CardioID: Secure ECG-BCG Agnostic Interaction-Free Device Pairing

Si Zuo, Stephan Sigg, Le Nguyen, Nils Beck, Nico Jähne-Raden, Marie Cathrine Wolf

Research output: Contribution to journalArticleScientificpeer-review

77 Downloads (Pure)


Usably secure ad-hoc device pairing fosters connectivity with hardware which is difficult to access (e.g., implanted) and grants convenience for ad-hoc short-term on-off pairing patterns (e.g. shared public domain). Examples are medical devices or fitness equipment. We present CardioID, an approach to extract features from heart rate variability for secure pairing keys that change with the randomness inherited in heart operation. Our processing chain is compatible with electrocardiogram (ECG, voltage), as well as ballistocardiogram (BCG, acceleration) type signals. Dissimilarities in locally generated sequences are
accounted for using fuzzy cryptography exploiting Bose–Chaudhuri-Hocquenghem (BCH) codes. We propose a quantization to derive secure keys for cross BCG-ECG device pairing from heart-rate variability and analyze the performance in (inter- and intra-subject) BCG-to-ECG pairing. A secure communication protocol for Body Area Networks (BAN) is discussed. The attack surface of the protocol is analyzed, and we conduct a video-based attack study. In addition, two case studies with 5 (laboratory) and 20 (controlled in-field) subjects were conducted.
Original languageEnglish
Pages (from-to)128682-128696
Number of pages15
JournalIEEE Access
Publication statusPublished - 2 Dec 2022
MoE publication typeA1 Journal article-refereed


Dive into the research topics of 'CardioID: Secure ECG-BCG Agnostic Interaction-Free Device Pairing'. Together they form a unique fingerprint.

Cite this