Security analysis of revocable and bipartite biotokens
Citation
Deniz, SN. (2015). World Congress on Internet Security (WorldCIS). (October 01, 2015). Security analysis of revocable and bipartite biotokens. Conference: World Congress on Internet Security (WorldCIS) Location: Dublin, IRELAND. 97-103.Abstract
In this paper, we analyze the security of bipartite biotokens that release a secret key hidden in the biotoken by using biometrics. We show that the biotoken encoding of 80/112/128-bit symmetric encryption keys are vulnerable to brute force attacks, whose complexity is lower than cryptographic security. Also, we present the weaknesses in the design of revocable biotokens that form the basis for bipartite biotokens. Finally, we propose countermeasures to prevent these attacks and discuss the employment of other efficient cryptographic techniques that possess provable security guarantees.
