Human interactive secure key and identity exchange protocols in body sensor networks
- Author(s): Xin Huang 1 ; Bangdao Chen 2 ; Andrew Markham 1 ; Qinghua Wang 3 ; Zheng Yan 3, 4 ; Andrew William Roscoe 1
-
-
View affiliations
-
Affiliations:
1:
Department of Computer Science, Institute for the Future of Computing/Oxford Martin School, University of Oxford, Oxford, UK;
2: Department of Computer Science, University of Oxford, Oxford, UK;
3: Department of Communications and Networking, Aalto University, Espoo, Finland;
4: State Key Laboratory of ISN, Xidian University, People's Republic of China
-
Affiliations:
1:
Department of Computer Science, Institute for the Future of Computing/Oxford Martin School, University of Oxford, Oxford, UK;
- Source:
Volume 7, Issue 1,
March 2013,
p.
30 – 38
DOI: 10.1049/iet-ifs.2012.0080 , Print ISSN 1751-8709, Online ISSN 1751-8717
A body sensor network (BSN) is typically a wearable wireless sensor network. Security protection is critical to BSNs, since they collect sensitive personal information. Generally speaking, security protection of BSN relies on identity (ID) and key distribution protocols. Most existing protocols are designed to run in general wireless sensor networks, and are not suitable for BSNs. After carefully examining the characteristics of BSNs, the authors propose human interactive empirical channel-based security protocols, which include an elliptic curve Diffie–Hellman version of symmetric hash commitment before knowledge protocol and an elliptic curve Diffie–Hellman version of hash commitment before knowledge protocol. Using these protocols, dynamically distributing keys and IDs become possible. As opposite to present solutions, these protocols do not need any pre-deployment of keys or secrets. Therefore compromised and expired keys or IDs can be easily changed. These protocols exploit human users as temporary trusted third parties. The authors, thus, show that the human interactive channels can help them to design secure BSNs.
Inspec keywords: authorisation; wireless sensor networks; body sensor networks; telecommunication security; wireless channels; cryptographic protocols; personal information systems; public key cryptography
Other keywords:
Subjects: Wireless sensor networks; Cryptography; Biomedical communication; Protocols; Data security
References
-
-
1)
-
6. Lin, Y.H., Studer, A., Chen, Y.H., et al.: ‘Spate: small-group pki-less authenticated trust establishment’, IEEE Trans. Mob. Comput., 2010, 9, (12), pp. 1666–1681.
-
-
2)
-
18. Eschenauer, L., Gligor, V.D.: ‘A key-management scheme for distributed sensor networks’. Proc. ACM CCS 02, Washington, DC, USA, 2002, pp. 41–47.
-
-
3)
-
3. McCune, J.M., Perrig, A., Reiter, M.K.: ‘Seeing-is-believing: using camera phones for human-verifiable authentication’. Proc. IEEE SP 05, Oakland, CA, USA, 2005, pp. 110–124.
-
-
4)
-
8. Soriente, C., Tsudik, G., Uzun, E.: ‘HAPADEP: human-assisted pure audio device pairing’, in Wu, T.C., Lei, C.L., Rijmen, V., Lee, D.T. (Eds.): ‘Information security’ (LNCS, 5222) (Springer, 2008), pp. 385–400.
-
-
5)
-
30. Osterlind, F., Dunkels, A., Eriksson, J., Finne, N., Voigt, T.: ‘Cross-level sensor network simulation with cooja’. Proc. IEEE LCN 06, Tampa, FL, USA, 2006, pp. 641–648.
-
-
6)
-
11. Gehrmann, C., Nyberg, K.: ‘Security in personal area networks’, in Mitchell, C.J. (Ed.): ‘Security for mobility’, (IEE Press, 2004, 1st edn.), pp. 191–230.
-
-
7)
-
15. Nguyen, L.H., Roscoe, A.W.: ‘Authenticating ad hoc networks by comparison of short digests’, Inf. Comput., 2008, 206, (2–4), pp. 250–271.
