Feeling Is Believing: A Secure Template Exchange Protocol

  • Ileana Buhan
  • Jeroen Doumen
  • Pieter Hartel
  • Raymond Veldhuis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4642)


We use grip pattern based biometrics as a secure side channel to achieve pre-authentication in a protocol that sets up a secure channel between two hand held devices. The protocol efficiently calculates a shared secret key from biometric data. The protocol is used in an application where grip pattern based biometrics is used to control access to police hand guns.


Ad-hoc authentication fuzzy cryptography biometrics 


  1. 1.
    Boyen, X., Dodis, Y., Katz, J., Ostrovsky, R., Smith, A.: Secure remote authentication using biometric data. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 147–163. Springer, Heidelberg (2005)Google Scholar
  2. 2.
    Corin, R., Etalle, S.: An improved constraint-based system for the verification of security protocols. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 326–341. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  3. 3.
    Dolev, D., Yao, A.: On the security of public key protocols. Information Theory, IEEE Transactions on 29, 198–208 (1983)zbMATHCrossRefMathSciNetGoogle Scholar
  4. 4.
    Goodrich, M.T., Sirivianos, M., Solis, J., Tsudik, G., Uzun, E.: Loud and clear: Human-verifiable authentication based on audio. In: ICDCS 2006. 26th IEEE International Conference on Distributed Computing Systems, Lisboa, Portugal, 4-7 July 2006, p. 10. IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  5. 5.
    Linnartz, J.P., Tuyls, P.: New shielding functions to enhance privacy and prevent misuse of biometric templates. In: Kittler, J., Nixon, M.S. (eds.) AVBPA 2003. LNCS, vol. 2688, pp. 393–402. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    McCune, J., Perrig, A., Reiter, M.: Seeing-is-believing: using camera phones for human-verifiable authentication. In: Security and Privacy, 2005 IEEE Symposium on, pp. 110–124. IEEE Computer Society Press, Los Alamitos (2005)CrossRefGoogle Scholar
  7. 7.
    NJIT: Personalized weapons technology project, progress report. Technical report, New Jersey Institute of Technology (April 2001)Google Scholar
  8. 8.
    Pliam, J.O.: Guesswork and variation distance as measures of cipher security. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    Saxena, N., Ekberg, J., Kostiainen, K., Asokan, N.: Secure device pairing based on a visual channel (short paper). SP, 306–313 (2006)Google Scholar
  10. 10.
    Vaudenay, S.: Secure communications over insecure channels based on short authenticated strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005)Google Scholar
  11. 11.
    Veldhuis, R.N.J., Bazen, A.M., Kauffman, J.A., Hartel, P.H.: Biometric verification based on grip-pattern recognition. In: Security, Steganography, and Watermarking of Multimedia Contents VI, Proceedings of SPIE, San Jose, California, USA, January 18-22, 2004, vol. 5306, pp. 634–641 (2004)Google Scholar
  12. 12.
    Wong, F.L., Stajano, F.: Multi-channel protocols for group key agreement in arbitrary topologies. In: PerCom 2006 Workshops. 4th IEEE Conference on Pervasive Computing and Communications Workshops, Pisa, Italy, 13-17 March 2006, pp. 246–250. IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  13. 13.
    Wu, T.D.: The secure remote password protocol. In: NDSS 1998. Proceedings of the Network and Distributed System Security Symposium, San Diego, California, USA. The Internet Society (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Ileana Buhan
    • 1
  • Jeroen Doumen
    • 1
  • Pieter Hartel
    • 1
  • Raymond Veldhuis
    • 1
  1. 1.University of Twente, EnschedeThe Netherlands

Personalised recommendations