CN103888943A - Wireless body area network key agreement method for medical monitoring - Google Patents
Wireless body area network key agreement method for medical monitoring Download PDFInfo
- Publication number
- CN103888943A CN103888943A CN201410140435.6A CN201410140435A CN103888943A CN 103888943 A CN103888943 A CN 103888943A CN 201410140435 A CN201410140435 A CN 201410140435A CN 103888943 A CN103888943 A CN 103888943A
- Authority
- CN
- China
- Prior art keywords
- node
- index table
- key
- element index
- received signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a wireless body area network key agreement method for medical monitoring. The method comprises the steps that two nodes carry out self-adaptation threshold mapping on receiving signal intensity sequences of the two nodes respectively, and state sequences are obtained; the nodes use difference sample index tables for recording the position of a receiving signal intensity value between the self-adaptation thresholds; the two nodes use biology bit sequences generated by electrocardio signals for signing the difference sample index tables of the nodes, the signed difference sample index tables are sent through a common channel, and mutual identity authentication is carried out; the nodes delete elements indexed by the difference sample index tables from local and legally-sent nodes in the state sequences of the nodes, and a common bit sequence is obtained; and the common bit sequence is subjected to Hash operation, and a key is obtained. According to the method, consumption on node resources from key agreement is lowered, fake attack based on identity can be effectively resisted, key production speed is improved, and the method can be used for establishing symmetrical keys between a pair of nodes in a wireless body area network.
Description
Technical field
The invention belongs to wireless network secure technical field, be specifically related to wireless body area network cryptographic key negotiation method, can be used for the symmetric key between wireless body area network sensor node in medical monitoring and set up.
Background technology
Along with the surge year by year of China's aging population process acceleration and family not living home's number, the problem that China's medical resource is in short supply is more outstanding, and the aged's medical treatment & health nursing has become a great society difficult problem.As how cheaply mode the elderly's health status carried out to real-time long distance monitoring have the huge market demand.Wireless body area network technology is for the good approach that provides is provided.Wireless body area network is by being attached to biosensor in human body surface or body, physiology sign data to children under guardianship carries out Real-time Collection, and being transferred to remote medical monitor center, medical personnel utilize these physiology sign datas to carry out real time remote diagnosis, and take necessary rescue measure.These are light, size is little, the wearable transducer of ultra low power has advantages of wireless body area network not limit wearer activity, expanded children under guardianship's scope of activities, even if also can effectively guard out of doors.Although wireless body area network becomes a reality intelligence, the service of remote health diagnosis and treatment easily; but because patient's physiological data is transmitted and processed by wireless mode; if lack enough safeguard protections, will cause individual privacy leakage, the life security that even also can threaten patient.In August, 2011, a hacker, in the situation that only learning insulin pump sequence number, just successfully controls the insulin pump of implant into body, indiscriminately ad. as one wishes the quantity delivered of regulating agent.In the same year, in the health data management conference of holding in Washington, there is expert to point out that existing medical network lacks information safety protection, the risk that ubiquity data are revealed.On the other hand, once the public worries the medical data of oneself to give wireless body area network, will cause individual privacy leakage.In view of above reason, the public holds the attitude of suspecting and conflicting to wireless body area network, the safety of wireless body area network has become the bottleneck problem of restriction wireless body area network application, and research institution and the enterprise of trying hard to promote wireless body area network technology need wireless body area network security solution urgently.Because existing security mechanism and method are all based on key, therefore, the generation of key is the foundation stone that builds wireless body area network security system.
Traditional cryptographic key negotiation method is based on public key system, and this can cause larger computation burden and energy consumption, is not suitable for this resource-constrained application scenarios of wireless body area network.And internet security depends on shared in advance secret largely, this secret exists in pre-stored mode conventionally, in actual applications, once sensor node is captured by physics, the secret that causes sharing is in advance revealed, cause all security protection inefficacies.In addition, traditional Key Establishing mechanism has determined that key management need to rely on believable KMC, and the renewal of key is accompanied by huge resource consumption, and is unpractical in wireless body area network deployment secure infrastructure.In sum, from consumption and the safety perspective of resource, traditional key generation method is not suitable for this resource-constrained sensor network of wireless body area network.Under this background, do not adopt the new type key Negotiation Technology of public key system just receiving people's concern.
Due to the intrinsic randomness of wireless channel self, space uniqueness, reciprocity, make wireless channel can be used as the shared secret between any a pair of node in wireless network.The time variation of wireless channel makes the renewal of key break away from the dependence to KMC, the computing cost of having avoided key updating to bring.Utilize radio channel characteristic to produce key and there is low computation complexity, low energy consumption, be highly suitable for resource-constrained wireless network scenario.