-
-
8)
-
31. Liu, A., Ning, P.: ‘TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks’. Proc. IEEE IPSN 08, St. Louis, MO, USA, 2008, pp. 245–256.
-
-
9)
-
21. Malan, D.J., Welsh, M., Smith, M.D.: ‘A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography’. Proc. IEEE SECON 2004, Santa Clara, CA, USA, 2004, pp. 71–80.
-
-
10)
-
10. Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: ‘Talking to strangers: authentication in ad-hoc wireless networks’. Proc. NDSS 02, San Diego, CA, USA, 2002, pp. 7–19.
-
-
11)
-
29. Dolev, D., Yao, A.: ‘On the security of public key protocols’, IEEE Trans. Inf. Theory, 1983, 29, (2), pp. 198–208.
-
-
12)
-
20. Du, W., Deng, J., Han, Y.S., Varshney, P.K., Katz, J., Khalili, A.: ‘A pairwise key predistribution scheme for wireless sensor networks’, ACM Trans. Inf. Syst. Sec., 2005, 8, (2), pp. 228–258.
-
-
13)
-
7. Goodrich, M.T., Sirivianos, M., Solis, J., Tsudik, G., Uzun, E.: ‘Loud and clear: human-verifiable authentication based on audio’. Proc. IEEE ICDCS 06, Lisboa, Portugal, 2006, p. 10.
-
-
14)
-
4. Saxena, N., Ekberg, J.E., Kostiainen, K., Asokan, N.: ‘Secure device pairing based on a visual channel’. Proc. IEEE SP 06, Oakland, CA, USA, 2006, pp. 306–313.
-
-
15)
-
19. Chan, H.W., Perrig, A., Song, D.: ‘Random key predistribution schemes for sensor networks’. Proc. IEEE SP 03, Oakland, CA, USA, 2003, pp. 197.
-
-
16)
-
17. Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: ‘SPINS: security protocols for sensor networks’, Wirel. Netw., 2002, 8, (5), pp. 521–534.
-
-
17)
-
16. Nguyen, L.H., Roscoe, A.W.: ‘Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey’, J. Comput. Sec., 2011, 19, (1), pp. 139–201.
-
-
18)
-
9. Creese, S.J., Goldsmith, M.H., Harrison, R., Roscoe, A.W., Whittaker, P., Zakiuddin, I.: ‘Exploiting empirical engagement in authentication protocol design’, in Hutter, D., Ullmann, M. (Eds.): ‘Security in pervasive computing’ (LNCS, 3450) (Springer, 2005), pp. 119–133.
-
-
19)
-
22. Huang, Q., Cukier, J., Kobayashi, H., Liu, B., Zhang, J.: ‘Fast authenticated key establishment protocols for self-organizing sensor networks’. Proc. ACM WSNA 03, San Diego, CA, USA, 2003, pp. 141–150.
-
-
20)
-
13. Cagalj, M., Capkun, S., Hubaux, J.P.: ‘Key agreement in peer-to-peer wireless networks’, Proc. IEEE, 2006, 94, (2), pp. 467–478.
-
-
21)
-
23. Karl, H., Willig, A.: ‘Protocols and architectures for wireless sensor networks’ (Wiley-Interscience, 2007, 1st edn.).
-
-
22)
-
1. Halperin, D., Heydt-Benjamin, T.S., Ransford, B., et al.: ‘Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses’. Proc. IEEE SP 08, Oakland, CA, USA, 2008, pp. 129–142.
-
-
23)
-
24. Vaidya, N.H.: ‘Weak duplicate address detection in mobile ad hoc networks’. Proc. ACM MobiHoc 02, Lausanne, Switzerland, 2002, pp. 206–216.
