efficient and secure framework for body area...
TRANSCRIPT
EFFICIENT AND SECURE FRAMEWORK FOR BODY
AREA NETWORKS
NOOR UL AMIN
DEPARTMENT OF INFORMATION TECHNOLOGY
HAZARA UNIVERSITY MANSEHRA
2016
ii
EFFICIENT AND SECURE FRAMEWORK FOR BODY AREA
NETWORKS
SUBMITTED BY NOOR UL AMIN
PhD Scholar
RESEARCH SUPERVISOR DR ARIF IQBAL UMAR
Assistant Professor
Department of Information Technology
DEPARTMENT OF INFORMATION TECHNOLOGY
HAZARA UNIVERSITY MANSEHRA
2016
iii
Intentionally left Blank
iv
v
DEDICATION
Dedicated to all my family and those who respect humanity and love
peace
vi
CONTENTS
ABBREVIATIONS ................................................................................................................... x
LIST OF TABLES .................................................................................................................. xii
LIST OF FIGURES ............................................................................................................... xiii
ACKNOWLEDGEMENTS ................................................................................................. xiv
ABSTRACT ........................................................................................................................... xv
Chapter 1 .................................................................................................................................. 1
1. Introduction ......................................................................................................................... 1
1.1 Motivation ...................................................................................................................... 2
1.2 Research Problem .......................................................................................................... 5
1.3 Research Questions ....................................................................................................... 5
1.4 Proposed Solution ......................................................................................................... 5
Proposed Framework Overview ....................................................................................... 8
1.5 Research Objectives ...................................................................................................... 9
1.6 Research Scope .............................................................................................................. 9
1.7 Thesis Organization ...................................................................................................... 9
Chapter 02 .............................................................................................................................. 10
2. Background Study ............................................................................................................ 10
2.1 BANs Basic Architecture ............................................................................................ 10
2.1.1 Biosensor Nodes ................................................................................................... 10
2.1.2 Base Station ........................................................................................................... 11
2.1.3 Medical Server ...................................................................................................... 11
2.2 Three Tiers Communication Architecture of BANs............................................... 12
2.2.1 Tier-1 Communication ........................................................................................ 13
2.2.2 Tier-2 Communication ........................................................................................ 13
2.2.3 Tier-3 Communication ........................................................................................ 13
2.10 Different Forms of Sensors ...................................................................................... 13
2.10.1 Wearable Form ................................................................................................... 13
2.10.2 Implantable Form ............................................................................................... 14
2.10.3 Emplaced Form .................................................................................................. 14
2.3 Requirement of Economical Health Solutions ........................................................ 15
vii
2.4 Infrastructure-based architecture ............................................................................. 16
2.5 Adhoc- based Architecture ........................................................................................ 16
2.6 BANs Laws .................................................................................................................. 16
2.7 BANs Applications ..................................................................................................... 16
2.8 Data Rates and Power Requirements ....................................................................... 18
2.9 Security Methods in BANs Standards ..................................................................... 19
2.9.1 Bluetooth 802.15.1 Security ................................................................................. 19
2.9.2 UWB 802.15.3 Security ........................................................................................ 20
2.9.3 Zigbee 802.15.4 Security ...................................................................................... 20
2.9.4 IEEE 802.15.6 Security ......................................................................................... 20
2.11 Related Work ............................................................................................................. 21
2.11.1 Symmetric Key Agreement............................................................................... 22
2.11.2 Asymmetric Key Agreement ............................................................................ 24
2.11.3 Biometric Key Agreement ................................................................................. 26
2.11.4 Hybrid Key Agreement ..................................................................................... 29
Chapter 03 .............................................................................................................................. 32
3. Materials and Methods..................................................................................................... 32
3.1 Network Model ........................................................................................................... 32
3.2 Radio Model ................................................................................................................. 33
3.3 Threat Modal ............................................................................................................... 34
3.4 Threat Resistance Model ............................................................................................ 34
3.5 Design Requirement ................................................................................................... 35
3.5.1 Cost Efficiency ...................................................................................................... 35
3.5.2 Analysis Tools ...................................................................................................... 35
3.6 Security Requirement ................................................................................................. 36
3.6.1 Physical Security .................................................................................................. 36
3.6.2 Body Sensor Authentication ............................................................................... 36
3.6.3 Secure Key Agreement ........................................................................................ 36
3.6.4 Confidentiality of Information ........................................................................... 37
3.6.5 Patients Data Integrity ......................................................................................... 37
3.6.6 Authenticity .......................................................................................................... 37
viii
3.6.7 Non repudiation ................................................................................................... 38
3.6.8 Unforgeability ....................................................................................................... 38
3.6.9 Keys Update .......................................................................................................... 38
3.6.10 Data Freshness .................................................................................................... 38
3.7 Elliptic Curve ............................................................................................................... 38
3.8 Hyper Elliptic Curve .................................................................................................. 38
3.9 Symmetric Cryptographic Solutions ........................................................................ 39
3.10 Asymmetric Cryptographic Solutions ................................................................... 39
3.11 Hybrid Cryptographic Solutions ............................................................................ 39
3.12 Signcryption ............................................................................................................... 40
Chapter 04 .............................................................................................................................. 41
4. Result and Discussion ...................................................................................................... 41
4.1 Lightweight Authentication and Key Agreement Scheme for BANs ................. 41
4.1.1 Registration and Key Preloading Phase ........................................................... 42
4.1.2 Authentication and key agreement Phase ........................................................ 42
4.1.3 Confidential Data Transmission ........................................................................ 44
4.1.4 Key Updating Phase ............................................................................................ 47
4.1.5 Physical Security .................................................................................................. 48
4.1.6 Security Analysis .................................................................................................. 49
4.1.7 Performance Analysis .......................................................................................... 51
4.1.8 Conclusion ............................................................................................................ 55
4.2 Authenticated Key Agreement for SBANs Based on Hybrid Cryptosystem ..... 56
4.2.1 Registration and Key Preloading Phase ........................................................... 57
4.2.2 Node Authentication and Key Agreement Phase ........................................... 57
4.2.3 Session Key Establishment Phase ...................................................................... 57
4.2.4 Secure Data Transmission Phase ....................................................................... 59
4.2.5 Key Updating Phase ............................................................................................ 60
4.2.6 Security Analysis .................................................................................................. 61
4.2.7 Performance Analysis .......................................................................................... 63
4.2.7.1 Computation Cost Analysis ............................................................................ 63
4.2.8 Conclusion ............................................................................................................ 67
ix
4.3 A Signcryption based Key Agreement and Cluster Head Selection for BANs .. 67
4.3.1 System Initialization Phase ................................................................................. 69
4.3.2 Session Key Establishment and Cluster Head Selection Phase ..................... 69
4.3.3 Secure Session Data Forwarding ....................................................................... 70
4.3.4 Cluster Head Rotation Phase ............................................................................. 71
4.3.5 Rekeying Phase .................................................................................................... 72
4.3.6 Security Analysis .................................................................................................. 74
4.3.7 Performance Analysis .......................................................................................... 76
4.3.8 Conclusion ............................................................................................................ 81
4.4 Efficient Key Agreement for Wireless BANs Based on Hyper Elliptic Curves . 81
4.4.1 Initialization Stage ............................................................................................... 82
4.4.2 Key Establishment Stage ..................................................................................... 82
4.4.3 Secure Data Transmission Stage ........................................................................ 83
4.4.4 Key Updating Stage ............................................................................................. 84
4.4.5 Security Analysis .................................................................................................. 85
4.4.6 Performance Analysis .......................................................................................... 88
4.4.6.1 Computational Cost Analysis ......................................................................... 89
4.4.7 Conclusion ............................................................................................................ 93
4.5 Novel Key Agreement Scheme for BANs Based on Hyper Elliptic Curve
Signcryption ....................................................................................................................... 93
4.5.1 Hyper Elliptic Curve Cryptosystem .................................................................. 94
4.5.2 BAN Initialization Phase ..................................................................................... 95
4.5.3 Session Key Establishment Phase ...................................................................... 95
4.5.4 Secure Session Data Transmission Phase ......................................................... 96
4.5.5 Key Update Phase ................................................................................................ 97
4.5.6 Security Analysis .................................................................................................. 98
4.5.7 Performance Analysis ........................................................................................ 100
4.5.8 Conclusion .......................................................................................................... 105
Chapter 05 ............................................................................................................................ 106
5.1 Conclusion ................................................................................................................. 106
5.2 Future Work ............................................................................................................... 109
References ............................................................................................................................ 111
x
ABBREVIATIONS
Notation Description
Biosensor node
Base Station
Medical Server
Medical Officer
A finite field of order
An Elliptic Curve over prime field
A base point on of order
A hyper elliptic curve over prime field
A divisor of large prime of order in
A function which maps a divisor to integer value
Biosensor private key
Biosensor public key
Medical server private key
Medical server public key
Public Key
One way hash function / Keyed hash function
Advance Encryption Standard
Symmetric Encryption / Decryption with key
Message/Cipher text
Number used once
Hyper Elliptic Curve Divisor Multiplication
Elliptic Curve Point Multiplication
Bilinear Pairing
Modular Multiplication
Modular Exponentiation
Message Authentication Code
Node Authentication
Key agreement
Key update
Node Tracking
Message Confidentiality
xi
Message Integrity
Key Revocation
Forward Secrecy and Backward Secrecy
Data Freshness
Denial of Service
Masquerade Prevention
Scalability
xii
LIST OF TABLES
TABLE NO
DISCRPTION PAGE
NO
1. 1 Comparisons of BANs and WSNs 2
2. 1 Applications 17
2. 2 Protocol Security Comparison 21
4. 1 Comparison of Security Function of Proposed and Existing Schemes 51
4. 1 Comparison of Security Function of Proposed and Existing Schemes 52
4. 2 Comparison of Computation Cost of Existing and Proposed Schemes 52
4. 3 Computation Cost Comparison at Biosensor Side 52
4.4 Comparison of Computation Cost of Existing and Proposed Scheme 53
4. 5 Computation Cost Comparison at MS Side 53
4. 6 Comparison of Communication Overhead of Proposed and Existing Schemes
54
4. 7 Communication Cost on the basis of Nodes 55
4. 8 Comparison of Security Function of Proposed and Existing Schemes 63
4. 9 Comparison of Computation Cost of Existing and Proposed Schemes 63
4. 10 Computation Cost Comparison at Biosensor Side 64
4. 11 Comparison of Computation Cost of Existing and Proposed Schemes 64
4. 12 Computation Cost Efficiency at MS Side 64
4. 13 Comparison of Communication Overhead of Proposed and Existing Schemes
65
4. 14 Communication Cost on the basis of Nodes 65
4. 15 Communication Cost on the basis of Security Levels 66
4. 16 Comparison of Security Function of Proposed and Existing Schemes 76
4. 17 Comparison of Computation Cost of Existing and Proposed Schemes 77
4. 18 Computation Cost Comparison at Biosensor Side 77
4. 19 Comparison of Computation Cost of Existing and Proposed Schemes 78
4. 20 Computation Cost Comparison at MS Side 78
4. 21 Comparison of Communication Overhead of Proposed and Existing Schemes
79
4. 22 Communication Cost on the basis of Nodes 80
4. 23 Communication Cost on the basis of Security Levels 80
4. 24 Security Analysis of Proposed and Existing Schemes 88
4. 25 Comparison of Computation Cost of Existing and Proposed Schemes 89
4. 26 Computation Cost Comparison on Biosensor Side 89
4. 27 Comparison of Computation Cost of Existing and Proposed Schemes 90
4. 28 Computation Cost Comparison on MS Side 91
4. 29 Communication Cost on the basis of Nodes 92
4. 30 Communication Cost on the basis of Security Levels 92
4. 31 Comparison of Computation Cost of Existing and Proposed Scheme 101
4. 32 Computation Cost Comparison on Biosensor Side 101
4. 33 Comparison of Computation Cost of Existing and Proposed Scheme 102
4. 34 Computation Cost Comparison at MS Side 102
4. 35 Communication Cost on the basis of Security Levels 104
xiii
LIST OF FIGURES
FIGURE NO
DISCRIPTION PAGE
NO
2. 1 Data flow in BANs 12
2. 2 Three Tiers Communication Architecture of BA 12
2. 3 Power Requirements and Data Rates in BANs 19
3. 1 Network Model of BANs 32
4. 1 Flow Chart 44
4. 2 Flow Chart for Confidential Data Forwarding 46
4. 3 Graph Representation of Comparison of Computation Cost at Biosensor Side
52
4. 4 Graph Representation of Comparison of Computation Cost at Base Station Side
54
4. 5 Graph Representation of Comparison of Communication Overhead 55
4. 6 System Design of BANs 56
4. 7 Computational Cost Comparison 65
4. 8 Communication Cost on the basis of Nodes 66
4. 9 Communication Cost on the basis of Security Level 67
4. 10 Proposed Scheme Structure for BANs 68
4. 11 Comparison of Computation Cost at Biosensor Side 78
4. 12 Comparison of Computation Cost at MS Side 79
4. 13 Communication Cost on the basis of Nodes 80
4. 14 Communication Cost on the basis of Security Levels 81
4. 15 Computation Cost at Biosensor Side 90
4. 16 Computation Cost at MS Side 91
4. 17 Communication Cost on the Base of Nodes 92
4. 18 Communication Cost on the Base of Security Level 93
4. 19 Computational Cost at Biosensor Side 102
4. 20 Computational Cost at MS Side 103
4. 21 Communication Cost on the Base of Number Nodes 104
4. 22 Communication Cost on the Base of Security Levels 105
xiv
ACKNOWLEDGEMENTS
I express my utmost gratitude to my advisor Dr. Arif Iqbal Umar on his open
hearted acceptance for carrying out my research work. His keen interest, pushing to
work, overwhelming attitude, timely advice, valuable suggestions, dedication for
early morning coaching and positive approach took me to accomplish this work.
I pay my heartiest thanks to Professor Dr. Habib Ahmad (TI), Dean Faculty of
Science for his loving inspiration, categorical encouragement, cooperation and taking
me to step up in my academic career.
It would be injustice if I ignore the admirable encouragement, assistance,
constructive criticism and cooperation of my colleague and friend Mr. Nizamuddin
in various stages of my research work.
I would like to profusely thank to all my colleagues, staff and students for their
praiseworthy support and assistance, especially Mr. Abdul Waheed and Mr. Jawaid
Iqbal.
I owe a genuine gratitude to all my committee members, Professor Dr. Habib
Ahmad (TI), Dr. Mohsin Nawaz, Dr. Saleem Abdullah and Dr. Bin Amin for their
valuable suggestions and recommendation.
I pay thanks to overall Hazara University management and Higher Education
Commission for providing me the opportunity of my research and academic growth.
At last It is my privilege to pay thanks to my wife and kids for their unconditional
support, care, patience and bearing me out in the tensed and over encumbering
situations.
NOOR UL AMIN
xv
ABSTRACT
The evolution of Body Area Networks (BANs) under the medical health care field is
vital for human survival. Delay less health monitoring and immediate medical
response is the primary objective of the BANs. In BANs, tiny biosensors nodes
deployed on patient’s body sense the health status data of patients and transmit it to
medical server wirelessly via base station for immediate medical response by the
medical officers. Health status information is disseminated on insecure channels
over the network. The battery-operated biosensors are limited in terms of
computation and communication capabilities. As data in BANs is communicated
over wireless channels, so we need to take strong security measures and ensure
secure transmission of critical health status information. Security of sensitive
physiological information and high computation and communication cost are the
challenging issues in resource constraint environment of BANs. Many solutions have
been proposed to cope with these issues but are still either deficient in security or
high in cost. Unluckily, these solutions often plunge to provide acceptable trade-off
between cost and security. Thus, secure and lightweight solutions are crucial as the
existing schemes presented in the literature either suffer with high cost or have
security flaws. Key agreement plays pivotal role in the secure transmission of
information. In this thesis, we have proposed a framework incorporating five
schemes that offer high security with significant reduction in cost. The performance
measurements and security parameters of each scheme are compared with other
existing schemes and IEEE TG6 standard as shown in graphs and tables and it has
been proved that our proposed solutions out perform in all respects. The first
scheme of our proposed frame wok, a lightweight secure authentication and key
agreement scheme for BANs use encrypted for secure node authentication and
key agreement, a shortened form of hash (compressed hash) is used for the integrity
of critical data. Only critical data packets are transmitted instead of transmitting
continuous sensed data, which obviously improves the overall efficiency of the
proposed work. Updating round wise session keys maintain forward and backward
secrecy. Patient Sensor Tracking (PST) feature of our scheme enhance physical
security of the network. In second scheme, the proposed hybrid authenticated key
xvi
agreement scheme for BANs is based on symmetric and elliptic curve cryptography.
In this scheme, dissemination of critical information from sensor nodes to base
station is performed through cluster head. In third, signcryption based key
agreement and cluster head selection for BANs, the session key and cluster head
selection are performed in a single step. The cluster head rotation phase balances the
energy level of the nodes in the entire network. In fourth, an efficient key agreement
scheme based on Hyper Elliptic Curve Cryptosystem (HECC) for the secure
transmission of patients’ health status data to the intended medical specialist. This
scheme is lightweight as compare to other schemes due to the shorter parameters of
HECC. In fifth the proposed novel key agreement scheme based on HECC
signcryption best fit for inters secure communication in the resource constraint
environment of BANs. Shorter key size, low communication and storage overhead
with promising efficiency and security make this scheme superior over other
schemes. Similarly, avoidance of unnecessary use of cluster head in a ward decreases
one hop, which reduces the overall overhead of the network.
Thus, our proposed framework offers the security features; Node Authentication,
Key agreement, Key Update, Patient Sensor Tracking, Message Confidentiality,
Message Integrity, Key Revocation, Forward Secrecy and Backward Secrecy, Data
Freshness, Prevention of Masquerade and Denial of Service with efficiency of
minimal communication overhead and computational cost as compare to the
existing solutions. Thus, the improved security and the significant cost reduction
would make our proposed framework as a best choice for the resource constraint
environment of BANs.
1
Chapter 01
INTRODUCTION
1. Introduction
All living beings have their own importance but there is nothing more important than
the human beings in the entire creatures on the earth, all of them have the right to be
cared and cured properly to stay for long and enjoy all flavours of life with sound
health. Care and cure for long and healthy human survival is of supreme priority. In
this connection, researchers of the modern era opened the gate to a vital research field
with different names of PAN, BSN, BASNs, WBANs and BANs for care and delay less
cure. (Zimmerman & Benton, 1995) is the pioneer of this research field and proposed
WPAN for the first time with the concept of exchange of information on and near the
human body. Soon, both the academia and industry focused the field. As a result IEEE
Task Group-6 developed a standard IEEE 802.15.6 in 2012 specific to BANs for short
distance communication after five years struggle of the engineers of sixty companies (J.
Liu, Zhang, Chen, & Kwak, 2014). BAN is a wireless network of tiny wearable or
implanted health status monitoring biosensor nodes which sense vital body parameters
(patient physiological data) and transmit it to medical facilities for immediate medical
treatment (Sana Ullah et al., 2012)(M. Chen, Gonzalez, Vasilakos, Cao, & Leung,
2011)(Movassaghi, Abolhasan, Lipman, Smith, & Jamalipour, 2014). BANs provide the
economical and smart services of long term health status monitoring without any
constraint on normal activities of life, quick diagnostic, chronic diseases care,
emergency remedy and fast medicines prescriptions (Halteren, 2004)(Korhonen &
Bardram, 2004)(M. R. Yuce, Ng, Myo, Khan, & Liu, 2007)(Poon & Zhang, 2008). On
body biosensors collect patient physiological status data of vital organs like heartbeat
rate and blood pressure values then communicate to controller nodes like smart phone,
PDA or access point (base station) which is linked to external networks like internet.
Medical officers receives online patient health status data regardless of patient location
2
(M. Yuce & Khan, 2011).The schemes proposed for the WSN predecessor of BAN are
not feasible for BANs due to the nature and size of the network. Comprehensive
comparison is shown in Table. 1.1. The existing BANs solutions presented in the
literature have shortcomings of high cost and low security. In this thesis, we propose an
efficient and secure framework for BANs incorporating five schemes to address the
mentioned shortcomings identified in the literature.
Table 1. 1 Comparisons of BANs and WSNs
Comparison Criteria Wireless Sensor Network Wireless Body Area Network
Network Dimensions Few to several thousand nodes over an area
from meters to kilometers
Dense distribution, limited by body size
Topology Random, Fixed/Static One hop or two-hop star topology
Node Size Small size preferred (no major limitation in
most cases)
Miniaturization required
Node Accuracy Accuracy outweighs large number of nodes
and allows for result validation
Each of the nodes have to be accurate and robust
Node Replacement Easily performed (some nodes are
disposable)
Difficulty in replacement of implanted settings
Bio Compatibility Not a concern in most applications Essential for implants and some external sensors
Power Supply and Battery Accessible, capable of changing more
frequently and easily
Difficulty in replacement and accessibility of
implanted settings
Node Lifetime Several years/ months/ weeks (application
dependent)
Several years/ months (application dependent)
Power Demand Power is more easily supplied hence
apparent candidates
Energy is supplied more difficult hence
apparently lower
Energy Scavenging Wind and solar power are most apparent
candidates
Thermal (body heat) and motion are most
apparent candidates
Data Rate More frequently homogenous More frequently heterogeneous
Data Loss Impact Data loss over wireless transfer is
compensated by the large number of nodes
Data loss is considered more significant (may
need additional measures to ensure real time
data interrogation capabilities and QoS)
Security Level Lower (application-dependent) High security level to protect patient information
Traffic Application specific, modest data rater,
cyclic/sporadic
Application specific, modest data rate,
cyclic/sporadic
Wireless Technology WLAN, GPRS, ZigBee, Bluetooth and RF 802.15.6, ZigBee, Bluetooth, UWB
Context Awareness Insignificant with static sensors in a well-
defined environment
Very significant due to sensitive context
exchange of body physiology
Overall Design Goals Self-operability, cost optimization, energy
efficiency
Energy efficiency, eliminate electromagnetic
exposure
1.1 Motivation
Development of sensors brought the world with new technological changes and new
research areas evolvement in this domain. Communication of information through
sensor nodes gave birth to wireless sensor networks. Characteristics, properties and
3
behavior of human body are very dynamic. Sensing its environment and then
transmission amongst sensor nodes unveiled several new exciting life–sustaining BANs
applications of patient health care, patient monitoring and providing medical solutions
wirelessly. The application of BANs will not only speed up the care and cure of patients
but will positively contribute to the economy of the country. Similarly, establishment of
remote patient care and cure BANs medical units where the medical specialist are not
available or out of reach of the people can be a good facilitation and economical for the
people of remote areas. BANs use special purpose biosensors designed to cope with all
dimensions of human body’s sensitivity i.e. pulse, heat, blood pressure, sudden
reactions etc. Sensors designing, development then deployment should be given prime
attention and special features should be added. Tiny, lightweight, wearable, stitchable
and cheap sensors are required to be well equipped with cost effective security for all
health care systems. As data in BANs is communicated over wireless channels, so we
need to take strong security measures and ensure secure transmission of critical health
status information. Security measurements are essentials for BANs as it has distinct
framework than that of implemented for WSNs which are not feasible for BANs.
