research-article

Secure ad hoc trust initialization and key management in wireless body area networks

Authors:
Ming Li

Utah State University, Logan, UT

Utah State University, Logan, UT
View Profile

,
Shucheng Yu

University of Arkansas at Little Rock, Little Rock, AR

University of Arkansas at Little Rock, Little Rock, AR
View Profile

,
Joshua D. Guttman

Worcester Polytechnic Institute, Worcester, MA

Worcester Polytechnic Institute, Worcester, MA
View Profile

,
Wenjing Lou

Virginia Tech, Falls Church, VA

Virginia Tech, Falls Church, VA
View Profile

,
Kui Ren

Illinois Institute of Technology, Chicago, Illinois

Illinois Institute of Technology, Chicago, Illinois
View Profile

Authors Info & Claims

ACM Transactions on Sensor Networks Volume 9 Issue 2Article No.: 18pp 1–35https://doi.org/10.1145/2422966.2422975

Published:01 April 2013Publication History

ACM Transactions on Sensor Networks

Abstract

The body area network (BAN) is a key enabling technology in e-healthcare. An important security issue is to establish initial trust relationships among the BAN devices before they are actually deployed and generate necessary shared secret keys to protect the subsequent wireless communications. Due to the ad hoc nature of the BAN and the extreme resource constraints of sensor devices, providing secure as well as efficient and user-friendly trust initialization is a challenging task. Traditional solutions for wireless sensor networks mostly depend on key predistribution, which is unsuitable for a BAN in many ways. In this article, we propose group device pairing (GDP), a user-aided multi-party authenticated key agreement protocol. Through GDP, a group of sensor devices that have no pre-shared secrets establish initial trust by generating various shared secret keys out of an unauthenticated channel. Devices authenticate themselves to each other with the aid of a human user who performs visual verifications. The GDP supports fast batch deployment, addition and revocation of sensor devices, does not rely on any additional hardware device, and is mostly based on symmetric key cryptography. We formally prove the security of the proposed protocols, and we implement GDP on a sensor network testbed and report performance evaluation results.

