EEG Authentication System Using Fuzzy Vault Scheme

*Fatima M. Baqer and Salah Albermany*

### **Abstract**

Authentication is the process of recognizing a user's identity by determining claimed user identity by checking user-provided evidence, combining cryptographic with biometric can solve many of security issues, including authentication. Our goal is to try to combine cryptography and biometrics to achieve authentication using fuzzy vault scheme. Electroencephalography (EEG) signals will be used as they are unique and also difficult to expose and copy; also they are difficult to be hack, using nine healthy persons' EEGs from the BCI Competition and extracting power features from signals spectrum of beta and alpha band of EEG signal, the extracted features are from three channels (C3, Cz, and C4), then support vector Machine (SVM) is used for classification. In this chapter, two tasks (left hand and right hand) are used from a four tasks in the dataset, and the system achieves 96.98% validation accuracy, using 10-fold cross-validation on the training set and the model is saved, after extract features, these features will used to be evaluated on a polynomial generated from the secret key using reed Solomon code and chaff points generated using tent map are added to hide the data, which create the final result that is the vault, for decoding the system using Lagrange interpolation for polynomial reconstruction and returning the key.

**Keywords:** fuzzy vault, EEG, brain wave, cognitive biometric, authentication, electroencephalogram

### **1. Introduction**

User authentication is an important phase in security systems. Authentication is the determining process of a person is really, who claimed to be. Authentication technology affords the access to the systems after checking/verifying if a user's certification matches the authorized certification in a database, usually provided with an ID of a user, and authentication is achieved when the user provides a certification. Generally, authentications can be according to their use: password-based, tokenbased, and biometrics-based. Each of has its advantages and disadvantages [1].

Biometrics systems based on human being's measurements analyze statistic aspects of unique physical and behavioral characteristics, which can be consumed to identify or verify a human [2].

The term biometric is a Greek word, referring to bio means "life" and metric means "measurement." Biometrics is used to achieve reliable authentication and identification that can be expressed as face fingerprints, iris, retina, signatures, gait, voice, etc. Recently, a new biometric field has gained its popularity because of its less drawbacks over other biometrics; it is the brain wave biometric or electroencephalography (EEG) [3].

However, without the drawbacks of both passwords-based and biometric-based, the EEG-based biometric authentication system combines their advantages [1]. EEG signals are dynamic, sensitive, and inexpensive and used to observe mental state that can be used to distinguish persons.

These signals can be bound with a cryptography to empower the security, a scheme that can be used with brain wave signals is called fuzzy vault scheme, keybased cryptographic scheme uses error correction codes to generate polynomials to secure the key.
