SecAODV: A Secure healthcare routing scheme based on hybrid cryptography in wireless body sensor networks

In recent decades, the use of sensors has dramatically grown to monitor human body activities and maintain the health status. In this application, routing and secure data transmission are very important to prevent the unauthorized access by attackers to health data. In this article, we propose a secure routing scheme called SecAODV for heterogeneous wireless body sensor networks. SecAODV has three phases: bootstrapping, routing between cluster head nodes, and communication security. In the bootstrapping phase, the base station loads system parameters and encryption functions in the memory of sensor nodes. In the routing phase, each cluster head node calculates its degree based on several parameters, including, distance, residual energy, link quality, and the number of hops, to decide for rebroadcasting the route request (RREQ) message. In the communication security phase, a symmetric cryptography method is used to protect intra-cluster communications. Also, an asymmetric cryptography method is used to secure communication links between cluster head nodes. The proposed secure routing scheme is simulated in the network simulator version 2 (NS2) simulator. The simulation results are compared with the secure multi tier energy-efficient routing scheme (SMEER) and the centralized low-energy adaptive clustering hierarchy (LEACH-C). The results show that SecAODV improves end-to-end delay, throughput, energy consumption, packet delivery rate (PDR), and packet loss rate (PLR)

BANZKP: a Secure Authentication Scheme Using Zero Knowledge Proof for WBANs

-Wireless body area network(WBAN) has shown great potential in improving healthcare quality not only for patients but also for medical staff. However, security and privacy are still an important issue in WBANs especially in multi-hop architectures. In this paper, we propose and present the design and the evaluation of a secure lightweight and energy efficient authentication scheme BANZKP based on an efficient cryptographic protocol, Zero Knowledge Proof (ZKP) and a commitment scheme. ZKP is used to confirm the identify of the sensor nodes, with small computational requirement, which is favorable for body sensors given their limited resources, while the commitment scheme is used to deal with replay attacks and hence the injection attacks by committing a message and revealing the key later. Our scheme reduces the memory requirement by 56.13 % compared to TinyZKP [13], the comparable alternative so far for Body Area Networks, and uses 10 % less energy

BAN-GZKP: Optimal Zero Knowledge Proof based Scheme for Wireless Body Area Networks

BANZKP is the best to date Zero Knowledge Proof (ZKP) based secure lightweight and energy efficient authentication scheme designed for Wireless Area Network (WBAN). It is vulnerable to several security attacks such as the replay attack, Distributed Denial-of-Service (DDoS) attacks at sink and redundancy information crack. However, BANZKP needs an end-to-end authentication which is not compliant with the human body postural mobility. We propose a new scheme BAN-GZKP. Our scheme improves both the security and postural mobility resilience of BANZKP. Moreover, BAN-GZKP uses only a three-phase authentication which is optimal in the class of ZKP protocols. To fix the security vulnerabilities of BANZKP, BAN-GZKP uses a novel random key allocation and a Hop-by-Hop authentication definition. We further prove the reliability of our scheme to various attacks including those to which BANZKP is vulnerable. Furthermore, via extensive simulations we prove that our scheme, BAN-GZKP, outperforms BANZKP in terms of reliability to human body postural mobility for various network parameters (end-to-end delay, number of packets exchanged in the network, number of transmissions). We compared both schemes using representative convergecast strategies with various transmission rates and human postural mobility. Finally, it is important to mention that BAN-GZKP has no additional cost compared to BANZKP in terms memory, computational complexity or energy consumption

A Study of IEEE 802.15.4 Security Framework for Wireless Body Area Network

A Wireless Body Area Network (WBAN) is a collection of low-power and lightweight wireless sensor nodes that are used to monitor the human body functions and the surrounding environment. It supports a number of innovative and interesting applications, including ubiquitous healthcare and Consumer Electronics (CE) applications. Since WBAN nodes are used to collect sensitive (life-critical) information and may operate in hostile environments, they require strict security mechanisms to prevent malicious interaction with the system. In this paper, we first highlight major security requirements and Denial of Service (DoS) attacks in WBAN at Physical, Medium Access Control (MAC), Network, and Transport layers. Then we discuss the IEEE 802.15.4 security framework and identify the security vulnerabilities and major attacks in the context of WBAN. Different types of attacks on the Contention Access Period (CAP) and Contention Free Period (CFP) parts of the superframe are analyzed and discussed. It is observed that a smart attacker can successfully corrupt an increasing number of GTS slots in the CFP period and can considerably affect the Quality of Service (QoS) in WBAN (since most of the data is carried in CFP period). As we increase the number of smart attackers the corrupted GTS slots are eventually increased, which prevents the legitimate nodes to utilize the bandwidth efficiently. This means that the direct adaptation of IEEE 802.15.4 security framework for WBAN is not totally secure for certain WBAN applications. New solutions are required to integrate high level security in WBAN.Comment: 14 pages, 7 figures, 2 table

