Birds of a Feather Flock Together: Fuzzy Extractor and Gait-Based Robust Group Secret Key Generation for Smart Wearables

  • Chitra JavaliEmail author
  • Girish Revadigar
Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 254)


The recent surge in the usage of smart wearables for health monitoring highlights securing the communication among a group of personal devices using group secret keys (GSK). Simultaneous GSK generation on multiple wearables is very challenging as finding a common feature among the devices that has good entropy is difficult. In this paper, we present two novel GSK protocols – FEAT-GSK and FEST-GSK, employing the unique gait characteristics of a person and fuzzy extractors. FEST-GSK eliminates the reconciliation and privacy amplification stages as it employs error correcting code and strong extractor. We implement our protocols on android devices and conduct various experiments. Our results demonstrate that the gait features extracted on user’s devices show highest correlation (Pearson-correlation-coefficient >0.9), and guarantees matching group key generation e.g., 256-bit key in less than 4 s, whereas, the adversaries show as low as 20% key agreement with respect to the user.


Group secret key generation Fuzzy extractor Secure sketch Gait analysis Accelerometer sensor 


  1. 1.
    Bluetooth Low Energy Specification. Accessed 21 Feb 2018
  2. 2.
    Continua Health Alliance. Accessed 21 Feb 2018
  3. 3.
    FastICA Java Library. Accessed 21 Feb 2018
  4. 4.
    Fitness Ttrackers. Accessed 21 Feb 2018
  5. 5.
    IEEE 802.15 WPAN Task Group 6 (TG6) Body Area Networks. Accessed 21 Feb 2018
  6. 6.
    Moto E2 Phone. Accessed 21 Feb 2018
  7. 7.
    Samsung Smart Watch. Accessed 21 Feb 2018
  8. 8.
    Smart Glasses. Accessed 21 Feb 2018
  9. 9.
    Wearable Tech: A Developer’s Security Nightmare. Accessed 21 Feb 2018
  10. 10.
    Bichler, D., Stromberg, G., Huemer, M., Löw, M.: Key generation based on acceleration data of shaking processes. In: Krumm, J., Abowd, G.D., Seneviratne, A., Strang, T. (eds.) UbiComp 2007. LNCS, vol. 4717, pp. 304–317. Springer, Heidelberg (2007). Scholar
  11. 11.
    Boyen, X.: Reusable cryptographic fuzzy extractors. In: CCS (2004)Google Scholar
  12. 12.
    Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., Smith, A.: Secure remote authentication using biometric data. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 147–163. Springer, Heidelberg (2005). Scholar
  13. 13.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory. Wiley, New York (1991)CrossRefGoogle Scholar
  14. 14.
    Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Gafurov, D., Snekkenes, E., Buvarp, T.E.: Robustness of biometric gait authentication against impersonation attack. In: OTM Confederated International Workshops (2006)Google Scholar
  16. 16.
    Groza, B., Mayrhofer, R.: SAPHE: simple accelerometer based wireless pairing with heuristic trees. In: MoMM (2012)Google Scholar
  17. 17.
    Holmquist, L.E., Mattern, F., Schiele, B., Alahuhta, P., Beigl, M., Gellersen, H.-W.: Smart-its friends: a technique for users to easily establish connections between smart artefacts. In: Abowd, G.D., Brumitt, B., Shafer, S. (eds.) UbiComp 2001. LNCS, vol. 2201, pp. 116–122. Springer, Heidelberg (2001). Scholar
  18. 18.
    Hyvärinen, A.: Fast and robust fixed-point algorithms for independent component analysis. IEEE TNN 10(3), 626–634 (1999)Google Scholar
  19. 19.
    Javali, C., Revadigar, G., Ding, M., Jha, S.: Secret key generation by virtual link estimation. In: BodyNets (2015)Google Scholar
