Sensor Uses Body's Electrical Signature To Secure Devices

← Back to Stories (view on slashdot.org)

Sensor Uses Body's Electrical Signature To Secure Devices

Posted by timothy on Tuesday August 7, 2012 @02:14AM from the stop-lying-so-you-can-use-your-computer dept.

coondoggie writes with word that a "group of researchers is proposing a sensor that would authenticate mobile and wearable computer systems by using the unique electrical properties of a person's body to recognize their identity. In a paper [presented Monday] at the USENIX Workshop on Health Security and Privacy, researchers from Dartmouth University Institute for Security, Technology, and Society defined this security sensor device, known as Amulet, as a 'piece of jewelry, not unlike a watch, that would contain small electrodes to measure bioimpedance — a measure of how the body's tissues oppose a tiny applied alternating current- and learns how a person's body uniquely responds to alternating current of different frequencies.'"

10 of 64 comments (clear)

Min score:

Reason:

Sort:

Oh joy by Anonymous Coward · 2012-08-07 02:24 · Score: 4, Insightful

Yet more ways to use "infallible" dowsing rods and iris gazers to "do identity". It always comes down to this: By definition biometrics are easier to fake than to replace. This makes them unsuitable for "casual" identification, as opposed to "adversarial" identification, ie working out it was you that stole the cookie from the jar. We're not all criminals, you know. Worse, most identification isn't adversarial, but casual, and on top of that you don't just have but a single identity. Yet that's what all this is invariably targeted at: adversarial, and just the single identity. Just stop it already. I'll take the inconvenience of using a key to unlock the door, or showing a loyalty card with a fake name on it, thanks. At least that key and its lock can be replaced without surgery.
1. Re:Oh joy by Rei · 2012-08-07 02:57 · Score: 3, Interesting
  
  I was thinking the same thing. I'd thought of this concept a while back as a "turn almost anything into a key *except* a living organism" approach. That is, if you wanted a really nifty-looking key to your door, it could be some mystic-looking crystal, or some stone sigil, or whatnot. Measure how it interacts with a wide range of AC inputs provided from specific electrodes, and (assuming you have a good mechanism to fit it precisely in place on the same electrodes each time) you've got a unique signature for that object to unlock the door with. I'd think it would be very hard to fake, since trying to tune the shape/composition of a dummy "key" to adjust one frequency will mess with all the others.
  Of course more than security, I was mainly thinking of that from a "wouldn't this be awesome and probably not that hard to implement?" approach.
  
  --
  Sometimes I doubt your commitment to Sparkle Motion.
News of the future by cvtan · 2012-08-07 02:25 · Score: 3, Funny

In cybersecurity news, it was found today that a mannequin made of jello and floating grapes successfully duplicated the unique electrical signature of Mark Zuckerberg's body.

--
Sorry, but gray text on gray background is making my eyes bleed.
1. Re:News of the future by leonardluen · 2012-08-07 03:18 · Score: 3, Funny
  
  ...and it was found that people thought the mannequin was more likeable than the real Zuckerberg...
Take a diuretic, become a different person by hamjudo · 2012-08-07 02:29 · Score: 3, Informative

Electrical properties of living creatures are not really known for being stable, particularly among sick people, the intended users for this device. Good thing that the summary has so little to do with the paper, because the summary is pretty silly
we need original comments by jehan60188 · 2012-08-07 02:32 · Score: 2

Seriously, the first four comments are all about how easy this will be to fake out!
I'm going to make a comment about how awesome science is.
SCIENCE!
1. Re:we need original comments by Antipater · 2012-08-07 02:55 · Score: 2
  
  A nuclear fission chain reaction? Using uranium? Ha! Good luck ever getting THAT to work!
  
  --
  Everything is better with chainsaws.
Fundamental problem with biometrics... by sinij · 2012-08-07 02:48 · Score: 2

Perhaps this is the next amazing biometric authentication technology that can accurately identify users without any false positives... This still don't change the problem that like all other biometric data it cannot be re-issued if ever compromised.
Re:How long does it take? by vlm · 2012-08-07 03:00 · Score: 2

Device generates the signature, then it exists in a digital form and can be replicated or spoofed.
From a hacking perspective thats the best news ever

a measure of how the body's tissues oppose a tiny applied alternating current - and learns how a person's body uniquely responds to alternating current of different frequencies
Decades (centuries?) of RF EE work revolves around RF matching network behavior. Essentially its measuring how you'll behave as an antenna or at least a wildly reactive dummy load (aka rf termination). This has the interesting side effect that given nothing other than the physical coupling design inferred visually and some time with the victim and my network analyzer I can whip up a custom little SMD circuit board made completely out of passives that would be electrically indistinguishable from the victim.
Even better, if the RF freqs are low enough I can make a universal circuit board that would do DSP stuff in real time to feed it what it would like to hear.
It looks pretty easy to electronically spoof. Electrically spoofing retina patterns takes all kinds of weird optics, and electrically spoofing finger geometry takes all kinds of woodwork level work but all you'll need for this is "touch the gadget to your homemade bracelet/necklace instead of to your skin".
I would imagine this doesn't work very well. Decades of RF work by handheld radio RF guys (public safety handhelds, ham radio "HTs") shows that the RF characteristics of a human body vary wildly and seemingly randomly within a fairly narrow range. So its pretty easy to make a hand held radio/antenna combination that always matches better than 3:1 SWR but impossible to make on that regularly matches better than 1.5:1 or whatever. This is partially because the body interacts with any nearby field, but also because most quarterwave antenna designs assume the radio and human are part of the groundplane of the antenna. In practice this means you can predict overall antenna system performance within about 6 dB or so, repeatedly, but forget about predicting more accurately than 3 dB or so. The relevance of hand held radio antenna matching to this story is I do not think you can store much more than 2 or 3 bits of "crypto key" data using this tech. I'll go way out on a limb and give them 7 bits of crypto key equivalent, so I could build 128 circuit boards and be more or less guaranteed that everyone reading this could be spoofed with one of the boards. It would be very much like having all passwords limited to 2 digits.

--
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
chemistry, biology & electro-magnetics by jago25_98 · 2012-08-07 08:12 · Score: 2

The interaction between chemistry, biology & electro-magnetics is fascinating for me.
In the Anglophone world we have books like "The Body Electric". In Chinese and Russian there's much, much more. There's a sense we're building on 100's years of science (I use that term in a definition you may not agree with).
I was able to alter my bioimpedence using my mind in a test at the science museum in London. I'd like to know if it was just me passing harder on the contacts or sweating a bit more...
Where can I read more on this subject?

--
A blog I run for the wealth