Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon free Human interactive secure key and identity exchange protocols in body sensor networks

© The Institution of Engineering and Technology
Received 15/02/2012, Accepted 05/06/2012, Published

A body sensor network (BSN) is typically a wearable wireless sensor network. Security protection is critical to BSNs, since they collect sensitive personal information. Generally speaking, security protection of BSN relies on identity (ID) and key distribution protocols. Most existing protocols are designed to run in general wireless sensor networks, and are not suitable for BSNs. After carefully examining the characteristics of BSNs, the authors propose human interactive empirical channel-based security protocols, which include an elliptic curve Diffie–Hellman version of symmetric hash commitment before knowledge protocol and an elliptic curve Diffie–Hellman version of hash commitment before knowledge protocol. Using these protocols, dynamically distributing keys and IDs become possible. As opposite to present solutions, these protocols do not need any pre-deployment of keys or secrets. Therefore compromised and expired keys or IDs can be easily changed. These protocols exploit human users as temporary trusted third parties. The authors, thus, show that the human interactive channels can help them to design secure BSNs.

Inspec keywords: authorisation; wireless sensor networks; body sensor networks; telecommunication security; wireless channels; cryptographic protocols; personal information systems; public key cryptography

Other keywords: knowledge protocol; temporary trusted third parties; elliptic curve Diffie-Hellman version; BSN security design; symmetric hash commitment; BSN security protection; keys predeployment; BSN characteristics; identity exchange protocols; sensitive personal information; body sensor networks; human interactive empirical channel-based security protocols; human interactive secure key distribution protocols; wearable wireless sensor network

Subjects: Wireless sensor networks; Cryptography; Biomedical communication; Protocols; Data security

