PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks

A body area network (BAN) is a wireless network of health monitoring sensors designed to deliver personalized healthcare. Securing intersensor communications within BANs is essential for preserving not only the privacy of health data, but also for ensuring safety of healthcare delivery. This paper presents physiological-signal-based key agreement (PSKA), a scheme for enabling secure intersensor communication within a BAN in a usable (plug-n-play, transparent) manner. PSKA allows neighboring nodes in a BAN to agree to a symmetric (shared) cryptographic key, in an authenticated manner, using physiological signals obtained from the subject. No initialization or predeployment is required; simply deploying sensors in a BAN is enough to make them communicate securely. Our analysis, prototyping, and comparison with the frequently used Diffie-Hellman key agreement protocol shows that PSKA is a viable intersensor key agreement protocol for BANs.

[1]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[2]  Sharath Pankanti,et al.  Fuzzy Vault for Fingerprints , 2005, AVBPA.

[3]  Kay Römer,et al.  Wireless sensor networks: a new regime for time synchronization , 2003, CCRV.

[4]  L. Benedicenti,et al.  The electroencephalogram as a biometric , 2001, Canadian Conference on Electrical and Computer Engineering 2001. Conference Proceedings (Cat. No.01TH8555).

[5]  Ayan Banerjee,et al.  Challenges of implementing cyber-physical security solutions in body area networks , 2009, BODYNETS.

[6]  Marios Poulos,et al.  Person identification via the EEG using computational geometry algorithms , 1998, 9th European Signal Processing Conference (EUSIPCO 1998).

[7]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[8]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[9]  Dimitrios Hatzinakos,et al.  Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling , 2008, EURASIP J. Adv. Signal Process..

[10]  David E. Culler,et al.  SPINS: Security Protocols for Sensor Networks , 2001, MobiCom '01.

[11]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[12]  Sandeep K. S. Gupta,et al.  Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..

[13]  Axel Munk,et al.  The Fuzzy Vault for Fingerprints is Vulnerable to Brute Force Attack , 2007, BIOSIG.

[14]  Berrin A. Yanikoglu,et al.  Realization of correlation attack against the fuzzy vault scheme , 2008, Electronic Imaging.

[15]  Ayan Banerjee,et al.  Green and Sustainable Cyber-Physical Security Solutions for Body Area Networks , 2009, 2009 Sixth International Workshop on Wearable and Implantable Body Sensor Networks.

[16]  K.K. Venkatasubramanian,et al.  EKG-based key agreement in Body Sensor Networks , 2008, IEEE INFOCOM Workshops 2008.

[17]  T.E. Boult,et al.  Cracking Fuzzy Vaults and Biometric Encryption , 2007, 2007 Biometrics Symposium.

[18]  Ee-Chien Chang,et al.  Finding the original point set hidden among chaff , 2006, ASIACCS '06.

[19]  Inampudi Ramesh Babu,et al.  Authentication Using Fuzzy Vault Based on Iris Textures , 2008, Asia International Conference on Modelling and Simulation.

[20]  E. F. Greneker,et al.  Radar sensing of heartbeat and respiration at a distance with applications of the technology , 1997 .

[21]  Sandeep K. S. Gupta,et al.  Physiological value-based efficient usable security solutions for body sensor networks , 2010, TOSN.

[22]  Mihail L. Sichitiu,et al.  Simple, accurate time synchronization for wireless sensor networks , 2003, 2003 IEEE Wireless Communications and Networking, 2003. WCNC 2003..

[23]  Sandeep K. S. Gupta,et al.  Research challenges in wireless networks of biomedical sensors , 2001, MobiCom '01.

[24]  K.K. Venkatasubramanian,et al.  Plethysmogram-based secure inter-sensor communication in Body Area Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[25]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[26]  Sandeep K. S. Gupta,et al.  Ayushman: A Wireless Sensor Network Based Health Monitoring Infrastructure and Testbed , 2005, DCOSS.

[27]  Deborah Estrin,et al.  Proceedings of the 5th Symposium on Operating Systems Design and Implementation Fine-grained Network Time Synchronization Using Reference Broadcasts , 2022 .

[28]  K.K. Venkatasubramanian,et al.  Security for Pervasive Health Monitoring Sensor Applications , 2006, 2006 Fourth International Conference on Intelligent Sensing and Information Processing.

[29]  Frank Adelstein,et al.  Fundamentals of Mobile and Pervasive Computing , 2004 .

[30]  Miwako Doi,et al.  LifeMinder: a wearable healthcare support system using user's context , 2002, Proceedings 22nd International Conference on Distributed Computing Systems Workshops.

[31]  Hoi-Jun Yoo,et al.  A Low-power Star-topology Body Area Network Controller for Periodic Data Monitoring Around and Inside the Human Body , 2006, 2006 10th IEEE International Symposium on Wearable Computers.

[32]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.