References

Alliance, W. 2006. Association models supplement to the certified wireless universal serial bus specification. Revision 1, 3.Google Scholar
Ateniese, G., Steiner, M., and Tsudik, G. 2000. New multiparty authentication services and key agreement protocols. IEEE J. Select. Areas Commun. 18, 4, 628--639. Google ScholarDigital Library
Balfanz, D., Smetters, D. K., Stewart, P., and Wong, H. C. 2002. Talking to strangers: Authentication in ad-hoc wireless networks. In Proceedings of the Network and Distributed System Security Symposinm (NDSS02).Google Scholar
Bellare, M., Canetti, R., and Krawczyk, H. 1998. A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In Proceedings of the 13th Annual ACM Symposium on Theory of Computing. 419--428. Google ScholarDigital Library
Bellare, M. and Rogaway, P. 1994. Entity authentication and key distribution. In Proceedings of the 13th Annual International Crypotology Conference on Advance in Cryptology, vol. 773. Springer-Verlag, Berlin, 232--249. Google ScholarDigital Library
Blundo, C., Santis, A. D., Herzberg, A., Kutten, S., Vaccaro, U., and Yung, M. 1993. Perfectly-secure key distribution for dynamic conferences. In Proceedings of the 12th Annual International Crypotology Conference on Advance in Cryptology (CRYPTO'92). Lecture Notes in Computer Science, vol. 740, Springer-Verlag, Berline, 471--486. Google ScholarDigital Library
Cagalj, M., Capkun, S., and Hubaux, J.-P. 2006. Key agreement in peer-to-peer wireless networks. Proc. IEEE 94, 2, 467--478.Google ScholarCross Ref
Chan, H., Perrig, A., and Song, D. 2003. Random key predistribution schemes for sensor networks. In Proceedings of the Symposium on Security and Privacy. 197. Google ScholarDigital Library
Chen, C.-H. O., Chen, C.-W., Kuo, C., Lai, Y.-H., McCune, J. M., Studer, A., Perrig, A., Yang, B.-Y., and Wu, T.-C. 2008. Gangs: Gather, authenticate'n group securely. In Proceedings of the International Conference on Mobile Emputing and Networking (MobiCom'08). 92--103. Google ScholarDigital Library
Di Pietro, R., Mancini, L., and Mei, A. 2003. Random key-assignment for secure wireless sensor networks. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks. 62--71. Google ScholarDigital Library
Du, W., Deng, J., Han, Y., Varshney, P., Katz, J., and Khalili, A. 2005. A pairwise key predistribution scheme for wireless sensor networks. ACM Trans. Information Syst. Security (TISSEC) 8, 2, 228--258. Google ScholarDigital Library
Dutta, R. and Barua, R. 2008. Provably secure constant round contributory group key agreement in dynamic setting. IEEE Trans. Inf. Theory 54, 5, 2007--2025. Google ScholarDigital Library
Eschenauer, L. and Gligor, V. D. 2002. A key-management scheme for distributed sensor networks. In Proceedings of the Conference on Computer and Communications Security (CCS'02). 41--47. Google ScholarDigital Library
Goodrich, M. T., Sirivianos, M., Solis, J., Tsudik, G., and Uzun, E. 2006. Loud and clear: Human-verifiable authentication based on audio. In Proceedings of the IEEE International Conference on Distributed Computer Systems. Google ScholarDigital Library
Guttman, J. 2011. Shapes: Surveying crypto protocol runs. In Formal Models and Techniques for Analyzing Security Protocols, Cryptology and Information Security Series. IOS Press.Google Scholar
Halevi, S. and Micali, S. 1996. Practical and provably-secure commitment schemes from collision-free hashing. In Proceedings of the 16th Annual International Crypotology Conference on Advance in Cryptology. Lecture Notes in Computer Science, vol. 1109, Springer, Bertin, 201--215. Google ScholarDigital Library
Hanson, M., Powell, H., Barth, A., Ringgenberg, K., Calhoun, B., Aylor, J., and Lach, J. 2009. Body area sensor networks: Challenges and opportunities. Computer 42, 1, 58--65. Google ScholarDigital Library
Jana, S., Premnath, S., Clark, M., Kasera, S., Patwari, N., and Krishnamurthy, S. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking. 321--332. Google ScholarDigital Library
Jovanov, E., Milenkovic, A., Otto, C., and de Groen, P. C. 2005. A wireless body area network of intelligent motion sensors for computer assisted physical rehabilitation. J. Neuroeng. Rehabil. 2, 1.Google ScholarCross Ref
Keoh, S. L., Lupu, E., and Sloman, M. 2009. Securing body sensor networks: Sensor association and key management. In Proceedings of the IEEE International Conference on Pervesive Computing and Communication (PerCom'09), 1--6. Google ScholarDigital Library
Kumar, A., Saxena, N., Tsudik, G., and Uzun, E. 2009. Caveat eptor: A comparative study of secure device pairing methods. In Proceedings of the IEEE International Conference on Pervasive Computing and Communication (PerCom'09), 1--10. Google ScholarDigital Library