-
-
24)
-
12. Vaudenay, S.: ‘Secure communications over insecure channels based on short authenticated strings’, in Shoup, V. (Ed.): ‘Advances in cryptology–CRYPTO 2005’ (LNCS, 3621) (Springer, 2005), pp. 309–326.
-
-
25)
-
27. Schurgers, C., Kulkarni, G., Srivastava, M.B.: ‘Distributed assignment of encoded MAC addresses in sensor networks’. Proc. ACM MobiHoc 01, Long Beach, CA, USA, 2001, pp. 295–298.
-
-
26)
-
26. Nesargi, S., Prakash, R.: ‘MANETconf: configuration of hosts in a mobile ad hoc network’. Proc. IEEE INFOCOM 2002, New York, USA, 2002, pp. 1059–1068.
-
-
27)
-
14. Wong, F.L., Stajano, F.: ‘Multichannel security protocols’, IEEE Pervasive Comput., 2007, 6, (4), pp. 31–39.
-
-
28)
-
5. Chen, C.H.O., Chen, C.W., Kuo, C., et al.: ‘GAnGS: gather, authenticate'n group securely’. Proc. ACM MobiCom 08, San Francisco, CA, USA, 2008, pp. 92–103.
-
-
29)
-
2. Stajano, F., Anderson, R.: ‘The resurrecting duckling: security issues for ad-hoc wireless networks’, in Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (Eds.): ‘Security protocols workshop’ (LNCS, 1976) (Springer, 1999), pp. 172–194.
-
-
30)
-
25. Perkins, C.E., Royer, E.M., Das, S.R.: ‘IP address autoconfiguration for ad hoc networks’. Internet Draft, 2000.
-
-
31)
-
28. Schurgers, C., Kulkarni, G., Srivastava, M.B.: ‘Distributed on-demand address assignment in wireless sensor networks’, IEEE Trans. Parallel Distrib. Syst., 2002, 13, (10), pp. 1056–1065.
-
-
32)
- Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: `Talking to strangers: authentication in ad-hoc wireless networks', Proc. NDSS 02, 2002, San Diego, CA, USA, p. 7–19.
-
33)
- Huang, Q., Cukier, J., Kobayashi, H., Liu, B., Zhang, J.: `Fast authenticated key establishment protocols for self-organizing sensor networks', Proc. ACM WSNA 03, 2003, San Diego, CA, USA, p. 141–150.
-
34)
- C. Gehrmann , K. Nyberg , C.J. Mitchell . (2004) Security in personal area networks.
-
35)
- L.H. Nguyen , A.W. Roscoe . Authenticating ad hoc networks by comparison of short digests. Inf. Comput. , 250 - 271
-
36)
- L.H. Nguyen , A.W. Roscoe . Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey. J. Comput. Sec. , 1 , 139 - 201
-
37)
- Nesargi, S., Prakash, R.: `MANETconf: configuration of hosts in a mobile ad hoc network', Proc. IEEE INFOCOM 2002, 2002, New York, USA, p. 1059–1068.
-
38)
- F.L. Wong , F. Stajano . Multichannel security protocols. IEEE Pervasive Comput. , 4 , 31 - 39
-
39)
- D. Dolev , A. Yao . On the security of public key protocols. IEEE Trans. Inf. Theory , 2 , 198 - 208
-
40)
- A. Perrig , R. Szewczyk , J.D. Tygar , V. Wen , D.E. Culler . SPINS: security protocols for sensor networks. Wirel. Netw. , 5 , 521 - 534
-
41)
- Chen, C.H.O., Chen, C.W., Kuo, C.: `GAnGS: gather, authenticate'n group securely', Proc. ACM MobiCom 08, 2008, San Francisco, CA, USA, p. 92–103.
-
42)
- C. Soriente , G. Tsudik , E. Uzun , T.C. Wu , C.L. Lei , V. Rijmen , D.T. Lee . (2008) HAPADEP: human-assisted pure audio device pairing.
