Abstract
The body area network (BAN) is a key enabling technology in e-healthcare. An important security issue is to establish initial trust relationships among the BAN devices before they are actually deployed and generate necessary shared secret keys to protect the subsequent wireless communications. Due to the ad hoc nature of the BAN and the extreme resource constraints of sensor devices, providing secure as well as efficient and user-friendly trust initialization is a challenging task. Traditional solutions for wireless sensor networks mostly depend on key predistribution, which is unsuitable for a BAN in many ways. In this article, we propose group device pairing (GDP), a user-aided multi-party authenticated key agreement protocol. Through GDP, a group of sensor devices that have no pre-shared secrets establish initial trust by generating various shared secret keys out of an unauthenticated channel. Devices authenticate themselves to each other with the aid of a human user who performs visual verifications. The GDP supports fast batch deployment, addition and revocation of sensor devices, does not rely on any additional hardware device, and is mostly based on symmetric key cryptography. We formally prove the security of the proposed protocols, and we implement GDP on a sensor network testbed and report performance evaluation results.
- Alliance, W. 2006. Association models supplement to the certified wireless universal serial bus specification. Revision 1, 3.Google Scholar
- Ateniese, G., Steiner, M., and Tsudik, G. 2000. New multiparty authentication services and key agreement protocols. IEEE J. Select. Areas Commun. 18, 4, 628--639. Google ScholarDigital Library
- Balfanz, D., Smetters, D. K., Stewart, P., and Wong, H. C. 2002. Talking to strangers: Authentication in ad-hoc wireless networks. In Proceedings of the Network and Distributed System Security Symposinm (NDSS02).Google Scholar
- Bellare, M., Canetti, R., and Krawczyk, H. 1998. A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In Proceedings of the 13th Annual ACM Symposium on Theory of Computing. 419--428. Google ScholarDigital Library
- Bellare, M. and Rogaway, P. 1994. Entity authentication and key distribution. In Proceedings of the 13th Annual International Crypotology Conference on Advance in Cryptology, vol. 773. Springer-Verlag, Berlin, 232--249. Google ScholarDigital Library
- Blundo, C., Santis, A. D., Herzberg, A., Kutten, S., Vaccaro, U., and Yung, M. 1993. Perfectly-secure key distribution for dynamic conferences. In Proceedings of the 12th Annual International Crypotology Conference on Advance in Cryptology (CRYPTO'92). Lecture Notes in Computer Science, vol. 740, Springer-Verlag, Berline, 471--486. Google ScholarDigital Library
- Cagalj, M., Capkun, S., and Hubaux, J.-P. 2006. Key agreement in peer-to-peer wireless networks. Proc. IEEE 94, 2, 467--478.Google ScholarCross Ref
- Chan, H., Perrig, A., and Song, D. 2003. Random key predistribution schemes for sensor networks. In Proceedings of the Symposium on Security and Privacy. 197. Google ScholarDigital Library
- Chen, C.-H. O., Chen, C.-W., Kuo, C., Lai, Y.-H., McCune, J. M., Studer, A., Perrig, A., Yang, B.-Y., and Wu, T.-C. 2008. Gangs: Gather, authenticate'n group securely. In Proceedings of the International Conference on Mobile Emputing and Networking (MobiCom'08). 92--103. Google ScholarDigital Library
- Di Pietro, R., Mancini, L., and Mei, A. 2003. Random key-assignment for secure wireless sensor networks. In Proceedings of the 1st ACM Workshop on Security of Ad Hoc and Sensor Networks. 62--71. Google ScholarDigital Library
- Du, W., Deng, J., Han, Y., Varshney, P., Katz, J., and Khalili, A. 2005. A pairwise key predistribution scheme for wireless sensor networks. ACM Trans. Information Syst. Security (TISSEC) 8, 2, 228--258. Google ScholarDigital Library
- Dutta, R. and Barua, R. 2008. Provably secure constant round contributory group key agreement in dynamic setting. IEEE Trans. Inf. Theory 54, 5, 2007--2025. Google ScholarDigital Library
- Eschenauer, L. and Gligor, V. D. 2002. A key-management scheme for distributed sensor networks. In Proceedings of the Conference on Computer and Communications Security (CCS'02). 41--47. Google ScholarDigital Library
