A Secure Communication Protocol For Wireless Biosensor ... - IMPACT

1

A Secure Communication
Protocol For Wireless
Biosensor Networks

Masters Thesis by

Krishna Kumar Venkatasubramanian

Committee:

Dr. Sandeep Gupta

Dr. Rida Bazzi

Dr. Hessam Sarjoughian

2

Overview


Introduction


Problem Statement


System Model


Proposed Protocols


Security Analysis


Implementation


Conclusions & Future Work

3

Biomedical Smart Sensors


Miniature wireless systems.


Worn or implanted in the body.


Prominent uses:


Health monitoring.


Prosthetics.


Drug delivery.


Each sensor node has:


Small size.


Limited



memory



processing


communication capabilities

Environment

(Human Body)

sensors

Base

Station

Communication
links

4

Motivation for biosensor security


Collect sensitive medical data.


Legal requirement (HIPAA).


Attacks by malicious entity:


Generate fake emergency warnings.


Prevent legitimate warnings from being reported.


Battery power depletion.


Excessive heating in the tissue.

5

Problem Statement


Direct communication to the BS can be prohibitive.


To minimize communication costs, biosensors can be organized
into specific topologies.


Cluster topology is one of the energy
-
efficient communication
topologies for sensor networks [HCB00].


Traditional cluster formation protocol is not secure.


We want to develop protocols which allow for secure
cluster formation in biosensor networks.

6

Cluster Topology

Cluster head

Cluster

Cluster Member

Base Station

7

Traditional Cluster Formation
Protocol

CH1

CH2

CH3

1

2

3

4

5

Environment

Weaker signal

8

Security Flaws


HELLO Flood and Sinkhole Attack

1

2

3

Malicious Entity

acting as a

SINKHOLE

Weaker signal

CH2

CH1


The sinkhole can
now mount
selective
forwarding
attacks

on the
biosensors in its
“cluster”.


Malicious entity
can mount a
Sybil attack

where it presents
different
identities to
remain CH in
multiple rounds.

9

Security Flaws contd..

Node with
surrounding
tissue at
above normal
temperature.

Node with
surrounding tissue at
normal temperature.

tissue

Node with
dead
battery

Network Partitioning.



Malicious
entity sending bogus messages to sensor and depleting its energy.


Malicious
entity

having unnecessary communication with a sensor
causing heating in the nearby tissue.

10

System Model

ADVERSARIES:

Passive:

Eavesdrop on
communication and
tamper with it.

Active:

Physically
compromise the
external biosensors.

Temperature

sensor

Glucose sensor

11

Trust Assumptions


The wireless communication is
broadcast in nature and not trusted.


The biosensors do not trust each other.


Base Station is assumed not to be
compromised.

12

Key Pre
-
Deployment


Each biosensor shares a unique pair
-
wise key (
master
key
) with the BS. This key is called
NSK


We do not use NSK directly for communication, we
derive 4 keys from it (
derived keys
):

Encryption Keys

MAC Keys

K
N
-
BS

= H(NSK,1)

K’
N
-
BS

= H(NSK,2)

K
BS
-
N

= H(NSK,3)

K’
BS
-
N

= H(NSK,4)

13

Biometrics


Physiological parameters like
heart rate and body
glucose.


Used for securing/authenticating communication
between two biosensors which do not share any
secret.


Usage Assumptions:


Only biosensors in and on the body can measure biometrics.


There is a specific pre
-
defined biometric that all biosensors can measure.

14

Issues with Biometrics


Biometric value data
-
space is not large enough.


Possible Solutions
:


Combine multiple biometric values.


Take multiple biometric measurements at each time.


Limit the validity time of a biometric value.


Biometric values at different sites produce different
values.


Solution Proposed in Literature
:


These differences are independent. [Dau92]


Can be modeled as channel errors. [Dau92]


Fuzzy commitment scheme based on [JW99] used to correct differences.


Can correct up to two bit errors in the biometric value measured at the
sender and receiver.

15

Biometric Authentication

BMT

1

2

3

4

5

ST

6

Time
-
Period

Measure biometric:
BioKey

Generate
data

Compute Certificate:

Cert [data] = MAC ( KRand, data),
γ

γ

= KRand


䉩潋ey

Send Msg:
data, Cert [data]

Measure biometric:
BioKey’

Receive Msg:
data, Cert [data]

Compute MAC Key:

KRand’ =
γ


†
BioKey’

f

(KRand’) = KRand

Compute Certificate MAC

And compare with received:

MAC (KRand, data)

SENDER

RECEIVER

Biometric Measurement Schedule

16

Centralized Protocol Execution

Node
j



䅬l:

ID
j
, NonceN
j
, MAC(K’N
j

–

BS, ID
j
| NonceN
j
), Cert[ID
j
, NonceN
j
]

CH
p



䉓B

ID
j
, NonceNi ,
MAC
(K’N
j

–

BS, ID
j

| NonceN
i
),
CH
p
, SS, E<K CH
p
-
BS, Cntr>(KCH
-
N),

MAC
(K’CH
p

–

BS,
CH
p

|
SS | E<K CH
p
-
BS, Cntr>(KCH
-
N) | Cntr)

BS


乯de
j

:

CH
p
,

E<K BS
-
N
j
, Cntr’> (KCH
-
N), Cntr’, MAC(K’BS
-
N
j
,
CH
p

|
NonceN
j

| Cntr’ | E<K BS
-
N
j
, Cntr’> (KCH
-
N))

CH 1

Sensor Node

Base Station

CH 2

CH 3

CH1

CH 2

CH 3

CH 3

17

Distributed Protocol Execution

CH
j



䅬氺

CH
j,

NonceCH
j
, E<KRand, Cntr>(Ktemp), Cert[ID
j
, Cntr, NonceCH
j
],
λ

λ

= BioKey


KRand

Node
k



䍈
z
:

ID
k
, MAC (Ktemp, ID
k

| NonceCH
z
| Cntr | CH
z
)

CH 1

CH 2

CH 3

Sensor Node

18

Extensions


Distribute keys based on attributes.