2011, the people such as Qian.Wang, Hai Su of Illinois, Chicago Polytechnics utilizes wireless channel phase place to obey equally distributed feature, the angular region of 0~360 degree is divided into some regions, thereby encode and produce key bit according to the region at the phase place place of the channel response of measuring, this method can be carried out the foundation of point-to-point and group key, it is higher that key produces speed, but the method is owing to will realizing high-precision phase estimation, to having relatively high expectations of hardware, there is no at present the directly device of commercialization.
The people such as Suhas Mathur, Wade Trappe of state university of Rutgers New Jersey utilizes received signal strength information to carry out cipher key-extraction, the average of their statistical process sample and variance, determine upper and lower thresholding, to be mapped as a key bit higher than Upper threshold or lower than several continuous samples of Lower Threshold, adopt the bit coordination system to correct the inconsistent of key bit, and part key bit is used for carrying out data in key bit coordination process and traces to the source.Because current commercial wireless network card nearly all possesses the function of measuring received signal strength, therefore, Mathur method does not need existing hardware to make an amendment, and is easily smoothly transplanted to existing platform.But the method has only been utilized sub-fraction Sample producing key bit in numerous observation samples, and trace to the source in order to carry out data, lost again part key bit, it is very low that above two factors make the key of the method produce speed.
Above-mentioned two kinds are utilized the method for radio channel characteristic generation key all without the function of authentication, cannot resist the impersonation attack based on identity.
Summary of the invention
The object of the invention is to the deficiency for above-mentioned prior art, a kind of wireless body area network cryptographic key negotiation method for medical monitoring is proposed, to reduce calculating and the storage overhead of wireless body area network sensor node, improve key and produce speed, and make key agreement can resist the impersonation attack based on identity.
Realizing the object of the invention key problem in technology is: the shared secret using received signal strength as wireless body area network node is to produce key, with adaptive threshold mapping method to utilize more received signal strength value to produce key bit, to carrying out biological signature authentication in the information of common signal channel transmission in cipher key agreement process, make key agreement possess the function of authentication.Implementation step comprises as follows:
(1) build received signal strength sequence:
Two node A and B in wireless body area network send training signal N time in turn, the node of at every turn receiving training signal takes out 1 received signal strength value from the information of wireless network card report, and the N of collection received signal strength value arranged in chronological order, form the received signal strength sequences h of this node
node, have:
In formula, h
a, h
brepresent respectively the received signal strength sequence that node A, Node B build, subscript " node " represents nodename, and N is greater than 1 natural number;
(2) the received signal strength sequences h of node to oneself
nodecarry out adaptive threshold mapping, obtain its status switch Q
node, this status switch Q
nodein element set value in 1,0,1}, and subscript " node " represent nodename, node=A or B;
(3) set up inequality element index table
(3a) node initializing inequality element index table L
nodefor sky, i.e. L
node={ }, subscript " node " represents nodename, node=A or B;
(3b) node checks the status switch Q of oneself successively
nodein each element, if this element value is-1, by this element at status switch Q
nodein sequence number be saved in inequality element index table L as its index value
nodein.
(4) node, in execution step (1) in step (3), constantly gathers the electrocardiosignal of human body, and by the electrocardiosignal collecting by modulus coding method, produce biological bit sequence K;
(5) biological signature
(5a) node is using biological bit sequence K as signature key, by inequality element index table L
nodeas treating signature information, adopt the message authentication code hmac algorithm based on Hash to calculate inequality element index table L
nodecorresponding message authentication code: MAC
node=HMAC (K, L
node), subscript " node " represents nodename, node=A or B;
(5b) node is by message authentication code MAC
nodetrail at inequality element index table L
nodeafterwards, form the signature inequality element index table of oneself:
subscript " node " represents nodename, node=A or B;
(6) two node A and B send signature inequality element index table separately by common signal channel in turn;
(7) authentication and total bit sequence extract
(7a) receiving node of receiving signature inequality element index table authenticates the identity of sending node;
If (7b) sending node is not by authentication, receiving node finishes and the key agreement of sending node; If sending node is by authentication, union got by the inequality element index table receiving and the inequality element index table of oneself by receiving node, obtains the inequality element index table upgrading
(7c) the inequality element index table of receiving node to upgrade
as index, from the status switch Q of oneself
nodethe all indexed elements that arrive of middle deletion, and the element being retained is arranged by the order of its position, form total bit sequence Y;
(8) node carries out Hash operation to total bit sequence Y and obtains key K ey, and key K ey is as two node A and the shared key of B.
