Secure ad hoc trust initialization and key management in wireless body area networks

Abstract

The body area network (BAN) is a key enabling technology in e-healthcare. An important security issue is to establish initial trust relationships among the BAN devices before they are actually deployed and generate necessary shared secret keys to protect the subsequent wireless communications. Due to the ad hoc nature of the BAN and the extreme resource constraints of sensor devices, providing secure as well as efficient and user-friendly trust initialization is a challenging task. Traditional solutions for wireless sensor networks mostly depend on key predistribution, which is unsuitable for a BAN in many ways. In this article, we propose group device pairing (GDP), a user-aided multi-party authenticated key agreement protocol. Through GDP, a group of sensor devices that have no pre-shared secrets establish initial trust by generating various shared secret keys out of an unauthenticated channel. Devices authenticate themselves to each other with the aid of a human user who performs visual verifications. The GDP supports fast batch deployment, addition and revocation of sensor devices, does not rely on any additional hardware device, and is mostly based on symmetric key cryptography. We formally prove the security of the proposed protocols, and we implement GDP on a sensor network testbed and report performance evaluation results.