, Akkermans AH (2009) Biometric quantization through detection rate optimized bit allocation. EURASIP J Adv Signal Process 2009:1–16

    MATH  Google Scholar 

  39. Spacek L (2007) Collection of facial images: Faces94. Compt. Vision Science and Research Projects, University of Essex, UK, http://cswww.essex.ac.uk/mv/allfaces/faces94.html

  40. Doddington G, Liggett W, Martin A, Przybocki M, Reynolds D (1998) Sheep, goats, lambs and wolves: A statistical analysis of speaker performance in the nist 1998 speaker recognition evaluation. Tech. rep., National Inst of Standards and Technology Gaithersburg Md

  41. Alaql A, Hoque T, Forte D, Bhunia S (2019) Quality obfuscation for error-tolerant and adaptive hardware ip protection. In 2019 IEEE 37th VLSI Test Symp. (VTS) pp. 1–6

  42. Scheirer WJ, Boult TE (2009) Bipartite biotokens: Definition, implementation, and analysis. In International Conf. on Biometrics. Springer pp. 775–785

Download references

Acknowledgements

This work is supported by US Army Research Office grant under award W911NF-19-1-0102.

Author information

Authors and Affiliations

  1. University of Florida, Gainesville, 32611, FL, USA

    Sumaiya Shomaji, Zimu Guo, Damon Woodard & Domenic Forte

  2. Worcester Polytechnic Institute, Worcester, 01609, MA, USA

    Fatemeh Ganji

  3. San Jose State University, Gainesville, San Jose, 95192, CA, USA

    Nima Karimian

Authors
  1. Sumaiya Shomaji
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zimu Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fatemeh Ganji
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nima Karimian
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Damon Woodard
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Domenic Forte
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sumaiya Shomaji.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shomaji, S., Guo, Z., Ganji, F. et al. BLOcKeR: A Biometric Locking Paradigm for IoT and the Connected Person. J Hardw Syst Secur 5, 223–236 (2021). https://doi.org/10.1007/s41635-021-00121-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-021-00121-5

Keywords

Search

Navigation