Serious security challenges like eavesdropping, data modification, impersonation,
replay of data, denial of service may be faced as highly sensitive natured data is
transmitted amongst biosensor nodes. BANs security and information protection has
not been investigated properly in depth before, so it opens a gate for researchers and
provides opportunity of research in this area. In comparison with Generic WSNs, BANs
require such security solutions that would provide high security with minimum
computational cost and communication overhead. The existing
frameworks/techniques/schemes presented in the literature for the secure
communication of health status information in BANs either prone to attacks or
inefficient with respect to cost and overhead. For any secure framework, Key
Management plays pivotal role in the security of communication of information. In key
agreement, either only symmetric key techniques is applied where problems of security
and scalability occur or only public key techniques is applied where high cost is the
4
prime issue. The hybrid approach, which combines both of the techniques but have still
the issues of cost and security. In biometric-based security frameworks for agreeing
upon a common key, the entire feature set is exchanged. This exchanging makes these
perilous for the dissemination of patient personal information, as the information is
transmitted over a vulnerable wireless channel. In TinySec, if key materials revealed
upon compromise of biosensor node due to lack of node capture protection the whole
network is compromised. Hardware based security schemes suffer with shortcoming as
it leads to platform dependency and not all biosensor nodes present hardware-based
security. Even though several variations of ECC based frame works has been proposed
but still needs improvement in the way implemented in BANs and as well not
economical as that of required for the system. IEEE 802.15.6 standard (“Association,
T.I.S.: IEEE P802.15.6-2012 Standard for Wireless Body Area Networks.
http://standards.ieee.org/findstds/standard/802.15.6-2012.html,” n.d.) specifically
developed for BANs consists of three levels of security between sensor nodes and BS.
The security services concentrate on key generation and key distribution along with
message authentication using Diffie–Hellman key exchange technique but faces security
issues and high cost that need to be rectified. Similarly, the schemes(D He, Chan, &
Tang, 2014),(Drira, Renault, & Zeghlache, 2012),(Y. S. Lee, Alasaarela, & Lee, 2014) fail
in providing the reasonable trade-off between security and cost.
The physical security of patients and biosensors is also an important issue needed to be
properly addressed. Mostly solutions offer continuous transmission of health status
information which are very costly and health status should only be disseminated if the
nature of the sensed information is critical and require immediate medical response.
Therefore, the research gaps identified need to be filled by designing a secure and cost
efficient framework for the resource constrained environment of BANs which should
not only address the security problem but should also address the issue of high
computation and communication cost identified in the preceding schemes.
5
1.2 Research Problem
Secure and authentic communication of critical health status data between patients and
medical officers is the addressable key issue in the vulnerable and resources constraint
environment of BANs. Therefore, a secure and cost efficient framework is unavoidable
to be designed in the way to cope with security issues of BANs, along with minimal cost
and overhead affordable by the tiny biosensor nodes. Minimal computation and
communication cost and high security are the major concern of our work.
1.3 Research Questions
Communicating patient’s data over unreliable wireless channels is always a security
risk that needs to be rectified in form of designing cost efficient and secure BANs
framework as no proper framework for Body Area Networks has been yet developed
which could provide the entire system with several addressable dimensions of
appropriate security, cost and overhead for the dissemination of health status
information. The design of an efficient and secure framework for BANs is unavoidable.
The key agreement plays an important role in the secure transmission of information. In
this connection the relevant literature is reviewed and the following research gaps have
been identified and are presented here in the form of research questions.
How to design lightweight authentication and key agreement scheme for BANs?
How to design authenticated key agreement for secure BANs based on hybrid
cryptosystem?
How to design a signcryption based key agreement and cluster head selection for
BANs?
How to design efficient key agreement for BANs based on hyper elliptic curves?
How to design a novel key agreement scheme for BANs based on hyper elliptic
curves signcryption?
1.4 Proposed Solution
We propose an efficient and secure framework for BANs consisting five schemes to fill
the research gaps identified in the relevant literature and appropriately address the
6
mentioned research problem. We will focus on the key issues of BANs security and
performance. We will add more security features to improve the security and minimize
the computational cost and communication cost/overhead. This will make our solution
secure and light weight. Apart from it, we will disseminate only critical data of a patient
instead of continues sensed data to decrease the overall overhead of the network.
Patient Sensor Tracking (PST) feature of our framework will enhance physical security
of the network.
The proposed solution incorporates five schemes that will be compared with
existing schemes on the basis of cost and security parameters. In first, a
lightweight secure authentication and key agreement scheme for BANs where
we use encrypted for secure node authentication and key agreement, a
shortened form of hash “compressed hash ( ) “is used for the integrity of
critical data. Updating round wise session keys maintain forward and backward
secrecy.
In second, the proposed hybrid authenticated key agreement scheme for SBANs
is based on symmetric and elliptic curve cryptography that combines both the
best features of symmetric and asymmetric key cryptography. In this scheme,
dissemination of critical information from sensor nodes to base station is
performed through cluster head.
In third, signcryption based key agreement and cluster head selection for BANs,
the session key and cluster head selection is performed in a single step. The
cluster head rotation phase balances the energy level of the nodes in the entire
network.
In fourth, an efficient key agreement scheme based on hyper elliptic curve
cryptosystem for the secure transmission of patient health status data to the
intended medical specialist. This scheme is lightweight as compare to other
schemes due to the shorter parameters of .
In fifth the proposed novel key agreement scheme based on signcryption
best fit for inter secure communication in the resource constraint environment of
7
BANs. Shorter key size, low communication and storage overhead with
promising efficiency and security make this scheme superior over other schemes.
Similarly, avoidance of unnecessary use of cluster head in a ward decreases one
hop that reduces the overall overhead of BANs.
All of the five schemes of the proposed framework offer improved security and
minimal cost as compare to the existing schemes shown the tables and graphs.
8
Proposed Framework Overview
9
1.5 Research Objectives
The deliverable of this dissertation is the design of secure and cost efficient framework
for secure and authentic communication of critical health status data between patients
and medical officers in the vulnerable and resource constraint environment of body
area networks in such a way to cope with security issues of the networks with minimal
cost and overhead appropriate for the tiny biosensor nodes.
1.6 Research Scope
The scope of this research dissertation is limited to the design of efficient and secure
framework for Body Area Networks to disseminate secure and authentic critical health
status information of patients to the medical officers with minimal cost and protection
from possible attacks of the miss users.
1.7 Thesis Organization
Chapter 1 consists of introduction, motivation, research problem, proposed solution
and objective. Chapter 2 provides background study and detailed literature reviewed.
Chapter 3 consists of material and methods, basic formal models, security parameters
and cost analysis parameter. Chapter 4 consists of proposed solution result and
discussion. Chapter 5 concludes the thesis and presents some possible future directions
10
Chapter 02
BACKGROUND STUDY
2. Introduction
Background study consists on the basic concepts of BANs, its infrastructure,
applications, laws, data rates, security methods in BANs standards, requirement of
economical health solutions and related work.
2.1 BANs Basic Architecture
Sensors deployed on human body collect sensed data, process sensed data,
communicate it with each other or directly transmit information to Base Station (BS).
Base station consists of processor units, high memory with computational power; used
to connect all sensors deployed on body and interact with external nets. External net
composed of medical servers where patient data is stored and other emergency
response services. Medical doctors/physicians access the servers for generating medical
reports of the patients as and when required.
Common architecture of a BAN as:
Biosensor Nodes
Base Station
Medical Server
2.1.1 Biosensor Nodes
Biosensors are small, low power and light weighted devices, which are deployed and or
implanted in the human body to sense physiological status of human vital organs.
Biosensors are directly connected to the BS. In addition, base station is connected to the
medical server. Sensors are able to sense data, process data and transfer data to the
medical server for diagnoses, analysis and emergency medical response. Sensor
hardware contains tiny processor, small size memory, power unit, and transceiver.
Most widely used sensor motes in sensor networks are given in the following table with
11
their specifications. The tiny low-power wireless biosensor nodes are used in BANs to
gather health status biomedical information for numerous applications in medical
centers, homes, and work places (Zhen, Kohno, & Li, 2007), (Otto & Milenkovic, 2006),
(Seyedi, Kibret, Lai, & Faulkner, 2013), (Latré, Braem, Moerman, Blondia, & Demeester,
2011).
2.1.2 Base Station
Base station (also called gateway) can be a smart phone, access point, computer, or PDA
and have no constraint of resource such as memory, processing power and energy. BS
collects medical data from biosensors and sends it to medical server for diagnoses and
analysis. Medical officer checks the database of patient in medical server and performs
immediate action on the spot. The hardware component of a BS is memory, power unit,
and transceiver. BS is also called body gateway, Body Control Unit (BCU).
2.1.3 Medical Server
Medical server is a database that stores medical records of patients. The health status
information sensed by the biosensors are transmitted to medical server via BS for
analysis. The medical officers respond the patient on the basis of the medical record
received from the server. This record can also be used for future reference.
12
Fig.2. 1. Data flow in BANs
2.2 Three Tiers Communication Architecture of BANs
The three tiers communication architecture of BANs is as:
Tier-1: Intra-BAN, Tier-2: Inter-BAN and Tier-3: Beyond-BAN
Fig.2. 2. Three Tiers Communication Architecture of BANs
13
In Fig.2.2 all BANs devices are spread over the body in a centralized manner, however
the exact setting is application specific (Domenicali & Benedetto, 2007).
2.2.1 Tier-1 Communication
Tier-1 illustrates the network connectivity of biosensor nodes and the communication
range within a BAN, between the BANs and its other tiers. In Tier-1, variable biosensors
are used to transmit the sensed body data to personnel server in Tier-1 and then
transmitted to access point located in Tier-2.
2.2.2 Tier-2 Communication
The prime aim of Tier-2 is the interconnection of BANs with cellular networks or
internet accessible by the intended user (M. Chen et al., 2011).
2.2.3 Tier-3 Communication
This communication is designed for Metropolitan Area Network, WAN and Internet.
Gateway/BS is used to bridge the connection with Tier-2 (Latré et al., 2011).In this tier
medical servers are used for recording medical history and intimation to the doctors on
his smart phone about the emergency treatment.
2.10 Different Forms of Sensors
Various frame works are proposed for wireless sensor networks in health care. There
are variety of architectures and models being proposed for WSN implementation in
healthcare. The scheme proposed in (D He et al., 2014) is for achieving secure
transmission of data and access control for medical sensor networks. The framework
(Misra & Islam, 2014) focuses the transmission challenges of nano networks and
proposed an architecture of green body area networks. Different types of biosensor
nodes can be deployed depending on the nature of application these can be in wearable
form, implanted form and emplaced form.
2.10.1 Wearable Form
1. Pulse Oximeter: This wearable biosensor in the form of a ring is applied for the
measurement of the saturation level of oxygen in blood. A wearable PPG
14
(photoplethysmographic) biosensor in the form of a ring has been developed. The pulse
oximeter designed in (Crosby, Ghosh, Murimi, & Chin, 2012)(Shnayder, Chen, Lorincz,
Jones, & Welsh, 2005) (Darwish & Hassanien, 2011) integrates micro power oximeter
with biosensor platform Micaz or Mica2.
2. ECG (Electrocardiography): This sensor is utilized for the diagnosis of heart
abnormalities and reporting. The ECG sensor use two electrodes for producing ECG
signal and is supported by platform of Mica2.
3. Smart Shirt : Smart shirt is designed to monitor different activities of body include
capturing and forwarded to ad hoc network through 802.15.4 standard(Varshney, 2007).
4. Wrist Watch : A wrist watch monitors blood pressure, temperature, pulse rate .It has
8MHz processor, 10KB RAM, radio transmission range 100m using Zigbee (Welsh &
Berkeley, 2005)
2.10.2 Implantable Form
1. Glucose Monitoring: Glucose Monitoring is an implantable biosensor covered in
abdomen multilayered membrane of the subcutaneous tissue. It records glucoses level
every 30 seconds and transmit the recorded data every five minutes.
2. Neural Stimulators: Neural stimulators are used for the treatment of Parkinson’s
disease, epilepsy and chronic pain by passing the electrical impulses to spinal cord or
brain(Ko, Lu, & Srivastava, 2010).
3. Artificial Retina: The artificial retina with retina prosthesis chips implanted in human
eyes for the patients visually impaired or with no vision, which make the patient to see
at a reasonable level.
4. Swallowable pills: BANs based swallowable capsule pills for inner examination with
good quality of video and energy efficiency(Wang, Wang, & Zhao, 2014).
2.10.3 Emplaced Form
1. Smart chair: This sensor detects and measures the heart rate and produce cardiac
outputs with interface to body networks. It also senses the environment for monitoring
15
humidity, temperature motion and sound. Seamlessly, manages data reports and the
presence of patient.
2. Pressure sensitive bed: Physical recovery of patients after surgery is unavoidable
process. The designed framework in form of pressure bed for monitoring physical
therapy and evaluation of required patient exercise is analyzed.
3. Motion sensors: This low cast sensor interfaced with MicaZ node forward the
processed and track the human in rooms of the smart hospital by wireless network.
Diagnostic starts with a simple button and LED interface(Virone, Wood, & Selavo,
2006).
2.3 Requirement of Economical Health Solutions
Three major challenges due to population growth are raised in health care costs, rise in
life expectancy that leads to aging population and baby boomers demographic peak
(Zimmerman & Benton, 1995) (J. Liu et al., 2014). Life expectancy in Australia and USA
has risen from 1960 to 2010, 70.8 years to 81.7 years in 2010 and 69.8 to 78.2 years
respectively with average increase 13.5%1. Pyramid in Fig. 2.3 shows that in 2050 the
number of people ranging from 60 to 80 years old is estimated to be almost double than
the year 2000. This increase will overburden health care system and can become an
unavoidable threat to US economy and health care expenditures could reach 20% of the
GDP in 2022.The significant increase is noted in health care expenditures as in 1980
from 5 billion to 1.85 trillion in 2004 and $4 trillion in 2015.These statistics and drastic
raise in health care expenditures attracted the researchers, economists, industrialists to
propose economical and scalable health care solutions(Movassaghi et al., 2014).Heart
disease is the prime reason of death in Europe and US since 1900.Twenty two million
people are affected in the world, one million in US and 10 million in Europe(Cleland et
al., 2003) (Disease, Every, & News, 2015) (“Heart Failure Fact Sheet|Data &
Statistics|DHDSP|CDC,” n.d.).The increase is expected to be triple by 2020. The ratio is
39% in UK and 17% in south Korea(Sana Ullah et al., 2009) (Borger et al., 2006).
16
2.4 Infrastructure-based architecture
This facilitates the dynamic deployment architecture in a limited space like a medical
center with centralized security control.
2.5 Adhoc- based Architecture
This setup consists on multiple APs for transmitting information inside the medical
centre in mesh form. It provides larger radio coverage, easily expandable and support
patient mobility due to multi-hop dissemination. It supports up to 100 meters range of
communication (M. Chen et al., 2011).
2.6 BANs Laws
The privacy of sensitive health status information is mandatory and countries like USA,
Europe and China have passed law and access to these sensitive information are
protected by law, HIPAA(Health Information and Portability Accountability Act) USA
(Hash et al., 2005), 2002/58/EC the European Union Directive in Europe(Parliament.,
n.d.), China Medical Practitioners Law(H. Cam, S. Ozdemir, P. Nair, 1999). We propose
the likewise Law/Act should be passed in Pakistan for keeping the privacy of sensitive
health status information of patients to block the illegal access to such information.
2.7 BANs Applications
The BANs applications are categorized as medical and non-medical (Kwak, Ullah, &
Ullah, 2010). The prime application of BANs appears in the health care domain where
vital parameters or physiological status of patients is continuously monitored and
recorded for the patients affected by chronic diseases like heart attacks, asthma and
diabetes. The vital information sensed by the sensor is forwarded to monitoring units
for analysis. The BAN wirelessly transmits alerts about the changes in the vital signs of
patient before occurrence of heart attack for delay less remedial measurements by the
medical doctors. Similarly, the auto injection of insulin upon the decreasing level of
insulin through a pump in diabetic patients is useful application of BANs. In any critical
17
situation of a patient, the corresponding medical specialist is alarmed for immediate
medical response.
As medical domain is the major application of the BANs where the vital signs as blood
pressure, heart rate, ECG, EEG, respiratory rate and temperature are measured through
by body sensors and forwarded to the relevant persons for the analysis table 2.1 shows
the details. The use of medical technology will not only speedup the patients care and
cure but will also reduce the treatment errors and decrease in workload(Healey &
Picard, 2005)(Kurs, Karalis, Moffatt, & Joannopoulos, 2007). Various new BANs
applications like Emergency Medical Response Centers (EMRC) where short term
BANs medical units can be deployed at disaster points for transmitting the status of
injured people to remote care centers well in time to save the life, UHM, Computer
Assisted Rehabilitation (CAR) and promotion of healthy living style. In UHM the BANs
free patients from the frequent hospitals visits and reduce the dependency on the
specialist medical doctors in health care and cure. The cost effective health care and
cure centers are required to be developed and especially for the countries where
shortage of medical centers and specialist doctors is at peak (M. Chen et al., 2011).
BANs have also its importance in the non-medical applications like sports, military and
social networking. For example, in sports BAN collect body movements’ coordinates of
different organs and transmit for the analysis of referees. In military, the vital organs
can be tested during test flights of the trainee pilots and the recorded body information
are transmitted to earth base station for record and decision-making. In social network,
business card or digital profile can be exchanged just by handshaking. Comprehensive
applications shown in table 2.1 (Latré et al., 2011).
Table 2. 1 Applications
Type of Sensor Medical Condition Descriptions
Accelerometer/gyroscope Muscular atrophy Faculty postures and movements
Blood Pressure Diabetes Blood glucose levels post perfume an fasting
Blood Pressure Cardiac, hypertension Non invasive systolic, diastolic and various pressure
CO2 gas sensor Pulmonary, Asthma Carbon dioxide and oxygen content in the blood
18
ECG sensor Cardiac arrhythmias and other abnormalities
Electrical activity of the heart
EEG sensor Neurological Electrical activity of the brain
EMG sensor Neuromuscular abnormalities
Electrical activity in response to a nerve’s stimulation of the muscle
Pulse Oximetry Cyanosis Oxygen delivery to the peripheral tissues
Retinal Sensor Ophthalmological problems Chemical, nerve, cell level observation
Cochlear Sensors Ear disorders Ear effusions and perfusions
Endoscope: 1 Mbps Gastric abnormalities Ulcers in the gastric pathway
The implementation of BANs becomes a primary need of our country which will not
only speed up the care and cure of patients but will positively contribute to the
economy of the country. Similarly, establishment of remote patient care and cure ‘BANs
medical units’ where the medical specialist are not available or out of reach of the
people can be a good facilitation and cheap treatment solution for the people of remote
areas.
2.8 Data Rates and Power Requirements
The limited power supply is the countable constraint towards the BANs. Fig. 2.3 depicts
the BANs comparison with other technologies with respect to data rats and requirement
of power. The data transmission rate of sensor nodes in BANs is 1Kbps to 100 Mbps
(Dong & Smith, 2012). The data rates and power requirements vary in body area
networks while using different technologies as shown in fig.
19
Fig.2. 3. Power Requirements and Data Rates in BANs
2.9 Security Methods in BANs Standards
The developers presented four communication standards for wireless sensor
networks(Staderini, 2002)(X. Zhao, Fei, & Doarn, 2004)(Wheeler, 2007) Bluetooth
(802.15.1) (“IEEE Std 802.11-2012 (Revision of IEEE Std 802.11-,” 2012), UWB(802.15.3)
(“IEEE Std 802.15.3c-2009 (Amendment to IEEE Std 802,” 2009), Zigbee
(802.15.4)(“Approved IEEE Draft Revision for IEEE Standard for Information
Technology-Telecommunications and Information Exchange Between Systems-Local
and Metropolitan Area Networks-Specific Requirements-Part 15.4B: Wireless Medium
Access Control (MAC) and Physical ,” 2006) and specific BAN standard(802.15.6).
Security issues of these standards are highlighted one by one.
