Krishna Venkatasubramanian, Ayan Banerjee, Sandeep Gupta - PowerPoint PPT Presentation

1 / 13
About This Presentation
Title:

Krishna Venkatasubramanian, Ayan Banerjee, Sandeep Gupta

Description:

BAN - A network of health & environmental monitoring sensors deployed on a ... Pair-wise, Network-wise, Group-wise. Pre-deployed Master Key ... – PowerPoint PPT presentation

Number of Views:142
Avg rating:3.0/5.0
Slides: 14
Provided by: impac1
Category:

less

Transcript and Presenter's Notes

Title: Krishna Venkatasubramanian, Ayan Banerjee, Sandeep Gupta


1
Plethysmogram-based Secure Inter-Sensor
Communication in Body Area Networks
  • Krishna Venkatasubramanian, Ayan Banerjee,
    Sandeep Gupta
  • Dept. of Computer Science and Engineering
  • School of Computing and Informatics
  • Arizona State University
  • Tempe, Arizona

2
Body Area Network
  • Definition
  • BAN - A network of health environmental
    monitoring sensors deployed on a person managing
    their health.
  • Principal Features
  • Continuous real time monitoring
  • Remove time space restrictions on care
  • Improved deployability
  • Ideal for life-saving scenarios
  • Enables caregivers on field to make informed
    decisions about treatment of soldiers in
    time-constrained scenarios.

3
Security in Body Area Networks
  • Need
  • BANs collect sensitive medical data
  • Legal Requirement (HIPAA)
  • Potential for exploitation
  • Loss of privacy
  • Physical harm
  • Security Requirements
  • Integrity
  • Confidentiality
  • Authentication
  • Plug-n-Play
  • Possible Attacks
  • Fake warnings resource wastage
  • Prevent legitimate warnings.
  • Unnecessary Actuations.

Primary issue Secure Inter- Sensor Communication
in BAN
4
Traditional Approach
  • Key Distribution Secure Communication.
  • Pre-deployment based
  • Pair-wise, Network-wise, Group-wise
  • Pre-deployed Master Key
  • Domain parameters for ECC based Diffie-Helman.
  • Problems
  • Requires secure setup and initialization process
  • Re-keying and network wide adjustments node
    addition, moving difficult

5
Plethysmogram based Key Agreement
  • Photoplethysmogram (PPG) based Key Agreement
    (PKA)
  • PPG volumetric change in the distention of
    arteries due to the perfusion of blood through
    them during a cardiac cycle
  • Properties
  • Easy to Measure oximeter finger, ear lobe
  • Universal - measurable in everyone
  • Distinctive cardiac cycle unique for each
    person at a give time
  • Low Latency requires minimal measurements for
    key agreement
  • Time Variant varies with time
  • Advantages
  • Plug-n-Play deployment is enough to have secure
    communication
  • Efficiency no additional keying material
    required
  • Automatic Rekeying Key agreed based on current
    value of PPG cannot be known from knowledge of
    past values.
  • System Model
  • BAN
  • Sensors worn or implanted on subject
  • Use wireless medium to communicate
  • All sensors can measure PPG
  • Threats
  • Active adversaries replay, spoof, introduce
    messages
  • Passive adversaries eavesdrop only
  • Tamper physical compromise UNLIKELY
  • Trust
  • Wireless medium not trusted
  • Physical layer attacks such as jamming not
    addressed

6
Details
  • Feature Generation
  • Extraction
  • Obtaining frequency domain features from PPG
  • Quantization
  • For representation of features for key agreement
  • Key Agreement
  • Fuzzy Vault
  • Cryptographic construct used for secure exchange
    of data
  • Vault Exchange
  • Key agreement between sensors using the vault
    construct

7
PPG Feature Generation
8
Key Agreement
  • Sensors use PPG features as a basis for agreeing
    upon keys.
  • Features cannot be directly used a keys as they
    might not be identical due to the topographic
    specificity of the human body.
  • Technique
  • Generate a key at one sensor
  • Hide it using PPG features
  • Transport it to other sensor
  • Unhide it at the receiver
  • We use Fuzzy Vault construct to hide/un-hide the
    keys as it allows hiding and un-hiding even
    without identical secrets

9
Fuzzy Vault
  • Locks secrets S using a set of values A and can
    be unlocked with another set B, only if A ? B gt ?
  • The construction and locking of the vault is done
    by
  • Generating a vth order polynomial p over the
    variable x that encodes the secret S,
  • Computing the value of the polynomial at
    different values of x from set A and creating a
    set R ai, p(ai), where 1 ? i ? A
  • Adding randomly generated points called chaff to
    R which do not lie on the polynomial.
  • Unlocking of the vault can be done by
  • Identifying a set B with significant overlap with
    A
  • Build a set Q (u, v)(u, v) ? R, u ? B
  • Polynomial reconstructed using points in Q using
    Lagrangian interpolation - Knowledge of v1
    points on a polynomial (x0,y0),(x1,y1).(xn,yn)
    can reconstruct vth order polynomial

10
Vault Locking Unlocking
Sender
Receiver
11
Security Analysis
  • Security of the vault depends upon number of
    points (R) and order of polynomial (v).
  • Number of combinations needed for
  • Adversary RC(v1)
  • Receiver QC(v1)
  • Choose v such that
  • v less than common features between sender and
    receiver of same person
  • v greater than common features between sender
    and receiver of different person
  • Choose R such that
  • Required amount of security available
  • Computation within manageable limits for the
    receiver

12
Performance Analysis
  • Based on actual PPG data collected from 10
    volunteers at IMPACT lab.
  • Smith-Medical oximeter used 60Hz sampling, 5
    minutes data collected.
  • Properties evaluated
  • Distinctiveness
  • Needed for setting polynomial order
  • Total features per person 30
  • Common features same person 12 (average)
  • Common features different person 2 (average)
  • Time Variance
  • Compare common features in PPG collected at
    different measurement start-times for executing
    PKA.
  • If greater than polynomial order (v) then
    violation

13
Conclusion
  • Implemented PKA in Matlab
  • Use of PPG for cryptographic keys agreement
    proposed results are promising.
  • Previous work on using physiological values based
    on
  • Inter-Pulse-Interval (IPI) was useful for
    authentication only
  • EKG was too tedious to measure reducing
    usability
  • Future Work
  • Implementation of PKA on actual sensors
  • Reduce Vault unlocking overhead for receiver.

Screen Shot
Write a Comment
User Comments (0)
About PowerShow.com