On using a von neumann extractor in heart-beat-based security

Abstract

The Inter-Pulse-Interval (IPI) of heart beats has previously been suggested for facilitating security in mobile health (mHealth) applications. In heart-beat-based security, a security key is derived from the time difference between consecutive heart beats. As two entities that simultaneously sample the same heart beats may generate the same key (with some inter-key disparity), these keys may be used for various security functions, such as entity authentication or data confidentiality. One of the key limitations in heart-beat-based security is the low randomness intrinsic to the most-significant bits (MSBs) in the digital representation of each IPI. In this paper, we explore the use of a von Neumann entropy extractor on these MSBs in order to increase their randomness. We show that our von Neumann key-generator produces significantly more random bits than a non-extracting key generator with an average bit-extraction rate between 13.4% and 21.9%. Despite this increase in randomness, we also find a substantial increase in inter-key disparity, increasing the mismatch tolerance required for a given true-key pair. Accordingly, the maximum-attainable effective key-strength of our key generator is only slightly higher than that of a non-extracting generator (16.4 bits compared to 15.2 bits of security for a 60-bit key), while the former requires an increase in average key-generation time of 2.5x.