2.9.1 Bluetooth 802.15.1 Security
In this standard, the security of the link layer is maintained by various entities as: a
random number, a unique public address for each user and two secret keys. The link
key or initialization key is used at the time of initialization in case unit keys are not
defined and exchanged or in case of lost of link key. The function of the initialization
key is to protect the transfer of initialization parameters. Random number and PIN code
or the unique public address is used for key derivation. Generating the initialization key
20
using fixed PIN code has the limitation and can be easily attacked by brute force attack
and all body sensors in BANs don’t have interface to enter code and is impractical. This
solution is not feasible for BANs.
2.9.2 UWB 802.15.3 Security
Ultra Wide Band (UWB) provides no security or strong cryptographic techniques for
the communication of information. No security means that device works without any
cryptographic functions on MAC frames. Device operating in secure mode use
symmetric cryptography to protect frames. AES 128 bit is applied to secure data frames,
beacon and command. Replay attack on old data is blocked by including strict
increasing time token in the beacon. A device rejects a received beacon if the token time
is not matched. The limitation of UWB standard is lack of details for non-repudiation
and authentication.
2.9.3 Zigbee 802.15.4 Security
Symmetric key cryptography technique is used in (“Approved IEEE Draft Revision for
IEEE Standard for Information Technology-Telecommunications and Information
Exchange Between Systems-Local and Metropolitan Area Networks-Specific
Requirements-Part 15.4B: Wireless Medium Access Control (MAC) and Physical ,” 2006)
Zigbee comprised on eight security levels. In symmetric cryptographic mechanisms of
Zigbee two most important aspects of key generation and distribution are not
considered. It strongly relies on the selection of security attributes.
2.9.4 IEEE 802.15.6 Security
The BANs researcher use upper mentioned these standards frequently but they are not
suitable for BANs due to not keeping fully under consideration the resource constraints
and requirement of security. Keeping in view the resource constraint of BANs the task
group 6 (TG6) developed 802.15.6 specifically for BANs. It can be used both for medical
and non-medical applications (S. F. Qadri, Awan, Amjad, Anwar, & Shehzad, 2013),
after the draft IEEE 802.15----006 (“IEEE Standards Association - Documents,” n.d.)
mentioning three levels of security between sensor nodes and BS. These levels include
21
unsecured level, authentication level and authentication and encryption levels. The
security services concentrate on key generation, key distribution along with message
authentication. Diffie –Hellman key technique is used for the generation and
distribution of keys, MAC for message authentication and AES for ciphering.
Table 2. 2 Protocol Security Comparison
Protocol Confidentiality Integrity Non-repudiation Authentication Authorization
Bluetooth Yes No No Yes No
Zigbee Yes No No Yes No
TG6 Yes Yes No Yes No
Discussion: the security technique in the first three standards did not fully meet the
BANs requirement and the TG 6 has fulfilled the security requirement to some extent
while keeping the resource constraint of BANs. But still didn’t address all the security
requirement and the threats are not fully resolved as shown in table (S. Qadri, Awan,
Amjad, Anwar, & Shehzad, 2013)
2.11 Related Work
This literature review presents the thematic review of key management techniques in
Wireless Body Area Networks. Although a number of security approaches have been
proposed for WSNs and MANETs as(Du, 2005)(W. He, Huang, Sathyam, Nahrstedt, &
Lee, 2009)(S. Zhao, Aggarwal, Frost, & Bai, 2012) but these approaches can’t be applied
directly to the BANs due to the operational and security challenges of the WBANs.
Body sensors have its unique limitations than that of other wireless network,
particularly limitation of processing, memory, battery power and short range of
transmission. In (Du, 2005)random key solution is a prominent class of key agreement
WSNs protocols. Each sensor node shares at minimum one key with its neighbor
referred as key- sharing probability. Similarly, a number of keys are exchange to
establish pair wise key between sensors. This solution has a large number of keys each
sensor has to preload which leads to penalty of high cost and overhead definitely
infeasible for resources constraint BANs. Similarly (W. He et al., 2009) a self-contained
22
public key infrastructure (PKI) and in (S. Zhao et al., 2012) a special case of PKI, identity
based cryptography solution is proposed to overcome the weakness’ of PKI for the ad
hoc networks. However, these schemes are bulky and vulnerable to Denial of Service
(DoS) attacks. A non-cryptographic solution BANA(L. Shi, Li, Yu, & Yuan, 2013) for
sensors authentication has been proposed where RSS is used to identify legal and illegal
sensor nodes. While being non-cryptographic approach as off body attacker can easily
forge in to network by creating a perfect channel. A need of lightweight authenticated
cryptography solution is demanding to block such type of attacks and provide security
to BANs. In (Selimis et al., 2011) a hardware based design solution is proposed for the
security of BANs where light weight micro-controller is used to save energy. Patients’
data is communicated using TDMA-MAC in system layout. This approach is evaluated
on the basis of energy overhead. This hardware base solution could be expensive and
the issue of energy overhead can be tackled by efficient cryptographic technique. The
proposed scheme (T. F. Lee & Liu, 2013)using password based smart card authenticated
key agreement for telecare medicine but its design shortcoming identified by (A. K. Das
& Bruhadeshwar, 2013) is password and authentication change phase. In (Daojing He,
Chan, Zhang, & Yang, 2014) packets received by each sensor is decrypted and hash is
applied that leads to clear increase in computation cost. All propose security schemes
are analyzed and it was felt that still there is gap which could be filled by introducing a
novel framework fulfilling the design requirement of the resources constraint tiny body
sensors along with addressing security parameters and resistant to adversaries attacks.
A review of the state of the art in different security schemes like Biometric, TinySec,
IEEE 802.15.4 Security, ZigBee Security Services, Hardware Encryption, Elliptic Curve
Cryptography, Identity-Based Encryption has been made.
2.11.1 Symmetric Key Agreement
In Symmetric key agreement, a common secret key is shared between two parties both
for encryption and decryption of patient physiological status information while at the
other hand asymmetric or public key cryptographic techniques use two keys for the
23
same purpose instead of one common secret key. Symmetric technique is preferred due
to its cost effectiveness but key exchange between nodes is addressable issue.
Asymmetric technique addresses the issue of secret key exchange but on the price of
high cost. AES (Information, 2001), DES are the most popular symmetric cryptosystems
(Grabbe, 1992). Eight distinct security suites (Sastry & Wagner, 2004) which can be
implanted under IEEE 802.15.4 standard can be classified into two modes called
unsecure and secure modes. In unsecure mode security suit is selected. Further, these
security suits are classified on the basis of security properties of each suit. (AES-CTR)
provides only confidentiality, (AES-CBC-MAC) provides authentication, (AES-CCM)
provides confidentiality and authentication. AES (Information, 2001) consumes less
energy as compare to other techniques. CBC-MAC details can be found in (Garnaut,
2012). A hardware based encryption techniques ChipCon 2420 is proposed instead of
tinysec software encryption technique with zigbee compliant RF transceiver. This
hardware based CC2420 executes security operation of IEEE 802.15.4 with AES
encryption using 128 bits key.
Hardware based encryption has been implemented in a project WBAN using Zigbee
platform off- the- shelf (Warren et al., 2005). A comprehensive study (Khan, 2009)
highlight the project including mobi- health, code blue for patient monitoring in a
hospital set up. These BSN techniques offer unobtrusive patient health monitoring and
communicate status updates to the center. AES is applied for maintaining security. In
this paper different security systems have been discussed and the security issues have
been highlighted and no new security framework is proposed. The SPINS protocol suit
(Perring et al., 2002) developed earlier using symmetric cryptography that offers
authentication and confidentiality. This suit consists of two protocols, μTESLA for
broadcast authentication and SNEP for authentication confidentiality. These are generic
schemes and the BAN security requirements are not specifically addressed.
Conventional public key cryptography is not feasible for the resources constraint
environments of BANs.
24
ALARM-NET developed for the pervasive and adaptive assisted-living community
healthcare (Wood, Virone, Doan, & Cao, 2006) . AES symmetric cipher is used for the
encryption of patient data to be transmitted. This paper focuses on content aware
privacy, IP network security and power management. A link layer suit of tiny OS is
used for the security of sensor data. This paper has ignored key management and the
possible attacks of the BANs. The IM3 project designed for the patients care includes
BAN, back- end server and external network (Singelée, Latré, & Braem, 2008). Each
BAN transmits patient data to base station. The base station forwards this data to
medical server through external network. In this paper, secure routing and CICADA
protocol is focused. AES cipher is used for encrypting the sensor data using
authenticated mode GCM or CCM for both authentication and confidentiality. The
technique suggested is heavy on the sensors with respect to computation, thus low cost
technique is required. In large scale sensor networks pre-shared symmetric key schemes
are used (D. Liu, Ning, & Li, 2005)(Eschenauer & Gligor, 2002). A common secret key is
derived using pre-loaded shared key. The exact sensor should be associated with
patient due to wireless range overlapping. Extensive computation is required on
replacing of the group key upon changing of the membership.
2.11.2 Asymmetric Key Agreement
Asymmetric or public key cryptosystem use two keys i.e. (private and public) for both
encryption and decryption. The pair of keys initially assigned to the communicating
nodes by CA. If a node wishes to communicate with any other node in the network first
consult public directory to get public key of the target node, upon receiving the data, it
decrypts the data with its private key which is the sole property of this node and not
accessible by any other node in the network. Asymmetric key management solves the
problem of secure key distribution as is identified in the symmetric cryptosystem but
with the tradeoff of cost. Asymmetric cryptosystem include Diffie-Hellman, RSA, ECC,
IBE, and HECC. ECC is a feasible option for public cryptography in WSNs. The
prominent reason behind its comparison with other asymmetric cryptosystems is small
25
key size, fast communication and compact signature that are suitable for the resource
constraint environment. Several ECC base contributions have been presented for WSNs.
The proposed scheme MAACE (Le, Khalid, Sankar, & Lee, 2011) designed for health
care WSNs. this is an ECC based scheme which provides access control and mutual
authentication to medical experts for BSNs. This is a three-layered scheme compressing
of (SN) sensor to network layer, (CN) coordination network layer and (DA) data access
layer. CN (cell phone etc) receives data from SN and then forward it to DA. The plus
point of this scheme is that it can block some real time attacks like DOS attacks but still
suffers with security flaw of patient privacy of data. As is (D. J. Malan, Welsh, & Smith,
2004) where ECC was implemented on Mica2 sensor mote with the support of TinyOS.
Similarly in (Uhsadel, Poschmann, & Paar, 2007) an efficient implementation of ECC is
proposed. In (A. Liu & Ning, 2008) another variation of ECC called TinyECC is
proposed for WSNs. Its main objective was to introduce ECC based PKC software
package for WSNs applications. The proposed technique NanoECC (Szczechowiak,
Oliveira, & Scott, 2008) is faster than ECC but required large size of ROM and RAM.
Although different variation of ECC base cryptosystems have been presented but still is
not feasible for BANs as it is used and energy efficiency is not as that of symmetric
system and improvement is needed. IBE security solution (Oliveira, Dahab, Lopez,
Daguano, & Loureiro, 2007) proposed for WSNs. In (William, Tan, & Wang, 2008) IBE
solution for BANs where nodes computes public keys using hash function on an
arbitrary number of application based self generated flash memory is used for storage
of keys and keys are applied for ECC encryption/decryption using ECDSA. The
demerits of this scheme are high computation cost, high energy overhead due to higher
processing time and increased storage overhead due to higher storage requirement
using flash ROM. Identity based key management technique (Sankaran, Husain, &
Sridhar, 2009) IDKEYMAN for BANs has been proposed. The design of the proposed
scheme is based on publisher subscriber architecture in the same way of CodeBlue (D.
Malan, Fulford-Jones, Welsh, & Moulton, 2004). To preserve data confidentiality and
integrity pair-wise symmetric keys are setup. Publisher and subscriber exchange pair-
26
wise symmetric keys using IBE. Symmetric keys are applied for all subsequent
communication to reduce computation cost. IDKEYMAN gets the advantage of the
security strength of asymmetric cryptosystem with minimization of energy overhead by
taking the advantage of IBE in the bootstrapping phase. In scheme (Singh &
Muthukkumarasamy, 2011) the proposed scheme is based on authenticated and shared
group key for multiple devices. They proposed RSA algorithms that may not be a
suitable choice for the key establishment due to its large key size. Although ECC has
been successfully implemented in several variations, it is still not a top choice for BAN.
This is because its energy requirements are still significantly higher than symmetric
systems. This being the case, others have proposed that ECC be implemented only for
infrequent and security-sensitive operations such as key establishment during the initial
setup of the network or code updates. In line with this thinking, Malasri et al. (Malasri
& Wang, 2007) proposed a solution for medical sensor networks that uses: (i) an ECC-
based secure key exchange protocol to set up shared keys between sensor nodes and
base stations, (ii) symmetric encryption and decryption for protecting data
confidentiality and integrity, and (iii) an authentication scheme for verifying data
source.
2.11.3 Biometric Key Agreement
The schemes based on biometric solutions use bio channels for key distribution. All
body sensors are interconnected through bio channels and are used for keys exchange.
Out of these channels, any bio channel can be borrowed for key agreement. Several
schemes use biometrics for generating keys.
In scheme inter sensor data communication of BANs (Cherukuri, Venkatasubramanian,
& Gupta, 2003). In scheme (K.K. Venkatasubramanian, Venkatasubramanian, Banerjee,
& Gupta, 2008)(Krishna K. Venkatasubramanian & Gupta, 2010)(Ali & Khan, 2010) EKG
is used physiological measure for generating cryptographic keys for inter sensor secure
data transmission. Similarly in (Irum, Ali, Khan, & Abbas, 2013) the security of intra-
BAN communication is maintained by generating cryptographic key using EKG. The
27
EKG values of human body (Pdf et al., 2013) are used for generating cryptographic keys
to secure cluster formation process and intra-BAN communication. EKG values are
calculated first by the communicating sensors that exchange these values for the
generation of common secret keys. The authors of (Jinyang Shi, Lam, Gu, Li, & Chung,
2011) obtain common key for patient data communication by using set reconciliation on
ordered set representation of EKG data. The same concept of set reconciliation is
represented in (J Shi, Lam, Gu, & Li, 2010) for unordered set of biometric values. To
avoid synchronization problem the set is divided into time slots. The schemes (Sastry &
Wagner, 2004) (Garnaut, 2012) which are based on set reconciliation don’t use peak
values in the EKG signals and use the whole EKG signal which results in reducing the
randomization of the generated key.
The merit of using biometrics for generating cryptographic keys includes time variation.
The keys generated through time variant values are extremely random (Krishna K.
Venkatasubramanian & Gupta, 2010) (Ali & Khan, 2010)(Orlitsky, 1991). Biometric
based schemes suffer with the problem of random keys generation using biometric
system and the reason is the dynamicity of multiple nodes. The biometric key exchange
technique for BSN secure communication between body sensors and BS (G. Wu, Yao,
Liu, Yao, & Wang, 2011) use ECG signals for generating keys before to transmit
physiological status data to the external network. This scheme satisfies basic security
parameters but its main limitation is that obtaining exactly the same random signal
from two biological signals is very difficult.
According to (Ruhul Amin & Biswas, 2015) many other biometric based authentication
and key agreement techniques(Ruhul Amin, 2013) (R Amin, Maitra, & Giri, 2013)
(Ruhul Amin, Bengal-, & Rana, 2013) (Bhargav-Spantzel et al., 2007) (AK Das &
Goswami, 2013) (A. Das, 2011) (A. Das, 2011) (Islam & Biswas, 2011) (Khan, Kumari, &
Gupta, 2014) (Khan & Zhang, 2007) (Kumar, Gupta, & Kumari, 2011) (S Kumari &
Gupta, 2014) (Saru Kumari, Khan, & Kumar, 2013) (S Kumari & Khan, 2014b) (S Kumari
& Khan, 2014a) (Saru Kumari, Khan, & Li, 2014) (S Kumari, Khan, Li, & Wu, 2014) (C.-T.
28
Li & Hwang, 2010) (X. Li, Niu, Ma, Wang, & Liu, 2011) have been proposed but still
have security loopholes. The author of (Ruhul Amin & Biswas, 2015) presented a novel
architecture and user authentication with key agreement scheme for accessing multi
medical server. Formal and informal security analysis is done. However this technique
satisfies the basic security parameters but is complicated and need to be reduced. The
scheme (Guo & Chang, 2013) consists of four phases that includes parameter
generation, registration, password change and authentication phase. In this scheme, the
malicious server can determine the session key in advance due to violation of the
contributory property of key establishment. The scheme presentation (T.-F. Lee, 2013) is
based on chaotic maps. In this scheme, the session key is refined and does not need
symmetric encryption/decryption. Hence, the malicious user will not be able to
determine the key in advance. According to (Xu et al., 2013) a number of schemes (H.-
M. Chen, Lo, & Yeh, 2012)(Cao & Zhai, 2013)(Z. Y. Wu, Lee, Lai, Lee, & Chung,
2012)(Debiao, Jianhua, & Rui, 2011)(Wei, Hu, & Liu, 2012)(Zhu, 2012) (Jiang, Ma, Ma, &
Li, 2013)(Lin, 2013)(Xie, Zhang, & Dong, 2013) for telemedicine information systems
have been proposed for secure authentication and key establishment in last few years.
The scheme design in (Xu et al., 2013) is based on ECC and resists some common
attacks. The authors proposed PSKA mechanism in (Krishna K. Venkatasubramanian,
Banerjee, & Gupta, 2010) where the physiological signal capturing time is kept minimal.
In this scheme vault (Juels & Sudan, 2006) is used for the key establishment and vault is
locked and unlocked using physiological data. The limitation of the scheme is that the
contents of vault are not secure if a sensor node is stolen or lost. For Appling this
scheme physical security is mandatory.
The authors of (Challa, Çam, & Sikri, 2008)(Bao, Poon, Zhang, & Shen, 2008)(Ali, Irum,
Kausar, & Khan, 2013) rely on physiological signal of human body like blood flow,
heart rate interval and EEG to achieve a pair wise symmetric key for subsequent secure
communication of patients’ data. Here, they suppose that each body sensor measure the
same physical health parameter type. This assumption restricts these solutions to be not
feasible for many BAN applications. In (Ali et al., 2013), the authors have proposed the
29
application of HMAC-MD5 on ECG blocks to obtain the key agreement; however, MD5
is not suitable in collision resistance. Asymmetric cryptography approaches have been
proposed to assure the BANs security. In (Malasri & Wang, 2009) the authors have
proposed ECC based setup of keys between body sensors and the gateway. Block cipher
RC5 is proposed for the confidential flow and integrity of patients’ physiological data.
However, this approach is inefficient in computational cost and has delay problem due
to use of asymmetric cryptosystem. The (Malasri & Wang, 2009) reported the ECC
based key agreement that takes 7.198 seconds on a Tmote Sky mote which require
MSP430 16-bit, 8-MHz processor. Inter pulse interval or heart rate variance can be used
for generating random numbers the scheme which use these physiological values (K.K.
Venkatasubramanian & Gupta, 2006).The method for generating strong cryptographic
key takes about 1 minute as 67 quantized values measured from different parts of body
may have similarity.
2.11.4 Hybrid Key Agreement
Symmetric and asymmetric cryptosystems have their own merits and demerits.
Schneier says that symmetric cryptosystem is one thousand times faster than
asymmetric cryptosystem but secure key management is unavoidable problem as all
nodes share the same secret key. The asymmetric cryptosystem solve the secure key
management issue but suffers with high computation and communication cost. Hybrid
cryptographic system applies both the best properties of symmetric and asymmetric
cryptographic systems. In this technique random shared secret key is created as that in
symmetric system and then this secret key is encrypted using receiver’s public key as in
asymmetric cryptosystem. The symmetric algorithm and the secret key are used for
encrypting the message. The key along with message are sent to the receiver. The
receiver at the other hand decipher the key by it private key and then that key is used
for deciphering the message as like in Pretty Good Privacy approach. A hybrid scheme
(N. U. Amin, Asad, & Chaudhry, 2012) using ECC and symmetric cryptosystem is
proposed. This scheme reduces the computation cost, communication and storage
30
overhead. Hybrid scheme (Mehmood, Nizamuddin, Ashraf Ch., Nasar, & Ghani, 2012)
introduced for key agreement in BAN. This scheme use RSA and symmetric cipher.
RSA is expensive with respect to computation cost, communication overhead and
cannot be recommended for the resource constraint environment of BAN. Scheme
(Iqbal, Amin, Umar, & Waheed, n.d.) is based on ECC and symmetric cryptosystem
coupled with authentication. It provides node authentication but lacks massage
authentication. Hybrid key agreement technique (Eldefrawy, Khan, & Alghathbar, 2010)
based on RSA and DHECC ensure forward backward secrecy using rekeying which is
bit improvement in scalability and memory efficiency but still has gape of increased
cost with respect to computation, communication and memory overhead as it has six
major and expensive operations including two Modular Exponentiations (M-Exp) and
four Elliptic Curve Point scalar Multiplication (ECPM) which could be further reduced
for cost efficiency. Another hybrid key agreement model (Mehmood et al., 2012) using
symmetric cipher and RSA. Session key for patient data transmission is exchanged
through RSA and confidential data transmission i.e. (EEG, ECG and BP) is through AES
cipher. However, RSA is costly and not appropriate for the resource constraint
environment of WBAN. In this scheme, two expensive operations M-Exp are used.
Hybrid key agreement scheme (Iqbal, Amin, & Umar, 2013) provides authentication
and cluster head selection through rotation. This scheme is based on ECC and AES.
Secret key exchange is performed using ECC and confidential data transmission to the
MO, using AES. The cluster head selection and rotation leads to increased
communication cost and battery power consumption as each sensor node has to reach
to gateway through cluster head so one hop additional cost penalty occurs while
gateway can be reached directly in a ward by each sensor node of the BAN. The cluster
head selection, rotation and then receiving of patient data from each body sensor and
then transmitting the patient data of each sensor to gateway leads to increase cost.
