Secure intra-network communication for body area networks

Official URL: http://risc01.sabanciuniv.edu/record=b1649229 (Table of Contents)

Advances in lightweight, small-size and low-power sensors led to the development of wearable biosensors, thus, to the accurate monitoring of human periphery. On top of this, pervasive computing has been improved and technologies have been matured enough to build the plug-and-play Body Area Networks (BANs). In a BAN, the main functionality of a node is to effectively and efficiently collect data from vital body parts, share it with the neighbors and make decisions accordingly. Because of the fact that the captured phenomenon is highly sensitive against privacy breaches in addition to being transmitted using the wireless communication medium, BANs require a security infrastructure. However, due to the extreme energy scarcity, bandwidth and storage constraints of the nodes, conventional solutions are inapplicable for BANs. In this dissertation, we propose a novel security infrastructure that is designed specifically for the intra-BAN communication. In this regard, we propose a novel key agreement protocol, SKA-PS (Secure Key Agreement using Physiological Signals), which is based on the set reconciliation paradigm. Our protocol generates symmetric shared keys using the physiological parameters derived from the physiological signals of the users, such as electrocardiogram and blood pressure. We also identify 4 different appropriate physiological parameters that can be used as cryptographic keys and propose the techniques of generating them. In the security infrastructure that we have developed for the intra-BAN communication, (i) secure node-to-host association is satisfied, (ii) performance enhancing characteristics of bio-cryptography is brought in the foreground, (iii) adopted physiological parameters are random and distinctive enough, based on the Shannon’s entropy and Hamming Distance evaluations, which respectively, reveals the bit frequencies and measures the bit differences, along with possessing low error rates, (iv) key agreement protocol works dynamically, possessing remarkably high true match and exceedingly low false match rates, and (v) key agreement protocol resists against brute-force, replay and impersonation attacks, together with possessing low communication, computational and storage costs.