The present invention compared with prior art has the following advantages:
1) compared with traditional cryptographic key negotiation method, the present invention only utilizes the intrinsic physical resource of wireless body area network self to carry out key agreement, avoid the mechanism of using public-key, thereby reduce the requirement to the calculating of transducer device node, storage capacity, also broken away from the dependence to security infrastructure, key agreement is more easily disposed in wireless body area network;
2) the present invention has introduced biological signature authentication in cipher key agreement process, has overcome the existing cryptographic key negotiation method based on received signal strength and can not resist this shortcoming of impersonation attack based on identity;
3) the present invention adopts adaptive threshold mapping method to make received signal strength value as much as possible be converted to key bit, produces speed thereby improved key.
Brief description of the drawings
Fig. 1 is realization flow schematic diagram of the present invention;
Fig. 2 is the simulated effect figure that the present invention resists the impersonation attack based on identity;
Fig. 3 is that the key of the inventive method and existing Mathur method produces speed comparing result.
Embodiment
Below in conjunction with accompanying drawing, the invention process and effect are described in further detail.
With reference to Fig. 1, performing step of the present invention is as follows:
(1a) in the t moment, node A in wireless body area network sends training signal probe (t), Node B in wireless body area network is received after the training signal probe (t) from node A, the measurement data of reporting from network interface card, extracts received signal strength value RSS
b(t), t>=0;
(1b) in the t+1 moment, Node B sends training signal probe (t+1), and node A receives after the training signal probe (t+1) from Node B, the measurement data of reporting from network interface card, extracts received signal strength value RSS
a(t+1);
(1c) node A and B repeated execution of steps (1a)-(1b) is after N time, and node A is N the received signal strength value RSS collecting
a(t+1), RSS
a(t+3) ..., RSS
a(t+2N-1) order is arranged, the received signal strength sequences h of configuration node A
a; Node B is N the received signal strength value RSS collecting
b(t), RSS
b(t+2) ..., RSS
b(t+2 (N-1)) order is arranged, the received signal strength sequences h of configuration node B
b, N is greater than 1 natural number, and all received signal strength values are the real number that is more than or equal to 0.
The reciprocity of wireless channel has ensured that node A is consistent with the received signal strength sequence of Node B in the ideal case, but in practical application owing to being subject to the impact of the factor such as discreteness, the time difference of two node measurement received signal strengths of noise, radio-frequency devices, actual received signal strength sequence is the stack of ideal value and interference, therefore, the received signal strength sequence of node A and Node B is inconsistent.
For convenience, the received signal strength sequence unification of node A and Node B is denoted as to h
node:
Subscript " node " represents nodename.
(2a) node taking the long W of window as interval, by received signal strength sequences h
nodeorder is divided into T continuously, and nonoverlapping subsequence, that is:
wherein, received signal strength subsequence
represent received signal strength sequences h
nodei subsequence, i=1,2 ..., T, node=A or B, the long W of window is a natural number that is less than N,
"
" represent the computing that rounds up;
(2b) node intensity subsequence to received signal
i=1,2 ..., T, carries out mapping successively, obtains shining upon output sequence
(2b1) according to received signal strength subsequence
average
and standard variance
calculate mapping Upper threshold
with mapping Lower Threshold
In formula, thresholding regulatory factor α is an arithmetic number.
Described average
it is received signal strength subsequence
the arithmetic mean of all elements comprising.By received signal strength subsequence
each element and average
the quadratic sum of difference divided by received signal strength subsequence
the element number comprising, more the root of making even obtains received signal strength subsequence
standard variance
(2b2) according to mapping Upper threshold
with mapping Lower Threshold
by received signal strength subsequence
the all elements comprising converts one by one, obtains successively the state value after each element conversion:
In formula, x represents the element before conversion, and f (x) represents the state value after element x conversion;
(2b3) by received signal strength subsequence
in the sequencing that occurs according to element of state value after the conversion of each element arrange, form mapping output sequence
i=1,2 ..., T;
(2c) node will shine upon output sequence
be linked in sequence, obtain the status switch Q of oneself
node, subscript " node " represents nodename, node=A or B.
Step 3, sets up inequality element index table.
Due to the status switch Q of node A
astatus switch Q with Node B
bnot quite identical, node A, need to weed out internally inconsistent element in these two sequences, therefore in order to extract consistent key from status switch separately with B, each node need to be set up the inequality element index table of oneself, so that internally inconsistent element is followed the tracks of.
(3a) node initializing inequality element index table L
nodefor sky, i.e. L
node={ }, subscript " node " represents nodename, node=A or B;
(3b) node checks the status switch Q of oneself successively
nodein each element, if this element value is-1, by this element at status switch Q
nodein sequence number as its index value, and be saved in the inequality element index table L of this node
nodein.