The (Drira et al ) proposed designed scheme performs key updating by using hash
chain and symmetric crypto system for the secure transmission of physiological data of
patients from source to destination. Although authors claim this framework which is
31
using symmetric system suitable for low power biosensor nodes but hash chain and
costly operations leads to increase cost and affect the efficiency.
The (Lee et al) proposed hybrid mechanism use symmetric cryptosystem for bio sensor
nodes and Identity Based Encryption (IBE) for communicating patient vital signs
information between medical server and smart phone. Two techniques are presented to
authenticate and maintain group, pair wise keys amongst all tiers, and assign private
and public keys to smart phones. The scheme based on IBE relies on CA for the
generation of keys and prior trust among nodes is not required. If the KGC is
compromised then the whole network will be compromised and similarly upon
physical compromise of a BAN biosensor node, its prior secrets will be disclosed to the
miss users or adversaries. This technique suffers with high computation cost and
improvement in cost is required.
The ((Daojing et al 2014)) scheme uses symmetric cipher DES for confidential
transmission of patient data and ECC for key revocation, updating and distribution.
This scheme is somehow better but is expensive in computational cost due to two major
ECPM operation .The security enhancement is required
32
Chapter 03
MATERIALS AND METHODS
3. Introduction
This chapter is comprised of models, basic definitions, security features like
confidentiality, authenticity, integrity, unforgeability, non-repudiation and so on,
performance analysis like computational cost and communicational overhead required
to be used in the proposed framework.
3.1 Network Model
The proposed BANs architecture consists on biosensors, base station, medical server
and medical officer.
Biosensors are tiny disease focused biosensors, deployed on patient’s body, sense and
disseminate information wirelessly to the smart phone of medical specialist via BS and
MS for quick medical response. They are directly connected to the BS and accessible by
one or two hops at the distance of maximum up to 10 meters. The 802.15.6 standard is
adopted for the inter operation-ability of the BANs. The architecture is flexible and
adding or removing a node not affects the network structure.
33
Fig.3. 1. Network Model of BANs
3.2 Radio Model
Here we prefer first order radio model in our scheme to measure energy consuming in
transmitting patients physiological data over wireless channel in BANs where
denotes transmitted energy, denotes length of message and denotes communication
distance, equation (3.1) represents energy consumed during data transmission by the
body sensors.
Packet length and distance are directly proportional to power consumed by the
sensors i.e. in case of short distance low power consumption and more energy
consumption in case of long distance.
The following equation (3.2) represents the energy consumption in receiving patients
data by sensor nodes where ( ) denotes energy required, denotes length of packet
and denotes energy consumption per bit.
34
The distance in our scheme < so we use free space model = =10 pJ/bit/
denotes free space model amplifier energy factor.
3.3 Threat Modal
Vulnerable wireless communication of patient status information in BANs is threat full.
The adversary can easily target the patient’s physiological data for misuse. This is
important to make the network secure against expected threats. The model will have to
address all the important security parameters of integrity, confidentiality, authenticity,
scalability and forward/backward secrecy. Secure hybrid approach, for key agreement
and confidential session data transmission are used. Keys updating is the necessary part
of this model. This can avoid the adversary from guessing the actual session key using
old keys.
3.4 Threat Resistance Model
BAN intercommunicate the critical data of vital human organs sensed by biosensors. It
is essential to protect this physiological data from the adversaries and transmit it
securely to the corresponding MOs with possible minimal cost. Authentication of the
source biosensor nodes by the MS and key agreement can block the illegal node from
becoming part of BANs and guarantee secure transmission. Symmetric encryption of
data is the best choice to keep patients critical data confidential as compare to
asymmetric encryption which is costly for these resource constrained biosensor nodes.
Integrity of critical data is an integral part of this model because alteration in packet,
communicating to MOs via BS and MS may harm human life. Keys updating feature of
our model will eliminate the chance for adversary by replaying the captured data using
old keys. Keys updating will be performed round wise while round is a specific interval
of time. Physical security like tracking the presence of body sensors and body with in
the communication range of BANs is also important. To protect both entities
(sensor/patient) from physical attacks such as disconnection, stealing, harming body
sensors or dislocating patients.
35
3.5 Design Requirement
Delays less patient data delivery, security, and cost efficiency along with end-to-end
reliability are the prime requirement of patient health care applications.
3.5.1 Cost Efficiency
Resource constrained body sensors with low processing, storage capacity requires cost
efficient schemes with respect to its computational and communication cost.
Performance analysis is required to measure the efficiency of the proposed work using
analysis tools.
3.5.2 Analysis Tools
Let time complexity of the different operation are as: M- Exp(modular exponentiation),
ECPM (elliptic curve point multiplication), M-M(Modular Multiplication),P(Bilinear
Pairing operation) M-Inv(Modular Inversion), XOR(Bit wise XOR operation), and
hash(one way hash function) .
To get the cost of different operations simulated under a specific environment
(Windows CE, 5.2 OS over 32-bit, Inter(R) PXA270 624MHz processor and 128MB
memory). According to simulation results elliptic curve point multiplication evaluation
time 30.67 ms, a modular exponentiation 63.51 ms , bilinear pairing operation is 96.35
ms and one way hash operation processing time 14.62 ms for the same security level
of 1024 bit RSA algorithm. Furthermore some operations evaluation time is negligible
like XOR operation, point addition and string concatenation operation (Koblitz, 1989).
OriginPro 8 SRO V8.0725 (B725) is used for data analysis and Graphing Work Space.
3.5.3 Scalability
BAN should be enough scalable and entire scheme of the framework should not be
fractured by adding, replacing or removing of sensors if required.
36
3.5.4 Availability
Availability of timely patient status information to the MOs is mandatory; the attacker
may capture or disable a biosensor node, which may put a human life down to earth.
The best way to keep track of sensor nodes the BS can send ACK packet in some specific
time of interval to know status of BAN nodes.
3.5.5 Critical Data Dissemination
In our proposed schemes the biosensors only transmit the critical data rather than to
transmit continuous data which prolong the network life.
3.6 Security Requirement
Timely and secure delivery of patients’ physiological data to the intended recipient is
the major design requirement of the health care applications which include physical
security, body sensor authentication, secure key agreement, confidentiality of
information, patients data integrity, keys update and data freshness.
3.6.1 Physical Security
Keeping in view the BAN of unconscious patients, an adversary may harm or steal a
sensor node may dislocate a patient that could be dangerous for human life. For this
purpose, BS/MS should keep track of the presence of its registered BAN (sensor nodes
and patients) alive.
3.6.2 Body Sensor Authentication
MS has the responsibility to authenticate body sensors and ensure whether the patient’s
data received from legal sensor or an attacker.
3.6.3 Secure Key Agreement
Secure key agreement plays pivotal role in the secure dissemination of the information between
sender and receiver. Secure key agreement techniques provide secrecy of the key and make sure
that key materials are fully secure against the adversaries.
37
Conventional key agreement schemes are not optimal for the resource constraint BANs
due to its high cost. Lightweight secure key management solutions are the design
requirement of such a network composed of tiny biosensors. Secure exchange of session
key for the secure communication of information is the prime concern so that to protect
the patient sensitive information in the way to its destination from the adversaries.
Efficient key management is a major requirement of BANs.
3.6.4 Confidentiality of Information
Confidential transmission of sensitive patients data to the targeted destination is basic
design concern as its disclosure to the illegal users can put human life at risk. As per
HIPAA act patients’ sensitive information must be protected. Patients’ physiological
readings sensed by the body sensors like BP, ECG, and EEG etc should only be
communicated to the intended MOs for emergency feedback. For the confidential flow
of information, various encryption algorithms or ciphers AES, DES, Blow fish, RC5,
Skipjack can be used.
3.6.5 Patients Data Integrity
Integrity assures that the information being communicated has not been altered in the
way to the recipient like MOs. To protect patient data or session key from modification
by the adversaries various hash and message digest algorithms (SHA-128, SHA-512 and
MD5) are used.
3.6.6 Authenticity
Authenticity ensures that the received information is authentic and from the legal node
of the network. Illegal biosensor node should be blacklisted and the incorrect
information needs to be discarded. Authenticity protects the network from the misusers
trying to become part of the network.
38
3.6.7 Non repudiation
Proof of the received data from the sender is important. Non repudiation makes it sure
that the sender will not be able to deny his sent information i.e. one party can prove the
received or sent information by the other party.
3.6.8 Unforgeability
Unforgeability is the required security parameter where the adversary computes a valid
signature on behalf of a legal signer. The network should have this security feature to
block the illegal signers of the network.
3.6.9 Keys Update
Updating session keys feature should be the part of our WBAN design for protecting
the network from the adversaries trying to compromise session key using old keys for
guessing new key.
3.6.10 Data Freshness
Data freshness assures that the data packets received from a body sensor is new and not
replayed. The adversary may delay a data packet and replay later on which affects the
freshness of data as fresh data is mandatory for the decision making of the MOs.
3.7 Elliptic Curve
Let be a finite field of prime order . An Elliptic Curves is a smooth projective
curve of genus one having at least one rational point. It can be defined over in two
dimensions coordinate by short Weierstrass equation ,
where .
3.8 Hyper Elliptic Curve
Hyper elliptic curves can be viewed as generalization of elliptic curves, with genus
. Let , , is monic polynomial and
. A hyper elliptic curve of genus over the finite field is set of points
satisfy the equation
39
A divisor D is a finite formal sum of points .
Jacobian is finite group and its order is
3.9 Symmetric Cryptographic Solutions
In this cryptographic solution both the sender and receiver to encrypt and decrypt a
message where asymmetric crypto solutions use pair of keys share a single common
secret key. These techniques are fast and simple but its main demerit is the secure
session key exchange cost the communicating nodes. Asymmetric or public key crypto
system covers this problem but high cost becomes the addressable issue. DES, AES, are
well known symmetric key crypto ciphers.
3.10 Asymmetric Cryptographic Solutions
Public key cryptography also known as asymmetric cryptography where pair of keys is
used for the encryption and decryption of data messages. This pair of keys (public key
and private key) is initially assigned to the nodes by certain mechanisms like CA. If a
sensor node wishes to transmit encrypted data, the public directory is used to gain a
public key of a target node. Upon receiving the encrypted message, the recipient
decrypts the message with its private key that is not accessible to other nodes of the
network. In symmetric the use of same key for encryption and decryption of a message
is fast but insecure. Asymmetric crypto system is more secure but suffers with high cost.
3.11 Hybrid Cryptographic Solutions
Symmetric cryptography and asymmetric cryptography have emerged with their own
merits and demerits. According to Schneier symmetric technique is one thousand times
faster than asymmetric but all nodes will have to share the same secret key so secure
key management is unavoidable problem. The asymmetric techniques permit public
key cryptosystem but leads to high computation and communication cost. Hybrid
cryptographic solution uses both the best features of symmetric and asymmetric crypto
40
systems. It usually creates a random shared secret key as in symmetric system and then
this secret key is used to be encrypted through asymmetric system while using
receiver’s public key. The symmetric cipher and the secret key are used to encrypt the
message, and then both the key and message are transmitted to the receiver. First, the
receiver deciphers the secret key using its private key and then using that key to
decipher the message. PGP uses this approach.
3.12 Signcryption
The term signcryption was firstly presented by Yuliang Zheng (Zheng, 1997).
Signcryption is based on public key infrastructure that accomplishes both the functions
of Digital Signature and Encryption at a time. Digital signature and encryption are the
two basic cryptographic elements that can ensure the most important security features
like data confidentiality, data integrity and nonrepudiation. In traditional public key
cryptographic techniques, a message is digitally signed and then afterward encrypted
(Signature-Then-Encryption) that faces problems of high cost and low efficiency.
Signcryption being a new technique uses a single logical step to accomplish both the
tasks of digital signature and encryption. This cryptographic technique leads to low
computation and communication costs as compare to its traditional technique i.e.
Signature-then-Encryption.
41
Chapter 04
RESULT AND DISCUSSION
4. Introduction
This chapter presents five schemes of the proposed framework. All schemes are
compared with existing schemes on the basis of cost and security features. The cost
efficiency and security enhancement of our proposed schemes are shown in the
corresponding tables and graphs.
4.1 Lightweight Authentication and Key Agreement Scheme for BANs
The evolved to a new field of research called for monitoring the health
status of patients and immediate response by and emergency treatment without
any delay to save precious human life. The proposed architecture of BANs consists of
stichable, wearable or implantable biosensor nodes, and (Sana Ullah et al.,
2012)(S. Ullah, Higgins, Shen, & Kwak, 2010). Sensor nodes sense physiological data
like blood pressure , , etc, and communicate the status of patient to
through and . Sensors are low cost devices have limitations of energy,
processing and memory. Secure key agreement and authentication can make secure
transmission of information possible while keeping constrained resources of . To
cope with security challenges we proposed a secure and light weight authentication
with key agreement for , this scheme is designed for monitoring patients of a
ward in a medical centre and consists of two phases first is authentication and key
agreement phase where is used for node authentication and round session key
update. It also provide patient sensor tracking system that tracks existence of
patients/sensors in the transmission range of , tracks dead/defective sensors as
well. When a sensor has no emergency data to sense, then the normal data is discarded.
This technique leads to computation cost and communication overhead reduction. Our
proposed scheme provides biosensor nodes authentication and secure key agreement,
patients data confidentiality, integrity, forward secrecy and backward secrecy,
42
scalability along with data freshness and provides enough resistance against threats and
shields the from the attacks of the adversaries with minimal computational,
communication cost and energy overhead. utilize the received real time vital
organs data for timely decisions regarding the treatment of patients. acts as switch
or central coordinator receive the patient’s data and transmits to receivers out of the
human body (Schwiebert, Gupta, & Weinmann, 2001). Stores registered patients’
record in database, their disease status, and treatment record for future reference and
grants authentications to the legal biosensor nodes.
Our proposed nonce based authentication and key agreement scheme is based on the
following phases.
4.1.1 Registration and Key Preloading Phase
Before deployment, each patient account is created with on and each patient
biosensor nodes are loaded with a unique patient master secret key depicted in
algorithm 4.1.
4.1.2 Authentication and key agreement Phase
Once biosensor nodes deployed, each node sends a massage to , further
forward it to which generates a , encrypts it with and sends
encrypted i.e. to the biosensor as . Biosensor decrypts
to obtain then is updated as and encrypted by master secret
key , encrypted updated is formed and sensor sends it back to , to
check the validity of received either from legal node or illegal. So for this purpose
server decrypts and “ ” is computed as given in algorithm . If
grant authentication otherwise biosensor node is considered as illegal and
black listed. Now round session keys are generated using of and as
both at biosensor nodes and for secure communication of
physiological patients’ data between biosensors and . Each round is a specific time
interval that starts if and ends when .
43
ALGORITHM 4.1: Authentication and Key Agreement
1. Preload Patient Master secret key
2. Biosensor
a. Broadcast to Server
3. Server
a. Generate
b.
c. Sends back to Biosensor
4. Biosensor
a. Computes
b. Computes
c. Sends back to Server
5. Server
a. Computes
b. If
Grant Authentication
Else
c. Blacklist the body sensor
6. Biosensor
a. Computes
7. Server
a. Computes
End
44
Fig.4. 1. Flow Chart
4.1.3 Confidential Data Transmission
Biosensors transmits the encrypted critical data when sensed otherwise sensors discard
the non-critical data, it obviously reduces the communication cost and saving energy
along with maintaining confidentiality of critical data during transmission on wireless
channel. Algorithm (4.2) is used to encrypt patient critical data before transmitting to
the corresponding recipient.
45
ALGORITHM 4.2: Data Encryption and Forwarding
1. for each biosensor node
2. if sensed data = critical
{
a. Computes
b. Computes
c. Computes
d. Sends
}
Else
e. Discard
End if
End for
The above algorithm (4.2) is event driven where biosensor start sensing of a patient
after deployment of body sensors. In case biosensor sense non-critical data then
the sensed data is not critical or emergent nature and should not be forwarded to the
recipient of . If data sensed by is found critical then hash of the
critical data is computed then compressed hash ( ) is formed. is light variant of
function that maintains the integrity of patient’s physiological data. The hash
value of keyed is 160 bits which is not optimal for use in BANs due to its
limited resources. To reduce communication cost we propose compressed hash function
, we split the hash into two equal parts Left hash bits and right hash
bits as Take repeated of and to generate light
weight compressed hash as: . In this technique the value of
is decreased which not only reduce communication cost but also provide integrity
of physiological data.
46
Sensed critical data and round is encrypted along with using round
session key , the confidential physiological patient data is forwarded to
corresponding ward via and for urgent decision-making.
Fig.4. 2. Flow Chart for Confidential Data Forwarding
The encrypted physiological data is received by and forwarded to the
corresponding ward and a copy of this encrypted data is stored in the patient’s
database for future reference or medical history record. decrypts the received
patient status data for immediate medical response. The following algorithm 4.3 is used
for decryption.
ALGORITHM 4.3: Decryption
1. for each biosensor node
2. Computes
3. Computes
47
4. Computes
5. Accept if else
6. End for
4.1.4 Key Updating Phase
Keys updating are much more important because keeping of same keys for longer time
may be open gate for cryptanalyst attacks so round wise updating of keys is necessary
as in design of our scheme.
Updating individual keys guarantee forward and backward secrecy of keys. This light
weight algorithm update individual round session keys on both sides biosensors and
in such a way that biosensors record the round last data , apply hash
function to this data , last round session key is XORed with hashed round last
data in this way round session key is updated and the
same key updating process is applied on side. Session keys for confidential flow of
patient data are updated at both server and sensor nodes so it is infeasible for the
attacker to get session keys and break the security of .
ALGORITHM 4.4: Key Update
1. Biosensor
a. Record round last data
b. Computes
c. Computes
2. Server
a. Receive last round last data
b. Computes
c. Computes
End
48
4.1.5 Physical Security
Tracking of body sensors and patient body itself is important within the communication
range of to protect them from harming/stealing and kidnapping or detecting
dead/faulty sensor nodes. To achieve this goal we propose algorithm 4.5 where
broadcast packet to all sensor nodes within the communication range of
in random time intervals, body sensors reply to and forward to . The
packet of the functional sensors and present patients with in the range of
is received to the server. If did not receive then there may be two reasons either
problem with sensors or with patients and in this case warning is forwarded to
for emergency response. The proposed algorithm 4.5 will be applied for all
forthcoming schemes as well.
ALGORITHM 4.5:
1. Base Station
a. After a random time interval broadcast message to all
body nodes
2. Biosensor
a. Reply to and forward to
3. Server
a. If receives from all registered patients/ sensors
Presence of patients and functional sensors ensured
b. Else
{
Case-1: sensor dead/faulty
Case-2: patient/sensor out of Range
Generate warning and forward to
}
End
49
4.1.6 Security Analysis
Security of is of prime importance since this is the question of human life
sustainability through by efficient security schemes complete in all respects. Our
proposed scheme has the potential to safe guard from adversaries and has the
capability to transmit human physiological data securely from biosensors to . The
essential security parameters and prevention of possible attacks addressed in our
scheme are presented below.
4.1.6.1 Node Authentication
Proposed scheme provides node “ ” based node authentication and grant
permission to become part of the network. Medical server checks nonce for granting
authentication or denying authentication/blacklisted. It prevents impersonation attack.
4.1.6.2 Key agreement
The proposed scheme establishes and updates a session key between patient and
medical server and medical officer using master secret key and symmetric
encryption.
4.1.6.3 Key Update
Our proposed scheme session keys are updated round wise in such a way that is
taken of the ( ) of most recently sent patient data with previous round session key
, the adversary would not be able to guess the key for next round.
4.1.6.4 Node Tracking
The proposed scheme runs PST algorithm using and packets and check
whether the sensor is functional and within transmission range or not.
50
4.1.6.5 Message Confidentiality
A unique patient round session key for confidential transmission of patient vital
signs data between sensor nodes and using algorithm to encrypt message
, that also prevent chosen cipher text attack.
4.1.6.6 Message Integrity
Proposed scheme used one-way collision resistive hash function and for efficiency
compressed hash ( ) function is computed which maintains the integrity of data
packets in the way from sensor nodes to .
4.1.6.7 Key Revocation
This scheme has keys revocation/update algorithm and after new node join or
previous leave or time out keys are revoked to ensure key freshness.
4.1.6.8 Forward Secrecy and Backward Secrecy
This scheme offers rekeying or keys updating which guarantees forward and backward
secrecy. Session keys are updated round wise in such a way that is taken of the
( ) of most recently sent patient data with previous round session key , the
adversary would not be able to guess the key for next round or if join the previous
round key.
4.1.6.7 Data Freshness
The proposed scheme using time stamp that ensures the data received by
the is fresh and prevent the attacker to launch replay attack.
4.1.6.8 Denial of Service
This scheme prevents denial of service attack as each sensor communicates with
that ensure node authentication resist illegal sensor to join the network. If a node joins,
it is not allowed to send bulky data as only critical data is forwarded and can detect
unwanted data forwarding.
51
4.1.6.9 Masquerade Prevention
Before deployment, each patient account is created with on and each patient
biosensor nodes are loaded with a unique patient master secret key . Therefore, the
attacker cannot hijack the identity of a legal node for illegal use.
4.1.6.10 Scalability
Addition of a new sensor or replacement of old sensor or removal of an existing
biosensor node is independent on each other and managed by a powerful medical
server, that insure scalability.
Table 4. 1 Comparison of Security Functions of Proposed and Existing Schemes
Schemes
Proposed Scheme 1st Y Y Y Y Y Y Y Y Y Y Y Y
IEEE 802.15.6 Protocol I N Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol II (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol III (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol IV (2012) Y Y Y N Y Y Y N N N N Y
(Drira et al 2012) Y Y N N Y Y N N Y Y Y N
Lee et al (2014) Y Y N N Y Y N N Y N Y N
(Daojing et al 2014) Y Y Y N Y Y Y Y Y Y Y N
4.1.7 Performance Analysis
The efficiency of our proposed scheme is based on the measurement of computational
cost and communication overhead/cost.