Kuo, C., Luk, M., Negi, R., and Perrig, A. 2007. Message-in-a-bottle: User-friendly and secure key deployment for sensor nodes. In Proceedings of the International Conference on Embedded Networked Sensor Systems (SenSys'07). 233--246. Google ScholarDigital Library
Lamport, L. 1981. Password authentication with insecure communication. Commun. ACM 24, 11, 770--772. Google ScholarDigital Library
Laur, S., Asokan, N., and Nyberg, K. 2005. Efficient mutual data authentication using manually authenticated strings. In Proceedings of the International Conference on Cryptology and Network Security. Lecture Notes in Computer Science, vol. 4301, Springer, Berlin, 90--107. Google ScholarDigital Library
Laur, S. and Nyberg, K. 2006. Efficient mutual data authentication using manually authenticated strings. In Proceedings of the International Conference on Cryptology and Network Security. Lecture Notes in Computer Science, vol. 4301, Springer, Berlin, 90--107. Google ScholarDigital Library
Laur, S. and Pasini, S. 2008. SAS-Based Group Authentication and Key Agreement Protocols. In Proceedings of the International Conference on Public Key Cryptography (PKC'08). Lecture Notes in Computer Science, vol. 4939, Springer-Verlag, Berlin, 197--213. Google ScholarDigital Library
Laur, S. and Pasini, S. 2009. User-aided data authentication. Int. J. Secur. Netw. 4, 1, 69--86. Google ScholarDigital Library
Law, Y., Moniava, G., Gong, Z., Hartel, P., and Palaniswami, M. 2010. Kalwen: A new practical and interoperable key management scheme for body sensor networks. Secur. Commun. Netw. 4, 11, 1309--1329. Google ScholarDigital Library
Li, M., Lou, W., and Ren, K. 2010a. Data security and privacy in wireless body area networks. IEEE Wirel. Commun. 17, 1, 51--58. Google ScholarDigital Library
Li, M., Lou, W., and Ren, K. 2010b. Secure device pairing. In Encyclopedia of Cryptography and Security 2nd Ed, Springer, Berlin.Google Scholar
Li, M., Yu, S., Lou, W., and Ren, K. 2010. Group device pairing based secure sensor association and key management for body area networks. In Proceedings of the Joint Conference of the IEEE Computer and Communication Societies. 1--9. Google ScholarDigital Library
Lin, Y.-H., Studer, A., Hsiao, H.-C., McCune, J. M., Wang, K.-H., Krohn, M., Lin, P.-L., Perrig, A., Sun, H.-M., and Yang, B.-Y. 2009. Spate: Small-group pki-less authenticated trust establishment. In Proceedings of the ACM International Conference on Mobile System, Applications, and Services (MobiSys'09). 1--14. Google ScholarDigital Library
Liu, A. and Ning, P. 2008. Tinyecc: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the International Conference on Information Processing in Senser Networks (IPSN'08). 245--256. Google ScholarDigital Library
Liu, D. and Ning, P. 2003. Establishing pairwise keys in distributed sensor networks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'03). 52--61. Google ScholarDigital Library
Liu, D., Ning, P., and Du, W. 2008. Group-based key predistribution for wireless sensor networks. ACM Trans. Sen. Netw. 4, 2, 1--30. Google ScholarDigital Library
Lorincz, K., Malan, D., Fulford-Jones, T., Nawoj, A., Clavel, A., Shnayder, V., Mainland, G., Welsh, M., and Moulton, S. 2004. Sensor networks for emergency response: Challenges and Opportunities. IEEE Pervasive Comput. 3, 4, 16--23. Google ScholarDigital Library
MacKenzie, P. and Yang, K. 2004. On simulation-sound trapdoor commitments. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Technigues. Lecture Notes in Computer Science, vol. 3072. Springer, Berlin, 382--400.Google Scholar
Malan, D., Welsh, M., and Smith, M. 2004. A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography. In Proceedings of the IEEE Internatinal Conference on Sensor and Ad Hoc Communication and Networks. 71--80.Google Scholar
Malasri, K. and Wang, L. 2007. Addressing security in medical sensor networks. In Proceedings of the 1st International Workshop on Systems and Networking Support for Healthcare and Assisted Living Environment (HealthNet'07). 7--12. Google ScholarDigital Library
Mathur, S., Trappe, W., Mandayam, N., Ye, C., and Reznik, A. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the 14th ACM International Conference on Mobile Computing and Networking. 128--139. Google ScholarDigital Library
McCune, J. M., Perrig, A., and Reiter, M. K. 2005. Seeing-is-believing: Using camera phones for human-verifiable authentication. In Proceedings of the IEEE Sympesiem on Security and Privacy. 110--124. Google ScholarDigital Library
Morchon, O., Baldus, H., and Sanchez, D. 2006. Resource-efficient security for medical body sensor networks. In Proceedings of the International Conference on Wearable and Implantable Body Sensor Networks (BSN'06). 83. Google ScholarDigital Library
