Presentation is loading. Please wait.

Presentation is loading. Please wait.

EKG-Based Key Agreement in Body Sensor Networks

Published byAnnabella Verity Flynn Modified over 6 years ago

Similar presentations

Presentation on theme: "EKG-Based Key Agreement in Body Sensor Networks"— Presentation transcript:

1 EKG-Based Key Agreement in Body Sensor Networks
Krishna Venkatasubramanian, Ayan Banerjee, and Sandeep Gupta IMPACT Lab Department of Computer Science and Engineering School of Computing and Informatics Ira A. Fulton School of Engineering Arizona State University Tempe, Arizona Mission Critical Networks Workshop (MCN’ 08) April 18th, 2008

2 Outline Body Sensor Networks Need for Security in BSN
EKG-based Key Agreement Performance Analysis Security Analysis Conclusions

3 Critical Infrastructure
Body Sensor Networks Definition: A network of health & environmental monitoring sensors deployed on a person managing their health. Principal Features: Continuous real time monitoring Remove time & space restrictions on care Improved deployability Ideal for life-saving scenarios: Enables caregivers to make informed decisions about treatment in time-constrained scenarios: Disasters Battlefield Individual emergencies Sensors BSN Wireless links Sink Usage Scenario Critical Infrastructure

4 Our Approach: Physiological Value based Security
Security in BSN Need: Collect sensitive medical data Legal Requirement (HIPAA) Potential for exploitation Primary issue: Secure Inter- Sensor Communication in BSN Security Requirements: Integrity Confidentiality Authentication Minimal setup time Possible Attacks: Fake warnings & resource wastage Prevent legitimate warnings. Unnecessary Actuations. Example: Recent ICD hacking Our Approach: Physiological Value based Security

5 Physiological Values for Security
+ Blood Glucose ECG, Heart/Pulse Rate Blood Pressure Aim Use of the physiological values (PV) from the body as a means of generating (symmetric )cryptographic keys Why? Dynamic nature of human body Signals represent physiology of the subject at that time and therefore unique Properties Universal: Should be measurable in everyone Distinctively collectable: Should be different for different persons at any given time Low Latency: Should be able to generate keys with minimal duration of measurement Time variant: If broken, the next set of values should not be guessable. Advantages Plug-n-Play capability with BSN Efficient as no additional keying material or initialization steps required Automatic re-keying as a person’s physiology changes over time Time  Value

6 Related Work Traditional Sensor Network Security:
Key Distribution + Secure Communication. Key Distribution requires pre-deployment Network-wide keys, Pair-wise keys Pre-deployed Master Key Domain parameters for ECC based Diffie-Helman. Issues Requires setup time- problematic in emergency deployment Re-keying and network wide adjustments – node addition, moving – difficult May require large key storage space for dense network. Using Physiological Values for Security: Proposed in [CV*03] as a means an alternative to key distribution. [PZ*06] proposed use of Inter-pulse-interval (IPI) data derived from EKG and PPG data as possible PV. Collect IPI data from time difference between EKG and PPG peaks Encode (67 values) into keys Issues For a subject, keys obtained were similar but not the same. Ideal as Authentication signatures. High Latency - 1 value every 500msec, 67 values will take ~0.5 minutes to collect Choice: Electrocardiogram Features: Low latency, Frequency domain features Goal: To show the viability of using EKG for generating (symmetric) cryptographic keys for securing inter-sensor communication in a BSN. [CV*03] S. Cherukuri, K. Venkatasubramanian, and S. K. S. Gupta. BioSec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. pages 432–439, October In Proc. of Wireless Security and Privacy Workshop 2003. [PZ*06] C. C. Y. Poon, Yuan-Ting Zhang, and Shu-Di Bao. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Communications Magazine, 44(4):73–81, 2006.