4.1.7.1 Computational Cost
Major and expensive operations like and are not used in our
proposed scheme. Symmetric cipher significantly decrease computational cost as
compare to schemes using asymmetric ciphers.
52
Table 4. 2 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost at Biosensor Side
Proposed Scheme 1st
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 3 Computation Cost Comparison at Biosensor Side
Proposed Scheme Efficiency on the basis of Computation Cost at Biosensor Side
Existing Schemes Percent Efficiency of the Proposed Scheme
IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
3500
4000
4500
(Com
puta
tiona
l Cos
t in
ms)
(Number of nodes)
Proposed Schme 1st
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 3. Graph Representation of Comparison of Computation Cost at Biosensor Side
53
Table 4.4 Comparison of Computation Cost of Existing and Proposed Scheme
Scheme Computation Cost at Medical at Sever Side
Proposed Scheme 1st
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012) 2
(Lee et al 2014) 2
(Daojing et al 2014)
Table 4. 5 Computation Cost Comparison at MS Side
Computation Cost Efficiency of the Proposed Scheme at MS Side
Scheme Percent efficiency of the proposed scheme
IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
54
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
3500
4000
4500(C
ompu
tatio
nal C
ost i
n m
s)
(Number of nodes)
Proposed Schme 1st
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 4. Graph Representation of Comparison of Computation Cost at Base Station Side
4.1.7.2. Communication Overhead Analysis
Bandwidth is a major issue in BANs so communication cost should be as less as
possible.
Table 4. 6 Comparison of Communication Overhead of Proposed and Existing Schemes
Existing Schemes Total Number of Messages
Exchanged Total Number of Bits Exchanged
Proposed Scheme 1st 3 (|Ack=16 bits|)
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
55
Table 4. 7 Communication Cost on the basis of Nodes
Proposed Scheme Efficiency on the basis of Communication Cost
Schemes Percent Efficiency of the Proposed Scheme IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
5000
10000
15000
20000
(Num
ber o
f Bits
in c
omm
unic
atio
n)
(Number of nodes)
Proposed Scheme 1st
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 5. Graph Representation of Comparison of Communication Overhead
4.1.8 Conclusion
Secure and lightweight authentication and key agreement scheme is proposed for the
security of where encrypted is applied for secure node authentication that
blocks illegal nodes. Cost effective symmetric cipher is used for confidentiality of
physiological data rather than costly asymmetric cipher. The value of one-way collision
resistive hash function is decreased and the resultant lightweight compressed hash
function is obtained for maintaining integrity. Forward and backward secrecy is
achieved by updating session keys round-wise where is taken of the previous
round last data with previous round last session key in this way adversary
would not be able to guess the key for next round. Physical security feature of our
56
scheme is used for tracking patients/biosensors and detecting dead or faulty
biosensors within the transmission range of . Our scheme is computationally
efficient 60.05-89.81% at biosensor side, 60.05-92.61% at MS side and efficient in
communication overhead 83.92-92.99% as compared to other schemes. Thus, this
scheme provides improved security features mentioned in Table 4.1 with minimal cost
which make this scheme well fit for the resource constrained environment of .
4.2 Authenticated Key Agreement for SBANs Based on Hybrid Cryptosystem
In this scheme, we have proposed a hybrid authenticated key agreement with rekeying
for . Our scheme is based on symmetric crypto system and .
We assume that and have enough processing capability, energy and memory.
Routing table is constructed for every node by in accordance to (Lewis, Foukia, &
Govan, 2008) (Yang, Lim, Li, Fang, & Agrawal, 2008) depending on the knowledge of
deployment, saved formation of cluster scenario using protocol for the selection of
optimized route.
Fig.4. 6. System Design of BANs
Our scheme is based on symmetric cryptography and for key agreement. This
scheme comprised of five phases:
a) Registration and Key Preloading Phase
b) Node Authentication Phase
57
c) Session Key Establishment Phase
d) Secure Data Transmission Phase
e) Key Updating Phase
4.2.1 Registration and Key Preloading Phase
In key preloading phase, each biosensor is preloaded with public key .
are preloaded with its own private and public keys ( ) and each sensor .
4.2.2 Node Authentication and Key Agreement Phase
Algorithm 4.6 is designed to block malicious nodes and authenticate only the legitimate
nodes. compares the received sensor with pre stored after decrypting, if
accept, network access will be granted otherwise the node is blacklisted and discarded
from the network and pointed out as malicious node.
Algorithm 4.6: Node Authentication and Key Agreement
Biosensor
For each biosensor node
a. Generate
b. Computes
c. Encode message to point
d. Computes
e. Computes
f. Computes
g. Computes
Transmit to
End for
4.2.3 Session Key Establishment Phase
The following algorithm 4.7 is used for the establishment of session keys
in where session key is generated by taking the of two random
numbers belong to the same cluster. The obtained session key along with other
58
concatenated parameters is encrypted using symmetric cipher and sent to the
biosensor confidentially.
Medical Server
Algorithm 4.7 Decrypt ( )
For each biosensor node
a. Computes
b. Extract
c. Extract
d. Computes
If accept the session key , otherwise
End for
For each biosensor node
a. randomly selects two belong to same cluster
b. Compute session key
c. Computes
d. Send to biosensor node
End for
In above algorithm 4.7 biosensor node received encrypted message and decrypted to
get the session key that is further used for onward secure session data communication.
Biosensor
Algorithm 4.8: Biosensor Decrypt
for each body sensor node
59
a. Computes
b. Session key used for secure communication
End for
4.2.4 Secure Data Transmission Phase
The integrity is maintained through by taking the hash of patient sensed physical status
data to compute then are encrypted and cipher text is
obtained and forwarded to medical server.
Algorithm 4.26: Secure Session Data Transmission
Biosensor Node
for each biosensor node
a. Sense data
b. Computes
c. Computes
d. Sends to
End for
Medical Server
Using algorithm 4.27 medical server decrypts the using round session key for
each body sensor encrypted data and then compare the computed and received
hash of , if matched accept otherwise discard the data packet.
Algorithm 4.27: Medical Server ( )
for each biosensor node
a. Computes ( )
b. Computes
c. Accept if Save data to patient record otherwise
60
End for
4.2.5 Key Updating Phase
Keys updating are much more important because keeping of same keys for longer time
may be open gate for cryptanalyst attacks so round wise updating of keys is necessary
as in design of our scheme.
Updating individual keys guarantee forward and backward secrecy of keys. This light
weight algorithm updates individual round session keys on both sides biosensors and
in such a way that biosensors record the round last data , apply hash
function to this data , last round session key is XORed with hashed round last
data in this way round session key is updated and the
same key updating process is applied on side. Session keys for confidential flow of
patient data are updated at both server and sensor nodes so it is infeasible for the
attacker to get session keys and break the security of .
ALGORITHM 4.9: Key Update
1. Biosensor
a. Record round last data
b. Computes
c. Computes
2. Server
a. Receive last round last data
b. Computes
c. Computes
End
61
4.2.6 Security Analysis
Following are the security requirements for . Our propose scheme fulfills these
requirements using the analysis.
4.2.6.1 Node Authentication
In registration phase each biosensor authentication is made offline and preloaded with
public key and are preloaded with its own private and public keys. are preloaded
with its own private and public keys ( ) and each sensor . Algorithm 4.6
ensure designed to block malicious nodes and authenticate only the legitimate nodes.
4.2.6.2 Key Agreement Phase
To ensure efficient and secure data dissemination proposed scheme establish session
key using algorithm (4.6) between biosensor and medical server.
4.2.6.3 Key Update
When a sensor node joins, leaves the network or capturing is detected, the rekeying
technique is performed to update key.
4.2.6.4 Node Tracking
In our proposed scheme medical server run PST algorithm provides enriched resilience
track the sensor node.
4.2.6.5 Message Confidentiality
We use symmetric cryptography and for exchanging session key and information
with standard key size that achieve message confidentiality. Therefore, our proposed
scheme has strong resistance against chosen plaintext and cipher attackers.
4.2.6.6 Message Integrity
In our proposed scheme when decryption is performed then received and stored
of sensor nodes are compared by the . And received , stored of is
62
compared by the sensor nodes. Symmetric cryptosystem and have avalanche effect
where through integrity is maintained.
4.2.6.7 Key Revocation
When a sensor node joins, leaves the network or time period expires; the previous key
is revoked and rekeying is performed in the corresponding cluster.
4.2.6.8 Forward Secrecy and Backward Secrecy
When a sensor node joins, leaves the network or time period expire; the rekeying
technique is performed in the corresponding cluster that guarantees forward and
backward secrecy of session key.
4.2.6.9 Data Freshness
This scheme ensures that the data received by the is always new using time
stamp as and prevents the attacker to launch replay.
4.2.6.10 Denial of Service
This scheme makes an offline registration and prevents denial of service attack as it
does not accept any outsider requests online.
4.2.6.11 Masquerade Prevention
This scheme makes an offline registration and prevents an attacker who cannot hijack
the identity of a legal node.
4.2.6.12 Scalability
Our proposed solution has the capability to support an extensive growth in the network
size after deployment as nodes are independent from each other and managed by
power full base station and server.
63
Table 4. 8 Comparison of Security Function of Proposed and Existing Schemes
Schemes
Proposed 2nd Y Y Y Y Y Y Y Y Y Y Y Y
IEEE 802.15.6 Protocol I N Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol II (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol III (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol IV (2012) Y Y Y N Y Y Y N N N N Y
(Drira et al 2012) Y Y N N Y Y N N Y Y Y N
(Lee et al 2014) Y Y N N Y Y N N Y N Y N
(Daojing et al 2014) Y Y Y N Y Y Y Y Y Y Y N
4.2.7 Performance Analysis
In our proposed technique, it is assumed that both and gateway is rich in resources
and we concentrate only on the performance of the biosensors.
4.2.7.1 Computation Cost Analysis
Elliptic Curve Point scalar Multiplication ( ) and Modular Exponentiations
( ) are the major and most expensive operation in session key exchange.
The computational cost comparison of the existing schemes and proposed scheme is
shown in the table 4.9.
Table 4. 9 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost at Biosensor Side
Proposed Scheme 2nd
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014) 4 1 3
64
Table 4. 10 Computation Cost Comparison at Biosensor Side
Proposed Scheme Efficiency on the basis of Computation Cost at Biosensor Side
Schemes Percent Efficiency of the Proposed Scheme IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 11 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost at MS Side
Proposed Scheme 2nd
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 12 Computation Cost Efficiency at MS Side
Proposed Scheme efficiency at MS Side
Scheme (From which Proposed Scheme efficient )
Percent efficiency of the proposed scheme
IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
65
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
3500
4000
4500
(Com
puta
tiona
l Cos
t in
ms)
(Number of nodes)
Proposed Scheme 2nd
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 7. Computational Cost Comparison
4.2.7.2 Communication Overhead Analysis
Bandwidth is a major issue in BANs so communication cost should be as less as
possible.
Table 4. 13 Comparison of Communication Overhead of Proposed and Existing Schemes
Existing Schemes Total Number of Messages
Exchanged Total Number of Bits Exchanged
Proposed Scheme 2nd 3 (320 + 192) bits
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
66
Table 4. 14 Communication Cost on the basis of Nodes
Proposed Scheme Efficiency on the basis of Communication Cost
Existing Schemes Percent Efficiency of the Proposed Scheme
IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
5000
10000
15000
20000
(Com
mun
icat
ion
Cos
t in
Bits
)
% (Number of nodes)
Proposed Scheme 2nd
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 8. Communication Cost on the basis of Nodes
Table 4. 15 Communication Cost on the basis of Security Levels
Proposed Scheme Efficiency on the basis of Security Levels
Existing Schemes Percent Efficiency of the Proposed Scheme
Security Level 1 Security Level 2 Security Level 3 IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
67
Level 1 Level 2 Level 3
0
2000
4000
6000
8000
10000
12000
14000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Security Level)
Proposed Scheme 2nd
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 9. Communication Cost on the basis of Security Level
4.2.8 Conclusion
Lightweight cryptographic techniques and key management schemes in BANs are of
great interest for the researchers due to its constrained nature. In this scheme, we have
proposed hybrid approach for authenticated key agreement with rekeying for secure
BANs. Our scheme is based on and symmetric cryptography. The proposed
scheme is efficient in computation cost at biosensor side 40.37-84.79% and at MS side
40.37-88.96% efficient in communication cost based on number of nodes 81.69-92.02%
and security level 43.25-94.11%, while fulfilling the entire security requirement of
BANs.
4.3 A Signcryption based Key Agreement and Cluster Head Selection for
BANs
In order to protect the sensor data there is not only a need for the secure and
lightweight cryptosystem but also a need for secured and energy efficient key
agreement scheme which will guarantee the secure communication of patient data.
68
Traditional security solutions are not directly applicable to these networks due to their
constrained nature there by providing copious avenues for researchers.
In this section, a secure hybrid key establishment scheme for based on
signcryption and symmetric cryptography. The session key and cluster head selection is
performed in a single step. The proposed scheme would significantly reduce the
computation cost as well as traffic overhead. The focus of this scheme is to design a key
agreement scheme with high security strength, computationally less expensive, low
communication cost and energy efficient. This scheme uses signcryption for key
establishment and symmetric cryptography for session data transmission in . The
topological structure of the proposed network consists of biosensors, base station and
centralized medical server as is shown in figure 4.10. We assume that the biosensor
have limited resources while BS and MS have high.
Fig.4. 10. Proposed Scheme Structure for BANs
Our proposed scheme has the following phases.
System Initialization Phase
Session Key Establishment and Cluster Head Selection Phase
Secure Session Data Forwarding
Cluster Head Rotation Phase
Rekeying Phase
69
4.3.1 System Initialization Phase
Medical server MS is preloaded with his private and public keys respectively.
Before biosensor deployment on patient body each biosensor is preloaded with its
private key , public key and corresponding medical server public key .
Each deployed sensor public key is also forwarded to MS as well.
4.3.2 Session Key Establishment and Cluster Head Selection Phase
In this phase secure session key is established between each biosensor and
corresponding medical server using signcryption coupled with cluster head selection on
the base of energy level. To accomplish the above task following steps are performed:
Biosensor
Algorithm 4.10: Session Key Signcryption
1. Each biosensor on patient generates a random number
2. Each biosensor on patient has energy level
3. Signcryption
a. Select an integer randomly
b. Computes
c. Computes =
d. Compute
e. Compute
f. Compute
Send signcrypted text to
Medical Server
Algorithm 4.11 Signcryption and Cluster Head Selection
1. Unsigncryption
a. Computes
b. Computes
70
c. Computes
d. Check if accept else
e. Select random and compute
f. Select Max ( )
g. Compute
End
Biosensor
Algorithm 4.12: Session Key Decryption
1. Each biosensor receives and decrypts the encrypted text by using
symmetric cipher and key as:
a.
b. Cluster member send join request to cluster head .
End
4.3.3 Secure Session Data Forwarding
Biosensors sense patient information (vital sign) encrypt with session key using
symmetric cipher. The encrypted data is forward to cluster head and further forwarded
to via BS.
ALGORITHM 4.2: Session Data Encryption and Forwarding
1. for each biosensor node
2. if sensed data = critical
{
a. Computes
b. Computes
c. Computes
d. Sends
71
}
Else
e. Discard
End if
End for
The encrypted physiological data is received to via BS and forwarded to the
corresponding ward and a copy of this encrypted data is stored in the patient’s
database for future reference or medical history record. Decrypt the received
patient status data for immediate medical response. The following algorithm 4.3 is used
for decryption.
ALGORITHM 4.3: Session Data Decryption
1. for each biosensor node
2. Computes
3. Computes
4. Computes
5. Accept if else
6. End for
4.3.4 Cluster Head Rotation Phase
In this phase, cluster head is rotated, when the cluster head energy level reaches to a
threshold value.
Biosensor
Algorithm 4.13 Energy Level Encryption
a. Each sensor sends energy level in encrypted form to
b.
c. Send encrypted text to
End
Medical Server
72
Reselect cluster head with maximum energy as:
Algorithm 4.14: Energy Level Decryption
a. Compute
b. Select one biosensor as cluster head having maximum energy
from those biosensor installed on same patient by comparing their
energy levels ( ), the remaining biosensors become
member of that cluster. Where is address of cluster head ,
and is address of cluster member
c. Compute
Send encrypted text to biosensor
Biosensor
Each biosensor receives and decrypts the encrypted text by using symmetric
cipher and key as:
Algorithm 4.15: Updated Session Key Decryption
a.
b. Cluster member sends join request to cluster head
End
4.3.5 Rekeying Phase
To ensure forward secrecy in case of node leaves, backward secrecy in case new node
joins and key freshness after a threshold amount of time rekeying is performed as:
Biosensor
Algorithm 4.16: Rekeying
1. Each biosensor on patient generates a random number
73
2. Each biosensor on patient has energy level
3. Signcryption
a. Select an integer randomly
b. Computes
c. Computes =
d. Compute
e. Compute
f. Compute
Send Signcrypted text to
Medical Server
Algorithm 4.17: Unsigncryption
4. unsigncrypts the signcrypted text received from each sensor
5. Unsigncryption ,
a. Computes
b. Computes
c. Computes
d. Check , if satisfied accept the random number
and
otherwise
6. computes session key for patient by selecting two from those
biosensor installed on same patient as:
a.
7. selects cluster head for data forwarding from biosensor to installed
on patient as:
74
8. Encrypt session key to each biosensor using symmetric cipher and
encryption key as:
a.
b. Send encrypted text to biosensor
Biosensor
Algorithm 4.18: Decrypt Session Key
Each biosensor receives and decrypts the encrypted text ) by using
symmetric cipher and key as:
4.3.6 Security Analysis
Our scheme fulfills the following security requirements.
4.3.6.1 Node Authentication
In proposed scheme, signcryption a public key primitive and public key certificate of
node ensure node authenticity, therefore in session key establishment authenticity of
each sensor and session key establishment is confirmed.
4.3.6.2 Key Agreement
To insure efficient and secure message dissemination, session key for symmetric cipher
is established using signcryption that ensure authenticated session key agreement.
4.3.6.3 Key Update
In proposed scheme, rekeying is performed to update and ensure freshness of session
key.
75
4.3.6.4 Node Tracking
In proposed scheme algorithm, PST is used to track the patient and biosensors, that use
and mechanism as defined in algorithm named .
4.3.6.5 Message Confidentiality
In order to achieve confidential session key exchange, we use signcryption based on
and symmetric encryption with standard parameters, which ensure confidentiality
of session key that lead to confidential session information dissemination.
4.3.6.6 Integrity
In session key establishment, integrity is confirmed by signcryption routine and session
data is by function.
4.3.6.7 Key Revocation
In proposed scheme when a node leaves or joins, after a specific interval of time
rekeying is performed, thus, key is refreshed. Moreover, the can directly revoke
and blacklist a node as well.
4.3.6.8 Backward and Forward Secrecy
To ensure forward secrecy, in case a node leaves, backward secrecy in case new node
joins and for key freshness after a specific interval of time rekeying is performed which
ensure forward as well as backward secrecy.
4.3.6.9 Data Freshness
Proposed scheme ensures that received data are not replayed and fresh by using time
stamp appended with encrypted data and thus avoid replay attack and confirm
data freshness.
76
4.3.6.10 Denial of Service
The proposed framework allows only the authenticated nodes to send the data while it
may be infeasible for an attacker to join the network and launch the denial of service
attack on the powerful medical server.
4.3.6.11 Masquerade Prevention
The nodes are authenticated using public key certificate, which is hard for an attacker to
launch masquerade attack.
4.3.6.12 Scalability
Our proposed scheme for has the ability to maintain considerable increase in
size of network after deployment as nodes in the network are independent from each
other.
Table 4. 16 Comparison of Security Function of Proposed and Existing Schemes
Schemes
Proposed scheme 3rd Y Y Y Y Y Y Y Y Y Y Y Y
IEEE 802.15.6 Protocol I N Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol II (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol III (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol IV (2012) Y Y Y N Y Y Y N N N N Y
(Drira et al 2012) Y Y N N Y Y N N Y Y Y N
(Lee et al 2014) Y Y N N Y Y N N Y N Y N
(Daojing et al 2014) Y Y Y N Y Y Y Y Y Y Y N
4.3.7 Performance Analysis
Comprehensive analysis of the proposed secure key establishment and cluster head
selection scheme in term of performance efficiency is given:
77
4.3.7.1 Computation Cost Analysis
In our proposed secure key establishment technique, the expensive operations are
and . Table 4.17 shows the processing cost analysis of our scheme with
existing schemes.
Table 4. 17 Comparison of Computation Cost of Existing and Proposed Schemes
Schemes Computation Cost at Biosensor Side
Proposed Scheme 3rd
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 18 Computation Cost Comparison at Biosensor Side
Proposed Scheme Efficiency on the basis of Computation Cost at Biosensor Side
Schemes
Percent Efficiency of the Proposed Scheme
IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
78
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
(Co
mp
uta
tion
al C
ost
in m
s)
(Number of nodes)
Proposed Scheme 3rd
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 11. Comparison of Computation Cost at Biosensor Side
Table 4. 19 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost MS Side
Proposed Scheme
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012) 2
(Lee et al 2014) 2
(Daojing et al 2014)
Table 4. 20 Computation Cost Comparison at MS Side
Proposed Scheme Efficiency on the basis of Computation Cost at MS Side
Scheme Percent efficiency of the proposed scheme
IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
79
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
3500
4000
4500
(Co
mp
uta
tion
al C
ost
in m
s)
(Number of nodes)
Proposed Scheme 3rd
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 12. Comparison of Computation Cost at MS Side
4.3.7.2 Communication Overhead Analysis
As in BANs, speed of link usage is a main issue so we need smart cryptosystem for less
communication cost. Table 4.21 shows the communication overhead analysis of
proposed key establishment and existing schemes. Bandwidth is a major issue in BANs
so communication cost should be as less as possible.
