PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks Authors: Krishna K. Venkatasubramanian, Ayan Banerjee, Sandeep K.S. Gupta Presenter:Francis.

Slides:

Advertisements

Similar presentations

Asymptotically Optimal Communication for Torus- Based Cryptography David Woodruff MIT Joint work with Marten van Dijk Philips/MIT.

Advertisements

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

Authors: Yanchao Zhang, Member, IEEE, Wei Liu, Wenjing Lou,Member, IEEE, and Yuguang Fang, Senior Member, IEEE Source: IEEE TRANSACTIONS ON DEPENDABLE.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

Confidential 1 Corporate Research © THOMSON multimedia, 1999 Mixing cryptography and watermarking for copy protection in consumer electronic devices FURON.

Fuzzy Stuff Lecture 24, Outline Motivation: Biometric Architectures Motivation: Biometric Architectures New Tool (for us): Error Correcting.

Biometrics based Cryptosystem Design. Cryptosystem A mechanism using which one can encode an information content to an incomprehensible form and also.

CIS 5371 Cryptography 3b. Pseudorandomness.

1 Intrusion Tolerance for NEST Bruno Dutertre, Steven Cheung SRI International NEST 2 Kickoff Meeting November 4, 2002.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

FIT3105 Smart card based authentication and identity management Lecture 4.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Random Key Predistribution Schemes for Sensor Networks Authors: Haowen Chan, Adrian Perrig, Dawn Song Carnegie Mellon University Presented by: Johnny Flowers.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WIRELESS SENSOR NETWORK SECURITY USING GROUP KEY MANAGEMENT SCHEME Presented By: Mohammed Saleh CS 599a Fall06.

SPINS: Security Protocols for Sensor Networks Adrian Perrig, Robert Szewczyk, Victor Wen, David Culler, J.D. Tygar Research Topics in Security in the context.

ITIS 6010/8010 Wireless Network Security Dr. Weichao Wang.

Computer Science 1 Research on Sensor Network Security Peng Ning Cyber Defense Laboratory Department of Computer Science NC State University 2005 TRES.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.

Seeing-Is-Believing: using camera phones for human-verifiable authentication Jonathan M. McCune, Adrian Perrig and Michael K. Reiter Int. J. Security and.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.

Security. Cryptography Why Cryptography Symmetric Encryption – Key exchange Public-Key Cryptography – Key exchange – Certification.

Chapter 2 Basic Encryption and Decryption. csci5233 computer security & integrity 2 Encryption / Decryption encrypted transmission AB plaintext ciphertext.

Wireless and Security CSCI 5857: Encoding and Encryption.

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

Ayan Banerjee & Karthik Thangavel. Project Goals Study of present state of security in Body Area Networks(BAN) Cyber-Physical security Resource Footprint.

Aggregation in Sensor Networks

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

GZ06 : Mobile and Adaptive Systems A Secure On-Demand Routing Protocol for Ad Hoc Networks Allan HUNT Wandao PUNYAPORN Yong CHENG Tingting OUYANG.

A Design for Secure and Survivable Wireless Sensor Networks Yi Qian, Kejie Lu, David Tipper Presented by: William Newton University of Maryland, Baltimore.

Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.

Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.

Group Rekeying for Filtering False Data in Sensor Networks: A Predistribution and Local Collaboration-Based Approach Wensheng Zhang and Guohong Cao.

Cryptography and Network Security (CS435) Part Eight (Key Management)

Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.

Introduction to Quantum Key Distribution

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

Computer Science CSC 774 Adv. Net. Security1 Presenter: Tong Zhou 11/21/2015 Practical Broadcast Authentication in Sensor Networks.

Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.

COEN 351 E-Commerce Security

Authenticated Key Exchange I. Definitions I. MAP I. matching conversations II. oracles II. (I)KA II. AKEP2 III. AKEP2 Security I. Session Keys II. Perfect.

