|![[Search]](/images/search.gif?1209136071)
|![[A-Z Index]](/images/az.gif?1209136071)
|![[Contact]](/images/contact.gif?1209136071)
||![[University of Birmingham]](/images/identifier2.gif?1243330508){kind=small} |
![[Talks@bham]](/images/talkslogosmall.gif?1243330508) |
University of Birmingham > Talks@bham > Computer Security Seminars > On the Difficulty of Using Patient's Physiological Signals in Cryptographic Protocols
On the Difficulty of Using Patient's Physiological Signals in Cryptographic ProtocolsAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Isra Ahmed. With the increasing capabilities of wearable sensors and implantable medical devices, new opportunities arise to diagnose, control and treat several chronic conditions. Unfortunately, these advancements also open new attack vectors, making security an essential requirement for the further adoption of these devices. Researchers have already developed security solutions tailored to their unique requirements and constraints. However, a fundamental problem yet unsolved is how to securely and efficiently establish and manage cryptographic keys. A promising area that has received significant attention is the use of patient’s physiological signals as a means for establishing cryptographic keys. This paper aims at identifying common pitfalls in physiological-signal-based cryptographic protocols. These solutions are very fragile because errors can be introduced at different stages, including the choice of the physiological signal, the design of the protocol or its implementation. We start by reviewing previous work that has succeeded in measuring various physiological signals remotely. Subsequently, we conduct a thorough security analysis of two cryptographic solutions well-accepted by the security community, namely the H2H protocol (Rostami et al. – CCS 2013 ) and the Biosec protocol (Cherukuri et al. – ICISIP 2006 ). Our evaluation reveals that these protocols have serious design and implementation security weaknesses. Driven by our findings, we then describe the process for securely and efficiently use patients’ physiological signals in cryptographic solutions. Finally, we discuss research directions for future work. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsSERENE Seminars IMA West Midlands Branch CargoOther talksProvably Convergent Plug-and-Play Quasi-Newton Methods for Imaging Inverse Problems Disorder relevance for non-convex random gradient Gibbs measures in d=2 Sensing and metrology activities at NPL, India Modelling uncertainty in image analysis. Geometry of alternating projections in metric spaces with bounded curvature TBC |
Friday 31 May 2019, 14:00-14:30