References

    1. 1)
      • 6. Lin, Y.H., Studer, A., Chen, Y.H., et al.: ‘Spate: small-group pki-less authenticated trust establishment’, IEEE Trans. Mob. Comput., 2010, 9, (12), pp. 16661681.
    2. 2)
      • 18. Eschenauer, L., Gligor, V.D.: ‘A key-management scheme for distributed sensor networks’. Proc. ACM CCS 02, Washington, DC, USA, 2002, pp. 4147.
    3. 3)
      • 3. McCune, J.M., Perrig, A., Reiter, M.K.: ‘Seeing-is-believing: using camera phones for human-verifiable authentication’. Proc. IEEE SP 05, Oakland, CA, USA, 2005, pp. 110124.
    4. 4)
      • 8. Soriente, C., Tsudik, G., Uzun, E.: ‘HAPADEP: human-assisted pure audio device pairing’, in Wu, T.C., Lei, C.L., Rijmen, V., Lee, D.T. (Eds.): ‘Information security(LNCS, 5222) (Springer, 2008), pp. 385400.
    5. 5)
      • 30. Osterlind, F., Dunkels, A., Eriksson, J., Finne, N., Voigt, T.: ‘Cross-level sensor network simulation with cooja’. Proc. IEEE LCN 06, Tampa, FL, USA, 2006, pp. 641648.
    6. 6)
      • 11. Gehrmann, C., Nyberg, K.: ‘Security in personal area networks’, in Mitchell, C.J. (Ed.): ‘Security for mobility’, (IEE Press, 2004, 1st edn.), pp. 191230.
    7. 7)
      • 15. Nguyen, L.H., Roscoe, A.W.: ‘Authenticating ad hoc networks by comparison of short digests’, Inf. Comput., 2008, 206, (2–4), pp. 250271.
    8. 8)
      • 31. Liu, A., Ning, P.: ‘TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks’. Proc. IEEE IPSN 08, St. Louis, MO, USA, 2008, pp. 245256.
    9. 9)
      • 21. Malan, D.J., Welsh, M., Smith, M.D.: ‘A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography’. Proc. IEEE SECON 2004, Santa Clara, CA, USA, 2004, pp. 7180.
    10. 10)
      • 10. Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: ‘Talking to strangers: authentication in ad-hoc wireless networks’. Proc. NDSS 02, San Diego, CA, USA, 2002, pp. 719.
    11. 11)
      • 29. Dolev, D., Yao, A.: ‘On the security of public key protocols’, IEEE Trans. Inf. Theory, 1983, 29, (2), pp. 198208.
    12. 12)
      • 20. Du, W., Deng, J., Han, Y.S., Varshney, P.K., Katz, J., Khalili, A.: ‘A pairwise key predistribution scheme for wireless sensor networks’, ACM Trans. Inf. Syst. Sec., 2005, 8, (2), pp. 228258.
    13. 13)
      • 7. Goodrich, M.T., Sirivianos, M., Solis, J., Tsudik, G., Uzun, E.: ‘Loud and clear: human-verifiable authentication based on audio’. Proc. IEEE ICDCS 06, Lisboa, Portugal, 2006, p. 10.
    14. 14)
      • 4. Saxena, N., Ekberg, J.E., Kostiainen, K., Asokan, N.: ‘Secure device pairing based on a visual channel’. Proc. IEEE SP 06, Oakland, CA, USA, 2006, pp. 306313.
    15. 15)
      • 19. Chan, H.W., Perrig, A., Song, D.: ‘Random key predistribution schemes for sensor networks’. Proc. IEEE SP 03, Oakland, CA, USA, 2003, pp. 197.
    16. 16)
      • 17. Perrig, A., Szewczyk, R., Tygar, J.D., Wen, V., Culler, D.E.: ‘SPINS: security protocols for sensor networks’, Wirel. Netw., 2002, 8, (5), pp. 521534.
    17. 17)
      • 16. Nguyen, L.H., Roscoe, A.W.: ‘Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey’, J. Comput. Sec., 2011, 19, (1), pp. 139201.
    18. 18)
      • 9. Creese, S.J., Goldsmith, M.H., Harrison, R., Roscoe, A.W., Whittaker, P., Zakiuddin, I.: ‘Exploiting empirical engagement in authentication protocol design’, in Hutter, D., Ullmann, M. (Eds.): ‘Security in pervasive computing(LNCS, 3450) (Springer, 2005), pp. 119133.
    19. 19)
      • 22. Huang, Q., Cukier, J., Kobayashi, H., Liu, B., Zhang, J.: ‘Fast authenticated key establishment protocols for self-organizing sensor networks’. Proc. ACM WSNA 03, San Diego, CA, USA, 2003, pp. 141150.
    20. 20)
      • 13. Cagalj, M., Capkun, S., Hubaux, J.P.: ‘Key agreement in peer-to-peer wireless networks’, Proc. IEEE, 2006, 94, (2), pp. 467478.
