Cryptographic key generation using ECG signal

In this paper, two different electrocardiogram (ECG) based cryptographic key generation approaches are proposed. The aim is to enhance the security of body area networks through robust key generation where keys are generated on the fly without requiring key pre-distribution solutions. The Interpulse Interval (IPI) feature of ECG underlays both of the proposed approaches. The first approach is realized by using a pseudo-random number and consecutive IPI sequences. The second approach is realized by utilizing the Advanced Encryption Standard (AES) algorithm and IPI as the seed generator for the AES algorithm. The efficiency of the proposed approaches is evaluated using real ECG data of 15 patients obtained from the MIT-BIH Arrhythmia dataset of PhysioBank. The security analyses of the generated keys are carried out in terms of distinctiveness, randomness, and temporal variance as well as using the NIST benchmark. The analyses show that our key generation approaches provide a higher security level in comparison to existing approaches relying only on singleton IPI sequences. The execution times required to generate the cryptographic keys on different processors are also examined. The results reveal that the security level improvement comes with a reasonable increase in key generation execution time. Comparing to existing IPI-based approaches, our approaches require 12.3% and 41.2% more execution time, respectively.

[1]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[2]  Fengyuan Xu,et al.  IMDGuard: Securing implantable medical devices with the external wearable guardian , 2011, 2011 Proceedings IEEE INFOCOM.

[3]  H. S. Black,et al.  Pulse code modulation , 1947, Transactions of the American Institute of Electrical Engineers.

[4]  Yuan-Ting Zhang,et al.  Physiological Signal Based Entity Authentication for Body Area Sensor Networks and Mobile Healthcare Systems , 2005, 2005 IEEE Engineering in Medicine and Biology 27th Annual Conference.

[5]  Farrukh Aslam Khan,et al.  Key Agreement Schemes in Wireless Body Area Networks: Taxonomy and State-of-the-Art , 2015, Journal of Medical Systems.

[6]  Carmen C. Y. Poon,et al.  A fast key generation method based on dynamic biometrics to secure wireless body sensor networks for p-health , 2010, 2010 Annual International Conference of the IEEE Engineering in Medicine and Biology.

[7]  B. Miller,et al.  Vital signs of identity [biometrics] , 1994, IEEE Spectrum.

[8]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[9]  Hannu Tenhunen,et al.  Smart e-Health Gateway: Bringing intelligence to Internet-of-Things based ubiquitous healthcare systems , 2015, 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC).

[10]  Ye Li,et al.  Biometrics based novel key distribution solution for body sensor networks , 2009, 2009 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[11]  Abhishek Vaish,et al.  Brainwave based user identification system: A pilot study in robotics environment , 2015, Robotics Auton. Syst..

[12]  K. Najarian,et al.  Detection of P, QRS, and T Components of ECG using wavelet transformation , 2009, 2009 ICME International Conference on Complex Medical Engineering.

[13]  Muhammad Shoaib Siddiqui,et al.  Security Issues in Wireless Mesh Networks , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[14]  Hannu Tenhunen,et al.  Towards energy-efficient HealthCare: An Internet-of-Things architecture using intelligent gateways , 2014, 2014 4th International Conference on Wireless Mobile Communication and Healthcare - Transforming Healthcare Through Innovations in Mobile and Wireless Technologies (MOBIHEALTH).

[15]  Athanasios V. Vasilakos,et al.  ECG-Cryptography and Authentication in Body Area Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[16]  Hannu Tenhunen,et al.  International Conference on Ambient Systems , Networks and Technologies ( ANT 2015 ) SEA : A Secure and E ffi cient Authentication and Authorization Architecture for IoT-Based Healthcare Using Smart Gateways , 2015 .

[17]  Ross J. Anderson,et al.  A security policy model for clinical information systems , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[18]  Mark Goresky,et al.  Fibonacci and Galois representations of feedback-with-carry shift registers , 2002, IEEE Trans. Inf. Theory.

[19]  Jeffrey M. Hausdorff,et al.  Physionet: Components of a New Research Resource for Complex Physiologic Signals". Circu-lation Vol , 2000 .

[20]  Ayan Banerjee,et al.  Challenges of implementing cyber-physical security solutions in body area networks , 2009, BODYNETS.

[21]  K.K. Venkatasubramanian,et al.  Plethysmogram-based secure inter-sensor communication in Body Area Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[22]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[23]  W. C. Andrews,et al.  THE AMERICAN INSTITUTE OF ELECTRICAL ENGINEERS. , 1901, Science.

[24]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[25]  Carmen C. Y. Poon,et al.  Using the Timing Information of Heartbeats as an Entity Identifier to Secure Body Sensor Network , 2008, IEEE Transactions on Information Technology in Biomedicine.

[26]  Hannu Tenhunen,et al.  Session Resumption-Based End-to-End Security for Healthcare Internet-of-Things , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[27]  Carmen C. Y. Poon,et al.  Analysis of Using Interpulse Intervals to Generate 128-Bit Biometric Random Binary Sequences for Securing Wireless Body Sensor Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[28]  Michael D. Zoltowski,et al.  Sensors and wireless communication for medical care , 2003, 14th International Workshop on Database and Expert Systems Applications, 2003. Proceedings..

[29]  W. Khalifa,et al.  A survey of EEG based user authentication schemes , 2012, 2012 8th International Conference on Informatics and Systems (INFOS).

[30]  Feng Hao,et al.  Combining Crypto with Biometrics Effectively , 2006, IEEE Transactions on Computers.

[31]  Hannu Tenhunen,et al.  End-to-end security scheme for mobility enabled healthcare Internet of Things , 2016, Future Gener. Comput. Syst..

[32]  Albert Levi,et al.  Towards using physiological signals as cryptographic keys in Body Area Networks , 2015, 2015 9th International Conference on Pervasive Computing Technologies for Healthcare (PervasiveHealth).

[33]  Vincent Rijmen,et al.  Specification of Rijndael , 2020, Information Security and Cryptography.