Deriving cryptographic keys from physiological signals

Biosensors aim at providing pervasive healthcare by collecting and communicating highly sensitive medical information. Due to their extreme limitations, lightweight and secure key management infrastructures are required. For this reason, biosensors use physiological parameters that are generated from different vital signals (i.e., electrocardiogram, photoplethysmogram, blood pressure) to protect the exchanged private health information. In this paper, we define two novel physiological parameter generation techniques and analyze both the performance and the quality of the outcomes. Our results show that we generate good candidates of physiological parameters that can be used as cryptographic keys to secure the communication among the biosensors.

[1]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[2]  Fan Zhang,et al.  OPFKA: Secure and efficient Ordered-Physiological-Feature-based key agreement for wireless Body Area Networks , 2013, 2013 Proceedings IEEE INFOCOM.

[3]  Dimitrios Hatzinakos,et al.  Analysis of Human Electrocardiogram for Biometric Recognition , 2008, EURASIP J. Adv. Signal Process..

[4]  Sandeep K. S. Gupta,et al.  Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..

[5]  Carmen C. Y. Poon,et al.  Analysis of Using Interpulse Intervals to Generate 128-Bit Biometric Random Binary Sequences for Securing Wireless Body Sensor Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[6]  R. Blahut Theory and practice of error control codes , 1983 .

[7]  Albert Levi,et al.  Secure key agreement using pure biometrics , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[8]  Farinaz Koushanfar,et al.  Balancing security and utility in Medical Devices? , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[9]  Yuan-Ting Zhang,et al.  An improved scheme of IPI-based entity identifier generation for securing body sensor networks , 2011, 2011 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[10]  Jean-Marc Vesin,et al.  Chaos and heart rate variability , 1995, Proceedings of 17th International Conference of the Engineering in Medicine and Biology Society.

[11]  Ola Pettersson,et al.  ECG analysis: a new approach in human identification , 2001, IEEE Trans. Instrum. Meas..

[12]  Ayan Banerjee,et al.  Challenges of implementing cyber-physical security solutions in body area networks , 2009, BODYNETS.

[13]  Arun Ross,et al.  Handbook of Biometrics , 2007 .

[14]  Ki H. Chon,et al.  A new stochastic model to interpret heart rate variability , 2003, Proceedings of the 25th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (IEEE Cat. No.03CH37439).

[15]  Ye Li,et al.  Biometrics based novel key distribution solution for body sensor networks , 2009, 2009 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[16]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[17]  Gengfa Fang,et al.  Multiple ECG Fiducial Points-Based Random Binary Sequence Generation for Securing Wireless Body Area Networks , 2017, IEEE Journal of Biomedical and Health Informatics.

[18]  Guang-Zhong Yang,et al.  Body sensor networks , 2006 .

[19]  Ming Gu,et al.  Towards Energy-Efficient Secure Communications Using Biometric Key Distribution in Wireless Biomedical Healthcare Networks , 2009, 2009 2nd International Conference on Biomedical Engineering and Informatics.

[20]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[21]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[22]  Yuan-Ting Zhang,et al.  A novel key distribution of body area networks for telemedicine , 2004, IEEE International Workshop on Biomedical Circuits and Systems, 2004..

[23]  Boris Skoric,et al.  Security with Noisy Data: Private Biometrics, Secure Key Storage and Anti-Counterfeiting , 2007 .

[24]  Muhammad Shoaib Siddiqui,et al.  Security Issues in Wireless Mesh Networks , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[25]  Ross J. Anderson,et al.  A security policy model for clinical information systems , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[26]  D. Kreiseler,et al.  Automatisierte EKG-Auswertung mit Hilfe der EKG-Signaldatenbank CARDIODAT der PTB , 1995 .

[27]  Madhu Sudan,et al.  A Fuzzy Vault Scheme , 2006, Des. Codes Cryptogr..

[28]  Athanasios V. Vasilakos,et al.  ECG-Cryptography and Authentication in Body Area Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[29]  Albert Levi,et al.  A Survey on the Development of Security Mechanisms for Body Area Networks , 2014, Comput. J..

[30]  Albert Levi,et al.  Towards using physiological signals as cryptographic keys in Body Area Networks , 2015, 2015 9th International Conference on Pervasive Computing Technologies for Healthcare (PervasiveHealth).

[31]  P. Welch The use of fast Fourier transform for the estimation of power spectra: A method based on time averaging over short, modified periodograms , 1967 .

[32]  Gengfa Fang,et al.  An Improved Binary Sequence Generation for Securing Wireless Body Area Networks , 2015, 2015 IEEE International Conference on Data Science and Data Intensive Systems.

[33]  Chulhan Lee,et al.  Cancelable fingerprint templates using minutiae-based bit-strings , 2010, J. Netw. Comput. Appl..

[34]  Brenda K. Wiederhold,et al.  ECG to identify individuals , 2005, Pattern Recognit..

[35]  K.K. Venkatasubramanian,et al.  Plethysmogram-based secure inter-sensor communication in Body Area Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[36]  John Herbert,et al.  Profile based sensor data acquisition in a ubiquitous medical environment , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[37]  Carmen C. Y. Poon,et al.  Using the Timing Information of Heartbeats as an Entity Identifier to Secure Body Sensor Network , 2008, IEEE Transactions on Information Technology in Biomedicine.

[38]  K.K. Venkatasubramanian,et al.  EKG-based key agreement in Body Sensor Networks , 2008, IEEE INFOCOM Workshops 2008.

[39]  C.J.S. deSilva,et al.  Fundamentals of Information Theory and Coding Design , 2003 .

[40]  Upkar Varshney,et al.  Pervasive Healthcare and Wireless Health Monitoring , 2007, Mob. Networks Appl..

[41]  Dimitrios Hatzinakos,et al.  Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling , 2008, EURASIP J. Adv. Signal Process..

[42]  Yuan-Ting Zhang,et al.  Physiological Signal Based Entity Authentication for Body Area Sensor Networks and Mobile Healthcare Systems , 2005, 2005 IEEE Engineering in Medicine and Biology 27th Annual Conference.

[43]  A. Malliani,et al.  Heart rate variability. Standards of measurement, physiological interpretation, and clinical use , 1996 .

[44]  Athanasios V. Vasilakos,et al.  Body Area Networks: A Survey , 2010, Mob. Networks Appl..

[45]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[46]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[47]  Fengyuan Xu,et al.  IMDGuard: Securing implantable medical devices with the external wearable guardian , 2011, 2011 Proceedings IEEE INFOCOM.