-
43)
- W. Du , J. Deng , Y.S. Han , P.K. Varshney , J. Katz , A. Khalili . A pairwise key predistribution scheme for wireless sensor networks. ACM Trans. Inf. Syst. Sec. , 2 , 228 - 258
-
44)
- M. Cagalj , S. Capkun , J.P. Hubaux . Key agreement in peer-to-peer wireless networks. Proc. IEEE , 2 , 467 - 478
-
45)
- S. Vaudenay , V. Shoup . (2005) Secure communications over insecure channels based on short authenticated strings.
-
46)
- Chan, H.W., Perrig, A., Song, D.: `Random key predistribution schemes for sensor networks', Proc. IEEE SP 03, 2003, Oakland, CA, USA, p. 197.
-
47)
- Halperin, D., Heydt-Benjamin, T.S., Ransford, B.: `Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses', Proc. IEEE SP 08, 2008, Oakland, CA, USA, p. 129–142.
-
48)
- Liu, A., Ning, P.: `TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks', Proc. IEEE IPSN 08, 2008, St. Louis, MO, USA, p. 245–256.
-
49)
- Y.H. Lin , A. Studer , Y.H. Chen . Spate: small-group pki-less authenticated trust establishment. IEEE Trans. Mob. Comput. , 12 , 1666 - 1681
-
50)
- Osterlind, F., Dunkels, A., Eriksson, J., Finne, N., Voigt, T.: `Cross-level sensor network simulation with cooja', Proc. IEEE LCN 06, 2006, Tampa, FL, USA, p. 641–648.
-
51)
- F. Stajano , R. Anderson , B. Christianson , B. Crispo , J.A. Malcolm , M. Roe . (1999) The resurrecting duckling: security issues for ad-hoc wireless networks.
-
52)
- Goodrich, M.T., Sirivianos, M., Solis, J., Tsudik, G., Uzun, E.: `Loud and clear: human-verifiable authentication based on audio', Proc. IEEE ICDCS 06, 2006, Lisboa, Portugal, p. 10.
-
53)
- C. Schurgers , G. Kulkarni , M.B. Srivastava . Distributed on-demand address assignment in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. , 10 , 1056 - 1065
-
54)
- H. Karl , A. Willig . (2005) Protocols and architectures for wireless sensor networks.
-
55)
- S.J. Creese , M.H. Goldsmith , R. Harrison , A.W. Roscoe , P. Whittaker , I. Zakiuddin , D. Hutter , M. Ullmann . (2005) Exploiting empirical engagement in authentication protocol design.
-
56)
- Eschenauer, L., Gligor, V.D.: `A key-management scheme for distributed sensor networks', Proc. ACM CCS 02, 2002, Washington, DC, USA, p. 41–47.
-
57)
- C.E. Perkins , E.M. Royer , S.R. Das . (2000) IP address autoconfiguration for ad hoc networks.
-
58)
- Saxena, N., Ekberg, J.E., Kostiainen, K., Asokan, N.: `Secure device pairing based on a visual channel', Proc. IEEE SP 06, 2006, Oakland, CA, USA, p. 306–313.
-
59)
- Vaidya, N.H.: `Weak duplicate address detection in mobile ad hoc networks', Proc. ACM MobiHoc 02, 2002, Lausanne, Switzerland, p. 206–216.
-
60)
- Schurgers, C., Kulkarni, G., Srivastava, M.B.: `Distributed assignment of encoded MAC addresses in sensor networks', Proc. ACM MobiHoc 01, 2001, Long Beach, CA, USA, p. 295–298.
-
61)
- Malan, D.J., Welsh, M., Smith, M.D.: `A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography', Proc. IEEE SECON 2004, 2004, Santa Clara, CA, USA, p. 71–80.
-
62)
- McCune, J.M., Perrig, A., Reiter, M.K.: `Seeing-is-believing: using camera phones for human-verifiable authentication', Proc. IEEE SP 05, 2005, Oakland, CA, USA, p. 110–124.
-
1)