Nguyen, L. and Roscoe, A. 2008. Authenticating ad hoc networks by comparison of short digests. Inform. Computa. 206, 2--4, 250--271. Google ScholarDigital Library
Nguyen, L. and Roscoe, A. 2011. Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey. J. Comput. Secur. 19, 1, 139--201. Google ScholarDigital Library
Nithyanand, R., Saxena, N., Tsudik, G., and Uzun, E. 2010. Groupthink: Usability of secure group association for wireless devices. In Proceedings of the 12th ACM International Conference on Ubiquitous Computing. 331--340. Google ScholarDigital Library
Pasini, S. and Vaudenay, S. 2006. SAS-based authenticated key agreement. In Proceedings of the 9th International Conference on Theory and Practice of Public Key Cryptography (PKC'06). Lecture Notes in Computer Science, vol. 3958. Springer, Berlin, 395--409. Google ScholarDigital Library
Pass, R. 2003. On deniability in the common reference string and random oracle model. In Proceedings of the Annual International Cryptology Conference on Advances in Cryptology. Lecture Notes in Computer Science, vol. 2729, Springer, Berlin, 316--337.Google Scholar
Perković, T., Čagalj, M., Mastelić, T., Saxena, N., and Begušić, D. 2011. Secure initialization of multiple constrained wireless devices for an unaided user. IEEE Trans. Mobile Comput. 11, 2, 337--351. Google ScholarDigital Library
Perrig, A., Szewczyk, R., Tygar, J., Wen, V., and Culler, D. 2002. Spins: Security protocols for sensor networks. Wirel. Netw. 8, 5, 521--534. Google ScholarDigital Library
Poon, C., Zhang, Y.-T., and Bao, S.-D. 2006. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Commun. Mag. 44, 4, 73--81. Google ScholarDigital Library
Prasad, R. and Saxena, N. 2008. Efficient device pairing using human-comparable synchronized audiovisual patterns. In Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS). Lecture Notes in Computer Science, vol. 5037, 328--345. Google ScholarDigital Library
Singh, K. and Muthukkumarasamy, V. 2007. Authenticated key establishment protocols for a home health care system. In Proceedings of the International Conference on Series on Intelligent Sensors, Sensors Networks and Information Processing (ISSNIP'07). 353--358.Google Scholar
Stajano, F. and Anderson, R. J. 2000. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Proceedings of the 7th International Workshop on Security Protocols (IWSP'00). 172--194. Google ScholarDigital Library
Tan, C. C., Wang, H., Zhong, S., and Li, Q. 2008. Body sensor network security: an identity-based cryptography approach. In Proceedings of the 1st ACM Conference on Wireless Network Security (WiSec'08). 148--153. Google ScholarDigital Library
Tmote. 2005. Tmote-Sky product description key features. http://www.bandwavetech.com/download/tmote-sky-datasheet.pdf.Google Scholar
Van Laerhoven, K., Schmidt, A., and Gellersen, H.-W. 2002. Multi-sensor context aware clothing. In Proceedings of the 6th IEEE International Symposium on Wearable Computers (ISWC'02). 49--56. Google ScholarDigital Library
Vaudenay, S. 2005. Secure communications over insecure channels based on short authenticated strings. In Proceedings of the Annual International Cryptology on Advances in Cryptology. Lecture Notes in Computer Science, vol. 3621, Springer, Berlin, 309--326. Google ScholarDigital Library
Venkatasubramanian, K., Banerjee, A., and Gupta, S. 2010. Pska: Usable and secure key agreement scheme for body area networks. IEEE Trans. Inform. Technol. Biomed. 14, 1, 60--68. Google ScholarDigital Library
Venkatasubramanian, K. and Gupta, S. 2010. Physiological value-based efficient usable security solutions for body sensor networks. ACM Trans. Sen. Netw. 6, 4, 1--36. Google ScholarDigital Library
Venkatasubramanian, K., Gupta, S., Jetley, R., and Jones, P. 2010. Interoperable medical devices: Communication security issues. IEEE Pulse 1, 2, 16--27.Google ScholarCross Ref
Wong, C. K., Gouda, M., and Lam, S. S. 1998. Secure group communications using key graphs. SIGCOMM Comput. Commun. Rev. 28, 4, 68--79. Google ScholarDigital Library
Zhu, S., Setia, S., and Jajodia, S. 2003. Leap: Efficient security mechanisms for large-scale distributed sensor networks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'03). 62--72. Google ScholarDigital Library
Zhu, S., Setia, S., and Jajodia, S. 2006. Leap+: Efficient security mechanisms for large-scale distributed sensor networks. ACM Trans. Sen. Netw. 2, 4, 500--528. Google ScholarDigital Library
Zimmermann, P., Johnston, A., and Callas, J. 2006. Zrtp: Extensions to rtp for diffie-hellman key agreement for srtp draft-zimmermann-avt-zrtp-01. http://tods.ietf.org/html/draft-zimmermann-avt-zrtp-0.Google Scholar