7 System Model BSN: Sensors worn or implanted on subject
Use wireless medium to communicate All sensors can measure EKG Threats: Active adversaries – replay, spoof, introduce messages Passive adversaries – eavesdrop only Tamper – physical compromise UNLIKELY Trust: Wireless medium not trusted Physical layer attacks such as jamming not addressed SpO2 EKG EEG BP Base Station Motion Sensor Blood Glucose Body Sensor Network

8 Overview of Solution Feature Generation Key Agreement Extraction:
Obtaining frequency domain features from EKG Quantization: For efficient representation of features for generating common keys Key Agreement Feature Exchange: Exchange the features generated at each sensor to identify the common ones Generate Keys: Choose common features and form key Verification: Verification of the key

9 Feature Generation: Extraction
Window size 125 sample values (5 seconds of EKG data sampled at 125Hz) Windowed FFT calculation 625 values 125 sample values 128 point FFT 128 FFT Coefficients First 64 320 (Coefficients): Feature Vector

10 Feature Generation: Quantization
Feature Vector (320 coefficient values) Block 1: Values 1-16 Block 2: Values 17-32 Block 20: Values 64 bits Quantizer/ Encoding Quantizer/ Encoding Quantizer/ Encoding EKG Feature Blocks 64 bits 64 bits 20 blocks Process Divide the Feature Vector into 20 blocks each containing 16 values Each of the block is then quantized (exponential quantization, 12 levels) The quantized values are encoded into 4 bits/coefficient. The 20, 64 bit blocks represent the features

11 Key Agreement: Feature Exchange
<ID, N, hash(b11,N)… hash(b201,N), MAC(KeyR,ID,N,hash(b11,N)…hash(b201,N))> STEP 1: <ID’, N’, hash(b12,N)… hash(b202,N’), MAC(Key’R,ID’,N’,hash(b12,N’)…hash(b202,N’))> STEP 2: Hashed feature blocks nonce Random Key Feature Exchange Sensor 1 Sensor 2 Key Generation <G = KeyR KeyA, MAC(KeyA,G)> STEP 3: <G’ = KeyR KeyB, MAC(KeyB,G)> STEP 4: Key generated at Sensor 1 Key generated at Sensor 2 KeyA identical to KeyB Key Verification

12 Key Agreement: Key Generation
Send Hashes Block 1 Block 20 Block 1 Block 20 Feature Blocks (Q) At each Sensor Node: V is hash of received feature blocks U is hash of local feature blocks with received salt Compute matrix W where W(i,j) is the hamming distance between block i of U and block j of V. Here 1  (i,j)  20 For each W(i,j) = 0, concatenate Q(i) to form KeyMat. KeyMat it passed through a one way hash function to produce the final key. hash V Block 1 Block 20 Receive Hashes Hash w/ Received nonce U Block 1 Block 20 Extract + concatenate p q m n indices KeyMat mth block pth block W Hash Key

13 Key Agreement: Verification
Sensor 1 Hashed feature blocks nonce Random Key Sensor 2 <ID, N, hash(b11,N)… hash(b201,N), MAC(KeyR,ID,N,hash(b11,N)…hash(b201,N))> STEP 1: <ID’, N’, hash(b12,N)… hash(b202,N’), MAC(Key’R,ID’,N’,hash(b12,N’)…hash(b202,N’))> STEP 2: Feature Exchange Key Generation <G = KeyR KeyA, MAC(KeyA,G)> STEP 3: <G’ = Key’R KeyB, MAC(KeyB,G’)> STEP 4: Key generated at Sensor 1 Key generated at Sensor 2 KeyA identical to KeyB Key Verification

14 Performance Analysis Purpose: Data Properties: Experiments:
Test keys generated by EKA Data Properties: Source: MIT PhysioBank database, 1 hour 2 lead EKG data from 31 patients Sampling Rate: 125Hz, each sample is time stamped. Experiments: For each subject, EKA executed at 100 random start-times Mutual Hamming distance computed between the keys generated to evaluate distinctiveness Computed Runs-test and Average Entropy for each key generated to evaluate randomness. For each subject, EKA executed at 100 consecutive 5 second intervals Computed Hamming distance between keys generated to evaluate temporal variance.