Table 4. 21 Comparison of Communication Overhead of Proposed and Existing Schemes
Schemes Total Number of Messages
Exchanged Total Number of Bits Exchanged
Proposed Scheme 3rd 2
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
80
Table 4. 22 Communication Cost on the basis of Nodes
Proposed Scheme efficiency on the basis of Communication Cost
Schemes Percent Efficiency of the Proposed
Scheme IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
2000
4000
6000
8000
10000
12000
14000
16000
18000
20000
22000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Number of nodes)
Proposed Scheme 3rd
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 13. Communication Cost on the basis of Nodes
Table 4. 23 Communication Cost on the basis of Security Levels
Proposed Scheme Efficiency on the basis of Security Levels
Existing Schemes Percent Efficiency of the Proposed Scheme
Security Level 1 Security Level 2 Security Level 3 IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
81
Level 1 Level 2 Level 3
0
2000
4000
6000
8000
10000
12000
14000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Security Level)
Proposed Scheme 3rd
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 14. Communication Cost on the basis of Security Levels
4.3.8 Conclusion
Signcryption based on elliptic curve cryptography ( ) in is the unique feature
of this scheme. Life of the network is increased by cluster rotation among the sensors.
Forward and backward secrecy is maintained by rekeying. The proposed scheme is
favorable due to significant reduction in computation cost as well as communication
overhead for over other existing schemes while fulfilling essential security
parameters. The percent efficiency comparison of our proposed scheme with the
existing scheme is depicted in tables.
4.4 Efficient Key Agreement for Wireless BANs Based on Hyper Elliptic
Curves
Koblitz coined which can be a better choice in replacement of for the
resource constraint environment of . To achieve efficiency in our scheme we use
due to its shorter key size as compare to other crypto systems, the 80 bits base
field provides equivalent security as that with 180 bits and 1024 bits. Our
efficient key agreement scheme uses for resource constraint environment of
82
.This scheme will provide security with improved cost efficiency in a hospital
ward.
The proposed design architecture consists of four stages. Stage first include
initialization , stage second key establishment, stage third secure data transmission and
stage fourth session key updating stage.
4.4.1 Initialization Stage
In this stage, each sensor node is preloaded with public key , private key
and public key of medical server prior on the body of patients. Public key ,
Private Key and public keys of all sensor nodes are preloaded to medical server.
4.4.2 Key Establishment Stage
In this stage, round wise session key is generated then exchanged in secure manner
among sensor nodes and medical server using for onward transmission of
patient data securely. Sensor node runs probabilistic encryption algorithm (4.24).
Encrypt to generate encrypted text for session key .
Algorithm 4.24: Encrypt
Select a integer
a. Computes
b. Encode message to divisor
c. Computes
d. Computes
e. Computes
f. Computes
Transmit to
83
Obtains sensor node public key from certificate authority, decrypts encrypted
session key using deterministic decryption algorithm (4.25) Decrypt to obtain
session key from encrypted text .
Algorithm 4.25: Decrypt
e. Computes
f. Extract
g. Extract
h. Computes
if accept the session key , otherwise
4.4.3 Secure Data Transmission Stage
The integrity is maintained through by taking the hash of patient health status data
to compute then are encrypted and cipher text is obtained and
forwarded to medical server.
Algorithm 4.26: Secure Session Data Transmission
Body Sensor Node
for each body sensor node
e. Sense data
f. Computes
g. Computes
h. Sends to
End for
84
Medical Server
Using algorithm 4.27 medical server decrypts the using round session key for
each body sensor encrypted data and then compare the computed and received
hash of , if matched accept otherwise discard the data packet.
Algorithm 4.27: Medical Server ( )
for each body sensor node
d. Computes ( )
e. Computes
f. Accept if Save data to patient record otherwise
End for
4.4.4 Key Updating Stage
Round wise updating of keys is the essential feature of our proposed scheme for
prevention from the attack of cryptanalyst using old keys and guessing new keys. In
this way forward and backward secrecy is maintained.
Biosensors update the session key using algorithm 4.28 rounds wise. The last round
data is computed by taking its hash and is taken with the session key of
last round. Fresh session key is computed by taking the last round data with
the last round session key .
Algorithm 4.28: Biosensor Key Update
for each body sensor node
a. Computes where is last round data
b. Computes
End for
Medical server updates the session key using algorithm 4.29 as biosensor round wise.
The last round data is computed by taking its hash and is taken with the
85
session key of last round. Fresh session key is computed by taking the last round
data with the last round session key .
Algorithm 4.29: Medical Server Key Update
for each biosensor node
c. Computes
d. Computes
End for
4.4.5 Security Analysis
The secure dissemination of patient information from body sensors to the MS is of
prime importance. Our proposed scheme ensures the necessary prominent security
notions of confidentiality, Integrity, authenticity, Un-forgeability and non-repudiation
of patient information. Security function is dependent on Hyper Elliptic Curve Discrete
Log Problem ( ), which is a hard problem (Computationally infeasible) (Ch et
al., 2014).
4.4.5.1 Node and Message Authentication
Proposed scheme signcryption a public key primitive and the public key certificate of
node ensure node authenticity, therefore in session key establishment authenticity of
information received from each sensor at is achieved. Authenticity of information
received at sensor is achieved by and function.
4.4.5.2 Key agreement
For session key establishment, signcryption that ensure authenticated and confidential
session key agreement.
4.4.5.3 Key Update
In proposed scheme, rekeying is performed to update/refresh the previous session key
established.
86
4.4.5.4 Node Tracking
In proposed scheme algorithm, that use and mechanism to ensure
track the patient and biosensors.
4.4.5.5 Key Revocation
In proposed scheme the has authority to revoke key of a node and blacklist.
Moreover, when a node joins or leaves the previous key is revoked.
4.4.5.6 Message and Session Key Confidentiality
The privacy of patient health information is crucial and it should not be eavesdropped
( ). To assure privacy, proposed system confidentially exchanges the session key
and communicates the session data using symmetric cipher . The possible attacks
are demonstrated in session key agreement and secure data transmission and it is
concluded that the proposed scheme provides confidentiality.
Case 1: An can compute patient session keys from Equation (1) if he
gets from Equation (2), while computing from Equation (2) is Equivalent to
solve one computationally infeasible
Case 2: An can compute patient session keys from Equation (3) and (4),
if he gets from Equation (5), while computing from Equation (5) is Equivalent to
solve one computationally infeasible .
87
Case 3: An wants to obtain patient session information from ciphertext .
is used as encryption algorithm so computing from is computationally
infeasible as resists and .
4.4.5.7 Message and Session Key Integrity
Proposed scheme ensures that the patient data have not been altered by received at
. In key exchange phase, patient computes using one-way
function. If changes the original information as , is changed to
. Similarly, patient encrypted information is computed as It is
infeasible for an attacker to modify as such that due to
collision resistive property of hash function.
4.4.5.8 Unforgeability
The cannot forge valid without private key of the biosensor. Let an
attempts to forge, he must generate from Equation (4) for . For computing
valid signature , he has to compute biosensor private key from Equation (5)
which is equivalent to solve .
4.4.5.9 Non repudiation
Non-repudiation warrants that both of the patients cannot deny their sent information
in BANs. In case of dispute, judge/ third party can decide that whether the message is
sent by the claimed biosensor or not.
4.4.5.10 Forward and Backward Secrecy
The key updating property of our scheme blocks the passive adversary from guessing
the session key through using old keys.
88
4.4.5.11 Data Freshness
Proposed scheme ensures data freshness by using time stamp . It ensures that
received data are not replayed and should be fresh and created newly. In a structure,
where session key strategies are employed, data freshness plays a significant role.
4.4.5.12 Denial of Service
The proposed scheme authenticate the node using public key certificate and allowed
only the authenticated nodes to send the data while it may be infeasible for an attacker
to join the network and launch the denial of service attack on medical server.
4.4.5.13 Masquerade Prevention
The nodes are authenticated using public key certificate, which is hard for an attacker to
launch masquerade attack.
4.4.5.14 Scalability
The design architecture is scalable and a node can be added or removed as per the
requirement of the network without changing the structure of the network.
Table 4. 24 Security Analysis of Proposed and Existing Schemes
Schemes
Proposed Scheme 4th Y Y Y Y Y Y Y Y Y Y Y Y
IEEE 802.15.6 Protocol I N Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol II (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol III (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol IV (2012) Y Y Y N Y Y Y N N N N Y
(Drira et al 2012) Y Y N N Y Y N N Y Y Y N
(Lee et al 2014) Y Y N N Y Y N N Y N Y N
(Daojing et al 2014) Y Y Y N Y Y Y Y Y Y Y N
4.4.6 Performance Analysis
Biosensors have limited memory, processing capability and energy. Based on these
parameters we analyze our scheme with existing schemes presented in the literature.
89
The advantage of proposed scheme is obvious from its efficiency compared to existing
schemes.
4.4.6.1 Computational Cost Analysis
In established public key cryptosystem, the expensive and major operations are
Modular Exponentiation ( ), ECC Point multiplication ( ) and HEC
Divisor Scalar Multiplication ( ). A single scalar multiplication is observed to
have been consuming 469.96 ms for ( ) and 316.6 ms for ( ) on ARM @
50MHz processor. Analysis shows that our scheme is cost efficient and best suitable for
the resource constraint environment of BANs. The result is presented in tables.
Table 4. 25 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost at Biosensor Side
Proposed Scheme 4th
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 26 Computation Cost Comparison on Biosensor Side
Proposed Scheme Efficiency on the basis of Computation Cost at Biosensor Side
Existing Schemes Percent Efficiency of the Proposed Scheme IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
90
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
(Com
puta
tion
Cos
t in
ms)
(Number of nodes)
Proposed Scheme 4th
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 15. Computation Cost at Biosensor Side
Table 4. 27 Comparison of Computation Cost of Existing and Proposed Schemes
Schemes Computation Cost Base Station Side
Proposed Scheme 4th
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
91
Table 4. 28 Computation Cost Comparison on MS Side
Proposed Scheme Efficiency on the basis of Computation Cost at MS Side
Existing Schemes Percent Efficiency of the Proposed Scheme IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
3500
4000
4500
(Com
puta
tion
Cos
t in
ms)
(Number of nodes)
Proposed Scheme 4th
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 16. Computation Cost at MS Side
4.4.6.2 Communication Overhead Analysis
Energy consumption of transmission is proximately 1000 time high than computation
cost. The communication efficiency of our solution depends on the shorter key size and
parameters of HECC. Based on NIST standard choice of parameters, our scheme is cost
efficient in bandwidth utilization than existing schemes as shown in Table 4.29.
Table 4. 29 Comparison of Communication Overhead of Proposed and Existing Schemes
Schemes Total Number of Messages
Exchanged Total Number of Bits Exchanged
Proposed Scheme 4th
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II
92
IEEE 802.15.6 Protocol III
IEEE 802.15.6 Protocol IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 29 Communication Cost on the basis of Nodes
Proposed Scheme Efficiency on the basis of Communication Cost
Existing Schemes Percent Efficiency of the Proposed Scheme IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
2000
4000
6000
8000
10000
12000
14000
16000
18000
20000
22000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Number of nodes)
Proposed Scheme 4th
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 17. Communication Cost on the Base of Nodes
Table 4. 30 Communication Cost on the basis of Security Levels
Proposed Scheme Efficiency on the basis of Security Levels
Existing Schemes Percent Efficiency of the Proposed Scheme
Security Level 1 Security Level 2 Security Level 3 IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
93
Level 1 Level 2 Level 3
0
2000
4000
6000
8000
10000
12000
14000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Security Level)
Proposed Scheme 4th
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 18. Communication Cost on the Base of Security Level
4.4.7 Conclusion
This scheme is lightweight as compare to other schemes due to the shorter parameters
of . The proposed scheme is efficient at biosensor side 7.10-76.31% and MS side
53.55-91.40%. Communication overhead efficiency on the basis of number of nodes is
81.69-92.02% and 43.25-94.11% in security levels. The significant cost reduction along
with integrity, confidentiality, authenticity and key updating can make this scheme a
better choice for the resource-constrained set up of BANs.
4.5 Novel Key Agreement Scheme for BANs Based on Hyper Elliptic Curve
Signcryption
Symmetric ciphers are fast but suffers with secure key distribution problem while
asymmetric solve the secure key distribution problem but are costly. Hybrid techniques
are somehow balanced but still needs cost efficiency to be best fit in resource
constraint environment. The security feature of signature for authentication and
94
encryption for achieving confidentiality were combined logically into single operation
called signcryption. Koblitz first time introduced Hyper Elliptic Curve Cryptosystem
( ) as alternative of Elliptic Curve Cryptosystem ( ), feasible to achieve high
security for resource constraint environment. Nizamuddin et al. (Nizamuddin, Ch., &
Amin, 2011) proposed signcryption scheme based on and reduced significant
computation and communication compared to base schemes.
is prioritizing over other cryptographic solutions because its shorter parameters
provide the same security level. 80 bits base filed offer the same security with
that of 180 bits and 1024 bits of . In our novel secure key agreement scheme
designed for a hospital ward, we apply based signcryption for which will
provide the same security level with enough lower computation and communication
cost/overhead and one hop reduction due to avoidance of cluster head will increase the
overall performance of the network.
4.5.1 Hyper Elliptic Curve Cryptosystem
Shorter key size and high efficiency of hyper elliptic curve cryptosystem proves
its suitability over other crypto systems. Our proposed scheme using can attain
the same security in comparison to other schemes having larger key sizes as shown in
table 4.32 .Smaller communication bandwidth, low overhead and less memory space of
make it ideal to be applied for the resource constraint environment of .
Table 4. 32 NIST Recommended Key Size
Symmetric Cryptosystem RSA and Diffie-Hellman Elliptic Curve Hyper Elliptic Curve 80 1024 160 80
112 2048 224 112
128 3072 256 128
192 7680 384 192
256 15360 512 256
The topological structure of the proposed network consists of biosensors, and .
Our proposed scheme has the following phases.
95
Initialization Phase
Session Key Establishment Phase
Secure Session Data Transmission Phase
Key Update Phase
4.5.2 BAN Initialization Phase
In this phase, each body sensor is preloaded with private key , and public
key prior to deployment on patient’s body. Private Key and public keys are
preloaded to along with public keys of all biosensors.
4.5.3 Session Key Establishment Phase
In this phase, session key is generated round wise and exchanged securely between
body sensors and using cost effective primitive signcryption for onward secure
patient’s data communication. Probabilistic signcryption algorithm 4.19 is
used to generate signcrypted text for session key .
Algorithm 4.19: Signcryption
for each biosensor node
a. Select a integer
b. Computes
c. Computes
d. Generate session key
e. Computes
f. Computes
g. Compute
Transmit Signcrypted text to
End for
obtain biosensor public key from certificate authority. Deterministic
unsigncryption algorithm (4.20) is used to obtain session key
from signcrypted text .
96
Algorithm 4.20: Unsigncryption
for each biosensor node
a. Computes
b. Computes
c. Computes
d. Computes
Check , if satisfied accept the , otherwise
End for
Theorem: The proposed scheme signcryption / unsigncryption is correct if
Proof:
4.5.4 Secure Session Data Transmission Phase
The hash of patient’s physiological data sensed by body sensors is taken for
computing hash value then the hash value and sensed data are encrypted to
compute cipher text for sending to medical officer via BS and MS for hurried
treatment. Algorithm (4.21) is used for the secure transmission of patient’s data.
97
Algorithm 4.21: Secure Session Data Transmission
Biosensor Node
for each biosensor node
a. sense data
b. Computes
c. Computes
d. Sends to
End for
Medical Server
Algorithm 4.22: Session Data Decryption
for each biosensor encrypted data
e. ( )
f.
g. Accept if Save data to patient record otherwise
End for
4.5.5 Key Update Phase
The important feature of our solution is round wise updating of session keys to block
cryptanalyst attack while getting advantage of old keys. Fresh keys guarantee forward
and backward secrecy of information that significantly reduce the chance of misuse of
patient personnel data from biosensors to the decision maker . The proposed
algorithm 4.23 updates session key at the end of each round both on body sensors and
in such a way that the hash of last data of a round is computed and then
of the last round secret session key and last data of a round is taken
to compute fresh secret session key , where three rounds are taken in twenty four
hour each of eight hours. Round ( ) starts if = 11 and ends on =00.
98
ALGORITHM 4.23: Key Update
3. Biosensor
for each biosensor encrypted data
a. Computes where is last round data
b. Computes
4. Medical Server
c. Computes
a. Computes
End for
4.5.6 Security Analysis
The secure communication of collected patient health status data from biosensors to the
intended recipient (medical specialist) is the key addressable issue of BANs. Our
scheme is based on computationally infeasible hard problem using Hyper Elliptic
Curve Discrete Log Problem ( ) (Boukerche & Ren, 2008).This scheme is
protected against expected threats and fulfills all basic security parameters described
below:
4.5.6.1 Node Authentication
Proposed scheme signcryption a public key primitive and the public key certificate of
node ensure node authenticity, therefore in session key establishment authenticity of
information received from each sensor at is achieved. Authenticity of information
received at sensor is achieved by and function.
4.5.6.2 Key Agreement
To ensure efficient and secure confidential message dissemination using symmetric
cipher, session key is established using signcryption that ensure authenticated session
key agreement.
99
4.5.6.3 Key Update
In proposed scheme rekeying is perform to update the previous session key established
that ensure key freshness.
4.5.6.4 Node Tracking
In proposed scheme use of algorithm PST having and functionality
used to track the patient and biosensors.
4.5.6.5 Message and Session Key Confidentiality
The confidential transmission of patient physiological data from the source to target is
essential, for this purpose symmetric algorithm is used to protect patient data from
reading of illegal users. In our scheme, confidential transmission of session key is
performed using .
4.5.6.6 Message and Session Key Integrity
Integrity is an important property of our proposed scheme where patient data is
protected from modification. Integrity is achieved using one-way hash collision
resistive function .
4.5.6.7 Key Revocation
In proposed scheme, has the authority to blacklist the node and revoke the key.
Moreover, rekeying is performed to update the previous session key established.
4.5.6.8 Forward and Backward Secrecy
In proposed scheme when a node joins or leaves the network, rekeying is performed
that ensure forward and backward secrecy.
4.5.6.9 Data Freshness
Proposed scheme ensures data freshness by using time stamp . It ensures that
received data are not replayed and fresh enough.
100
4.5.6.10 Denial of service
In the proposed scheme, nodes are authenticated using public key certificate and only
critical data is disseminated. If an attacker wants to send bulk of data that will be
blacklisted, it may be infeasible for an attacker to join the network and launch the denial
of service attack.
4.5.6.11 Masquerade Prevention
The patient is registered and nodes are authenticated using public key certificate, which
is hard for an attacker to launch masquerade attack.
4.5.6.12 Scalability
The design architecture is scalable and a node can be added or removed as per the
requirement of the network without changing the structure of the network.
Table 4. 33 Security Comparisons of Proposed and Existing Schemes
Schemes
Proposed Scheme 5th Y Y Y Y Y Y Y Y Y Y Y Y
IEEE 802.15.6 Protocol I N Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol II Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol III (2012) Y Y Y N Y Y Y N N N N Y
IEEE 802.15.6 Protocol IV (2012) Y Y Y N Y Y Y N N N N Y
(Drira et al 2012) Y Y N N Y Y N N Y Y Y N
(Lee et al 2014) Y Y N N Y Y N N Y N Y N
(Daojing et al 2014) Y Y Y N Y Y Y Y Y Y Y N
4.5.7 Performance Analysis
The parameters for the evaluation of our scheme are cost and overhead. We have
analyzed our scheme with other existing schemes on the basis of these parameters. The
efficiency of our proposed scheme is prominent than the other schemes.
101
4.5.7.1 Computational Cost Analysis
In our proposed scheme the major operation is . In (Drira et al) scheme one
and one , one paring and one modular multiplication (Mul) and in (
Lee et al) two and one hash are used while in our proposed scheme two
is used. The analysis is shown in Fig 4.34.
Table 4. 31 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost at Biosensor Side
Pairing Proposed Scheme 5th
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II
IEEE 802.15.6 Protocol III
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014) 3 3 2
Table 4. 32 Computation Cost Comparison on Biosensor Side
Proposed Scheme Efficiency on the basis of Computation Cost at Biosensor Side
Existing Schemes Percent Efficiency of the Proposed Scheme IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
102
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
(Com
puta
tion
Cos
t in
ms)
(Number of nodes)
Proposed Scheme 5th
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 19. Computational Cost at Biosensor Side
Table 4. 33 Comparison of Computation Cost of Existing and Proposed Schemes
Scheme Computation Cost at MS Side
Proposed Scheme 5th
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II
IEEE 802.15.6 Protocol III
IEEE 802.15.6 Protocol IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
Table 4. 34 Computation Cost Comparison at MS Side
Proposed Scheme Efficiency on the basis of Computation Cost at MS Side
Existing Schemes Percent Efficiency of the Proposed scheme IEEE 802.15.6 Protocol I, II, III (2012)
IEEE 802.15.6 Protocol IV (2012)
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
103
0 2 4 6 8 10
0
500
1000
1500
2000
2500
3000
3500
4000
4500
(Com
puta
tion
Cos
t in
ms)
(Number of nodes)
Proposed Scheme 5th
Standard I,II,III
Standard IV
Drira et al
Lee et al
Daojing et al
Fig.4. 20. Computational Cost at Base Station Side
4.5.7.2 Communication Overhead Analysis
The maximum energy is consumed on transmission of patients data which depends
upon the packet size and distance between source to target. Due to use of smaller key
size, our proposed scheme is efficient in communication overhead as compare to other
schemes. The analysis is shown in Table. 4.38.