Node in step 3, constantly gathers the electrocardiosignal of human body in execution step 1, and the electrocardiosignal collecting is carried out to modulus coding obtains biological bit sequence K:
(4a) node adopts ecg-r wave detection method to find out the position at all R wave-waves peak of gathered electrocardiosignal, and using front and back, the location gap at two adjacent R wave-wave peaks, as 1 ecg-r wave spacing, obtains multiple ecg-r wave spacing; Described ecg-r wave detection method is a kind of existing method of maturation, it comprises difference threshold algorithm, bank of filters method, Wavelet Transform, Hilbert transform method, correlation integral method etc., the difference threshold algorithm that this example adopts Pan & Tompkins to propose carries out ecg-r wave detection, but in practical application, is not limited to this method;
(4b) node by each ecg-r wave spacing to 2
xask mould, obtain the modulus value of this ecg-r wave spacing, again the modulus value of this ecg-r wave spacing is converted to the binary system natural coding sequence that length is x bit, and binary system natural coding sequence is carried out to Gray code, obtaining length is the ecg-r wave spacing bit sequence of x, x is natural number, 2≤x≤4;
(4c) sequencing that node occurs ecg-r wave spacing bit sequence corresponding each ecg-r wave spacing according to ecg-r wave connects, and obtains biological bit sequence K.
Due to can not Real-time Collection human ecg signal, cannot pseudo-produce the biological bit sequence that only has legal node just to have away from the illegal node of human body, therefore, biological bit sequence can be used as the foundation of identifying node identity legitimacy.
Step 5, biological signature.
(5a) node is using biological bit sequence K as signature key, by the inequality element index table L of oneself
nodeas treating signature information, adopt the message authentication code hmac algorithm based on Hash to calculate inequality element index table L
nodecorresponding message authentication code: MAC
node=HMAC (K, L
node), the hash function of using in this hmac algorithm adopts MD-5 or SHA-1 function, if use MD-5 function, message authentication code MAC
nodelength V=16, if use SHA-1 function, message authentication code MAC
nodelength V=20, message authentication code MAC
nodelength taking byte as unit, subscript " node " represent nodename, node=A or B;
(5b) node is by message authentication code MAC
nodetrail at inequality element index table L
nodeafterwards, form the signature inequality element index table of oneself:
subscript " node " represents nodename, node=A or B.
Step 7, authentication and total bit sequence extract.
This step comprises that Node B receives the signature inequality element index table from node A
node B carries out authentication and total bit sequence extracts, and node A receives the signature inequality element index table from Node B
node A carries out authentication and total bit sequence extracts.
(7a) receive the signature inequality element index table from node A for Node B
node B carries out authentication and total bit sequence extracts, and its step is as follows:
(7a1) the signature inequality element index table of Node B from receiving
the last V of a middle taking-up byte bit is as the message authentication code MAC of node A
a, the inequality element index table L of remaining element configuration node A
a;
(7a2) Node B is using biological bit sequence K as signature key, by the inequality element index table L of node A
aas treating signature information, and adopt the message authentication code hmac algorithm based on Hash in step (5a) to calculate the authentication code MAC' of Reference News of node A
a, i.e. MAC
a'=HMAC (K, L
a);
(7a3) Node B is by the authentication code MAC' of Reference News of node A
amessage authentication code MAC with node A
acompare, if the two is in full accord, Node B predicate node A is legal node, execution step (7a4), otherwise Node B predicate node A is illegal node, finishes the key agreement with node A;
(7a4) Node B is by the inequality element index table L of the node A receiving
awith the inequality element index table L of oneself
bget union, obtain the inequality element index table upgrading
and with upgrade inequality element index table
as index, from the status switch Q of Node B
bthe all indexed elements that arrive of middle deletion, remaining element is that node A and Node B are owned together, the element that these are retained is arranged and is formed total bit sequence Y by the sequence of positions at its place.
(7b) receive the signature inequality element index table from Node B for node A
node A carries out authentication and total bit sequence extracts, and its step is as follows:
(7b1) the signature inequality element index table of node A from receiving
the last V of a middle taking-up byte bit is as the message authentication code MAC of Node B
b, the inequality element index table L of remaining element configuration node B
b;
(7b2) node A is using biological bit sequence K as signature key, by the inequality element index table L of Node B
bas treating signature information, and adopt the message authentication code hmac algorithm based on Hash in step (5a) to calculate the authentication code MAC' of Reference News of Node B
b, i.e. MAC
b'=HMAC (K, L
b);
(7b3) node A is by the authentication code MAC' of Reference News of Node B
bmessage authentication code MAC with Node B
bcompare, if the two is in full accord, node A predicate node B is legal node, execution step (7b4), otherwise node A predicate node B is illegal node, finishes the key agreement with Node B;
(7b4) node A is by the inequality element index table L of the Node B receiving
bwith the inequality element index table L of oneself
aget union, obtain the inequality element index table upgrading
and with upgrade inequality element index table
as index, from the status switch Q of node A
athe all indexed elements that arrive of middle deletion, remaining element is that node A and Node B are owned together, the element that these are retained is arranged and is formed total bit sequence Y by the sequence of positions at its place.
