Deriving cryptographic keys from physiological signals

Biosensors aim at providing pervasive healthcare by collecting and communicating highly sensitive medical information. Due to their extreme limitations, lightweight and secure key management infrastructures are required. For this reason, biosensors use physiological parameters that are generated from different vital signals (i.e., electrocardiogram, photoplethysmogram, blood pressure) to protect the exchanged private health information. In this paper, we define two novel physiological parameter generation techniques and analyze both the performance and the quality of the outcomes. Our results show that we generate good candidates of physiological parameters that can be used as cryptographic keys to secure the communication among the biosensors

SKA-PS: secure key agreement protocol using physiological signals

In this paper, we propose SKA-PS, a novel Secure Key Agreement protocol using Physiological Signals, for Body Area Networks (BANs). Our protocol generates symmetric cryptographic keys using the physiological parameters derived from the physiological signals of the users, such as electrocardiogram, photoplethysmogram and blood pressure. In our construction, we reduce the problem of secure key agreement into the problem of set reconciliation by representing the physiological parameter sequences generated from the physiological signals of the BAN users with appropriate sets. When properly selected parameters are applied, biosensors of the same BAN user can agree on symmetric cryptographic keys with remarkably high true match and low false match rates (as much as 100% and 0.46% for pairwise execution, and 100% and 0.26% for group execution, respectively), and low communication, computational and storage costs. We implemented our model in an embedded system, thus the results show real implementation outcomes. Moreover, we comparatively analyze the performance of SKA-PS with two existing bio-cryptographic key agreement protocols and show that SKA-PS outperforms both in all performance metrics

Feature-level fusion of physiological parameters to be used as cryptographic keys

In this paper, we propose two novel feature-level fused physiological parameter generation techniques: (i) concat-fused physiological parameter generation, and (ii) xor-fused physiological parameter generation, output of which can be used to secure the communication among the biosensors in Body Area Network (BAN). In these physiological parameter generation techniques, we combine a time-domain physiological parameter with a frequency-domain physiological parameter, in order to achieve robust performance compared to their singular versions. We analyze both the performance and the quality of the outcomes. Our results show that we generate good candidates of physiological parameters that can be used as cryptographic keys to provide security for the intra-network communication in BANs

SKA-CaNPT: secure key agreement using cancelable and noninvertible biometrics based on periodic transformation

Nowadays, many of the security-providing applications use biometrics-based authentication. However, since each person's biometrics is unique and non-replaceable, once it is compromised, it will be compromised forever. Therefore, it is hard for the users to trust biometrics. To overcome this problem, in this paper, we propose a novel secure key agreement protocol SKA-CaNPT. Here, we use a periodic transformation function to make biometrics cancelable and noninvertible. At the very end of our SKA-CaNPT protocol, the user and the server make an agreement on a symmetric shared key that is based on the feature points of the user's biometrics. Therefore, if the transformed data is compromised, then just by changing one of the inputs of the transformation function, we can renew the cryptographic key. As a proof of concept, we apply our SKA-CaNPT protocol on fingerprints. Besides, we apply different security analyses on our protocol. We use Shannon's entropy and Hamming distance metrics to analyze the randomness and the distinctiveness of the agreed keys. Moreover, according to the low IKGR (Incorrect Key Generation Rate), high CKGR (Correct Key Generation Rate) and high attack complexity possessed by our SKA-CaNPT protocol, we can conclude that our scheme is secure against brute-force, replay and impersonation attacks

The influence and impact of directors on conflict of interest in sport management

In this paper, we propose an efficient and secure key establishment protocol that is tailored for Wireless Mesh Networks. The protocol is based on identity-based key establishment, but without the utilization of a trusted authority for private key generation. Instead, this task is performed by the collaboration of mesh nodes; a number of users exceeding a certain threshold form a coalition to generate private keys for the network users. We performed simulative performance evaluation in order to show the effect of both the threshold value and the network size, i.e., total number of nodes, on the latency of key establishment and on the success percentage of user private key generation. Results reveal a trade-off between resiliency and efficiency; increasing the threshold value also increases the resiliency of the network, but negatively effects its latency and success percentage. For the threshold values that are smaller than 10 and for a minimum of 40 mesh nodes, at least 93% of the user private keys can be computed within at most 2 min. We also discuss the security of our protocol. We show that our protocol is secure against both outsider malicious and insider semi-honest adversaries