    21. 21)
      • 23. Karl, H., Willig, A.: ‘Protocols and architectures for wireless sensor networks’ (Wiley-Interscience, 2007, 1st edn.).
    22. 22)
      • 1. Halperin, D., Heydt-Benjamin, T.S., Ransford, B., et al.: ‘Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses’. Proc. IEEE SP 08, Oakland, CA, USA, 2008, pp. 129142.
    23. 23)
      • 24. Vaidya, N.H.: ‘Weak duplicate address detection in mobile ad hoc networks’. Proc. ACM MobiHoc 02, Lausanne, Switzerland, 2002, pp. 206216.
    24. 24)
      • 12. Vaudenay, S.: ‘Secure communications over insecure channels based on short authenticated strings’, in Shoup, V. (Ed.): ‘Advances in cryptology–CRYPTO 2005(LNCS, 3621) (Springer, 2005), pp. 309326.
    25. 25)
      • 27. Schurgers, C., Kulkarni, G., Srivastava, M.B.: ‘Distributed assignment of encoded MAC addresses in sensor networks’. Proc. ACM MobiHoc 01, Long Beach, CA, USA, 2001, pp. 295298.
    26. 26)
      • 26. Nesargi, S., Prakash, R.: ‘MANETconf: configuration of hosts in a mobile ad hoc network’. Proc. IEEE INFOCOM 2002, New York, USA, 2002, pp. 10591068.
    27. 27)
      • 14. Wong, F.L., Stajano, F.: ‘Multichannel security protocols’, IEEE Pervasive Comput., 2007, 6, (4), pp. 3139.
    28. 28)
      • 5. Chen, C.H.O., Chen, C.W., Kuo, C., et al.: ‘GAnGS: gather, authenticate'n group securely’. Proc. ACM MobiCom 08, San Francisco, CA, USA, 2008, pp. 92103.
    29. 29)
      • 2. Stajano, F., Anderson, R.: ‘The resurrecting duckling: security issues for ad-hoc wireless networks’, in Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (Eds.): ‘Security protocols workshop(LNCS, 1976) (Springer, 1999), pp. 172194.
    30. 30)
      • 25. Perkins, C.E., Royer, E.M., Das, S.R.: ‘IP address autoconfiguration for ad hoc networks’. Internet Draft, 2000.
    31. 31)
      • 28. Schurgers, C., Kulkarni, G., Srivastava, M.B.: ‘Distributed on-demand address assignment in wireless sensor networks’, IEEE Trans. Parallel Distrib. Syst., 2002, 13, (10), pp. 10561065.
    32. 32)
      • Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: `Talking to strangers: authentication in ad-hoc wireless networks', Proc. NDSS 02, 2002, San Diego, CA, USA, p. 7–19.
    33. 33)
      • Huang, Q., Cukier, J., Kobayashi, H., Liu, B., Zhang, J.: `Fast authenticated key establishment protocols for self-organizing sensor networks', Proc. ACM WSNA 03, 2003, San Diego, CA, USA, p. 141–150.
    34. 34)
      • C. Gehrmann , K. Nyberg , C.J. Mitchell . (2004) Security in personal area networks.
    35. 35)
      • L.H. Nguyen , A.W. Roscoe . Authenticating ad hoc networks by comparison of short digests. Inf. Comput. , 250 - 271
    36. 36)
      • L.H. Nguyen , A.W. Roscoe . Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey. J. Comput. Sec. , 1 , 139 - 201
    37. 37)
      • Nesargi, S., Prakash, R.: `MANETconf: configuration of hosts in a mobile ad hoc network', Proc. IEEE INFOCOM 2002, 2002, New York, USA, p. 1059–1068.
    38. 38)
      • F.L. Wong , F. Stajano . Multichannel security protocols. IEEE Pervasive Comput. , 4 , 31 - 39
    39. 39)
      • D. Dolev , A. Yao . On the security of public key protocols. IEEE Trans. Inf. Theory , 2 , 198 - 208
    40. 40)
      • A. Perrig , R. Szewczyk , J.D. Tygar , V. Wen , D.E. Culler . SPINS: security protocols for sensor networks. Wirel. Netw. , 5 , 521 - 534
    41. 41)
      • Chen, C.H.O., Chen, C.W., Kuo, C.: `GAnGS: gather, authenticate'n group securely', Proc. ACM MobiCom 08, 2008, San Francisco, CA, USA, p. 92–103.
    42. 42)
      • C. Soriente , G. Tsudik , E. Uzun , T.C. Wu , C.L. Lei , V. Rijmen , D.T. Lee . (2008) HAPADEP: human-assisted pure audio device pairing.
