University of Oulu

Zuo, Si, et al. “CardioID: Secure ECG-BCG Agnostic Interaction-Free Device Pairing. IEEE Access, vol. 10, 2022, pp. 128682–96.

CardioID : secure ECG-BCG agnostic interaction-free device pairing

Saved in:
Author: Zuo, Si1; Sigg, Stephan1; Nguyen, Le Ngu2;
Organizations: 1Department of Communications and Networking, Aalto University, 02150 Espoo, Finland
2Faculty of Information Technology and Electrical Engineering, University of Oulu, 90570 Oulu, Finland
3Institute for Natural Language Processing, University of Stuttgart, 70569 Stuttgart, Germany
4Peter L. Reichertz Institute, 30625 Hannover, Germany
Format: article
Version: published version
Access: open
Online Access: PDF Full Text (PDF, 3.4 MB)
Persistent link:
Language: English
Published: Institute of Electrical and Electronics Engineers, 2022
Publish Date: 2023-05-03


Usably secure ad-hoc device pairing fosters connectivity with hardware which is difficult to access (e.g., implanted) and grants convenience for ad-hoc short-term on-off pairing patterns (e.g. shared public domain). Examples are medical devices or fitness equipment. We present CardioID, an approach to extract features from heart rate variability for secure pairing keys that change with the randomness inherited in heart operation. Our processing chain is compatible with electrocardiogram (ECG, voltage), as well as ballistocardiogram (BCG, acceleration) type signals. Dissimilarities in locally generated sequences are accounted for using fuzzy cryptography exploiting Bose–Chaudhuri–Hocquenghem (BCH) codes. We propose a quantization to derive secure keys for cross BCG-ECG device pairing from heart-rate variability and analyze the performance in (inter- and intra-subject) BCG-to-ECG pairing. A secure communication protocol for Body Area Networks (BAN) is discussed. The attack surface of the protocol is analyzed, and we conduct a video-based attack study. In addition, two case studies with 5 (laboratory) and 20 (controlled in-field) subjects were conducted.

see all

Series: IEEE access
ISSN: 2169-3536
ISSN-E: 2169-3536
ISSN-L: 2169-3536
Volume: 10
Pages: 128682 - 128696
DOI: 10.1109/ACCESS.2022.3226503
Type of Publication: A1 Journal article – refereed
Field of Science: 113 Computer and information sciences
Copyright information: © The Authors 2022. This work is licensed under a Creative Commons Attribution 4.0 License.