An end-to-end secure key management protocol for e-health applications

Display Omitted We introduce an energy-aware key management protocol for e-health applications.The protocol guarantees the end-to-end principle.Constrained nodes offload asymmetric cryptographic operations to third parties.We conduct a formal validation regarding the security properties of our protocol.Analysis results highlight energy gains on constrained nodes. Key distribution is required to secure e-health applications in the context of Internet of Things (IoT). However, resources constraints in IoT make these applications unable to run existing key management protocols. In this paper, we propose a new lightweight key management protocol. This protocol is based on collaboration to establish a secure end-to-end communication channel between a highly resource constrained node and a remote entity. The secure channel allows the constrained node to transmit captured data while ensuring confidentiality and authentication. To achieve this goal, we propose offloading highly consuming cryptographic primitives to third parties. As a result, the constrained node obtains assistance from powerful entities. To assess our protocol, we conduct a formal validation regarding security properties. In addition, we evaluate both communication and computational costs to highlight energy savings. The results show that our protocol provides a considerable gain in energy while its security properties are ensured.

[1]  Gourab Sen Gupta,et al.  Smart Sensors and Sensing Technology , 2008 .

[2]  Utz Roedig,et al.  Securing communication in 6LoWPAN with compressed IPsec , 2011, 2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS).

[3]  S. Sastry,et al.  Security and Privacy Issues with Health Care Information Technology , 2006, 2006 International Conference of the IEEE Engineering in Medicine and Biology Society.

[4]  Dieter Hayn,et al.  The Internet of Things for Ambient Assisted Living , 2010, 2010 Seventh International Conference on Information Technology: New Generations.

[5]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[6]  Riccardo Bonetto,et al.  Secure communication for smart IoT objects: Protocol stacks, use cases and practical examples , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[7]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[8]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[9]  Jorge Sá Silva,et al.  Enabling Network-Layer Security on IPv6 Wireless Sensor Networks , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[10]  Chun Chen,et al.  Lightweight and provably secure user authentication with anonymity for the global mobility network , 2011, Int. J. Commun. Syst..

[11]  Elfed Lewis,et al.  Analysis of Hardware Encryption Versus Software Encryption on Wireless Sensor Network Motes , 2008 .

[12]  David E. Culler,et al.  Transmission of IPv6 Packets over IEEE 802.15.4 Networks , 2007, RFC.

[13]  Nidal Nasser,et al.  SEEM: Secure and energy-efficient multipath routing protocol for wireless sensor networks , 2007, Comput. Commun..

[14]  Jianfeng Wang,et al.  Applications, challenges, and prospective in emerging body area networking technologies , 2010, IEEE Wireless Communications.

[15]  François-Xavier Standaert,et al.  On the Energy Cost of Communication and Cryptography in Wireless Sensor Networks , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[16]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[17]  Hanno Wirtz,et al.  Tailoring end-to-end IP security protocols to the Internet of Things , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[18]  Berk Sunar,et al.  Energy Comparison of AES and SHA-1 for Ubiquitous Computing , 2006, EUC Workshops.

[19]  Pascal Thubert,et al.  Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks , 2011, RFC.

[20]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[21]  Danny Dolev,et al.  On the Security of Public Key Protocols (Extended Abstract) , 1981, FOCS.

[22]  Adam Dunkels,et al.  A database in every sensor , 2011, SenSys.

[23]  Thiemo Voigt,et al.  Lightweight IKEv2: A Key Management Solution for both Compressed IPsec and IEEE 802.15.4 Security , 2012 .

[24]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[25]  Morris J. Dworkin SP 800-38C. Recommendation for Block Cipher Modes of Operation: the CCM Mode for Authentication and Confidentiality , 2004 .

[26]  Tae Hwan Oh,et al.  Security Issues on Wireless Body Area Network for Remote Healthcare Monitoring , 2010, 2010 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing.

[27]  David Cooper,et al.  Server-Based Certificate Validation Protocol (SCVP) , 2007, RFC.

[28]  Alexis Olivereau,et al.  D-HIP: A distributed key exchange scheme for HIP-based Internet of Things , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[29]  Ricardo Dahab,et al.  NanoECC: Testing the Limits of Elliptic Curve Cryptography in Sensor Networks , 2008, EWSN.