For minimizing information is in mutual the caused information leakage of common signal channel, and improve the randomness of key, node adopts the arbitrary function in universe hash function family to carry out Hash operation to total bit sequence Y, obtains key K ey, as two node A and the shared key of B.
Total bit sequence Y is divided into the total bit sequence sub-block that several length are 256 bits by this example, the total bit sequence sub-block of curtailment 256 bits is added to " 0 " in the back and supplies, calculate the cryptographic Hash of a total bit sequence sub-block by following universe hash function:
y
a,b(s)=((as+b)mod?p
M)mod?m
Wherein, " mod " is that remainder is counted operator, M=2
256, p
mbe a prime number that is greater than M, m is less than p
ma positive integer, m and p
mit is disclosed parameter.A ∈ 1,2 ..., p
m-1}, b ∈ 1,2 ..., p
m-1}, node A chooses a and b at random, and notifies to Node B, and s is a total bit sequence sub-block;
Node calculates the cryptographic Hash of each total bit sequence sub-block, and the cryptographic Hash of each total bit sequence sub-block is connected successively according to the order of total bit sequence sub-block appearance, forms key K ey.
It should be noted that, in practical application, be not limited to the universe hash function that above formula is constructed.
Effect of the present invention can further illustrate by following emulation
1. simulated environment
Emulation experiment of the present invention is to carry out on the computer of Intel Pentium E58003.2G Hz CPU, internal memory 2GB, the human ecg signal that uses MIT-BIH Arrhythmia Database database simulation biosensor to collect, use the software programming environment of MATLAB R2010b and Microsoft Visual C++6.0 to carry out hybrid programming emulation, and the function that calls LibTomMath storehouse carry out Algebra Domain computing.
2. simulating scenes
Emulation experiment of the present invention has been simulated such scene: node A and Node B are the biosensors that is attached to same human body different parts, node A and B are legal nodes, node C is the illegal node away from human body, it knows the cryptographic key negotiation method that legal node adopts, and can pretend to be arbitrary legal node transmitted signal and other legal nodes to carry out key agreement.
Emulation adopts rayleigh fading channel model to simulate internodal wireless channel, and the Doppler frequency of Rayleigh fading model is got 10Hz, and the frequency that node sends training signal is 300Hz.
In order to check the performance of the inventive method under the impersonation attack based on identity, definition " key mismatch ratio " is the ratio of inconsistent bit number and the total bit number of key in pair of secret keys.Key mismatch ratio indicates that whether key agreement is successful.
In order to weigh the inventive method at the improvement effect aspect key generation speed, definition " key bit speed " is the key bit number producing in the unit interval.
3. emulation content
As can be seen from Figure 2, the key mismatch ratio of legal node A and B reduces with the increase of the long W of window, and when window, long W exceedes after 45, and the key mismatch ratio of legal node A and B approaches 0 very much, reaches acceptable degree.Visible, select suitable window long parameter, legal node A and B just can successfully set up key.And the key mismatch ratio of illegal node C and legal Node B remains at 0.5 left and right, this represents that illegal node C fails successfully to set up key with legal Node B.Visible, although cryptographic key negotiation method of the present invention is disclosed to illegal node, even but illegal node takes the way of identity personation also to fail to reach the legal node of deception to set up with it the object of key, prove that method of the present invention can resist the impersonation attack based on identity.
Fig. 3 demonstration, the key bit speed of the inventive method is apparently higher than Mathur method, and visible method of the present invention has effectively improved key and has produced speed.
Above the results show method of the present invention can solve the existing channel characteristics generation encryption key method that utilizes effectively cannot resist the problem of impersonation attack, and can obviously improve key generation speed.