    43. 43)
      • W. Du , J. Deng , Y.S. Han , P.K. Varshney , J. Katz , A. Khalili . A pairwise key predistribution scheme for wireless sensor networks. ACM Trans. Inf. Syst. Sec. , 2 , 228 - 258
    44. 44)
      • M. Cagalj , S. Capkun , J.P. Hubaux . Key agreement in peer-to-peer wireless networks. Proc. IEEE , 2 , 467 - 478
    45. 45)
      • S. Vaudenay , V. Shoup . (2005) Secure communications over insecure channels based on short authenticated strings.
    46. 46)
      • Chan, H.W., Perrig, A., Song, D.: `Random key predistribution schemes for sensor networks', Proc. IEEE SP 03, 2003, Oakland, CA, USA, p. 197.
    47. 47)
      • Halperin, D., Heydt-Benjamin, T.S., Ransford, B.: `Pacemakers and implantable cardiac defibrillators: software radio attacks and zero-power defenses', Proc. IEEE SP 08, 2008, Oakland, CA, USA, p. 129–142.
    48. 48)
      • Liu, A., Ning, P.: `TinyECC: a configurable library for elliptic curve cryptography in wireless sensor networks', Proc. IEEE IPSN 08, 2008, St. Louis, MO, USA, p. 245–256.
    49. 49)
      • Y.H. Lin , A. Studer , Y.H. Chen . Spate: small-group pki-less authenticated trust establishment. IEEE Trans. Mob. Comput. , 12 , 1666 - 1681
    50. 50)
      • Osterlind, F., Dunkels, A., Eriksson, J., Finne, N., Voigt, T.: `Cross-level sensor network simulation with cooja', Proc. IEEE LCN 06, 2006, Tampa, FL, USA, p. 641–648.
    51. 51)
      • F. Stajano , R. Anderson , B. Christianson , B. Crispo , J.A. Malcolm , M. Roe . (1999) The resurrecting duckling: security issues for ad-hoc wireless networks.
    52. 52)
      • Goodrich, M.T., Sirivianos, M., Solis, J., Tsudik, G., Uzun, E.: `Loud and clear: human-verifiable authentication based on audio', Proc. IEEE ICDCS 06, 2006, Lisboa, Portugal, p. 10.
    53. 53)
      • C. Schurgers , G. Kulkarni , M.B. Srivastava . Distributed on-demand address assignment in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. , 10 , 1056 - 1065
    54. 54)
      • H. Karl , A. Willig . (2005) Protocols and architectures for wireless sensor networks.
    55. 55)
      • S.J. Creese , M.H. Goldsmith , R. Harrison , A.W. Roscoe , P. Whittaker , I. Zakiuddin , D. Hutter , M. Ullmann . (2005) Exploiting empirical engagement in authentication protocol design.
    56. 56)
      • Eschenauer, L., Gligor, V.D.: `A key-management scheme for distributed sensor networks', Proc. ACM CCS 02, 2002, Washington, DC, USA, p. 41–47.
    57. 57)
      • C.E. Perkins , E.M. Royer , S.R. Das . (2000) IP address autoconfiguration for ad hoc networks.
    58. 58)
      • Saxena, N., Ekberg, J.E., Kostiainen, K., Asokan, N.: `Secure device pairing based on a visual channel', Proc. IEEE SP 06, 2006, Oakland, CA, USA, p. 306–313.
    59. 59)
      • Vaidya, N.H.: `Weak duplicate address detection in mobile ad hoc networks', Proc. ACM MobiHoc 02, 2002, Lausanne, Switzerland, p. 206–216.
    60. 60)
      • Schurgers, C., Kulkarni, G., Srivastava, M.B.: `Distributed assignment of encoded MAC addresses in sensor networks', Proc. ACM MobiHoc 01, 2001, Long Beach, CA, USA, p. 295–298.
    61. 61)
      • Malan, D.J., Welsh, M., Smith, M.D.: `A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography', Proc. IEEE SECON 2004, 2004, Santa Clara, CA, USA, p. 71–80.
    62. 62)
      • McCune, J.M., Perrig, A., Reiter, M.K.: `Seeing-is-believing: using camera phones for human-verifiable authentication', Proc. IEEE SP 05, 2005, Oakland, CA, USA, p. 110–124.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs.2012.0080
Loading

Related content

content/journals/10.1049/iet-ifs.2012.0080
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address