Physiological Key Derivation for Body Area Networks

Abstract

Body Area Networks are quickly becoming increasingly important in the world of healthcare with wide application in the treatment and monitoring of chronic patients using on-body devices. Medical devices like pacemakers and insulin pumps are incorporating wireless technology on a normal basis. With the use of on body sensing devices, the more subtle symptoms of diseases can be detected at a much earlier stage making it easier to treat and cure patients. Advancements in the field will result in quicker response times in emergency situations, and detect complications in patients at a much earlier stage potentially saving many lives. By having vital sign sensors installed on patients, doctors can more quickly prioritize which patients require trauma-care and surgical intervention. With the development of such technologies, the issue of security is of prime concern as the compromise of such sensitive information could prove critical. Current studies suggest that most BAN security solutions involve the use of a pre-distributed shared key, or manual user pairing which requires the key to be spread across the entire distribution chain. Considering the fact that a lot of users will be inexperienced with regard to the use of BANs, such security measures could be compromised. A mechanism which allows the user to directly put on the device and does not require physical configuration to use it will be much more ideal. Other security protocols involve the generation of a shared key by each device, which extracts a unique feature from host behavior, which then does not require open key distribution across communication channels eliminating the possibility of a third party eavesdropping. This facilitates the employment of a Plug and Play system for increased usability and convenience, while also making it harder for the user to compromise the network. My contribution with this project is essentially combining the required features in the aforementioned points by devising a method of key-generation using host behavior. We will use motion sensors instead of the more common physiological signals that need physical access to the body, like electrocardiograms (ECG), to pair devices and secure communication in Body Area Networks. Our method considers the acceleration of the devices that need to communicate, by recording the measurements based on the walking motion of the host wearing the devices on the BAN. These measurements tend to be similar as devices are deployed on the same host body, which means that these could be used to derive shared keys. However, these measurements vary between persons, and over time derived keys are unpredictable and exhibit significant difference with previous keys. This is an improvement over existing schemes where keys vary for different hosts but tend to be similar over time. This project will serve as a Proof-of-Concept experiment that will provide a testbed and the supporting infrastructure to show that this scheme can work in practice.