Interleaving and Collusion Attacks on a Dynamic Group Key Agreement Scheme for Low-Power Mobile Devices * Junghyun Nam 1, Juryon Paik 2, Jeeyeon Kim 2,

Ayan Banerjee and Sandeep K.S. Gupta

Wireless Network Security CSIS 5857: Encoding and Encryption.

UW CSEP 590 Term paper Biometric Authentication Shankar Raghavan.

1 Example security systems n Kerberos n Secure shell.

CPIS 312 Chapter Four: PUBLIC KEY CRYPTO. Index 2 A.Introduction A.1 Asymmetric Key Cryptography- Introduction A.2 General ideas about the Public Key.

Green and Sustainable Cyber-Physical Security Solutions for Body Area Networks 1. Introduction 2. Security in Body Area Networks: Need and Approach Krishna.

Web Applications Security Cryptography 1

CMSC 414 Computer and Network Security Lecture 15

Intrusion Tolerance for NEST

Ayan Banerjee, Krishna Venkatasubramanian, Sandeep Gupta

EKG-Based Key Agreement in Body Sensor Networks

Key Establishment Protocols ~

Presentation transcript:

PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks Authors: Krishna K. Venkatasubramanian, Ayan Banerjee, Sandeep K.S. Gupta Presenter:Francis Usher

Problem Domain: Body Area Networks (BANs) Sensors in BANs collect and disseminate sensitive health Security via cryptography requires key distribution

Cryptography (overview) Problem of sharing data securely Symmetric-key cryptography – Secret key k is used to obscure message m into cyphertext c – Given c, only k can be used to reveal m Advantage: provable that adversary can only break cryptosystem with negligible probability Problem: how do we communicate keys?

Key sharing (generic approaches) Pre-sharing – Manufacturer embeds long-term keys in device – Problem: not dynamic enough to handle key compromise situations Asymmetric crypto handshake – Asymmetric crypto doesn’t require shared secret – Problem: Usually requires contacting trusted identity authority

Physiological Signal-based key sharing (for BANs) Design goals: – Length & randomness – Low latency – Distinctiveness – Temporal variance Previous work: Inter-pulse-interval (IPI)-based, independent, mutual key generation Physiological Signal based Key Agreement (PSKA) – Use shared physiological signals to build & access “fuzzy vault” containing session key

IPI-based key generation Synchronized sensors measure IPI (EKG/PPG) Encode measurements as key 4 observations: – Meets randomness goal, however: – High-latency – Two keys generated tend to differ in half of bits – This distance tends not to vary much in time between generation or across different patients – No good tradeoff threshold between false positive/negative rates

Digression: Shamir’s Secret Sharing (precursor)

PSKA: Sharing keys using fuzzy vaults Different sensors measure phys. signals – “Loosely synchronized” Transform signals to create “features” Generate random polynomial representing key Map features under polynomial Obscure feature maps using “chaff” points Only similar feature set can infer polynomial from vault (features + chaff) Use MACs to affirm that key was shared correctly

Fuzzy Vault Security

Analysis of technique Long & random keys Low latency (only ~ 5-10 seconds of data) Distinctiveness (across subjects) Temporal variance (across time)

Feature generation Use peaks from frequency domain (FFTs) – Concatenate indexes & values across windows Features should demonstrate distinctiveness and temporal variance

Feasability: implementation Power, resource constraints Can technique be implemented as efficiently as competitors? – Classical, elliptic-curve Diffie Hellman Evaluation in VHDL (formal hardware specification language) Metrics: clock cycles, memory footprint

Possible attacks Fuzzy vault attacks – Some based on application to biometrics – One attack based on vault-construction artifact Early points (features) have more “free area” Dismissed but not thoroughly argued against

Idea for future work Use fuzzy vaults to communicate public keys – Use asymmetric crypto handshakes to establish session keys – Frequent update of public keys – Eliminates problem of contacting trusted authority since physiological signals good for authentication of body-area presence