170 likes | 285 Views
EKG-Based Key Agreement in Body Sensor Networks. Krishna Venkatasubramanian, Ayan Banerjee, and Sandeep Gupta IMPACT Lab Department of Computer Science and Engineering School of Computing and Informatics Ira A. Fulton School of Engineering Arizona State University Tempe, Arizona. Outline.
E N D
EKG-Based Key Agreement in Body Sensor Networks Krishna Venkatasubramanian, Ayan Banerjee, and Sandeep Gupta IMPACT Lab Department of Computer Science and Engineering School of Computing and Informatics Ira A. Fulton School of Engineering Arizona State University Tempe, Arizona Mission Critical Networks Workshop (MCN’ 08) April 18th, 2008
Outline • Body Sensor Networks • Need for Security in BSN • EKG-based Key Agreement • Performance Analysis • Security Analysis • Conclusions
Body Sensor Networks Definition: • A network of health & environmental monitoring sensors deployed on a person managing their health. Principal Features: • Continuous real time monitoring • Remove time & space restrictions on care • Improved deployability Ideal for life-saving scenarios: • Enables caregivers to make informed decisions about treatment in time-constrained scenarios: • Disasters • Battlefield • Individual emergencies Sensors BSN Wireless links Sink Usage Scenario Critical Infrastructure
Need: Collect sensitive medical data Legal Requirement (HIPAA) Potential for exploitation Security Requirements: Integrity Confidentiality Authentication Minimal setup time Security in BSN Primary issue: Secure Inter- Sensor Communication in BSN Possible Attacks: • Fake warnings & resource wastage • Prevent legitimate warnings. • Unnecessary Actuations. • Example: Recent ICD hacking Our Approach: Physiological Value based Security
Physiological Values for Security ECG, Heart/Pulse Rate + Blood Pressure Blood Glucose Time Value Aim • Use of the physiological values (PV) from the body as a means of generating (symmetric )cryptographic keys Why? • Dynamic nature of human body • Signals represent physiology of the subject at that time and therefore unique Properties • Universal: Should be measurable in everyone • Distinctively collectable: Should be different for different persons at any given time • Low Latency: Should be able to generate keys with minimal duration of measurement • Time variant: If broken, the next set of values should not be guessable. Advantages • Plug-n-Play capability with BSN • Efficient as no additional keying material or initialization steps required • Automatic re-keying as a person’s physiology changes over time
Related Work • Using Physiological Values for Security: • Proposed in [CV*03] as a means an alternative to key distribution. • [PZ*06] proposed use of Inter-pulse-interval (IPI) data derived from EKG and PPG data as possible PV. • Collect IPI data from time difference between EKG and PPG peaks • Encode (67 values) into keys • Issues • For a subject, keys obtained were similar but not the same. Ideal asAuthentication signatures. • High Latency - 1 value every 500msec, 67 values will take ~0.5 minutes to collect • Traditional Sensor Network Security: • Key Distribution + Secure Communication. • Key Distribution requires pre-deployment • Network-wide keys, Pair-wise keys • Pre-deployed Master Key • Domain parameters for ECC based Diffie-Helman. • Issues • Requires setup time- problematic in emergency deployment • Re-keying and network wide adjustments – node addition, moving – difficult • May require large key storage space for dense network. Choice:Electrocardiogram Features:Low latency, Frequency domain features Goal:To show the viability of using EKG for generating (symmetric) cryptographic keys for securing inter-sensor communication in a BSN. [CV*03] S. Cherukuri, K. Venkatasubramanian, and S. K. S. Gupta. BioSec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. pages 432–439, October 2003. In Proc. of Wireless Security and Privacy Workshop 2003. [PZ*06] C. C. Y. Poon, Yuan-Ting Zhang, and Shu-Di Bao. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Communications Magazine, 44(4):73–81, 2006.
