Performance and Security Analysis Sample Clauses

Performance and Security Analysis. 4.1 Probability of sharing at least one key An event-driven simulator has been developed to evaluate availability and security of proposed scheme. Our approach is compared with MRS proposed by Chan [7]. In our simulations, we induced two metrics to evaluate the availability and the security of the proposed scheme. One metric is the actual probability that any two neighboring nodes share at least one key during a key agreement phase. The other metric is the rate that all session keys are exposed to an attacker under the existence of one com- promised node. For the sake of presentation, our scheme is hereafter referred to as SKS (Secure Key agreement Scheme). The network model for our simulation assumed as follows; ⒜ 200 nodes were ran- domly placed in a 100m × 100m area. ⒝ the length (r) of the key chain varied in 2, 6, and 10. ⒞ number of cases that, in key pool, the first half of key is same to others is varied in 0% and 30%. As shown Fig. 1, as the size of key pool increases, the probability that any two neighboring nodes share at least one key also decreases. In both schemes, if the first half of the keys are not the same to others', the key sharing probability is identical (see Fig. 1(a)). However, as the cases that the first half of keys are same to others increased to 30% (See Fig. 1(b)), the key sharing probability makes a little difference between two schemes, although very little. Next, to evaluate the security of the proposed scheme, we estimated the exposure rate of session keys during a key agreement under the existence of one compromised node by an attacker. In our simulations, the compromised nodes were randomly se- lected. Fig. 2 shows the session key exposure rate when a node is compromised by an attacker. As shown in Fig. 2, even though a node is compromised by an attacker, the proposed scheme is much less affected than the MRS. This is because the proposed scheme hides the keys unshared with other nodes. Therefore, the proposed scheme is robust against the compromise of nodes.

Performance and Security Analysis. Σ Our proposed protocol is tested with 30 subjects from Verifinger Sample Database [17], which includes fingerprints scanned using Cross Match Verifier 300 at 500 ppi [18]. Each subject has 8 fingerprint images. These fingerprint im- ages are aligned using their intensity values in MATLAB R2014b. The minutiae of each fingerprint is extracted using the Neurotechnology Biometric SDK 5.0 Verifinger [17]. First 3 fingerprint images are used to generate the template on the server side, while the remaining 5 fingerprint images are used as combinations of 3 at the user side. Hence, each subject is tested 5 = 10 times. In addition to the genuine tests, impostor tests are also carried out. In these impostor tests, each subject’s template is tested against all other subjects’ queries. The hash function used in the protocol is SHA-256 [19]; hence all of the generated keys are 256 bits long. USER SERVER H2(gu) ∀gu ∈ Gu H2(c) ∀c ∈ C Qu = mix(H2(gu) ∪ H2(c)) REJECT userID || Qu s Gt = Qu ∩ Gs s S = |Gt |2/(nu × ns) | tG | su s,k s s IF S < Tsim → REJECT ELSE s Ksu |Gt | || HMAC (msg) K = H1( fs H1(gt k=1 )) ∀gt ∈ Gt RETRY FOREACH Gt ⊂ Gu : |Gt | = |Gt | ACCEPT u u s |Gt | us u,k u u K = H1( fs H1(gt )) ∀gt ∈ Gt k=1 IF HMACKsu (msg) == HMACKus (msg) → ACCEPT and BREAK IF NOT ACCEPTED → RETRY REJECT S = (|Gt | − 1)2/(nu × ns) s s