A Systematization of Knowledge on Biomarker Based Encryption Keys

Authors

DOI:

https://doi.org/10.34190/eccws.25.1.4602

Keywords:

Biomarker, Cryptography, Critical infrastructure security, Encryption

Abstract

Encryption keys require careful management, they must be securely stored, and if stolen or compromised, the consequences can be catastrophic. Ephemeral keys are created, used and then deleted, reducing the attack surface. As the tactics, techniques and procedures of threat actors continue to evolve, implementing an ephemeral encryption key would enhance the protection of critical infrastructure systems, sensitive data and communication systems. This research investigates the feasibility of generating a repeatable, unique, yet transient encryption key from human biomarkers. By deriving cryptographic keys directly from bioelectrical and biochemical markers, key management overhead and long-term exposure risks can be minimized. This Systematization of Knowledge (SoK) addresses two primary challenges. Firstly, determining the viability and limitations of deriving consistent keys from inherently variable biomarkers. Secondly, we propose a manifold encryption key derivation scheme using context dependent signals drawn from the network, device and environment to overcome the limitations of biometric based key generation, including irrevocability, noise, and entropy deficiency.

Author Biographies

Matthew Gaber, Sirindhorn International Institute of Technology, Thammasat University, Pathum Thani, Thailand

Matthew holds a Ph.D. in Information Technology from Edith Cowan University and a Master of Cyber Security from UNSW's Australian Defence Force Academy. A researcher at the intersection of AI and cyber defense, he specialises in malware analysis, zero-day detection, and adversarial tradecraft, developing tools that translate cutting-edge research into real-world defense.

Mohiuddin Ahmed, School of Computer Science and Information Technology, Adelaide University, Australia

Mohiuddin Ahmed is an Associate Professor of Cyber Security at Adelaide University, Australia. His research interests span offensive security, data analytics, and cyber governance. Recognised as a leader in his field, he has significantly advanced cyber research and education. Additionally, he is a Senior Member of IEEE.

Al-Sakib Khan Pathan, Department of Computer Science and Engineering, United International University, Bangladesh

Al-Sakib Khan Pathan is a Professor at CSE, United International University, Bangladesh. He received Ph.D. in Computer Engineering (2009) from Kyung Hee University, South Korea and B.Sc. in Computer Science and Information Technology (2003) from Islamic University of Technology (IUT), Bangladesh. He is a Senior Member of IEEE.

Downloads

Published

2026-06-15

Issue

Vol. 25 No. 1 (2026): The Proceedings of the 25th European Conference on Cyber Warfare & Security (ECCWS 2026)

Section

Academic Papers

License

Copyright (c) 2026 European Conference on Cyber Warfare and Security

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.