- Goodrich, M. T., Sirivianos, M., Solis, J., Tsudik, G., and Uzun, E. 2006. Loud and clear: Human-verifiable authentication based on audio. In Proceedings of the IEEE International Conference on Distributed Computer Systems. Google ScholarDigital Library
- Guttman, J. 2011. Shapes: Surveying crypto protocol runs. In Formal Models and Techniques for Analyzing Security Protocols, Cryptology and Information Security Series. IOS Press.Google Scholar
- Halevi, S. and Micali, S. 1996. Practical and provably-secure commitment schemes from collision-free hashing. In Proceedings of the 16th Annual International Crypotology Conference on Advance in Cryptology. Lecture Notes in Computer Science, vol. 1109, Springer, Bertin, 201--215. Google ScholarDigital Library
- Hanson, M., Powell, H., Barth, A., Ringgenberg, K., Calhoun, B., Aylor, J., and Lach, J. 2009. Body area sensor networks: Challenges and opportunities. Computer 42, 1, 58--65. Google ScholarDigital Library
- Jana, S., Premnath, S., Clark, M., Kasera, S., Patwari, N., and Krishnamurthy, S. 2009. On the effectiveness of secret key extraction from wireless signal strength in real environments. In Proceedings of the 15th Annual International Conference on Mobile Computing and Networking. 321--332. Google ScholarDigital Library
- Jovanov, E., Milenkovic, A., Otto, C., and de Groen, P. C. 2005. A wireless body area network of intelligent motion sensors for computer assisted physical rehabilitation. J. Neuroeng. Rehabil. 2, 1.Google ScholarCross Ref
- Keoh, S. L., Lupu, E., and Sloman, M. 2009. Securing body sensor networks: Sensor association and key management. In Proceedings of the IEEE International Conference on Pervesive Computing and Communication (PerCom'09), 1--6. Google ScholarDigital Library
- Kumar, A., Saxena, N., Tsudik, G., and Uzun, E. 2009. Caveat eptor: A comparative study of secure device pairing methods. In Proceedings of the IEEE International Conference on Pervasive Computing and Communication (PerCom'09), 1--10. Google ScholarDigital Library
- Kuo, C., Luk, M., Negi, R., and Perrig, A. 2007. Message-in-a-bottle: User-friendly and secure key deployment for sensor nodes. In Proceedings of the International Conference on Embedded Networked Sensor Systems (SenSys'07). 233--246. Google ScholarDigital Library
- Lamport, L. 1981. Password authentication with insecure communication. Commun. ACM 24, 11, 770--772. Google ScholarDigital Library
- Laur, S., Asokan, N., and Nyberg, K. 2005. Efficient mutual data authentication using manually authenticated strings. In Proceedings of the International Conference on Cryptology and Network Security. Lecture Notes in Computer Science, vol. 4301, Springer, Berlin, 90--107. Google ScholarDigital Library
- Laur, S. and Nyberg, K. 2006. Efficient mutual data authentication using manually authenticated strings. In Proceedings of the International Conference on Cryptology and Network Security. Lecture Notes in Computer Science, vol. 4301, Springer, Berlin, 90--107. Google ScholarDigital Library
- Laur, S. and Pasini, S. 2008. SAS-Based Group Authentication and Key Agreement Protocols. In Proceedings of the International Conference on Public Key Cryptography (PKC'08). Lecture Notes in Computer Science, vol. 4939, Springer-Verlag, Berlin, 197--213. Google ScholarDigital Library
- Laur, S. and Pasini, S. 2009. User-aided data authentication. Int. J. Secur. Netw. 4, 1, 69--86. Google ScholarDigital Library
- Law, Y., Moniava, G., Gong, Z., Hartel, P., and Palaniswami, M. 2010. Kalwen: A new practical and interoperable key management scheme for body sensor networks. Secur. Commun. Netw. 4, 11, 1309--1329. Google ScholarDigital Library
- Li, M., Lou, W., and Ren, K. 2010a. Data security and privacy in wireless body area networks. IEEE Wirel. Commun. 17, 1, 51--58. Google ScholarDigital Library
- Li, M., Lou, W., and Ren, K. 2010b. Secure device pairing. In Encyclopedia of Cryptography and Security 2nd Ed, Springer, Berlin.Google Scholar
- Li, M., Yu, S., Lou, W., and Ren, K. 2010. Group device pairing based secure sensor association and key management for body area networks. In Proceedings of the Joint Conference of the IEEE Computer and Communication Societies. 1--9. Google ScholarDigital Library