15 Results At each time-stamp, 2 keys (say KeyA and KeyB) generated at every subject. Distinctiveness Each square is the distance between Key A and Key B Anti-diagonal indicates KeyA and KeyB of same person are identical. Average difference between keys of 2 different subjects at a given start-time: ~ 49.9% Randomness Average Entropy: Computed based on keys generated for each of the 31 patients at 100 start-times. Results indicate 1s and 0s are uniformly distributed. Runs test: Tests runs of 0s and 1s in the key. 2 tailed, confidence interval 5% Failed in less than 2% of the cases (31 patients, 100 start-times = 3100 cases) Temporal Variance Average difference between keys of same subject at a two consecutive start-times is :~ 49.0%

16 Security Analysis Attacks EKA
Blocks exchanged only 64 bits long. Susceptible to brute-force. Perform key strengthening by repeatedly hashing the blocks 2n times before transmitting them. On going work to increase feature block length. Possible avenue is to use higher sampling frequencies and longer FFTs. Key compromise from messages exchanged Key compromise is not possible as KeyA / KeyB and KeyR / Key’R are random. Message tampering and replay Tampering the blocks will result in no key being formed between sensors and key agreement process will be repeated. Message replay does not give any advantage to the adversary as the keys are never revealed and value of KeyR/KeyR’ and KeyA/KeyB change with every run of the protocol. If EKA used for authentication only, replay might succeed if the keys do not change between two measurements, but the presence of MAC in Step1 ensures that such replay are caught. KeyA and KeyB compromised by some means Loss will be temporary as keys changed with every new EKG measurement.

17 Conclusions BSN provides life-saving services.
Security essential in BSN to preserve patient privacy. Use of EKG for generating cryptographic keys proposed and early results are promising. Potential Applications: Pervasive health monitoring Fitness and performance monitoring Future Work: Increasing the length of blocks exchanged Implementation of EKA on real sensing devices Experiment with more diverse EKG data – people with ailments, EKG measured different activities sleeping, eating etc. Identify new PVs - not all sensors in a BSN can measure EKG

Download ppt "EKG-Based Key Agreement in Body Sensor Networks"

Similar presentations

Decentralized Reactive Clustering in Sensor Networks Yingyue Xu April 26, 2015.

Decentralized Reactive Clustering in Sensor Networks Yingyue Xu April 26, 2015.
GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks Authors: Krishna K. Venkatasubramanian, Ayan Banerjee, Sandeep K.S. Gupta Presenter:Francis.

PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks Authors: Krishna K. Venkatasubramanian, Ayan Banerjee, Sandeep K.S. Gupta Presenter:Francis.
A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,

A Distributed Security Framework for Heterogeneous Wireless Sensor Networks Presented by Drew Wichmann Paper by Himali Saxena, Chunyu Ai, Marco Valero,
A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.

A Mobile Ad hoc Biosensor Network Muzammil KP S7,ECE Govt. Engg. College, Wayanad.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.

1 Security in Wireless Sensor Networks Group Meeting Fall 2004 Presented by Edith Ngai.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.

Adaptive Security for Wireless Sensor Networks Master Thesis – June 2006.
INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.

INSENS: Intrusion-Tolerant Routing For Wireless Sensor Networks By: Jing Deng, Richard Han, Shivakant Mishra Presented by: Daryl Lonnon.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Wireless Sensor Network Security Anuj Nagar CS 590.

Wireless Sensor Network Security Anuj Nagar CS 590.
BAND-AiDe: A Tool for Cyber-Physical Oriented Analysis and Design of Body Area Networks and Devices Authors: Ayan Banerjee, Sailesh Kandula, Tridib Mukherjee.

BAND-AiDe: A Tool for Cyber-Physical Oriented Analysis and Design of Body Area Networks and Devices Authors: Ayan Banerjee, Sailesh Kandula, Tridib Mukherjee.
1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.

1 Secure Cooperative MIMO Communications Under Active Compromised Nodes Liang Hong, McKenzie McNeal III, Wei Chen College of Engineering, Technology, and.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Ayan Banerjee & Karthik Thangavel. Project Goals Study of present state of security in Body Area Networks(BAN) Cyber-Physical security Resource Footprint.

Ayan Banerjee & Karthik Thangavel. Project Goals Study of present state of security in Body Area Networks(BAN) Cyber-Physical security Resource Footprint.
1 A Secure Communication Protocol For Wireless Biosensor Networks Masters Thesis by Krishna Kumar Venkatasubramanian Committee: Dr. Sandeep Gupta Dr. Rida.

1 A Secure Communication Protocol For Wireless Biosensor Networks Masters Thesis by Krishna Kumar Venkatasubramanian Committee: Dr. Sandeep Gupta Dr. Rida.
Doc.: IEEE 802.11-01/495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Similar presentations

Ads by Google