Design and Analysis of a True Random Number Generator Based on GSR Signals for Body Sensor Networks

This article belongs to the Section Internet of ThingsToday, medical equipment or general-purpose devices such as smart-watches or smart-textiles can acquire a person's vital signs. Regardless of the type of device and its purpose, they are all equipped with one or more sensors and often have wireless connectivity. Due to the transmission of sensitive data through the insecure radio channel and the need to ensure exclusive access to authorised entities, security mechanisms and cryptographic primitives must be incorporated onboard these devices. Random number generators are one such necessary cryptographic primitive. Motivated by this, we propose a True Random Number Generator (TRNG) that makes use of the GSR signal measured by a sensor on the body. After an exhaustive analysis of both the entropy source and the randomness of the output, we can conclude that the output generated by the proposed TRNG behaves as that produced by a random variable. Besides, and in comparison with the previous proposals, the performance offered is much higher than that of the earlier works.This work was supported by the Spanish Ministry of Economy and Competitiveness under the contract ESP-2015-68245-C4-1-P, by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV), and by the Comunidad de Madrid (Spain) under the project CYNAMON (P2018/TCS-4566), co-financed by European Structural Funds (ESF and FEDER). This research was also supported by the Interdisciplinary Research Funds (HTC, United Arab Emirates) under the grant No. 103104

Security and privacy for the internet of medical things enabled healthcare systems: a survey

With the increasing demands on quality healthcare and the raising cost of care, pervasive healthcare is considered as a technological solutions to address the global health issues. In particular, the recent advances in Internet of Things have led to the development of Internet of Medical Things (IoMT). Although such low cost and pervasive sensing devices could potentially transform the current reactive care to preventative care, the security and privacy issues of such sensing system are often overlooked. As the medical devices capture and process very sensitive personal health data, the devices and their associated communications have to be very secured to protect the user's privacy. However, the miniaturized IoMT devices have very limited computation power and fairly limited security schemes can be implemented in such devices. In addition, with the widespread use of IoMT devices, managing and ensuring the security of IoMT systems are very challenging and which are the major issues hindering the adoption of IoMT for clinical applications. In this paper, the security and privacy challenges, requirements, threats, and future research directions in the domain of IoMT are reviewed providing a general overview of the state-of-the-art approaches

Key Generation for Internet of Things

Key generation is a promising technique to bootstrap secure communications for the Internet of Things devices that have no prior knowledge between each other. In the past few years, a variety of key generation protocols and systems have been proposed. In this survey, we review and categorise recent key generation systems based on a novel taxonomy. Then, we provide both quantitative and qualitative comparisons of existing approaches. We also discuss the security vulnerabilities of key generation schemes and possible countermeasures. Finally, we discuss the current challenges and point out several potential research directions

Key Generation for Internet of Things: A Contemporary Survey

Key generation is a promising technique to bootstrap secure communications for the Internet of Things (IoT) devices that have no prior knowledge between each other. In the past few years, a variety of key generation protocols and systems have been proposed. In this survey, we review and categorise recent key generation systems based on a novel taxonomy. Then, we provide both quantitative and qualitative comparisons of existing approaches. We also discuss the security vulnerabilities of key generation schemes and possible countermeasures. Finally, we discuss the current challenges and point out several potential research directions

Biosensors

A biosensor is defined as a detecting device that combines a transducer with a biologically sensitive and selective component. When a specific target molecule interacts with the biological component, a signal is produced, at transducer level, proportional to the concentration of the substance. Therefore biosensors can measure compounds present in the environment, chemical processes, food and human body at low cost if compared with traditional analytical techniques. This book covers a wide range of aspects and issues related to biosensor technology, bringing together researchers from 11 different countries. The book consists of 16 chapters written by 53 authors. The first four chapters describe several aspects of nanotechnology applied to biosensors. The subsequent section, including three chapters, is devoted to biosensor applications in the fields of drug discovery, diagnostics and bacteria detection. The principles behind optical biosensors and some of their application are discussed in chapters from 8 to 11. The last five chapters treat of microelectronics, interfacing circuits, signal transmission, biotelemetry and algorithms applied to biosensing

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Extracting randomness from the trend of IPI for cryptographic operators in implantable medical devices

Achieving secure communication between an Implantable Medical Device (IMD) inside the body and a gateway outside the body has showed its criticality with recent reports of hackings such as in St. Jude Medical's Implantable Cardiac Devices, Johnson and Johnson insulin pumps and vulnerabilities in brain Neuro-implants. The use of asymmetric cryptography in particular is not a practical solution for IMDs due to the scarce computational and power resources, symmetric key cryptography is preferred. One of the factors in security of a symmetric cryptographic system is to use a strong key for encryption. A solution to develop such a strong key without using extensive resources in an IMD, is to extract it from the body physiological signals. In order to have a strong enough key, the physiological signal must be a strong source of randomness and InterPulse Interval (IPI) has been advised to be such that. A strong randomness source should have five conditions: Universality (available on all people), Liveness (available at any-time), Robustness (strong random number), Permanence (independent from its history) and Uniqueness (independent from other sources). Nevertheless, for current proposed random extraction methods from IPI these conditions (mainly last three conditions) were not examined. In this study, firstly, we proposed a methodology to measure the last three conditions: Information secrecy measures for Robustness, Santha-Vazirani Source delta value for Permanence and random sources dependency analysis for Uniqueness. Then, using a huge dataset of IPI values (almost 900,000,000 IPIs), we showed that IPI does not have conditions of Robustness and Permanence as a randomness source. Thus, extraction of a strong uniform random number from IPI value, mathematically, is impossible. Thirdly, rather than using the value of IPI, we proposed the trend of IPI as a source for a new randomness extraction method named as Martingale Randomness Extraction from IPI (MRE-IPI). We evaluated MRE-IPI and showed that it satisfies the Robustness condition completely and Permanence to some level. Finally, we used NIST STS and Dieharder test suites and showed that MRE-IPI is able to outperform all recent randomness extraction methods from IPIs and its quality is half of the AES random number. MRE-IPI, still, is not a strong random number and could not be used as the secret key for a secure communication, however, it can be used as a one-time pad in exchanging the secret key for a communication. In this case, the usage of MRE-IPI will be kept at a minimum level and reduces the probability of breaking it. To the best of our knowledge, this is the first work in this area which uses such a comprehensive method and large dataset to examine the randomness of a physiological signal