- Lin, Y.-H., Studer, A., Hsiao, H.-C., McCune, J. M., Wang, K.-H., Krohn, M., Lin, P.-L., Perrig, A., Sun, H.-M., and Yang, B.-Y. 2009. Spate: Small-group pki-less authenticated trust establishment. In Proceedings of the ACM International Conference on Mobile System, Applications, and Services (MobiSys'09). 1--14. Google ScholarDigital Library
- Liu, A. and Ning, P. 2008. Tinyecc: A configurable library for elliptic curve cryptography in wireless sensor networks. In Proceedings of the International Conference on Information Processing in Senser Networks (IPSN'08). 245--256. Google ScholarDigital Library
- Liu, D. and Ning, P. 2003. Establishing pairwise keys in distributed sensor networks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'03). 52--61. Google ScholarDigital Library
- Liu, D., Ning, P., and Du, W. 2008. Group-based key predistribution for wireless sensor networks. ACM Trans. Sen. Netw. 4, 2, 1--30. Google ScholarDigital Library
- Lorincz, K., Malan, D., Fulford-Jones, T., Nawoj, A., Clavel, A., Shnayder, V., Mainland, G., Welsh, M., and Moulton, S. 2004. Sensor networks for emergency response: Challenges and Opportunities. IEEE Pervasive Comput. 3, 4, 16--23. Google ScholarDigital Library
- MacKenzie, P. and Yang, K. 2004. On simulation-sound trapdoor commitments. In Proceedings of the International Conference on the Theory and Applications of Cryptographic Technigues. Lecture Notes in Computer Science, vol. 3072. Springer, Berlin, 382--400.Google Scholar
- Malan, D., Welsh, M., and Smith, M. 2004. A public-key infrastructure for key distribution in tinyos based on elliptic curve cryptography. In Proceedings of the IEEE Internatinal Conference on Sensor and Ad Hoc Communication and Networks. 71--80.Google Scholar
- Malasri, K. and Wang, L. 2007. Addressing security in medical sensor networks. In Proceedings of the 1st International Workshop on Systems and Networking Support for Healthcare and Assisted Living Environment (HealthNet'07). 7--12. Google ScholarDigital Library
- Mathur, S., Trappe, W., Mandayam, N., Ye, C., and Reznik, A. 2008. Radio-telepathy: Extracting a secret key from an unauthenticated wireless channel. In Proceedings of the 14th ACM International Conference on Mobile Computing and Networking. 128--139. Google ScholarDigital Library
- McCune, J. M., Perrig, A., and Reiter, M. K. 2005. Seeing-is-believing: Using camera phones for human-verifiable authentication. In Proceedings of the IEEE Sympesiem on Security and Privacy. 110--124. Google ScholarDigital Library
- Morchon, O., Baldus, H., and Sanchez, D. 2006. Resource-efficient security for medical body sensor networks. In Proceedings of the International Conference on Wearable and Implantable Body Sensor Networks (BSN'06). 83. Google ScholarDigital Library
- Nguyen, L. and Roscoe, A. 2008. Authenticating ad hoc networks by comparison of short digests. Inform. Computa. 206, 2--4, 250--271. Google ScholarDigital Library
- Nguyen, L. and Roscoe, A. 2011. Authentication protocols based on low-bandwidth unspoofable channels: a comparative survey. J. Comput. Secur. 19, 1, 139--201. Google ScholarDigital Library
- Nithyanand, R., Saxena, N., Tsudik, G., and Uzun, E. 2010. Groupthink: Usability of secure group association for wireless devices. In Proceedings of the 12th ACM International Conference on Ubiquitous Computing. 331--340. Google ScholarDigital Library
- Pasini, S. and Vaudenay, S. 2006. SAS-based authenticated key agreement. In Proceedings of the 9th International Conference on Theory and Practice of Public Key Cryptography (PKC'06). Lecture Notes in Computer Science, vol. 3958. Springer, Berlin, 395--409. Google ScholarDigital Library
- Pass, R. 2003. On deniability in the common reference string and random oracle model. In Proceedings of the Annual International Cryptology Conference on Advances in Cryptology. Lecture Notes in Computer Science, vol. 2729, Springer, Berlin, 316--337.Google Scholar
- Perković, T., Čagalj, M., Mastelić, T., Saxena, N., and Begušić, D. 2011. Secure initialization of multiple constrained wireless devices for an unaided user. IEEE Trans. Mobile Comput. 11, 2, 337--351. Google ScholarDigital Library
- Perrig, A., Szewczyk, R., Tygar, J., Wen, V., and Culler, D. 2002. Spins: Security protocols for sensor networks. Wirel. Netw. 8, 5, 521--534. Google ScholarDigital Library
- Poon, C., Zhang, Y.-T., and Bao, S.-D. 2006. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Commun. Mag. 44, 4, 73--81. Google ScholarDigital Library