Claims (5)
1. for the wireless body area network cryptographic key negotiation method of medical monitoring, comprise the steps:
(1) build received signal strength sequence:
Two node A and B in wireless body area network send training signal N time in turn, the node of at every turn receiving training signal takes out 1 received signal strength value from the information of wireless network card report, and the N of collection received signal strength value arranged in chronological order, form the received signal strength sequences h of this node
node, have:
In formula, h
a, h
brepresent respectively the received signal strength sequence that node A, Node B build, subscript " node " represents nodename, and N is greater than 1 natural number;
(2) the received signal strength sequences h of node to oneself
nodecarry out adaptive threshold mapping, obtain its status switch Q
node, this status switch Q
nodein element set value in 1,0,1}, and subscript " node " represent nodename, node=A or B;
(3) set up inequality element index table
(3a) node initializing inequality element index table L
nodefor sky, i.e. L
node={ }, subscript " node " represents nodename, node=A or B;
(3b) node checks the status switch Q of oneself successively
nodein each element, if this element value is-1, by this element at status switch Q
nodein sequence number be saved in inequality element index table L as its index value
nodein.
(4) node, in execution step (1) in step (3), constantly gathers the electrocardiosignal of human body, and by the electrocardiosignal collecting by modulus coding method, produce biological bit sequence K;
(5) biological signature
(5a) node is using biological bit sequence K as signature key, by inequality element index table L
nodeas treating signature information, adopt the message authentication code hmac algorithm based on Hash to calculate inequality element index table L
nodecorresponding message authentication code: MAC
node=HMAC (K, L
node), subscript " node " represents nodename, node=A or B;
(5b) node is by message authentication code MAC
nodetrail at inequality element index table L
nodeafterwards, form the signature inequality element index table of oneself:
subscript " node " represents nodename, node=A or B;
(6) two node A and B send signature inequality element index table separately by common signal channel in turn;
(7) authentication and total bit sequence extract
(7a) receiving node of receiving signature inequality element index table authenticates the identity of sending node;
If (7b) sending node is not by authentication, receiving node finishes and the key agreement of sending node; If sending node is by authentication, union got by the inequality element index table receiving and the inequality element index table of oneself by receiving node, obtains the inequality element index table upgrading
(7c) the inequality element index table of receiving node to upgrade
as index, from the status switch Q of oneself
nodethe all indexed elements that arrive of middle deletion, and the element being retained is arranged by the order of its position, form total bit sequence Y;
(8) node carries out Hash operation to total bit sequence Y and obtains key K ey, and key K ey is as two node A and the shared key of B.
2. method according to claim 1, wherein the received signal strength sequences h of the node described in step (2) to oneself
nodecarry out adaptive threshold and shine upon the status switch Q that obtains it
node, carry out as follows:
(2a) node taking the long W of window as interval, by received signal strength sequences h
nodeorder is divided into T continuously, and nonoverlapping subsequence, that is:
wherein, received signal strength subsequence
represent received signal strength sequences h
nodei subsequence, i=1,2 ..., T, node=A or B, the long W of window is a natural number that is less than N,
"
" represent the computing that rounds up;
(2b) node intensity subsequence to received signal
i=1,2 ..., T, carries out successively mapping and obtains shining upon output sequence
(2b1) according to received signal strength subsequence
average
and standard variance
calculate mapping Upper threshold
with mapping Lower Threshold
In formula, thresholding regulatory factor α is an arithmetic number.
(2b2) according to mapping Upper threshold
with mapping Lower Threshold
by received signal strength subsequence
the all elements comprising converts one by one, obtains successively the state value after each element conversion:
In formula, x represents the element before conversion, and f (x) represents the state value after element x conversion;
(2b3) by received signal strength subsequence
in the sequencing that occurs according to element of state value after the conversion of each element arrange, form mapping output sequence
i=1,2 ..., T;
3. method according to claim 1, wherein the described node of step (4) produces biological bit sequence K by the electrocardiosignal collecting by modulus coding method, carries out as follows:
(4a) node adopts ecg-r wave detection method to find out the position at all R wave-waves peak of gathered electrocardiosignal, and using front and back, the location gap at two adjacent R wave-wave peaks, as an ecg-r wave spacing, obtains multiple ecg-r wave spacing;
(4b) node by each ecg-r wave spacing to 2
xask mould, obtain the modulus value of this ecg-r wave spacing, again the modulus value of this ecg-r wave spacing is converted to the binary system natural coding sequence that length is x bit, and binary system natural coding sequence is carried out to Gray code, obtaining length is the ecg-r wave spacing bit sequence of x, x is natural number, 2≤x≤4;
(4c) sequencing that node occurs ecg-r wave spacing bit sequence corresponding each ecg-r wave spacing according to ecg-r wave connects, and obtains biological bit sequence K.
