Ear canal scanning/sensing (ECS) has emerged as a novel biometric authentication method for mobile devices paired with wireless earbuds. Existing studies have demonstrated the uniqueness of ear canals by training and testing machine learning classifiers on ECS data. However, implementing practical ECS-based authentication requires preventing raw biometric data leakage and designing computationally efficient protocols suitable for resource-constrained earbuds. To address these challenges, we propose an ear canal key extraction protocol, \textbf{EarID}. Without relying on classifiers, EarID extracts unique binary keys directly on the earbuds during authentication. These keys further allow the use of privacy-preserving fuzzy commitment scheme that verifies the wearer's key on mobile devices. Our evaluation results demonstrate that EarID achieves a 98.7\% authentication accuracy, comparable to machine learning classifiers. The mobile enrollment time (160~ms) and earbuds processing time (226~ms) are negligible in terms of wearer's experience. Moreover, our approach is robust and attack-resistant, maintaining a false acceptance rate below 1\% across all adversarial scenarios. We believe the proposed EarID offers a practical and secure solution for next-generation wireless earbuds.

翻译：耳道扫描/感知技术已成为一种新型生物特征认证方法，适用于与无线耳塞配对的移动设备。现有研究通过在耳道扫描数据上训练和测试机器学习分类器，证明了耳道的独特性。然而，实现基于耳道扫描的实用认证需要防止原始生物特征数据泄露，并设计适用于资源受限耳塞的高效计算协议。为应对这些挑战，我们提出一种耳道密钥提取协议——\textbf{EarID}。该协议不依赖分类器，而是在认证过程中直接在耳塞上提取唯一的二进制密钥。这些密钥进一步支持采用隐私保护的模糊承诺方案，在移动设备端验证佩戴者的密钥。评估结果表明，EarID实现了98.7%的认证准确率，与机器学习分类器性能相当。移动端注册时间（160~ms）与耳塞处理时间（226~ms）对用户体验的影响可忽略不计。此外，该方法具有强鲁棒性与抗攻击能力，在所有对抗场景下均保持低于1%的错误接受率。我们相信所提出的EarID协议为下一代无线耳塞提供了实用且安全的解决方案。