  20. 20.
    Javali, C., Revadigar, G., Libman, L., Jha, S.: SeAK: secure authentication and key generation protocol based on dual antennas for wireless body area networks. In: Saxena, N., Sadeghi, A.-R. (eds.) RFIDSec 2014. LNCS, vol. 8651, pp. 74–89. Springer, Cham (2014). Scholar
  21. 21.
    Javali, C., Revadigar, G., Rasmussen, K.B., Hu, W., Jha, S.: I am alice, i was in wonderland: secure location proof generation and verification protocol. In: IEEE LCN (2016)Google Scholar
  22. 22.
    Kuruwatti, N., Nayana, N.Y., Sarole, N., Revadigar, G., Javali, C.: LQI-key: symmetric key generation scheme for internet-of-things (IoT) devices using wireless channel link quality. In: ICAECC (2018)Google Scholar
  23. 23.
    Li, Q., Guo, M., Chang, E.C.: Fuzzy extractors for asymmetric biometric representations. In: CVPRW (2008)Google Scholar
  24. 24.
    Liu, L.-F., Jia, W., Zhu, Y.-H.: Survey of gait recognition. In: Huang, D.-S., Jo, K.-H., Lee, H.-H., Kang, H.-J., Bevilacqua, V. (eds.) ICIC 2009. LNCS (LNAI), vol. 5755, pp. 652–659. Springer, Heidelberg (2009). Scholar
  25. 25.
    Mayrhofer, R., Gellersen, H.: Shake well before use: intuitive and secure pairing of mobile devices. IEEE TMC 8(6), 792–806 (2009)Google Scholar
  26. 26.
    Mjaaland, B., Bours, P., Gligoroski, D.: Gait mimicking - attack resistance testing of gait authentication systems. In: NISK (2009)Google Scholar
  27. 27.
    NIST: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications (2010)Google Scholar
  28. 28.
    Revadigar, G., Javali, C., Asghar, H.J., Rasmussen, K.B., Jha, S.: Mobility independent secret key generation for wearable health-care devices. In: BodyNets (2015)Google Scholar
  29. 29.
    Revadigar, G., Javali, C., Hu, W., Jha, S.: DLINK: dual link based radio frequency fingerprinting for wearable devices. In: IEEE LCN (2015)Google Scholar
  30. 30.
    Revadigar, G., Javali, C., Xu, W., Vasilakos, A.V., Hu, W., Jha, S.: Accelerometer and fuzzy vault-based secure group key generation and sharing protocol for smart wearables. IEEE TIFS 12(10), 2467–2482 (2017)Google Scholar
  31. 31.
    Shi, L., Yuan, J., Yu, S., Li, M.: ASK-BAN: authenticated secret key extraction utilizing channel characteristics for body area networks. In: WiSec (2013)Google Scholar
  32. 32.
    Sutcu, Y., Li, Q., Memon, N.: Protecting biometric templates with sketch: theory and practice. IEEE TIFS 2(3), 503–512 (2007)Google Scholar
  33. 33.
    Sutcu, Y., Li, Q., Memon, N.: Secure biometric templates from fingerprint-face features. In: IEEE CVPR, pp. 1–6 (2007)Google Scholar
  34. 34.
    Venkatasubramanian, K.K., Banerjee, A., Gupta, S.K.S.: PSKA: usable and secure key agreement scheme for body area networks. IEEE TITB 14(1), 60–68 (2010)Google Scholar
  35. 35.
    Voris, J., Saxena, N., Halevi, T.: Accelerometers and randomness: perfect together. In: WiSec (2011)Google Scholar
  36. 36.
    Xu, W., Javali, C., Revadigar, G., Luo, C., Bergmann, N., Hu, W.: Gait-key: a gait-based shared secret key generation protocol for wearable devices. ACM TOSN 13(1), 6:1–6:27 (2017)Google Scholar
  37. 37.
    Zhou, X.: Template protection and its implementation in 3D face recognition systems. SPIE 6539, 65390L (2007)Google Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2018

Authors and Affiliations

  1. 1.National Cybersecurity R&D Lab (NCL)National University of Singapore (NUS)SingaporeSingapore
  2. 2.Information Systems Technology and Design (ISTD)Singapore University of Technology and Design (SUTD)SingaporeSingapore

Personalised recommendations