research-article

On the Difficulty of Using Patient's Physiological Signals in Cryptographic Protocols

Authors:

Enrique Argones Rúa,

Dave Singelée,

Bart PreneelAuthors Info & Claims

SACMAT '19: Proceedings of the 24th ACM Symposium on Access Control Models and Technologies

Pages 113 - 122

https://doi.org/10.1145/3322431.3325099

Published: 28 May 2019 Publication History

Abstract

With the increasing capabilities of wearable sensors and implantable medical devices, new opportunities arise to diagnose, control and treat several chronic conditions. Unfortunately, these advancements also open new attack vectors, making security an essential requirement for the further adoption of these devices. Researchers have already developed security solutions tailored to their unique requirements and constraints. However, a fundamental yet unsolved problem is how to securely and efficiently establish and manage cryptographic keys. One of the most promising approaches is the use of patient's physiological signals for key establishment.

This paper aims at identifying common pitfalls in physiological-signal-based cryptographic protocols. These solutions are very fragile because errors can be introduced at different stages, including the choice of the physiological signal, the design of the protocol or its implementation. We start by reviewing previous work that has succeeded in measuring various physiological signals remotely. Subsequently, we conduct a thorough security analysis of two cryptographic solutions well-accepted by the security community, namely the H2H protocol (Rostami et al. - CCS 2013) and the Biosec protocol (Cherukuri et al. - ICISIP 2006). Our evaluation reveals that these protocols have serious design and implementation security weaknesses. Driven by our findings, we then describe how to use fuzzy extractors for designing secure and efficient cryptographic solutions based on the patients' physiological signals. Finally, we discuss research directions for future work.

References

[1]

E. Marin, D. Singelée, B. Yang, I. Verbauwhede, and B. Preneel, "On the Feasibility of Cryptography for a Wireless Insulin Pump System," in Proceedings of Conference on Data and Application Security and Privacy (CODASPY), pp. 113--120, 2016.

Digital Library

[2]

E. Marin, D. Singelée, F. D. Garcia, T. Chothia, R. Willems, and B. Preneel, "On the (in)Security of the Latest Generation Implantable Cardiac Defibrillators and How to Secure Them," in Proceedings of Annual Conference on Computer Security Applications (ACSAC), pp. 226--236, 2016.

Digital Library

[3]

E. Marin, D. Singelée, B. Yang, V. Volski, G. A. E. Vandenbosch, B. Nuttin, and B. Preneel, "Securing wireless neurostimulators," in Proceedings of Conference on Data and Application Security and Privacy (CODASPY), pp. 287--298, 2018.

Digital Library

[4]

D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel, "Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses," in Proceedings of IEEE Symposium on Security and Privacy, pp. 129--142, 2008.

Digital Library

[5]

L. Chunxiao, A. Raghunathan, and N. Jha, "Hijacking an insulin pump: Security attacks and defenses for a diabetes therapy system," in Proceedings of International Conference on e-Health Networking Applications and Services, pp. 150--156, 2011.

[6]

L. Reverberi and D. Oswald, "Breaking (and Fixing) a Widely Used Continuous Glucose Monitoring System," in Proceedings of USENIX Workshop on Offensive Technologies (WOOT), 2017.

Digital Library

[7]

M. Rushanan, A. D. Rubin, D. F. Kune, and C. M. Swanson, "Sok: Security and privacy in implantable medical devices and body area networks," in Proceedings of IEEE Symposium on Security and Privacy, pp. 524--539, 2014.

Digital Library

[8]

A. J. Menezes, S. A. Vanstone, and P. C. V. Oorschot, Handbook of Applied Cryptography. Boca Raton, FL, USA: CRC Press, Inc., 1st ed., 1996.

Digital Library

[9]

Y. Kim, W. S. Lee, V. Raghunathan, N. K. Jha, and A. Raghunathan, "Vibrationbased Secure Side Channel for Medical Devices," in Proceedings of Design Automation Conference (DAC), pp. 1--6, 2015.