4. method according to claim 1, what wherein step (7) was described receives that the receiving node of signature inequality element index table authenticates the identity of sending node, carries out as follows:
(7a) be sending node for node A, Node B is receiving node, and the step that Node B is carried out authentication to node A is as follows:
(7a1) Node B is received signature inequality element index table
afterwards, from signature inequality element index table
the message authentication code MAC of middle taking-up node A
ainequality element index table L with node A
a;
(7a2) Node B is using the biological bit sequence K of oneself as signature key, by the inequality element index table L of node A
aas treating signature information, and the message authentication code hmac algorithm of employing based on Hash calculates the authentication code MAC' of Reference News of node A
a, i.e. MAC
a'=HMAC (K, L
a);
(7a3) Node B is by the authentication code MAC' of Reference News of node A
amessage authentication code MAC with node A
acompare, if the two is in full accord, Node B predicate node A is legal node, otherwise Node B predicate node A is illegal node;
(7b) be sending node for Node B, node A is receiving node, and the step that node A carries out authentication to Node B is as follows:
(7b1) node A receives signature inequality element index table
afterwards, from signature inequality element index table
the message authentication code MAC of middle taking-up Node B
binequality element index table L with Node B
b;
(7b2) node A is using the biological bit sequence K of oneself as signature key, by the inequality element index table L of Node B
bas treating signature information, and the message authentication code hmac algorithm of employing based on Hash calculates the authentication code MAC' of Reference News of Node B
b, i.e. MAC
b'=HMAC (K, L
b);
(7b3) node A is by the authentication code MAC' of Reference News of Node B
bmessage authentication code MAC with Node B
bcompare, if the two is in full accord, node A predicate node B is legal node, otherwise node A predicate node B is illegal node.
5. method according to claim 1, wherein the described node of step (8) carries out Hash operation to total bit sequence Y, and the arbitrary universe hash function in employing universe hash function family is as the hash function of Hash operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410140435.6A CN103888943B (en) | 2014-04-09 | 2014-04-09 | Wireless body area network cryptographic key negotiation method for medical monitoring |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410140435.6A CN103888943B (en) | 2014-04-09 | 2014-04-09 | Wireless body area network cryptographic key negotiation method for medical monitoring |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103888943A true CN103888943A (en) | 2014-06-25 |
CN103888943B CN103888943B (en) | 2017-09-29 |
Family
ID=50957627
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410140435.6A Expired - Fee Related CN103888943B (en) | 2014-04-09 | 2014-04-09 | Wireless body area network cryptographic key negotiation method for medical monitoring |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103888943B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104301888A (en) * | 2014-10-20 | 2015-01-21 | 西安电子科技大学 | Wireless body area network security access method |
CN104605841A (en) * | 2014-12-09 | 2015-05-13 | 电子科技大学 | Wearable electrocardiosignal monitoring device and method |
CN105187203A (en) * | 2015-09-22 | 2015-12-23 | 中国科学院信息工程研究所 | Shared secret key establishment method between wireless equipment based on receiving signal intensity |
CN105515765A (en) * | 2015-12-09 | 2016-04-20 | 西安电子科技大学 | Biometric key generating method adapting to dynamic quantization |
CN105516971A (en) * | 2015-12-15 | 2016-04-20 | 西安电子科技大学 | Method for generating wireless body area network key at low communication expense |
CN105792198A (en) * | 2016-03-02 | 2016-07-20 | 西安电子科技大学 | Wireless body area network oriented biological enhanced wireless channel secret key generation method |
CN109995790A (en) * | 2019-04-11 | 2019-07-09 | 广东电网有限责任公司 | A kind of node identities authentication method, device and the equipment of industry internet |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101047497A (en) * | 2006-03-31 | 2007-10-03 | 香港中文大学 | Entity capability discrimination and key managing method for body (sensor) network |
CN102802151A (en) * | 2012-08-24 | 2012-11-28 | 山东省计算中心 | Wireless body area network symmetric key negotiation method |
-
2014
- 2014-04-09 CN CN201410140435.6A patent/CN103888943B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101047497A (en) * | 2006-03-31 | 2007-10-03 | 香港中文大学 | Entity capability discrimination and key managing method for body (sensor) network |
CN102802151A (en) * | 2012-08-24 | 2012-11-28 | 山东省计算中心 | Wireless body area network symmetric key negotiation method |
Non-Patent Citations (3)
Title |
---|
ABDULAZIZ ALSADHAN,NAVEED KHAN: ""An LBP based key management for Secure Wireless Body Area Network"", 《2013 14TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING》 * |
SRIRAM CHERUKURI,KRISHNA K VENKATASUBRAMANIAN,ETC.: ""BioSec: A Biometric Based Approach for Securing Communication in Wireless Networks of Biosensors Implanted in the Human Body"", 《PROCEEDINGS OF THE 2003 INTERNATIONAL CONFERENCE ON PARALLEL PROCESSING WORKSHOPS (ICPPW’03)》 * |
蔡文炳: "《信息科技辑》", 28 February 2014 * |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104301888B (en) * | 2014-10-20 | 2018-01-30 | 西安电子科技大学 | A kind of method of wireless body area network secure accessing |
CN104301888A (en) * | 2014-10-20 | 2015-01-21 | 西安电子科技大学 | Wireless body area network security access method |
CN104605841A (en) * | 2014-12-09 | 2015-05-13 | 电子科技大学 | Wearable electrocardiosignal monitoring device and method |
CN105187203A (en) * | 2015-09-22 | 2015-12-23 | 中国科学院信息工程研究所 | Shared secret key establishment method between wireless equipment based on receiving signal intensity |
CN105187203B (en) * | 2015-09-22 | 2018-05-11 | 中国科学院信息工程研究所 | Shared key method for building up based on received signal strength between a kind of wireless device |
CN105515765A (en) * | 2015-12-09 | 2016-04-20 | 西安电子科技大学 | Biometric key generating method adapting to dynamic quantization |
CN105515765B (en) * | 2015-12-09 | 2018-08-10 | 西安电子科技大学 | The biological secret key generation method of adaptive dynamic quantization |
CN105516971A (en) * | 2015-12-15 | 2016-04-20 | 西安电子科技大学 | Method for generating wireless body area network key at low communication expense |
CN105516971B (en) * | 2015-12-15 | 2018-11-16 | 西安电子科技大学 | The wireless body area network key generation method of low communication expense |
CN105792198A (en) * | 2016-03-02 | 2016-07-20 | 西安电子科技大学 | Wireless body area network oriented biological enhanced wireless channel secret key generation method |
CN105792198B (en) * | 2016-03-02 | 2019-03-26 | 西安电子科技大学 | Bioaugnentation wireless channel key generation method towards wireless body area network |
CN109995790A (en) * | 2019-04-11 | 2019-07-09 | 广东电网有限责任公司 | A kind of node identities authentication method, device and the equipment of industry internet |
CN109995790B (en) * | 2019-04-11 | 2021-07-23 | 南方电网电力科技股份有限公司 | Node identity authentication method, device and equipment for industrial Internet |
Also Published As
Publication number | Publication date |
---|---|
CN103888943B (en) | 2017-09-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Sun et al. | An artificial neural network framework for gait-based biometrics | |
CN103888943A (en) | Wireless body area network key agreement method for medical monitoring | |
Zhang et al. | Homomorphic encryption-based privacy-preserving federated learning in IoT-enabled healthcare system | |
Altop et al. | Deriving cryptographic keys from physiological signals | |
Venkatasubramanian et al. | PSKA: Usable and secure key agreement scheme for body area networks | |
Venkatasubramanian et al. | Plethysmogram-based secure inter-sensor communication in body area networks | |
Xu et al. | IMDGuard: Securing implantable medical devices with the external wearable guardian | |
Moosavi et al. | Cryptographic key generation using ECG signal | |
Sundararajan et al. | A survey on modality characteristics, performance evaluation metrics, and security for traditional and wearable biometric systems | |
Miao et al. | Biometrics based novel key distribution solution for body sensor networks | |
CN107592311A (en) | Towards the cloud storage medical treatment big data lightweight batch auditing method of wireless body area network | |
Bao et al. | A method of signal scrambling to secure data storage for healthcare applications | |
Bao et al. | A novel key distribution of body area networks for telemedicine | |
Zebboudj et al. | Secure and efficient ECG-based authentication scheme for medical body area sensor networks | |
Chizari et al. | Extracting randomness from the trend of IPI for cryptographic operations in implantable medical devices | |
Xu et al. | A secure mutual authentication scheme of blockchain-based in WBANs | |
Sangari et al. | Public key cryptosystem based security in wireless body area network | |
Jammali et al. | PFKA: A physiological feature based key agreement for wireless body area network | |
Pourbemany et al. | A survey of wearable devices pairing based on biometric signals | |
Lavanya et al. | Smart chair-a telemedicine based health monitoring system | |
CN103763698A (en) | Wireless body area network key negotiation mechanism based on wavelet transform tendency | |
Al Reshan et al. | MBPSKA: Multi-biometric and physiological signal-based key agreement for body area networks | |
Chen et al. | Secure and resource-efficient communications for telemedicine systems | |
Yao et al. | Using bloom filter to generate a physiological signal-based key for wireless body area networks | |
Siddiqi et al. | Secure opportunistic contextual logging for wearable healthcare sensing devices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170929 |
|
CF01 | Termination of patent right due to non-payment of annual fee |