To address the dual challenges of resource constraints in wireless earbuds and biometric privacy leakage, this paper proposes EarID—the first lightweight biometric key extraction protocol tailored for ear canal scanning (ECS) sensing. EarID eschews machine learning classifiers and instead performs signal preprocessing, feature enhancement, and binarization entirely on-device to generate a unique binary cryptographic key. It innovatively integrates a fuzzy commitment scheme to enable secure cross-device authentication while preserving the confidentiality of raw ear canal biometric data. Experimental evaluation demonstrates an authentication accuracy of 98.7%, with registration and on-earbud processing latency of only 160 ms and 226 ms, respectively, and a false acceptance rate below 1%—significantly outperforming existing approaches. EarID is the first solution to achieve low computational overhead, strong biometric privacy protection, and high robustness in ear canal biometric key generation, establishing a novel paradigm for passwordless authentication on wearable devices.

Ear canal scanning/sensing (ECS) has emerged as a novel biometric authentication method for mobile devices paired with wireless earbuds. Existing studies have demonstrated the uniqueness of ear canals by training and testing machine learning classifiers on ECS data. However, implementing practical ECS-based authentication requires preventing raw biometric data leakage and designing computationally efficient protocols suitable for resource-constrained earbuds. To address these challenges, we propose an ear canal key extraction protocol, extbf{EarID}. Without relying on classifiers, EarID extracts unique binary keys directly on the earbuds during authentication. These keys further allow the use of privacy-preserving fuzzy commitment scheme that verifies the wearer's key on mobile devices. Our evaluation results demonstrate that EarID achieves a 98.7% authentication accuracy, comparable to machine learning classifiers. The mobile enrollment time (160~ms) and earbuds processing time (226~ms) are negligible in terms of wearer's experience. Moreover, our approach is robust and attack-resistant, maintaining a false acceptance rate below 1% across all adversarial scenarios. We believe the proposed EarID offers a practical and secure solution for next-generation wireless earbuds.