Digital Library

[10]

S. A. Anand and N. Saxena, "Vibreaker: Securing Vibrational Pairing with Deliberate Acoustic Noise," in Proceedings of Conference on Security and Privacy in Wireless and Mobile Networks (WiSec), pp. 103--108, 2016.

Digital Library

[11]

M. Rostami, A. Juels, and F. Koushanfar, "Heart-to-Heart (H2H): Authentication for Implanted Medical Devices," in Proceedings of Conference on Computer and Communications Security (CCS), pp. 1099--1112, 2013.

Digital Library

[12]

K. B. Rasmussen, C. Castelluccia, T. S. Heydt-Benjamin, and S. Capkun, "Proximity-based Access Control for Implantable Medical Devices," in Proceedings of Conference on Computer and Communications Security (CCS), pp. 410--419, 2009.

Digital Library

[13]

T. Halevi and N. Saxena, "On pairing constrained wireless devices based on secrecy of auxiliary channels: the case of acoustic eavesdropping," in Proceedings of Conference on Computer and Communications Security (CCS), pp. 97--108, 2010.

Digital Library

[14]

C. C. Y. Poon, Y.-T. Zhang, and S.-D. Bao, "A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health," IEEE Communications Magazine, vol. 44, no. 4, pp. 73--81, 2006.

Digital Library

[15]

L. Yao, B. Liu, G. Wu, K. Yao, and J. Wang, "A Biometric Key Establishment Protocol for Body Area Networks," International Journal of Distributed Sensor Networks (IJDSN), 2011.

[16]

E. Marin, M. A. Mustafa, D. Singelée, and B. Preneel, "A Privacy-Preserving Remote Healthcare System Offering End-to-End Security," in Proceedings of International Conference on Ad-hoc, Mobile, and Wireless Networks (ADHOC-NOW), pp. 237--250, 2016.

[17]

Y. Dodis, L. Reyzin, and A. Smith, "Fuzzy extractors: How to generate strong keys from biometrics and other noisy data," in Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), pp. 523--540, 2004.

[18]

F. Miao, S. Bao, and Y. Li, "A Modified Fuzzy Vault Scheme for Biometrics- Based Body Sensor Networks Security," in Proceedings of Global Communications Conference (GLOBECOM), pp. 1--5, 2010.

[19]

K. K. Venkatasubramanian, A. Banerjee, and S. Gupta, "Plethysmogram-based secure inter-sensor communication in body area networks," in Proceedings of IEEE Military Communications Conference (MILCOM), pp. 1--7, 2008.

[20]

K. K. Venkatasubramanian, A. Banerjee, and S. K. S. Gupta, "PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks," Trans. Info. Tech. Biomed., vol. 14, pp. 60--68, Jan. 2010.

Digital Library

[21]

P. Bagade, A. Banerjee, J. Milazzo, and S. K. S. Gupta, "Protect your BSN: No Handshakes, just Namaste!," in Proceedings of IEEE International Conference on Body Sensor Networks, pp. 1--6, 2013.

[22]

C. Hu, X. Cheng, F. Zhang, D. Wu, X. Liao, and D. Chen, "OPFKA: Secure and efficient Ordered-Physiological-Feature-based key agreement for wireless Body Area Networks," in Proceedings of International Conference on Computer Communications (INFOCOM), pp. 2274--2282, 2013.

[23]

M. Rostami, W. Burleson, F. Koushanfar, and A. Juels, "Balancing security and utility in medical devices?," in Proceedings of Annual Design Automation Conference (DAC), pp. 1--6, 2013.

Digital Library

[24]

S. Cherukuri, K. K. Venkatasubramanian, and S. K. S. Gupta, "Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body," in Proceedings of International Conference on Parallel Processing Workshops, pp. 432--439, 2003.

[25]

A. Juels and M. Wattenberg, "A Fuzzy Commitment Scheme," in Proceedings of Conference on Computer and Communications Security (CCS), pp. 28--36, 1999.