Table 4. 38 Cost Comparison of Existing and Proposed Scheme
Schemes Total Number of Messages Exchanged
Total Number of Bits Exchanged
Proposed Scheme 5th
IEEE 802.15.6 Protocol I (2012)
IEEE 802.15.6 Protocol II (2012)
IEEE 802.15.6 Protocol III (2012)
IEEE 802.15.6 Protocol IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
104
Table 4. 39 Communication Cost on the basis of Nodes
Proposed Scheme Efficiency on the basis of Communication Cost
Existing Schemes
Percent Efficiency of the Proposed Scheme
IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
0 2 4 6 8 10
0
5000
10000
15000
20000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Number of nodes)
Proposed Scheme 5th
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 21. Communication Cost on the Base of Number Nodes
Table 4. 35 Communication Cost on the basis of Security Levels
Proposed Scheme Efficiency on the basis of Security Levels
Existing Schemes
Percent Efficiency of the Proposed Scheme
Security Level 1 Security Level 2 Security Level 3
IEEE 802.15.6 Protocol I, II, III,IV
(Drira et al 2012)
(Lee et al 2014)
(Daojing et al 2014)
105
Level 1 Level 2 Level 3
0
2000
4000
6000
8000
10000
12000
14000
(Com
mun
icat
ion
Cos
t in
Bits
)
(Security Level)
Proposed Scheme 5th
Standard I,II,III,IV
Drira et al
Lee et al
Daojing et al
Fig.4. 22. Communication Cost on the Base of Security Levels
4.5.8 Conclusion
This scheme addresses the key issue of BANs security while using HECC based
signcryption, which significantly out performs as compare to other cryptographic
solutions. In our novel key agreement frame work HECC 80 bits base filed offer the
same security level with enough lower computation, communication and storage cost.
One hop reduction due to avoidance of cluster head increases overall performance of
the network. The proposed scheme computationally efficient at biosensor side 21.12-
79.88% and at MS side 34.30-87.83%. Communication efficiency is 3.57-57.97% while in
security 21.67% efficient than (IEEE 802.15.6 protocol) and 80.14 efficient than ((Daojing
et al 2014)). The average percentage of (Drira et al) and (Lee et al) are -15.91% and -43
respectively. However our scheme provides enhanced security with five additional
features as compared to (Drira et al) and our scheme provides enhanced
security with six additional features as compared to (Lee et al). The
performance analysis of our proposed scheme with others depicted in graphs clearly
proves the appropriateness of our scheme for the resource constrained environment of
BANs.
106
Chapter 05
CONCLUSION AND FUTURE WORK
5.1 Conclusion
Probing the relevant literature and identifying the research gapes we have proposed a
secure and efficient framework incorporating five schemes. The existing schemes are
either high in cost or deficient in security parameters and are not feasible for the
constrained environment of BANs. Our proposed framework is addressing both the
issues of high cost and low security effectively by providing significant decrease in cost
and improvement in security. The enhanced security features are the countable
advantages of this frame work over existing, these are node authentication, key
agreement, key update, node tracking, message confidentiality, message integrity, key
revocation, forward secrecy and backward secrecy, data freshness, denial of service and
masquerade prevention along with scalability. Secure and light weight authentication
and key agreement scheme one is proposed for the security of where encrypted
is applied for secure node authentication that blocks illegal nodes. Cost effective
symmetric cipher is used for confidentiality of physiological data rather than costly
asymmetric cipher. The value of one way collision resistive hash function is decreased
and the resultant light weight compressed hash function is obtained for
maintaining integrity. Forward and backward secrecy is achieved by updating session
keys round-wise where is taken of the previous round last data with previous
round last session key in this way adversary would not be able to guess the key
for next round. Physical security feature of our scheme is used for tracking
patients/ biosensors and detecting dead or faulty biosensors within the transmission
range of . Our scheme is computationally efficient 60.05-89.81% at biosensor side,
60.05-92.61% at MS side and efficient in communication overhead from 83.92-92.99% as
compared to other schemes. Thus, this scheme provides improved security features
107
mentioned in Table 4.1 with minimal cost which make this scheme well fit for the
resource constrained environment of .
In scheme two we have proposed hybrid approach for authenticated key agreement
with rekeying for secure BANs. Our scheme is based on and symmetric
cryptography. The proposed scheme is efficient in computation cost at biosensor side
40.37-84.79% and at MS side 40.37-88.96% efficient in communication cost based on
number of nodes from 81.69-92.02% and security level 43.25-94.11%, fulfills the entire
security requirement of BANs.
Signcryption based on elliptic curve cryptography ( ) in is the unique feature
of scheme three. Life of the network is increased by cluster rotation among the sensors.
Forward and backward secrecy is maintained by rekeying. The proposed scheme is
favorable due to significant reduction in computation cost as well as communication
overhead for over other existing schemes while fulfilling essential security
parameters. The percent efficiency comparison of our proposed scheme with the
existing scheme is depicted in tables.
The scheme four is light weight as compare to other schemes due to the shorter
parameters of . The proposed scheme is efficient at biosensor side 7.10-76.31% and
MS side 53.55-91.40%. Communication overhead efficiency on the basis of number of
nodes is 81.69-92.02% and 43.25-94.11% in security levels. The significant cost reduction
along with integrity, confidentiality, authenticity and key updating can make this
scheme a better choice for the resource constrained set up of BANs.
Scheme five addresses the key issue of BANs security while using HECC based
signcryption which significantly out performs as compare to other cryptographic
solutions. In our novel key agreement technique HECC 80 bits base filed offer the same
security level with enough lower computation, communication and storage cost. One
hop reduction due to avoidance of cluster head increases overall performance of the
network. The proposed scheme is computationally efficient at biosensor side 21.12-
79.88% and at MS side 34.30-87.83%. Communication efficiency is 3.57-57.97% while in
108
security 21.67% efficient than (IEEE 802.15.6 protocol) and 80.14 efficient than ((Daojing
et al 2014)). The average percentage of (Drira et al) and (Lee et al) are -15.91% and -43
respectively. However, there is security trade-off between cost and security and our
scheme provides enhanced security with five additional features as
compared to (Drira et al) and provides enhanced security with six additional features
as compared to (Lee et al).
The performance and security analysis of our proposed framework with others
depicted in graphs and tables clearly proves the appropriateness of our framework for
the resource constrained environment of BANs.
Table 5. 1 Average Percent Efficiency of the Proposed Schemes on the basis of Computation Cost
Existing Scheme Scheme 1 Scheme 2 Scheme 3 Scheme 4 Scheme 5
IEEE 802.15.6 Protocol I, II, III 71.43% 56.94% 43.051% 43.05% 32.92%
IEEE 802.15.6 Protocol IV 77.43% 66.31% 55.43% 55.43% 47.51%
(Drira et al 2012) 82.59% 74.02% 65.63% 64.48% 59.52%
(Lee et al 2014) 60.05% 40.37% 21.12% 21.12% 7.10%
(Daojing et al 2014) 89.81% 84.79% 79.88% 79.88% 76.31%
Table 5. 2 Average Percent Efficiency of the Proposed Schemes on the basis of Communication Cost
Existing Scheme Scheme 1 Scheme 2 Scheme 3 Scheme 4 Scheme 5
IEEE 802.15.6 Protocol I, II, III 92.99% 92.02% 57.97% 57.97% 92.02%
IEEE 802.15.6 Protocol IV 87.5% 85.76% 25% 25% 85.76%
(Drira et al 2012) 86.15% 86.51% 28.94% 28.94% 86.51%
(Lee et al 2014) 83.92% 81.69% 3.5% 3.57% 81.69%
(Daojing et al 2014) 92.99% 92.02% 57.97% 57.97% 92.02%
109
Table 5. 3 Proposed Framework Security Improvement
Schemes Existing Work Security Our proposed work
Security Improvement
IEEE 802.15.6 Protocol I
IEEE 802.15.6 Protocol II
(2012)
,
IEEE 802.15.6 Protocol III
(2012)
,
IEEE 802.15.6 Protocol IV
(2012) (2012)
,
(Drira et al 2012) , ,
(Lee et al 2014) ,
(Daojing et al 2014) ,
5.2 Future Work
The transmission of normal status data is not necessary to be considered for the
decision making by the medical officers this can be just the wastage of resources with
degradation of network efficiency. We have used the critical data as the essential point
of communication to be recorded and utilized for quick decision making. In the future
all schemes/frameworks/protocols to be designed for BANs/BSNs should only focus
on the critical data in contrast to transmit normal status data for improving the
efficiency and prolonging the network life. This work can be enhanced using fuzzy
techniques by defining the data sets of different diseases and fuzzy based framework
for BANs can be developed. This framework can also be further extended by using the
110
lattice-valued fuzzy logic, the intuitionist fuzzy logic, bipolar fuzzy sets and fuzzy
attribute based secure framework for BANs.
111
References
Ali, A., Irum, S., Kausar, F., & Khan, F. A. (2013). A cluster-based key agreement scheme using keyed hashing for Body Area Networks. Multimedia Tools and Applications, 66(2), 201–214. http://doi.org/10.1007/s11042-011-0791-4.
Ali, A., & Khan, F. A. (2010). An improved EKG-based key agreement scheme for body area networks. In Information Security and Assurance, Springer Berlin Heidelberg, 298–308. http://doi.org/10.1007/978-3-642-13365-7_29.
Amin, N. U., Asad, M., & Chaudhry, S. A. (2012). An authenticated key agreement with rekeying for secured body sensor networks based on hybrid cryptosystem. Networking, Sensing and Control (ICNSC), 2012 9th IEEE International Conference, 118–121. http://doi.org/10.1109/ICNSC.2012.6204902.
Amin, R. (2013). Cryptanalysis and An Efficient Secure ID-Based Remote User Authentication Scheme Using Smart, 75(13), 43–48.
Amin, R., Bengal-, W., & Rana, S. P. (2013). An Improvement of Wang . et . al .’ s Remote User Authentication Scheme Against Smart Card Security Breach, 75(13), 37–42.
Amin, R., & Biswas, G. P. (2015). A Novel User Authentication and Key Agreement Protocol for Accessing Multi-Medical Server Usable in TMIS. Journal of Medical Systems, 39(3). http://doi.org/10.1007/s10916-015-0217-3.
Amin, R., Maitra, T., & Giri, D. (2013). An improved efficient remote user authentication scheme in multi-server environment using smart card. International Journal of Computer Applications, 69(22), 1–6. Retrieved from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.403.4667&rep=rep1&type=pdf.
Approved IEEE Draft Revision for IEEE Standard for Information Technology-Telecommunications and Information Exchange Between Systems-Local and Metropolitan Area Networks-Specific Requirements-Part 15.4B: Wireless Medium Access Control (MAC) and Physical . (2006). Retrieved from http://ieeexplore.ieee.org/articleDetails.jsp?arnumber=4040981.
Association, T.I.S.: IEEE P802.15.6-2012 Standard for Wireless Body Area Networks. http://standards.ieee.org/findstds/standard/802.15.6-2012.html. (n.d.).
Bao, S. Di, Poon, C. C. Y., Zhang, Y. T., & Shen, L. F. (2008). Using the timing information of heartbeats as an entity identifier to secure body sensor network. IEEE Transactions on Information Technology in Biomedicine, 12(6), 772–779. http://doi.org/10.1109/TITB.2008.926434.
Bhargav-Spantzel, A., Squicciarini, A. C., Modi, S., Young, M., Bertino, E., & Elliott, S. J. (2007). Privacy preserving multi-factor authentication with biometrics. Proceedings of the Second ACM Workshop on Digital Identity Management, 63–72. http://doi.org/10.1145/1179529.1179540.
112
Borger, C., Smith, S., Truffer, C., Keehan, S., Sisko, A., Poisal, J., & Clemens, M. K. (2006). Trends health spending projections through 2015: Changes on the horizon. Health Affairs, 25(2), 61–73. http://doi.org/10.1377/hlthaff.25.w61.
Boukerche, A., & Ren, Y. (2008). The design of a secure key management system for mobile ad hoc networks. 2008 33rd IEEE Conference on Local Computer Networks (LCN), 320–327. http://doi.org/10.1109/LCN.2008.4664186.
Cao, T., & Zhai, J. (2013). Improved dynamic ID-based authentication scheme for telecare medical information systems. Journal of Medical Systems, 37(2). http://doi.org/10.1007/s10916-012-9912-5.
Ch, S. A., Uddin, N., Sher, M., Ghani, A., Naqvi, H., & Irshad, A. (2014). An efficient signcryption scheme with forward secrecy and public verifiability based on hyper elliptic curve cryptography,. Multimedia Tools and Applications, 74(5), 1711–1723. http://doi.org/10.1007/s11042-014-2283-9.
Challa, N., Çam, H., & Sikri, M. (2008). Secure and Efficient Data Transmission over Body Sensor and Wireless Networks. EURASIP Journal on Wireless Communications and Networking, 14(1), 60–68. http://doi.org/10.1155/2008/291365.
Chen, H.-M., Lo, J.-W., & Yeh, C.-K. (2012). An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems. Journal of Medical Systems, 36(6), 3907–3915. http://doi.org/10.1007/s10916-012-9862-y.
Chen, M., Gonzalez, S., Vasilakos, A., Cao, H., & Leung, V. C. M. (2011). Body area networks: A survey. Mobile Networks and Applications, 16(2), 171–193. http://doi.org/10.1007/s11036-010-0260-8.
Cherukuri, S., Venkatasubramanian, K. K., & Gupta, S. K. S. (2003). Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. International Conference on Parallel Processing Workshops, 2003. Proceedings., 432–439. http://doi.org/10.1109/ICPPW.2003.1240399.
Cleland, J. G. F., Swedberg, K., Follath, F., Komajda, M., Cohen-Solal, a., Aguilar, J. C., … Mason, J. (2003). The EuroHeart Failure survey programme - A survey on the quality of care among patients with heart failure in Europe. Part 1: Patient characteristics and diagnosis. European Heart Journal, 24(5), 442–463. http://doi.org/10.1016/S0195-668X(02)00823-0.
Crosby, G., Ghosh, T., Murimi, R., & Chin, C. (2012). Wireless body area networks for healthcare: a survey. International Journal of Ad Hoc, Sensor & Ubiquitous Computing (IJASUC), 3(10). Retrieved from https://scholar.google.com.pk/scholar?hl=en&q=Wireless+Body+Area+Networks+for+Healthcare%3A+A+Survey&btnG=&as_sdt=1%2C5&as_sdtp=#0.
Darwish, A., & Hassanien, A. (2011). Wearable and implantable wireless sensor network solutions for healthcare monitoring. Sensors, 11(6), 5561–5595. Retrieved from http://www.mdpi.com/1424-8220/11/6/5561/htm.
113
Das, A. (2011). Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Information Security, 5(3), 145. http://doi.org/10.1049/iet-ifs.2010.0125.
Das, A., & Goswami, A. (2013). A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems, 37(3), 1–16. Retrieved from http://link.springer.com/article/10.1007/s10916-013-9948-1.
Das, A. K., & Bruhadeshwar, B. (2013). An Improved and Effective Secure Password-Based Authentication and Key Agreement Scheme Using Smart Cards for the Telecare Medicine Information System. Journal of Medical Systems, 37(5), 1–17. http://doi.org/10.1007/s10916-013-9969-9.
Debiao, H., Jianhua, C., & Rui, Z. (2011). A More Secure Authentication Scheme for Telecare Medicine Information Systems. Journal of Medical Systems, 36(3), 1989–1995. http://doi.org/10.1007/s10916-011-9658-5.
Disease, H., Every, K., & News, F. (2015). Heart Disease Kills Every 34 Seconds in U . S ., 7–8.
Domenicali, D., & Benedetto, M.-G. Di. (2007). Performance Analysis for a Body Area Network composed of IEEE 802.15.4a devices. 4th Workshop on Positioning, Navigation and Communication, 2007, 273–276. http://doi.org/10.1109/WPNC.2007.353645.
Dong, J., & Smith, D. (2012). Cooperative body-area-communications: Enhancing coexistence without coordination between networks. IEEE 23rd International Symposium on Personal Indoor and Mobile Radio Communications (PIMRC), 2269–2274. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6362733.
Drira, W., Renault, É., & Zeghlache, D. (2012). A hybrid authentication and key establishment scheme for WBAN. Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012, 78–83. http://doi.org/10.1109/TrustCom.2012.31.
Du, W. (2005). A Pairwise Key Pre-distribution Scheme for Wireless Sensor Networks. ACM Trans. Inf. Syst. Security, 8(2), 228–258.
Eldefrawy, M. H., Khan, M. K., & Alghathbar, K. (2010). A key agreement algorithm with rekeying for wireless sensor networks using public key cryptography. Anti-Counterfeiting Security and Identification in Communication (ASID), 2010 International Conference on, 1–6. http://doi.org/10.1109/ICASID.2010.5551480.
Eschenauer, L., & Gligor, V. D. (2002). A key-management scheme for distributed sensor networks. 9th ACM Conference on Computer and Communications Security, 41–47.
Garnaut, J. (2012). Wireless Medium Access Control (MAC) and Physical Layer (PHY)
114
Specification for Low-Rate Wireless Personal Area Networks. Smh. Retrieved from http://www.smh.com.au/world/philippines-and-china-clash-as-tensions-rise-over-oilrich-seas-20120411-1ws5q.html#ixzz2246vAQlQ.
Grabbe, J. (1992). The DES algorithm illustrated. Laissez Faire City Times, 2(28), 1–15. Retrieved from http://www.orlingrabbe.com/des.htm.
Guo, C., & Chang, C. C. (2013). Chaotic maps-based password-authenticated key agreement using smart cards. Communications in Nonlinear Science and Numerical Simulation, 18(6), 1433–1440. http://doi.org/10.1016/j.cnsns.2012.09.032.
H. Cam, S. Ozdemir, P. Nair, D. M. and H. O. S. (1999). LAW OF THE PEOPLE’S REPUBLIC OF CHINA ON MEDICAL PRACTITIONERS. Retrieved April 8, 2015, from http://www.asianlii.org/cn/legis/cen/laws/lotprocomp511/.
Halteren, V. (2004). Mobile Patient Monitoring: The MobiHealth System. The Journal on Information Technology in Healthcare, 2(5), 365–373. http://doi.org/10.3233/978-1-60750-946-2-307.
Hash, J., Bowen, P., Johnson, A., Smith, D., Smith, C. D., & Steinberg, D. I. (2005). An introductory resource guide for implementing the health insurance portability and accountability act (HIPAA) security rule, (NIST Special Publication., pp. 800–866,).
He, D., Chan, S., & Tang, S. (2014). A novel and lightweight system to secure wireless medical sensor networks. IEEE Journal of Biomedical and Health Informatics, 18(1), 316–326. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6541953.
He, D., Chan, S., Zhang, Y., & Yang, H. (2014). Lightweight and confidential data discovery and dissemination for wireless body area networks. IEEE Journal of Biomedical and Health Informatics, 18(2), 440–448. http://doi.org/10.1109/JBHI.2013.2293620.
He, W., Huang, Y., Sathyam, R., Nahrstedt, K., & Lee, W. C. (2009). SMOCK: A scalable method of cryptographic key management for mission-critical wireless ad-hoc networks. IEEE Transactions on Information Forensics and Security, 4(1), 140–150. http://doi.org/10.1109/TIFS.2008.2009601.
Healey, J., & Picard, R. (2005). Detecting stress during real-world driving tasks using physiological sensors. IEEE Transactions on Intelligent Transportation Systems, 6(2), 156–166. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1438384.
Heart Failure Fact Sheet|Data & Statistics|DHDSP|CDC. (n.d.). Retrieved August 7, 2015, from http://www.cdc.gov/dhdsp/data_statistics/fact_sheets/fs_heart_failure.htm.
IEEE Standard for Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements. Part 15.3: Wireless Medium Access Control (MAC) and Physical
115
Layer (PHY) Specifications. (2009). http://doi.org/10.1109/IEEESTD.2009.5284444.
IEEE Standard for Information technology--Telecommunications and information exchange between systems Local and metropolitan area networks--Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. (2012). http://doi.org/10.1109/IEEESTD.2012.6178212.
IEEE Standards Association - Documents. (n.d.). Retrieved August 7, 2015, from https://mentor.ieee.org/802.15/documents.
Information, F. (2001). Announcing the ADVANCED ENCRYPTION STANDARD ( AES ).
Iqbal, J., Amin, N. U., & Umar, A. I. (2013). Authenticated key agreement and cluster head selection for Wireless Body Area Networks. 2nd National Conference on Information Assurance (NCIA), 113–117. http://doi.org/10.1109/NCIA.2013.6725334.
Iqbal, J., Amin, N., Umar, A. I., & Waheed, A. (n.d.). Enhanced Key Agreement and Authentication Protocol for Body Sensor Network.
Irum, S., Ali, A., Khan, F. A., & Abbas, H. (2013). A hybrid security mechanism for intra-wban and inter-WBAN communications. International Journal of Distributed Sensor Networks. http://doi.org/10.1155/2013/842608.
Islam, S. H., & Biswas, G. P. (2011). A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84(11), 1892–1898. http://doi.org/10.1016/j.jss.2011.06.061.
Jiang, Q., Ma, J., Ma, Z., & Li, G. (2013). A privacy enhanced authentication scheme for telecare medical information systems. Journal of Medical Systems, 37(1). http://doi.org/10.1007/s10916-012-9897-0.
Juels, A., & Sudan, M. (2006). A fuzzy vault scheme. Designs, Codes, and Cryptography, 38(2), 237–257. http://doi.org/10.1007/s10623-005-6343-z.
