Conference Proceeding Article
User authentication is the first and probably the most challenging step in achieving secure person-to-person communications. Most of the existing authentication schemes require communicating parties either share a secret/password or know each other's public key. In this paper we suggest a novel user authentication scheme that is easy to use and overcomes the requirements of sharing password or public keys. Our scheme allows two human users to perform mutual authentication and have secure communications over an open channel by exchanging biometrics signals (e. g., voice or video signals). In addition to user authentication, our scheme establishes a secret session key between two users by cryptographically binding biometrics signals with users's Diffie-Hellman public values. Under the assumption that the two communicating persons are familiar with each other's biometrics signals, we show that the scheme is secure against various attacks, including the man-in-the-middle attack. The proposed scheme is highly suitable for applications such as Voice-over-IP
Databases and Information Systems | Information Security
Data Management and Analytics; Cybersecurity
Security and Privacy in the Age of Ubiquitous Computing: IFIP TC11 20th International Information Security Conference May 30-June 1, Chiba, Japan
City or Country
WU, Yongdong; Bao, Feng; and Deng, Robert Huijie.
Secure Human Communications Based on Biometrics Signals. (2005). Security and Privacy in the Age of Ubiquitous Computing: IFIP TC11 20th International Information Security Conference May 30-June 1, Chiba, Japan. 181, 205-221. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/586
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.