Digital Library

[26]

A. Juels and M. Sudan, "A Fuzzy Vault Scheme," Designs, Codes and Cryptography, vol. 38, no. 2, pp. 237--257, 2006.

Digital Library

[27]

D. Karaoglan Altop, A. Levi, and V. Tuzcu, "Deriving cryptographic keys from physiological signals," Pervasive and Mobile Computing, vol. 39, pp. 65--79, 2017.

[28]

G. Zheng, G. Fang, R. Shankaran, M. A. Orgun, J. Zhou, L. Qiao, and K. Saleem, "Multiple ECG Fiducial Points-Based Random Binary Sequence Generation for Securing Wireless Body Area Networks," Journal of Biomedical and Health Informatics, vol. 21, no. 3, pp. 655--663, 2017.

[29]

R. M. Seepers, C. Strydis, P. Peris-Lopez, I. Sourdis, and C. I. De Zeeuw, "Peak misdetection in heart-beat-based security: Characterization and tolerance," in International Conference of Engineering in Medicine and Biology Society (EMBC), pp. 5401--5405, 2014.

[30]

I. Vasyltsov and S. Lee, "Entropy Extraction from Bio-Signals in Healthcare IoT," in International Workshop on IoT Privacy, Trust, and Security (IoTPTS), pp. 11--17, 2015.

Digital Library

[31]

R. M. Seepers, C. Strydis, I. Sourdis, and C. I. De Zeeuw, "Enhancing Heart- Beat-Based Security for mHealth Applications," Journal of Biomedical and Health Informatics, vol. 21, no. 1, pp. 254--262, 2017.

[32]

S. Bao, C. C. Y. Poon, Y. Zhang, and L. Shen, "Using the Timing Information of Heartbeats as an Entity Identifier to Secure Body Sensor Network," Transactions on Information Technology in Biomedicine, vol. 12, no. 6, pp. 772--779, 2008.

Digital Library

[33]

A. Calleja, P. Peris-Lopez, and J. E. Tapiador, "Electrical Heart Signals can be Monitored from the Moon: Security Implications for IPI-Based Protocols," pp. 36-- 51, 2015.

Digital Library

[34]

R. M. Seepers, W. Wang, G. de Haan, I. Sourdis, and C. Strydis, "Attacks on Heartbeat-Based Security Using Remote Photoplethysmography," Journal of Biomedical and Health Informatics, vol. PP, no. 99, pp. 1--1, 2017.

[35]

M. Z. Poh, D. J. McDuff, and R.W. Picard, "Advancements in Noncontact, Multiparameter Physiological Measurements Using a Webcam," Transactions on Biomedical Engineering, vol. 58, no. 1, pp. 7--11, 2011.

[36]

"WiFi system detects peoples breathing heart rate even through walls." https://www.medgadget.com/2014/06/ mits-wifi-system-detects-peoples-breathing-heart-rate-even-through-walls. html. {Online; accessed 5-June-2017}.

[37]

J. de Groot, B. "kori", N. de Vreede, and J.-P. Linnartz, "Quantization in zero leakage helper data schemes," EURASIP Journal on Advances in Signal Processing, no. 1, p. 54, 2016.

[38]

A. Abidin, E. Argones Rúa, and R. Peeters, "Uncoupling biometrics from templates for secure and privacy-preserving authentication," in Proceedings of Symposium on Access Control Models and Technologies (SACMAT), pp. 21--29, 2017.

Digital Library

[39]

A. Hocquenghem, "Codes Correcteurs d'Erreurs," Chiffres (Paris), vol. 2, pp. 147-- 156, Sept. 1959.

[40]

R. Bose and D. Ray-Chaudhuri, "On a class of error correcting binary group codes," Information and Control, vol. 3, no. 1, pp. 68--79, 1960.