EEG EKG SpO2 Base Station BP Blood Glucose Body Sensor Network Motion Sensor System Model BSN: • Sensors worn or implanted on subject • Use wireless medium to communicate • All sensors can measure EKG Threats: • Active adversaries – replay, spoof, introduce messages • Passive adversaries – eavesdrop only • Tamper – physical compromise UNLIKELY Trust: • Wireless medium not trusted • Physical layer attacks such as jamming not addressed
Overview of Solution • Feature Generation • Extraction: • Obtaining frequency domain features from EKG • Quantization: • For efficient representation of features for generating common keys • Key Agreement • Feature Exchange: • Exchange the features generated at each sensor to identify the common ones • Generate Keys: • Choose common features and form key • Verification: • Verification of the key
Windowed FFT calculation 625 values 625 values 125 sample values 125 sample values 125 sample values 125 sample values 125 sample values 128 point FFT 128 point FFT 128 point FFT 128 point FFT 128 point FFT 128 FFT Coefficients 128 FFT Coefficients 128 FFT Coefficients 128 FFT Coefficients 128 FFT Coefficients First 64 First 64 First 64 First 64 First 64 Window size 125 sample values (5 seconds of EKG data sampled at 125Hz) 320 (Coefficients): Feature Vector Feature Generation: Extraction
Feature Generation: Quantization Feature Vector (320 coefficient values) Block 1: Values 1-16 Block 2: Values 17-32 Block 20: Values 304-320 64 bits Quantizer/ Encoding Quantizer/ Encoding Quantizer/ Encoding EKG Feature Blocks 64 bits 64 bits 20 blocks Process • Divide the Feature Vector into 20 blocks each containing 16 values • Each of the block is then quantized (exponential quantization, 12 levels) • The quantized values are encoded into 4 bits/coefficient. • The 20, 64 bit blocks represent the features
nonce Hashed feature blocks <ID, N, hash(b11,N)… hash(b201,N), MAC(KeyR,ID,N,hash(b11,N)…hash(b201,N))> Random Key STEP 1: <ID’, N’, hash(b12,N)… hash(b202,N’), MAC(Key’R,ID’,N’,hash(b12,N’)…hash(b202,N’))> Feature Exchange STEP 2: Key Generation Key generated at Sensor 1 <G = KeyR KeyA, MAC(KeyA,G)> STEP 3: Key generated at Sensor 2 <G’ = KeyR KeyB, MAC(KeyB,G)> STEP 4: KeyA identical to KeyB Key Agreement: Feature Exchange Sensor 1 Sensor 2 Key Verification
q n Block 1 Block 1 Block 1 Block 1 p 0 Block 20 Block 20 Block 20 Block 20 m 0 pth block mth block Key Agreement: Key Generation Send Hashes Feature Blocks (Q) hash V At each Sensor Node: • V is hash of received feature blocks • U is hash of local feature blocks with received salt • Compute matrix W where W(i,j) is the hamming distance between block i of U and block j of V. Here 1 (i,j) 20 • For each W(i,j) = 0, concatenate Q(i) to form KeyMat. • KeyMat it passed through a one way hash function to produce the final key. Receive Hashes Hash w/ Received nonce U Extract + concatenate indices KeyMat W Hash Key
nonce Hashed feature blocks <ID, N, hash(b11,N)… hash(b201,N), MAC(KeyR,ID,N,hash(b11,N)…hash(b201,N))> Random Key STEP 1: <ID’, N’, hash(b12,N)… hash(b202,N’), MAC(Key’R,ID’,N’,hash(b12,N’)…hash(b202,N’))> STEP 2: Key generated at Sensor 1 <G = KeyR KeyA, MAC(KeyA,G)> STEP 3: Key generated at Sensor 2 <G’ = Key’R KeyB, MAC(KeyB,G’)> STEP 4: KeyA identical to KeyB Key Agreement: Verification Sensor 1 Sensor 2 Feature Exchange Key Generation Key Verification
Performance Analysis Purpose: • Test keys generated by EKA • Data Properties: • Source: MIT PhysioBank database, 1 hour 2 lead EKG data from 31 patients Sampling Rate: 125Hz, each sample is time stamped. Experiments: • For each subject, EKA executed at 100 random start-times • Mutual Hamming distance computed between the keys generated to evaluate distinctiveness • Computed Runs-test and Average Entropy for each key generated to evaluate randomness. • For each subject, EKA executed at 100 consecutive 5 second intervals • Computed Hamming distance between keys generated to evaluate temporal variance.
Results • At each time-stamp, 2 keys (say KeyA and KeyB) generated at every subject. • Distinctiveness • Each square is the distance between Key A and Key B • Anti-diagonal indicates KeyA and KeyB of same person are identical. • Average difference between keys of 2 different subjects at a given start-time: ~ 49.9% • Randomness • Average Entropy: • Computed based on keys generated for each of the 31 patients at 100 start-times. • Results indicate 1s and 0s are uniformly distributed. • Runs test: • Tests runs of 0s and 1s in the key. • 2 tailed, confidence interval 5% • Failed in less than 2% of the cases (31 patients, 100 start-times = 3100 cases) • Temporal Variance • Average difference between keys of same subject at a two consecutive start-times is :~ 49.0%
Conclusions • BSN provides life-saving services. • Security essential in BSN to preserve patient privacy. • Use of EKG for generating cryptographic keys proposed and early results are promising. • Potential Applications: • Pervasive health monitoring • Fitness and performance monitoring • Future Work: • Increasing the length of blocks exchanged • Implementation of EKA on real sensing devices • Experiment with more diverse EKG data – people with ailments, EKG measured different activities sleeping, eating etc. • Identify new PVs - not all sensors in a BSN can measure EKG