Allows efficient data communication.


The BS distributes the keys.


For centralized ABK, sent during cluster formation.


For distributed separate step needed.

19

Security Analysis (Passive Adversary)


Hello Flood and Sinkhole Attack
Centralized:


Malicious entity does not have appropriate keys
to pose as legitimate CH.


Distributed:


Malicious entity cannot compute biometric
certificate.

20

Security Analysis (Passive Adversary)


Sybil Attack


No entity can become part of network without
having appropriate keys.


Identity Spoofing


Cannot pose as BS, no pair
-
wise (derived) keys.


Cannot pose as CH, no keys to authenticate data
to BS.


Cannot pose as sensor node, cannot measure
biometric to fool CH.

21

Security Analysis (Active Adversary)


CH compromise


Centralized: Security policy at BS to limit number
of sensor nodes in a cluster.


Distributed: Need intruder monitoring scheme.


Sensor Node compromise


Intruder monitoring scheme needed for both
protocols.

22

Implementation


We have implemented the two cluster
formation protocols and their extensions.


The implementation was done on the Mica2
sensor motes.


We used TinyOS sensor operating system for
writing our programs.


For security primitives TinySec used.

23

Implementation contd..


Encryption

–

SkipJack


Message Authentication Code

–

CBC
-
MAC


We had 4 sensor nodes 3 CH and 1 BS in our
implementation.


We simulated two main attacks on our
implementation, both of which failed:


HELLO Flood attack.


Identity spoofing of sensor node to infiltrate the
network.

24

Comparison


Security adds a overhead to
the protocol.


We compared overhead in
terms of energy consumption.


To compare the protocols, we
analyzed them using the
communication model given in
[HCB00].


E
trans

= E
tx

* k + E
cx

* k * d
2


E
recp

= E
rx

* k

Node ID = 8 bits

Nonce = Counter =
128 bits

Key = 128 bits

Signal Strength = 16
bits

E
trans
= E
recp
= 50 nJ/bit

E
cx

= 100pJ/bit/m
2

Number of Nodes = 100
-
1500

Sensor
-
BS distance =
0.75 m

Inter
-
sensor distance
= 0.1 m

MAC size = 64 bits

25

Security Overhead

Comparison of Secure (without extension) and Non
-
secure

Cluster Formation Protocols (CH = 5%)

26

Extension Overhead

Comparison for Secure Cluster Formation Protocols with

their extensions (CH = 5%)

27

Conclusions & Future Work


Protocols developed successfully prevent many of the
potent attacks on the traditional cluster formation
protocol.


Biometric based authentication used for ensuring
authentication without previous key exchange.


Biometrics not traditionally random and schemes are
needed to randomize them.


Better error correction schemes are needed which
can correct larger differences in measured
biometrics.

28

Reference

[JW99] Ari Juels and Martin Wattenberg
. “A fuzzy commitment scheme”
.
1999.

[Dau92] J. Daugman,
“High Confidence personal identification by rapid
video analysis of iris texture”
, IEEE International Carnahan Conference on
Security Technology, pp 50
-
60, 1992.

[LGW01] L. Schwiebert, S. K. S. Gupta, J. Weinmann et al.,
“Research
Challenges in Wireless Networks of Biomedical Sensors”
, The Seventh
Annual International Conference on Mobile Computing and Networking, pp
151
-
165, Rome Italy, July 2001
.

[HCB00] W. Rabiner Heinzelman, A. Chandrakasan, and H. Balakrishnan,
“Energy
-
Efficient Communication Protocol for Wireless Microsensor
Networks”, Proceedings of the 33rd International Conference on System
Sciences (HICSS '00), January 2000.

A Secure Communication Protocol For Wireless Biosensor ... - IMPACT

Comments 0

Presentation transcript

Wireless Data Acquisition System

2.5.3

Visit the National Academies Press online and register for...

Automation Systems

Security, Privacy and Trust in Cloud Systems

Study Report on Biometrics in E-Authentication - INCITS

Administrator Manual - Bright Computing

APPLIED CRYPTOGRAPHY

Integrated Base Defense Security Systems

FINAL BES Summaries - 2013-04-11x - ATL International, Inc.

U.S. ARMY 97.2

Proceedings of INTELLIGENT SYSTEMS AND AGENTS ... - CELSTEC

Verification of Secure Biometric Authentication Protocols

Smartphones and Biometrics

Biometric Key establishment for Wireless Body Area Network

An Uncapacitated Facility Location Based Cluster Hierarchy Scheme on Wireless Sensor Networks

CONSTRAINTS AND APPROACHES FOR DISTRIBUTED SENSOR NETWORK SECURITY (FINAL)

Stay in touch:

A Secure Communication Protocol For Wireless Biosensor ... - IMPACT

Comments 0

Presentation transcript

More From illnurturedtownville

Related Content