- Prasad, R. and Saxena, N. 2008. Efficient device pairing using human-comparable synchronized audiovisual patterns. In Proceedings of the International Conference on Applied Cryptography and Network Security (ACNS). Lecture Notes in Computer Science, vol. 5037, 328--345. Google ScholarDigital Library
- Singh, K. and Muthukkumarasamy, V. 2007. Authenticated key establishment protocols for a home health care system. In Proceedings of the International Conference on Series on Intelligent Sensors, Sensors Networks and Information Processing (ISSNIP'07). 353--358.Google Scholar
- Stajano, F. and Anderson, R. J. 2000. The resurrecting duckling: Security issues for ad-hoc wireless networks. In Proceedings of the 7th International Workshop on Security Protocols (IWSP'00). 172--194. Google ScholarDigital Library
- Tan, C. C., Wang, H., Zhong, S., and Li, Q. 2008. Body sensor network security: an identity-based cryptography approach. In Proceedings of the 1st ACM Conference on Wireless Network Security (WiSec'08). 148--153. Google ScholarDigital Library
- Tmote. 2005. Tmote-Sky product description key features. http://www.bandwavetech.com/download/tmote-sky-datasheet.pdf.Google Scholar
- Van Laerhoven, K., Schmidt, A., and Gellersen, H.-W. 2002. Multi-sensor context aware clothing. In Proceedings of the 6th IEEE International Symposium on Wearable Computers (ISWC'02). 49--56. Google ScholarDigital Library
- Vaudenay, S. 2005. Secure communications over insecure channels based on short authenticated strings. In Proceedings of the Annual International Cryptology on Advances in Cryptology. Lecture Notes in Computer Science, vol. 3621, Springer, Berlin, 309--326. Google ScholarDigital Library
- Venkatasubramanian, K., Banerjee, A., and Gupta, S. 2010. Pska: Usable and secure key agreement scheme for body area networks. IEEE Trans. Inform. Technol. Biomed. 14, 1, 60--68. Google ScholarDigital Library
- Venkatasubramanian, K. and Gupta, S. 2010. Physiological value-based efficient usable security solutions for body sensor networks. ACM Trans. Sen. Netw. 6, 4, 1--36. Google ScholarDigital Library
- Venkatasubramanian, K., Gupta, S., Jetley, R., and Jones, P. 2010. Interoperable medical devices: Communication security issues. IEEE Pulse 1, 2, 16--27.Google ScholarCross Ref
- Wong, C. K., Gouda, M., and Lam, S. S. 1998. Secure group communications using key graphs. SIGCOMM Comput. Commun. Rev. 28, 4, 68--79. Google ScholarDigital Library
- Zhu, S., Setia, S., and Jajodia, S. 2003. Leap: Efficient security mechanisms for large-scale distributed sensor networks. In Proceedings of the ACM Conference on Computer and Communications Security (CCS'03). 62--72. Google ScholarDigital Library
- Zhu, S., Setia, S., and Jajodia, S. 2006. Leap+: Efficient security mechanisms for large-scale distributed sensor networks. ACM Trans. Sen. Netw. 2, 4, 500--528. Google ScholarDigital Library
- Zimmermann, P., Johnston, A., and Callas, J. 2006. Zrtp: Extensions to rtp for diffie-hellman key agreement for srtp draft-zimmermann-avt-zrtp-01. http://tods.ietf.org/html/draft-zimmermann-avt-zrtp-0.Google Scholar
Index Terms
- Secure ad hoc trust initialization and key management in wireless body area networks
Recommendations
Key management in ad hoc networks using self-certified public key system
As various applications of ad hoc network have been proposed, security issues have become a central concern and are increasingly important. In this paper, we propose a distributed key management approach by using the self-certified public key system and ...
Secure Authenticated Key Establishment Protocol for Ad Hoc Networks
NSS '09: Proceedings of the 2009 Third International Conference on Network and System SecurityMulticast communication in dynamic environments like ad hoc networks are potentially of critical concern. As group members move in and out of the group, in order to preserve confidentiality, it becomes imperative to use cryptographic keys with rekeying ...
Public Key Authentication Schemes for Local Area Networks
The invention of public-key cryptography makes many new network applications, such as electronic commerce (CE), possible. However, the widely used Internet is open and unprotected. Therefore, verifying the legitimacy of an individual's public key is ...
Comments