Cited By

Zhang MMarin ERyan MKostakos VMurray TTag BOswald D(2024)OOBKey: Key Exchange with Implantable Medical Devices Using Out-Of-Band ChannelsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670876(1-13)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3670876
Li LChen CPan LTai YZhang JXiang Y(2024)Hiding Your Signals: A Security Analysis of PPG-Based Biometric AuthenticationComputer Security – ESORICS 202310.1007/978-3-031-51479-1_10(183-202)Online publication date: 12-Jan-2024
https://doi.org/10.1007/978-3-031-51479-1_10
Karimian NSaldamli GPark YLui V(2023)Never Lose Your ECG: A Novel Key Generation and Authentication Scheme for Implantable Medical DevicesIEEE Access10.1109/ACCESS.2023.330217511(81815-81827)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3302175
Show More Cited By

Index Terms

On the Difficulty of Using Patient's Physiological Signals in Cryptographic Protocols
1. Security and privacy
  1. Cryptography
    1. Key management
  2. Security services
    1. Access control

Recommendations

Towards using physiological signals as cryptographic keys in body area networks
PervasiveHealth '15: Proceedings of the 9th International Conference on Pervasive Computing Technologies for Healthcare

Body Area Networks (BANs) are the most important building stone of pervasive healthcare, which enables remote, continuous and real-time health monitoring. Biosensors, constituting the BANs, collect highly sensitive medical information from their hosts ...
Stateless Cryptographic Protocols
FOCS '11: Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science

Secure computation protocols inherently involve multiple rounds of interaction among the parties where, typically a party has to keep a state about what has happened in the protocol so far and then \emph{wait} for the other party to respond. We study if ...
Resource Fairness and Composability of Cryptographic Protocols

We introduce the notion of resource-fair protocols. Informally, this property states that if one party learns the output of the protocol, then so can all other parties, as long as they expend roughly the same amount of resources. As opposed to ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SACMAT '19: Proceedings of the 24th ACM Symposium on Access Control Models and Technologies

May 2019

243 pages

ISBN:9781450367530

DOI:10.1145/3322431

General Chair:
Florian Kerschbaum
University of Waterloo, Canada
,
Program Chairs:
Atefeh Mashatan
Ryerson University, Canada
,
Jianwei Niu
University of Texas at San Antonio, USA
,
Adam J. Lee
University of Pittsburgh, USA

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 May 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SACMAT '19

Sponsor:

SIGSAC

SACMAT '19: The 24th ACM Symposium on Access Control Models and Technologies

June 3 - 6, 2019

Toronto ON, Canada

Acceptance Rates

SACMAT '19 Paper Acceptance Rate 12 of 52 submissions, 23%;

Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
145
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang MMarin ERyan MKostakos VMurray TTag BOswald D(2024)OOBKey: Key Exchange with Implantable Medical Devices Using Out-Of-Band ChannelsProceedings of the 19th International Conference on Availability, Reliability and Security10.1145/3664476.3670876(1-13)Online publication date: 30-Jul-2024
https://dl.acm.org/doi/10.1145/3664476.3670876
Li LChen CPan LTai YZhang JXiang Y(2024)Hiding Your Signals: A Security Analysis of PPG-Based Biometric AuthenticationComputer Security – ESORICS 202310.1007/978-3-031-51479-1_10(183-202)Online publication date: 12-Jan-2024
https://doi.org/10.1007/978-3-031-51479-1_10
Karimian NSaldamli GPark YLui V(2023)Never Lose Your ECG: A Novel Key Generation and Authentication Scheme for Implantable Medical DevicesIEEE Access10.1109/ACCESS.2023.330217511(81815-81827)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3302175
Zhao GJiang QLiu XMa XZhang NMa J(2022)Electrocardiogram Based Group Device Pairing for WearablesIEEE Transactions on Mobile Computing10.1109/TMC.2022.3200104(1-17)Online publication date: 2022
https://doi.org/10.1109/TMC.2022.3200104
Zhang MMarin EOswald DSingelée D(2022)FuzzyKey: Comparing Fuzzy Cryptographic Primitives on Resource-Constrained DevicesSmart Card Research and Advanced Applications10.1007/978-3-030-97348-3_16(289-309)Online publication date: 9-Mar-2022
https://doi.org/10.1007/978-3-030-97348-3_16

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten