A new biometrics-based key establishment protocol in WBAN: energy efficiency and security robustness analysis

Abstract

Advances in Information and Communication Technology contributed to the emergence of new services. Healthcare is an innovative service based on the use of Wireless Body Area Networks. In this context, the Wireless Body Area Networks, a part of the emerging eHealth systems, will generate and transport many sensitive data. To facilitate the adoption of eHealth systems, the generated communications must be secure. Generally, communication security is provided thanks to security mechanisms requiring important computation, memory and energy resources. Since Wireless Body Area Networks have constraints and limitations in terms of CPU, memory, and energy, the defined security mechanisms should be adapted. Indeed, they must be robust, reliable, lightweight and have a minimal resources consumption. In this paper, we present a new protocol for the generation and the distribution of cryptographic keys in Wireless Body Area Networks. The proposed protocol will be based on the use of biometrics (ElectroCardioGram). It will enable generating and distributing, reliably and securely, symmetric cryptographic keys. So, the generated keys will be used to ensure security for the Wireless Body Area Networks communications. We also demonstrate that our proposition has a minimal power consumption compared to other related proposals. Furthermore, we show that our proposition is secure enough against known attacks through informal verification analysis. Then, to confirm the obtained results concerning the security robustness of our protocol, we perform a formal verification using the two most known tools: AVISPA and ProVerif.