Information Technology Reference
In-Depth Information
3. Encrypt
V
M
with
K
s
using a simple XOR
operation
E
=
Ks
nation of physiological signals to increase
the key search space.
V
M
.
4. Transmit
E
to the slave node.
Protocol steps at the slave (receiver):
1. Capture the biometric signal value
V
s
.
2. Extract
K'
s
using the received
E
and
V
s
.
K'
s
= E
⨁
•
Time variability:
in addition to the ran-
domness requirement, the physiological
signals should vary with time. This prop-
erty ensures that the session key derived
from the physiological value is different
with every protocol execution instance.
⨁
V
s
. Note that
K'
s
≠ K
s
since
V
s
≠V
M
.
3. Apply error correction coding on
K'
s
to retrieve
K''
s
.
K'
s
will be the agreed
upon key as retrieved by the slave
node. Note that
K''
s
may or may not
be equal to
K
s
based on the success
of the error decoding and correction.
Handling invalid session keys will be
described when discussing the BSN
confidentiality and integrity protocols
in the next section.
•
Accessibility of measurements:
the phys-
iological signal should be easily measured
with high degrees of accuracy. The sensor
nodes participating in the protocol should
be able to extract the same predefined sig-
nal or set of signals. This requirement is
sometimes difficult to achieve in practice
(Dimitriou & Ioannis, 2008).
•
Time synchronization:
there should be
a time synchronization protocol to ensure
that the different biosensor nodes par-
ticipating in the biometric key agreement
protocol extract the physiological signal
values at the same time. This is crucial to
retrieve close measurement values.
For the realization of a secure and practical
biometric key agreement, the following technical
requirements must be met:
•
Randomness of measured physiologi-
cal signals:
the extracted physiological
signal values should exhibit a high de-
gree of randomness to prevent any form
of key guessing attacks using brute force
search techniques. For this reason the
choice of the physiological signals used
should be given an exceptional attention.
For instance, choosing the systolic blood
pressure as a physiological signal would
not give the desired degree of random-
ness since systolic blood pressure values
typically range from120-160 mmHg. This
limited range of values makes this choice
susceptible to brute force guessing attacks.
ECG, inter-pulse interval, and heart rate
biometric signals are believed to supply
highly random values that are immune to
brute force attacks. Moreover, (Cherukuri
et al., 2003) proposed the use of a combi-
•
We believe that this is a strict requirement
in biometric key agreement that limits the
applicability of these protocols in practice.
Moreover, researchers discovered a set of
attacks against time synchronization pro-
tocols in sensor networks (Manzo, Roosta,
& Sastry, 2005). Establishing protection
mechanisms against these attacks requires
resource intensive operations that are not
currently feasible in BSN nodes.
DATA INTEGRITY AND
CONFIDENTIALITY PROTOCOLS
In the previous section we demonstrated how the
different communication entities in a BSN network
can share a biometric cryptographic key. In this
section we continue the discussion and present
how the shared keying material can be used to
secure the confidentiality and integrity of data
Search WWH ::
Custom Search