Index Terms

Secure ad hoc trust initialization and key management in wireless body area networks

Recommendations

Key management in ad hoc networks using self-certified public key system

As various applications of ad hoc network have been proposed, security issues have become a central concern and are increasingly important. In this paper, we propose a distributed key management approach by using the self-certified public key system and ...
Read More
Secure Authenticated Key Establishment Protocol for Ad Hoc Networks
NSS '09: Proceedings of the 2009 Third International Conference on Network and System Security

Multicast communication in dynamic environments like ad hoc networks are potentially of critical concern. As group members move in and out of the group, in order to preserve confidentiality, it becomes imperative to use cryptographic keys with rekeying ...
Read More
Public Key Authentication Schemes for Local Area Networks

The invention of public-key cryptography makes many new network applications, such as electronic commerce (CE), possible. However, the widely used Internet is open and unprotected. Therefore, verifying the legitimacy of an individual's public key is ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in

ACM Transactions on Sensor Networks Volume 9, Issue 2
March 2013
532 pages
ISSN:1550-4859
EISSN:1550-4867
DOI:10.1145/2422966
Issue’s Table of Contents

Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States

Journal Family
ACM Journals for the Design of Smart and Connected Systems
Publication History
- Published: 1 April 2013
- Accepted: 1 October 2011
- Revised: 1 September 2011
- Received: 1 June 2011
Published in tosn Volume 9, Issue 2

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Trust establishment
body area networks
device pairing
efficiency
key management
usable security
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 92
  Total Citations
  View Citations
- 1,096
  Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Secure ad hoc trust initialization and key management in wireless body area networks

ACM Transactions on Sensor Networks

Abstract

References

Cited By

Index Terms

Recommendations

Key management in ad hoc networks using self-certified public key system

Secure Authenticated Key Establishment Protocol for Ad Hoc Networks

Public Key Authentication Schemes for Local Area Networks

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Secure ad hoc trust initialization and key management in wireless body area networks

ACM Transactions on Sensor Networks

Abstract

References

Cited By

Index Terms

Recommendations

Key management in ad hoc networks using self-certified public key system

Secure Authenticated Key Establishment Protocol for Ad Hoc Networks

Public Key Authentication Schemes for Local Area Networks

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Journal Family

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media