Channel-based key generation for encrypted body-worn wireless sensor networks

Body-worn sensor networks are important for rescue-workers, medical and many other applications. Sensitive data are often transmitted over such a network, motivating the need for encryption. Body-worn sensor networks are deployed in conditions where the wireless communication channel varies dramatically due to fading and shadowing, which is considered a disadvantage for communication. Interestingly, these channel variations can be employed to extract a common encryption key at both sides of the link. Legitimate users share a unique physical channel and the variations thereof provide data series on both sides of the link, with highly correlated values. An eavesdropper, however, does not share this physical channel and cannot extract the same information when intercepting the signals. This paper documents a practical wearable communication system implementing channel-based key generation, including an implementation and a measurement campaign comprising indoor as well as outdoor measurements. The results provide insight into the performance of channel-based key generation in realistic practical conditions. Employing a process known as key reconciliation, error free keys are generated in all tested scenarios. The key-generation system is computationally simple and therefore compatible with the low-power micro controllers and low-data rate transmissions commonly used in wireless sensor networks

Securing the Internet of Things Infrastructure - Standards and Techniques

The Internet of Things (IoT) infrastructure is a conglomerate of electronic devices interconnected through the Internet, with the purpose of providing prompt and effective service to end-users. Applications running on an IoT infrastructure generally handle sensitive information such as a patient’s healthcare record, the position of a logistic vehicle, or the temperature readings obtained through wireless sensor nodes deployed in a bushland. The protection of such information from unlawful disclosure, tampering or modification, as well as the unscathed presence of IoT devices, in adversarial environments, is of prime concern. In this paper, a descriptive analysis of the security of standards and technologies for protecting the IoT communication channel from adversarial threats is provided. In addition, two paradigms for securing the IoT infrastructure, namely, common key based and paired key based, are proposed

KALwEN: a new practical and interoperable key management scheme for body sensor networks

Key management is the pillar of a security architecture. Body sensor networks (BSNs) pose several challenges–some inherited from wireless sensor networks (WSNs), some unique to themselves–that require a new key management scheme to be tailor-made. The challenge is taken on, and the result is KALwEN, a new parameterized key management scheme that combines the best-suited cryptographic techniques in a seamless framework. KALwEN is user-friendly in the sense that it requires no expert knowledge of a user, and instead only requires a user to follow a simple set of instructions when bootstrapping or extending a network. One of KALwEN's key features is that it allows sensor devices from different manufacturers, which expectedly do not have any pre-shared secret, to establish secure communications with each other. KALwEN is decentralized, such that it does not rely on the availability of a local processing unit (LPU). KALwEN supports secure global broadcast, local broadcast, and local (neighbor-to-neighbor) unicast, while preserving past key secrecy and future key secrecy (FKS). The fact that the cryptographic protocols of KALwEN have been formally verified also makes a convincing case. With both formal verification and experimental evaluation, our results should appeal to theorists and practitioners alike

SIMPLE: Stable Increased-throughput Multi-hop Protocol for Link Efficiency in Wireless Body Area Networks

In this work, we propose a reliable, power efficient and high throughput routing protocol for Wireless Body Area Networks (WBANs). We use multi-hop topology to achieve minimum energy consumption and longer network lifetime. We propose a cost function to select parent node or forwarder. Proposed cost function selects a parent node which has high residual energy and minimum distance to sink. Residual energy parameter balances the energy consumption among the sensor nodes while distance parameter ensures successful packet delivery to sink. Simulation results show that our proposed protocol maximize the network stability period and nodes stay alive for longer period. Longer stability period contributes high packet delivery to sink which is major interest for continuous patient monitoring.Comment: IEEE 8th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA'13), Compiegne, Franc