Khan. (2009). Medical Applications of Wireless Body Area Networks. International Journal of Digital Content Technology and Its Applications, 3(3), 185–193. http://doi.org/10.4156/jdcta.vol3.issue3.23.
Khan, M. K., Kumari, S., & Gupta, M. K. (2014). More efficient key-hash based fingerprint remote authentication scheme using mobile device. Computing, 96(9), 793–816. http://doi.org/10.1007/s00607-013-0308-2.
Khan, M. K., & Zhang, J. (2007). Improving the security of “a flexible biometrics remote user authentication scheme.” Computer Standards & Interfaces, 29(1), 82–85. http://doi.org/10.1016/j.csi.2006.01.002.
Ko, J., Lu, C., & Srivastava, M. (2010). Wireless sensor networks for healthcare. IEEE Proceedings, 98(11), 1947–1960. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5570866.
116
Koblitz, N. (1989). Hyperelliptic cryptosystems. Journal of Cryptology, 1(3), 139–150. http://doi.org/10.1007/BF02252872.
Korhonen, I., & Bardram, J. E. (2004). Guest Editorial Introduction to the Special Section on Pervasive Healthcare. IEEE Transactions on Information Technology in Biomedicine, 8(3), 405–414. http://doi.org/10.1109/TITB.2004.835337.
Kumar, M., Gupta, M. K., & Kumari, S. (2011). An Improved Efficient Remote Password Authentication Scheme with Smart Card over Insecure Networks, 13(3), 167–177.
Kumari, S., & Gupta, M. (2014). An improved timestamp based password authentication scheme: comments, cryptanalysis, and improvement. Security and Communication Networks, 7(11), 1921–1932. Retrieved from http://onlinelibrary.wiley.com/doi/10.1002/sec.906/full.
Kumari, S., & Khan, M. (2014a). Cryptanalysis and improvement of “a robust smart‐ card‐ based remote user password authentication scheme.” International Journal of Communication …. Retrieved from http://onlinelibrary.wiley.com/doi/10.1002/dac.2590/full.
Kumari, S., & Khan, M. (2014b). More secure smart card based remote user password authentication scheme with user anonymity. Security and Communication Networks, 7(11), 2039–2053. Retrieved from http://onlinelibrary.wiley.com/doi/10.1002/sec.916/full.
Kumari, S., Khan, M. K., & Kumar, R. (2013). Cryptanalysis and Improvement of “A Privacy Enhanced Scheme for Telecare Medical Information Systems.” Journal of Medical Systems, 37(4), 1–11. http://doi.org/10.1007/s10916-013-9952-5.
Kumari, S., Khan, M. K., & Li, X. (2014). An improved remote user authentication scheme with key agreement. Computers & Electrical Engineering, 40(6), 1997–2012. http://doi.org/10.1016/j.compeleceng.2014.05.007.
Kumari, S., Khan, M., Li, X., & Wu, F. (2014). Design of a user anonymous password authentication scheme without smart card. International Journal of Communication Systems. Retrieved from http://onlinelibrary.wiley.com/doi/10.1002/dac.2853/full.
Kurs, A., Karalis, A., Moffatt, R., & Joannopoulos, J. (2007). Wireless power transfer via strongly coupled magnetic resonances. Science, 317(5834), 83–86. Retrieved from http://www.sciencemag.org/content/317/5834/83.short.
Kwak, K., Ullah, S., & Ullah, N. (2010). An overview of IEEE 802.15. 6 standard. IEEE 3rd International Symposium on Applied Sciences in Biomedical and Communication Technologies (ISABEL), 1–6. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5702867.
Latré, B., Braem, B., Moerman, I., Blondia, C., & Demeester, P. (2011). A survey on wireless body area networks. Wireless Networks, 17(1), 1–18. http://doi.org/10.1007/s11276-010-0252-4.
117
Le, X. H., Khalid, M., Sankar, R., & Lee, S. (2011). An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare. Journal of Networks, 6(3), 355–364. http://doi.org/10.4304/jnw.6.3.355-364.
Lee, T. F., & Liu, C. M. (2013). A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. Journal of Medical Systems, 37(3), 2–8. http://doi.org/10.1007/s10916-013-9933-8.
Lee, T.-F. (2013). An Efficient Chaotic Maps-Based Authentication and Key Agreement Scheme Using Smartcards for Telecare Medicine Information Systems. Journal of Medical Systems, 37(6), 1–9. http://doi.org/10.1007/s10916-013-9985-9.
Lee, Y. S., Alasaarela, E., & Lee, H. J. (2014). An efficient encryption scheme using elliptic curve cryptography (ECC) with symmetric algorithm for healthcare system. International Journal of Security and Its Applications, 8(3), 63–70. http://doi.org/10.14257/ijsia.2014.8.3.07.
Lewis, N., Foukia, N., & Govan, D. G. (2008). Using trust for key distribution and route selection in wireless sensor networks. 2008 Ieee Network Operations and Management Symposium, Vols 1 and 2, 787–790 1078. Retrieved from <Go\nto\nISI>://000259262400102.
Li, C.-T., & Hwang, M.-S. (2010). An efficient biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 33(1), 1–5. http://doi.org/10.1016/j.jnca.2009.08.001.
Li, X., Niu, J.-W., Ma, J., Wang, W.-D., & Liu, C.-L. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 34(1), 73–79. http://doi.org/10.1016/j.jnca.2010.09.003.
Lin, H. Y. (2013). On the security of a dynamic ID-based authentication scheme for telecare medical information systems. Journal of Medical Systems, 37(2). http://doi.org/10.1007/s10916-013-9929-4.
Liu, A., & Ning, P. (2008). TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. Proceedings - 2008 International Conference on Information Processing in Sensor Networks, IPSN 2008, 245–256. http://doi.org/10.1109/IPSN.2008.47.
Liu, D., Ning, P., & Li, R. (2005). Establishing pairwise keys in distributed sensor networks. ACM Transactions on Information and System Security, 8(1), 41–77. http://doi.org/10.1145/1053283.1053287.
Liu, J., Zhang, Z., Chen, X., & Kwak, K. S. (2014). Certificateless remote anonymous authentication schemes for wirelessbody area networks. IEEE Transactions on Parallel and Distributed Systems, 25(2), 332–342. http://doi.org/10.1109/TPDS.2013.145.
Malan, D., Fulford-Jones, T., Welsh, M., & Moulton, S. (2004). CodeBlue: An ad hoc
118
sensor network infrastructure for emergency medical care. In International Workshop on Wearable and Implantable Body Sensor Networks, 5, 12–14.
Malan, D. J., Welsh, M., & Smith, M. D. (2004). A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography. Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004. 2004 First Annual IEEE Communications Society Conference On. IEEE, 71–80. http://doi.org/10.1109/SAHCN.2004.1381904.
Malasri, K., & Wang, L. (2007). Addressing security in medical sensor networks. Proceedings of the 1st ACM SIGMOBILE International Workshop on Systems and Networking Support for Healthcare and Assisted Living Environments. ACM, 7–12. http://doi.org/10.1145/1248054.1248058.
Malasri, K., & Wang, L. (2009). Design and Implementation of a SecureWireless Mote-Based Medical Sensor Network. Sensors, 9(8), 6273–6297. http://doi.org/10.3390/s90806273..
Mehmood, Z., Nizamuddin, Ashraf Ch., S., Nasar, W., & Ghani, A. (2012). An efficient key agreement with rekeying for secured body sensor networks. 2012 2nd International Conference on Digital Information Processing and Communications, ICDIPC 2012, 164–167. http://doi.org/10.1109/ICDIPC.2012.6257295.
Misra, S., & Islam, N. (2014). Green wireless body area nanonetworks: Energy management and the game of survival. IEEE Journal ofBiomedical and Health, 18(2), 467–475. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6678203.
Movassaghi, S., Abolhasan, M., Lipman, J., Smith, D., & Jamalipour, A. (2014). Wireless Body Area Networks: A Survey. IEEE Communications Surveys & Tutorials, 16(3), 1658–1686. http://doi.org/10.1109/SURV.2013.121313.00064.
Nizamuddin, Ch., S. A., & Amin, N. (2011). Signcryption schemes with forward secrecy based on hyperelliptic curve cryptosystem. In 8th International Conference on High-capacity Optical Networks and Emerging Technologies (pp. 244–247). IEEE. http://doi.org/10.1109/HONET.2011.6149826.
Oliveira, L. B., Dahab, R., Lopez, J., Daguano, F., & Loureiro, A. A. F. (2007). Identity-based Encryption For Sensor Networks. Percom, 290–294.
Orlitsky, a. (1991). Worst-case interactive communication. II. Two messages are not optimal. IEEE Transactions on Information Theory, 37(4), 995–1005. http://doi.org/10.1109/18.86993.
Otto, C., & Milenkovic, A. (2006). System architecture of a wireless body area sensor network for ubiquitous health monitoring. Journal of Mobile Multimedia, 1(4), 307–3261. Retrieved from http://doktora.kirbas.com/Eng Makaleler/system architecture of a wireless body area sensor network for ubiquitous health monitoring.pdf.
119
Parliament., E. (n.d.). DIRECTIVE 2002/58/EC of the European Parliament and Council of concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
Pdf, T. P., Journal, E., Communications, W., Ali, A., Khan, F. A., Article, I., … Wcn, E. (2013). Energy-efficient cluster-based security mechanism for intra-WBAN and inter-WBAN communications for healthcare applications, 1–19. http://doi.org/10.1186/1687-1499-2013-216.
Perring, A., Szewczyk, R., Wen, V., Culler, D., Tygar, J. D., Perrig, A., & Szewczyk, R. (2002). SPINS: Security Protocols for Sensor Networks. Wirless Networks, 8(5), 521–534.
Poon, C., & Zhang, Y. T. (2008). Perspectives on high technologies for low-cost healthcare: The Chinese scenario. IEEE Engineering in Medicine and Biology Magazine, 27(5), 42–47. http://doi.org/10.1109/MEMB.2008.923955.
Qadri, S., Awan, S., Amjad, M., Anwar, M., & Shehzad, S. (2013). APPLICATIONS, CHALLENGES, SECURITY OF WIRELESS BODY AREA NETWORKS (WBANS) AND FUNCTIONALITY OF IEEE 802.15. 4/ZIGBEE. Retrieved from http://www.sci-int.com/pdf/519309293-697-702-Furqan Gillani-FSD- composed 25-3-13.pdf.
Qadri, S. F., Awan, S. A., Amjad, M., Anwar, M., & Shehzad, S. (2013). Applications , Challenges , Security of Wireless Body Area Networks ( Wbans ) and Functionality of, 25(4), 697–702.
Sankaran, S., Husain, M., & Sridhar, R. (2009). IDKEYMAN: An Identity-Based Key Management Scheme for Wireless Ad Hoc Body Area Networks. 5th Annual Symposium on Information Assurance (ASIA’09). Retrieved from http://www.albany.edu/iasymposium/proceedings/2009/ASIA09FinalProceedings.pdf#page=32.
Sastry, N., & Wagner, D. (2004). Security considerations for IEEE 802.15.4 networks. In Proceedings of the 3rd ACM Workshop on Wireless Security, 32–42. http://doi.org/10.1145/1023646.1023654.
Schwiebert, L., Gupta, S. K. S., & Weinmann, J. (2001). Research challenges in wireless networks of biomedical sensors. In Proceedings of the 7th annual international conference on Mobile computing and networking - MobiCom ’01 (pp. 151–165). New York, New York, USA: ACM Press. http://doi.org/10.1145/381677.381692.
Selimis, G., Huang, L., Massé, F., Tsekoura, I., Ashouei, M., Catthoor, F., … De Groot, H. (2011). A lightweight security scheme for wireless body area networks: Design, energy evaluation and proposed microprocessor design. Journal of Medical Systems, 35(5), 1289–1298. http://doi.org/10.1007/s10916-011-9669-2.
Seyedi, M., Kibret, B., Lai, D. T. H., & Faulkner, M. (2013). A survey on intrabody communications for body area network applications. IEEE Transactions on
120
Biomedical Engineering, 60(8), 2067–2079. http://doi.org/10.1109/TBME.2013.2254714.
Shi, J., Lam, K., Gu, M., & Li, H. (2010). BodySec: synchronized key distribution using biometric slots for wireless body sensor networks. ACM SIGMOBILE Mobile Computing and Communications Review, 14(1), 22–24. Retrieved from http://dl.acm.org/citation.cfm?id=1837197.
Shi, J., Lam, K. Y., Gu, M., Li, M., & Chung, S. L. (2011). Energy-efficient key distribution using electrocardiograph biometric set for secure communications in wireless body healthcare networks. Journal of Medical Systems, 35(5), 745–753. http://doi.org/10.1007/s10916-010-9467-2.
Shi, L., Li, M., Yu, S., & Yuan, J. (2013). BANA : Body Area Network Authentication, 31(9), 1803–1816. http://doi.org/10.1145/2185448.2185454.
Shnayder, V., Chen, B., Lorincz, K., Jones, T., & Welsh, M. (2005). Sensor networks for medical care. In SenSys, 5, 314–314. Retrieved from http://www.brchen.com/papers/codeblue-techrept05.pdf.
Singelée, D., Latré, B., & Braem, B. (2008). A secure cross-layer protocol for multi-hop wireless body area networks. Ad-Hoc, Mobile and Wireless Networks. Springer Berlin Heidelberg, 94–107. Retrieved from http://link.springer.com/chapter/10.1007/978-3-540-85209-48.
Singh, K., & Muthukkumarasamy, V. (2011). Using physiological signals for authentication in a group key agreement protocol. 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 720–725. http://doi.org/10.1109/INFCOMW.2011.5928906.
Staderini, E. (2002). UWB radars in medicine. IEEE Aerospace and Electronic Systems Magazine, 17(1), 13 – 18. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=978359.
Szczechowiak, P., Oliveira, L., & Scott, M. (2008). NanoECC: Testing the limits of elliptic curve cryptography in sensor networks. Ewsn, 305–320. http://doi.org/10.1007/978-3-540-77690-1_19.
Uhsadel, L., Poschmann, A., & Paar, C. (2007). Enabling Full-Size Public-Key Algorithms on 8-Bit Sensor Nodes. In Security and Privacy in Ad-Hoc and Sensor Networks,Springer Berlin Heidelberg, 73–86.
Ullah, S., Higgins, H., Braem, B., Latre, B., Blondia, C., Moerman, I., … Kwak, K. S. (2012). A comprehensive survey of wireless body area networks on PHY, MAC, and network layers solutions. Journal of Medical Systems, 36(3), 1065–1094. http://doi.org/10.1007/s10916-010-9571-3.
Ullah, S., Higgins, H., Shen, B., & Kwak, S. (2010). On the implant communication andMAC protocols forWBAN. International Journal of Communication Systems, 23, 982–999. http://doi.org/10.1002/dac.
121
Ullah, S., Khan, P., Ullah, N., Saleem, S., Higgins, H., & Kwak, K. S. (2009). A Review of Wireless Body Area Networks for Medical Applications. International J. of Communications, Network and System Sciences (IJCNS), 2(8), 797–803. http://doi.org/10.4236/ijcns.2009.28093.
Varshney, U. (2007). Pervasive healthcare and wireless health monitoring. Mobile Networks and Applications, 12(2-3), 113–127. Retrieved from http://dl.acm.org/citation.cfm?id=1295207.
Venkatasubramanian, K. K., Banerjee, A., & Gupta, S. K. S. (2010). PSKA: Usable and secure key agreement scheme for body area networks. EURASIP Journal on Wireless Communications and Networking, 14(1), 60–68. http://doi.org/10.1109/TITB.2009.2037617.
Venkatasubramanian, K. K., & Gupta, S. K. S. (2006). Security for Pervasive Health Monitoring Sensor Applications. Fourth International Conference on Intelligent Sensing and Information Processing, 197–202. http://doi.org/10.1109/ICISIP.2006.4286096.
Venkatasubramanian, K. K., & Gupta, S. K. S. (2010). Physiological value-based efficient usable security solutions for body sensor networks. ACM Transactions on Sensor Networks, 6(4), 1–36. http://doi.org/10.1145/1777406.1777410.
Venkatasubramanian, K. K., Venkatasubramanian, V., Banerjee, A., & Gupta, S. K. S. (2008). EKG-based key agreement in Body Sensor Networks. IEEE INFOCOM Workshops 2008, 1–6. http://doi.org/10.1109/INFOCOM.2008.4544608.
Virone, G., Wood, A., & Selavo, L. (2006). An advanced wireless sensor network for health monitoring. In Transdisciplinary Conference on Distributed Diagnosis and Home Healthcare, 2–4. Retrieved from http://faculty.kfupm.edu.sa/COE/mayez/ps-coe541/sample-projects/Medical-Applications-Wireless-Sensor Networks/10.1.1.64.7346.pdf.
Wang, W., Wang, C., & Zhao, M. (2014). Resource optimized ttsh-ura for multimedia stream authentication in swallowable-capsule-based wireless body sensor networks. Biomedical and Health Informatics, …. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6675829.
Warren, S., Lebak, J., Yao, J., Creekmore, J., Milenkovic, A., & Jovanov, E. (2005). Interoperability and security in wireless body area network infrastructures. Conference Proceedings : ... 27 Annual International Conference of the IEEE Engineering in Medicine and Biology Society. IEEE Engineering in Medicine and Biology Society. Conference, 3837–3840. http://doi.org/10.1109/IEMBS.2005.1615297.
Wei, J., Hu, X., & Liu, W. (2012). An Improved Authentication Scheme for Telecare Medicine Information Systems. Journal of Medical Systems, 36(6), 3597–3604. http://doi.org/10.1007/s10916-012-9835-1.
Welsh, M., & Berkeley, T. U. C. (2005). CodeBlue : A Wireless Sensor Network for Medical Care and Disaster Response Introduction : Sensor Networks. Telos.
122
Wheeler, A. (2007). Commercial applications of wireless sensor networks using ZigBee. IEEE Communications Magazine, 45(4), 70–77. Retrieved from http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4149662.
William, C., Tan, C. C., & Wang, H. (2008). Body Sensor Network Security: An Identity-Based Cryptography Approach. In Proceedings of the 1st ACM Conference on Wireless Network Security (WiSec ’08),Virginia, USA, 148–153. http://doi.org/10.1145/1352533.1352557.
Wood, a., Virone, G., Doan, T., & Cao, Q. (2006). ALARM-NET: Wireless sensor networks for assisted-living and residential monitoring. University of Virginia Computer Science Department Technical Report 2, 1–14. http://doi.org/10.1109/MNET.2008.4579768.
Wu, G., Yao, L., Liu, B., Yao, K., & Wang, J. (2011). A biometric key establishment protocol for body area networks. International Journal of Distributed Sensor Networks. http://doi.org/10.1155/2011/282986.
Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., & Chung, Y. (2012). A secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(3), 1529–1535. http://doi.org/10.1007/s10916-010-9614-9.
Xie, Q., Zhang, J., & Dong, N. (2013). Robust anonymous authentication scheme for telecare medical information systems. Journal of Medical Systems, 37(2). http://doi.org/10.1007/s10916-012-9911-6.
Xu, X., Zhu, P., Wen, Q., Jin, Z., Zhang, H., & He, L. (2013). A Secure and Efficient Authentication and Key Agreement Scheme Based on ECC for Telecare Medicine Information Systems. Journal of Medical Systems, 38(1), 1–7. http://doi.org/10.1007/s10916-013-9994-8.
Yang, Q., Lim, A., Li, S., Fang, J., & Agrawal, P. (2008). ACAR: Adaptive Connectivity Aware Routing Protocol for Vehicular Ad Hoc Networks. 2008 Proceedings of 17th International Conference on Computer Communications and Networks, 1–6. http://doi.org/10.1109/ICCCN.2008.ECP.107.
Yuce, M., & Khan, J. (2011). Wireless body area networks: technology, implementation, and applications. CRC Press. Retrieved from https://books.google.com.pk/books?hl=en&lr=&id=_NvMBQAAQBAJ&oi=fnd&pg=PP1&dq=Wireless+Body+Area+Networks:+Technology,+Implementation,+and+applications&ots=m3ZP2_MxUi&sig=SkGjZPVz_Rc_MKGa8l1sAp3IgAo.
Yuce, M. R., Ng, S. W. P., Myo, N. L., Khan, J. Y., & Liu, W. (2007). Wireless body sensor network using medical implant band. Journal of Medical Systems, 31(6), 467–474. http://doi.org/10.1007/s10916-007-9086-8.
Zhao, S., Aggarwal, A., Frost, R., & Bai, X. (2012). A survey of applications of identity-based cryptography in mobile ad-hoc networks. IEEE Communications Surveys and Tutorials, 14(2), 380–399. http://doi.org/10.1109/SURV.2011.020211.00045.
123
Zhao, X., Fei, D., & Doarn, C. (2004). A telemedicine system for wireless home healthcare based on bluetoothTM and the internet. Telemedicine and E-Health, 10(supplement 2), 573–590. Retrieved from http://online.liebertpub.com/doi/abs/10.1089/tmj.2004.10.S-110.
Zhen, B., Kohno, R., & Li, H. (2007). Body Area Network and Its Standardization at IEEE 802.15. MBAN. 16th IST Mobile and Wireless Communications Summit, 1–5.
Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption) cost (signature)+ cost (encryption). Advances in Cryptology — Crypto ’97, (March), 165–179. http://doi.org/10.1007/BFb0052234.
Zhu, Z. (2012). An Efficient Authentication Scheme for Telecare Medicine Information Systems. Journal of Medical Systems, 36(6), 3833–3838. http://doi.org/10.1007/s10916-012-9856-9.
Zimmerman, T. G., & Benton, S. a. (1995). Personal Area Networks ( PAN ): Near-Field Intra-Body Communication by Personal Area Networks ( PAN ): Near-Field Intra-Body Communication by. IBM Systems Journal, 35(3.4), 609–617.